| Apache Linux webd001.cluster107.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64 uid=2234(oyaide) gid=100(users) groups=100(users) server ip : 213.186.33.18 | your ip : 216.73.216.159 safemode OFF > / home / oyaide / www / astrovega.be / admin / |
| Filename | /home/oyaide/www/astrovega.be/admin/member_send.php |
| Size | 4.78 kb |
| Permission | rw-r--r-- |
| Owner | oyaide : users |
| Create time | 03-Nov-2008 15:18 |
| Last modified | 03-Feb-2006 11:14 |
| Last accessed | 31-Mar-2009 19:28 |
| Actions | edit | rename | delete | download (gzip) |
| View | text | code | image |
<?
session_start();
if ($_SESSION['auth']!="yes")
{
include("index.php");
session_destroy();
unset($_SESSION);
exit();
}
echo "
<html>
<head>
<title>Zone d'adminitration</title>
<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'>
<link href='../style.css' rel='stylesheet' type='text/css'>
<link href='../logo.ico' rel='shortcut icon'>
<meta name='author' content='Max Richir'>
</head>
<body>
<div align='center'>
<table width='165' border='0' cellpadding='10' cellspacing='0' bgcolor='#FFFFFF'>
<tr>
<td><table width='165' border='0' cellpadding='1' cellspacing='0'>
<tr>
<td><table width='165' border='0' cellspacing='0' cellpadding='0'>
<tr>
<td><img src='../images/banner_top.jpg' width='700' height='108'></td>
</tr>
<tr>
<td align='right' valign='top' background='../images/banner_bottom.jpg'><img src='../images/admin.png' name='forums' width='168' height='29' border='0' align='absmiddle'></td>
</tr>
</table></td>
</tr>
<tr>
<td>"; ?><? include ("menu.php"); ?><? echo "</td>
</tr>
<tr>
<td height='18' align='left' valign='top'><table width='700' border='0' cellspacing='0' cellpadding='0'>
<tr>
<td> </td>
</tr>
<tr>
<td align='center'>"; ?><?
include("config.php");
switch (@$_GET['do'])
{ case "new":
foreach($_POST as $key => $value)
{
if ($key != "mail" and $key != "stuff" and $key != "ci" and $key != "picturename")
{
if ($value == "")
{
echo "<span class='star'>Veuillez complèter tous les champs obligatoires.</span>";
unset($_GET['do']);
exit();
}
}
if (ereg("(mail)",$key) && $value!="")
{
if (!ereg("^.+@.+\\..+$" ,$_POST['mail']))
{
echo "<span class='star'>Ce n'est pas une adresse email valide.</span>";
unset($_GET['do']);
exit();
}
}
if (ereg("(picturename)",$key) && $value!="")
{
if (!ereg("^.+\.jpg$" ,$_POST['picturename']))
{
echo "<span class='star'>Ce n'est pas un format d'image valide.</span>";
unset($_GET['do']);
exit();
}
}
$$key = strip_tags(trim($value));
}
$connection = mysql_connect($host, $user, $password)
or die ("<span class='star'>La connexion au serveur a échouée.</span>");
$db = mysql_select_db($database, $connection)
or die ("<span class='star'>Pas de sélection dans la base de données.</span>");
$sql = "INSERT INTO membres (MemberName,MemberFirstName,MemberMail,MemberStuffs,MemberCI,MemberStatus,MemberPicture)
VALUES ('$_POST[name]','$_POST[firstname]','$_POST[mail]','$_POST[stuff]','$_POST[ci]','$_POST[select]','$_POST[picturename]')";
echo" Merci. Le membre a été ajouté.<br><a href='upload_form.php'>Uploader un fichier image</a>";
if (! mysql_query($sql))
{ echo mysql_errno()." : ".mysql_error();
unset($_GET['do']);
exit;
}
break;
case "update" :
foreach($_POST as $key => $value)
{
if ($key != "mail" and $key != "stuff" and $key != "ci" and $key != "picturename")
{
if ($value == "")
{
echo "<span class='star'>Veuillez complèter tous les champs obligatoires.</span>";
unset($_GET['do']);
exit();
}
}
if (ereg("(mail)",$key) && $value!="")
{
if (!ereg("^.+@.+\\..+$" ,$_POST['mail']))
{
echo "<span class='star'>Ce n'est pas une adresse email valide.</span>";
unset($_GET['do']);
exit();
}
}
if (ereg("(picturename)",$key) && $value!="")
{
if (!ereg("^.+\.jpg$" ,$_POST['picturename']))
{
echo "<span class='star'>Ce n'est pas un format d'image valide.</span>";
unset($_GET['do']);
exit();
}
}
$$key = strip_tags(trim($value));
}
$id=array_key_exists("id", $_GET)?$_GET["id"]:"";
$connection = mysql_connect($host, $user, $password)
or die ("<span class='star'>La connexion au serveur a échouée.</span>");
$db = mysql_select_db($database, $connection)
or die ("<span class='star'>Pas de sélection dans la base de données.</span>");
$sql = "UPDATE membres
SET MemberName='$_POST[name]', MemberFirstName='$_POST[firstname]', MemberMail='$_POST[mail]', MemberStuffs='$_POST[stuff]', MemberCI='$_POST[ci]', MemberStatus='$_POST[select]', MemberPicture='$_POST[picturename]'
WHERE MemberID ='$id'";
