=1) { $bg_home = " style=\"background-image:url('img/back_main_blank.png');background-repeat:no-repeat;background-position:top;\""; } switch($ac) { case "accueil": $_SESSION['bg'] = $bg_home; $page = accueil(); break; case "inscription": $page = inscription(); break; case "register": $page = register(); break; case "jouer": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/jouer.php"; break; case "cadeaux": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/cadeaux.php"; break; case "surprise": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/surprise.php"; break; case "login": $page = login(); break; case "new_image": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = new_image(); break; case "photobox": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = 'php/photobox.php'; break; case "home_membre": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = home_membre(); break; case "identify": $page = identify(); break; case "rate": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = rate(); break; case "regle": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/reglement.php"; break; case "photos": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = photos(); break; case "detail_photo": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = detail_photo(); break; case "dyn" : $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = dyn(); break; case "profil": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = profil(); break; case "modifier_profil": $page = modifier_profil(); break; case "admin": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = admin(); break; case "contact": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/contact.php"; break; case "partenaires": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/partenaires.php"; break; case "new_avatar": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = new_avatar(); break; case "search": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/search.php"; break; case "profil_public": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/profil_public.php"; break; case "inviter_amis": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/inviter_amis.php"; break; case "menbre": $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; $page = "php/load_menbre.php"; break; default: $_SESSION['bg'] = " style=\"background-image:url('img/back_main.png');background-repeat:no-repeat;background-position:top;\""; $ac="accueil"; break; } function accueil() { return "php/accueil.php"; } function inscription() { return "php/inscription.php"; } function register() { if(!VerifierAdresseMail($_POST['email'])) { $_SESSION['error'] = "Votre email n'est pas valide"; return "php/inscription.php"; } if(isset($_POST['code_postal']) && trim($_POST['code_postal']) != "" && !is_numeric($_POST['code_postal'])) { $_SESSION['error'] = "Votre Code postal n'est pas valide"; return "php/inscription.php"; } if(isset($_POST['telephone']) && trim($_POST['telephone']) != "" && !is_numeric($_POST['telephone'])) { $_SESSION['error'] = "Votre téléphone n'est pas valide"; return "php/inscription.php"; } if(!isset($_POST['reglement']) || $_POST['reglement'] != 1) { $_SESSION['error'] = "Vous devez accepter les conditions du règlement pour vous inscrire"; return "php/inscription.php"; } if( isset($_POST['password']) && trim($_POST['password']) != "" && isset($_POST['confirmation_pass']) && trim($_POST['confirmation_pass']) != "" && $_POST['password'] != $_POST['confirmation_pass'] ) { $_SESSION['error'] = "Les mots de passe sont différents"; return "php/inscription.php"; } if($_POST['email'] && $_POST['pseudo'] && $_POST['password'] && ($_POST['type_compte'] == 1 || $_POST['type_compte'] == 2)) { return "php/register.php"; } $_SESSION['error'] = "Tous les champs marqués d'une '*' sont obligatoires"; return "php/inscription.php"; } function login() { return "php/login.php"; } function identify() { $pseudo = isset($_POST['pseudo']) && trim($_POST['pseudo']) != "" ? $_POST['pseudo'] : null; $password = isset($_POST['password']) && trim($_POST['password']) != "" ? $_POST['password'] : null; if(!check_pseudo($pseudo)) { $_SESSION['error'] = "Le pseudo saisi ne correspond à aucun compte"; return "php/login.php"; } if(!check_password($pseudo, $password)) { $_SESSION['error'] = "Le mot de passe saisi est incorrect"; return "php/login.php"; } if(check_ban($_SERVER['REMOTE_ADDR'])) { $_SESSION['error'] = "Vous avez été banni du site."; return "php/login.php"; } //log ip update_ip($pseudo, $password); load_info($pseudo); //Log connexion log_connec($pseudo, $_SESSION['id']); $_SESSION['pseudo'] = $pseudo; $_SESSION['compte_type'] = getCompteType($pseudo); $_SESSION['bg'] = " style=\"background-image:url('img/blank_content_back.png');background-repeat:no-repeat;background-position:top;\""; return "php/home_membres.php"; } function log_connec($pseudo, $id) { $sql = new sql; $query = "INSERT INTO log_connexion (id_membre, login_eff, ip, date) VALUES ('$id', '$pseudo', '".$_SERVER['REMOTE_ADDR']."', '".time()."')"; $sql_tmp= $sql->sql_query($query); } function home_membre() { return "php/home_membres.php"; } function new_image() { $sql = new sql; $query = "select * from photos where id_membre = ".$_SESSION['id']; $sql->sql_query($query); $nb_photos = $sql->sql_num_rows(); if($nb_photos >=5) { return "php/home_membres.php"; } if(trim($_POST['name']) == "" || trim($_FILES['fichier']['name']) == "" || trim($_POST['etat']) == ""|| !$_FILES['fichier']['type'] || !$_FILES['fichier']['size'] || !$_FILES['fichier']['tmp_name'] ) { return "php/home_membres.php"; } // Taille maximum 1 Mo $MAX_FILE_SIZE = 1500000; // Dossier de destination du fichier $folder = "./upload_area/"; // Tableau array des différents types $allowed_types = array("image/bmp", "image/gif", "image/pjpeg", "image/jpeg", "image/jpg", "image/png", "multipart/x-zip", "video/msvideo"); // Variables récupérée par methode POST du formulaires $fname = $_FILES['fichier']['name']; $ftype = $_FILES['fichier']['type']; $fsize = $_FILES['fichier']['size']; $ftmp = $_FILES['fichier']['tmp_name']; // Diverses test afin de savoir si : // Le format de fichier correspond à notre tableau array if(!in_array($ftype, $allowed_types)){$error = 1;} // La taille du fichier n'est pas dépassée if($fize > $MAX_FILE_SIZE){$error = 2;} // Le fichier n'existe pas déjà if(file_exists($folder."m_".$fname)){$error = 3;} // Si tout va bien, c'est bien déroulé $img_num = time().rand(0,1000); $img_name = $img_num.".jpg"; // Generer grande miniature miniature(580, 600,$ftmp, "./upload_area/".$img_num."_800.jpg"); miniature(110, 75,$ftmp, "./upload_area/".$img_num."_mini.jpg"); if(copy($ftmp,''.$folder.''.$img_name.'')) {$error = 0;} // Inserer dans la base de données $query = "insert into photos(name, id_membre, votes,number,ville, etat) values('".sql_escape($_POST['name'])."', ".$_SESSION['id'].", 0, $img_num , '".sql_escape($_POST['ville'])."', '".sql_escape($_POST['etat'])."')"; $sql = new sql; $sql->sql_query($query); return "php/home_membres.php"; // Switch servant simplement à la gestion des erreures switch($error){ case'0': echo("Fichier correctement envoyé."); break; case'1': echo("Format de fichier incorrecte."); break; case'2': echo("Fichier trop volumineux."); break; case'3': echo("Fichier déjà existant."); break; } } function miniature($max_width, $max_height,$src, $dest) { $file = $src; # L'emplacement de l'image à redimensionner. L'image peut être de type jpeg, gif ou png $destination = $dest; $size = getimagesize($file); $width = $size[0]; $height = $size[1]; $quotient = 1; if($width > $height) { $quotient = round($max_width/$width, 2); } else { $quotient = round($max_height/$height, 2); } if($quotient > 1) { $quotient = 1; } // Size of the pic $x = round($width*$quotient); $y = round($height*$quotient); if ( $size) { if ($size['mime']=='image/jpeg' ) { $img_big = imagecreatefromjpeg($file); # On ouvre l'image d'origine $img_new = imagecreate($x, $y