echo" Merci. Le membre a été mis à jour.<br><a href='upload_form.php'>Uploader un fichier image</a>";
if (! mysql_query($sql))
{ echo mysql_errno()." : ".mysql_error();
unset($_GET['do']);
exit;
}
}
?><? echo "</td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
</table>
</div>
</body>
</html>";
?>
session_start();
if ($_SESSION['auth']!="yes")
{
include("index.php");
session_destroy();
unset($_SESSION);
exit();
}
echo "
<html>
<head>
<title>Zone d'adminitration</title>
<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'>
<link href='../style.css' rel='stylesheet' type='text/css'>
<link href='../logo.ico' rel='shortcut icon'>
<meta name='author' content='Max Richir'>
</head>
<body>
<div align='center'>
<table width='165' border='0' cellpadding='10' cellspacing='0' bgcolor='#FFFFFF'>
<tr>
<td><table width='165' border='0' cellpadding='1' cellspacing='0'>
<tr>
<td><table width='165' border='0' cellspacing='0' cellpadding='0'>
<tr>
<td><img src='../images/banner_top.jpg' width='700' height='108'></td>
</tr>
<tr>
<td align='right' valign='top' background='../images/banner_bottom.jpg'><img src='../images/admin.png' name='forums' width='168' height='29' border='0' align='absmiddle'></td>
</tr>
</table></td>
</tr>
<tr>
<td>"; ?><? include ("menu.php"); ?><? echo "</td>
</tr>
<tr>
<td height='18' align='left' valign='top'><table width='700' border='0' cellspacing='0' cellpadding='0'>
<tr>
<td> </td>
</tr>
<tr>
<td align='center'>"; ?><?
include("config.php");
switch (@$_GET['do'])
{ case "new":
foreach($_POST as $key => $value)
{
if ($key != "mail" and $key != "stuff" and $key != "ci" and $key != "picturename")
{
if ($value == "")
{
echo "<span class='star'>Veuillez complèter tous les champs obligatoires.</span>";
unset($_GET['do']);
exit();
}
}
if (ereg("(mail)",$key) && $value!="")
{
if (!ereg("^.+@.+\\..+$" ,$_POST['mail']))
{
echo "<span class='star'>Ce n'est pas une adresse email valide.</span>";
unset($_GET['do']);
exit();
}
}
if (ereg("(picturename)",$key) && $value!="")
{
if (!ereg("^.+\.jpg$" ,$_POST['picturename']))
{
echo "<span class='star'>Ce n'est pas un format d'image valide.</span>";
unset($_GET['do']);
exit();
}
}
$$key = strip_tags(trim($value));
}
$connection = mysql_connect($host, $user, $password)
or die ("<span class='star'>La connexion au serveur a échouée.</span>");
$db = mysql_select_db($database, $connection)
or die ("<span class='star'>Pas de sélection dans la base de données.</span>");
$sql = "INSERT INTO membres (MemberName,MemberFirstName,MemberMail,MemberStuffs,MemberCI,MemberStatus,MemberPicture)
VALUES ('$_POST[name]','$_POST[firstname]','$_POST[mail]','$_POST[stuff]','$_POST[ci]','$_POST[select]','$_POST[picturename]')";
echo" Merci. Le membre a été ajouté.<br><a href='upload_form.php'>Uploader un fichier image</a>";
if (! mysql_query($sql))
{ echo mysql_errno()." : ".mysql_error();
unset($_GET['do']);
exit;
}
break;
case "update" :
foreach($_POST as $key => $value)
{
if ($key != "mail" and $key != "stuff" and $key != "ci" and $key != "picturename")
{
if ($value == "")
{
echo "<span class='star'>Veuillez complèter tous les champs obligatoires.</span>";
unset($_GET['do']);
exit();
}
}
if (ereg("(mail)",$key) && $value!="")
{
if (!ereg("^.+@.+\\..+$" ,$_POST['mail']))
{
echo "<span class='star'>Ce n'est pas une adresse email valide.</span>";
unset($_GET['do']);
exit();
}
}
if (ereg("(picturename)",$key) && $value!="")
{
if (!ereg("^.+\.jpg$" ,$_POST['picturename']))
{
echo "<span class='star'>Ce n'est pas un format d'image valide.</span>";
unset($_GET['do']);
exit();
}
}
$$key = strip_tags(trim($value));
}
$id=array_key_exists("id", $_GET)?$_GET["id"]:"";
$connection = mysql_connect($host, $user, $password)
or die ("<span class='star'>La connexion au serveur a échouée.</span>");
$db = mysql_select_db($database, $connection)
or die ("<span class='star'>Pas de sélection dans la base de données.</span>");
$sql = "UPDATE membres
SET MemberName='$_POST[name]', MemberFirstName='$_POST[firstname]', MemberMail='$_POST[mail]', MemberStuffs='$_POST[stuff]', MemberCI='$_POST[ci]', MemberStatus='$_POST[select]', MemberPicture='$_POST[picturename]'
WHERE MemberID ='$id'";
echo" Merci. Le membre a été mis à jour.<br><a href='upload_form.php'>Uploader un fichier image</a>";
if (! mysql_query($sql))
{ echo mysql_errno()." : ".mysql_error();
unset($_GET['do']);
exit;
}
}
?><? echo "</td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
</table>
</div>
</body>
</html>";
?>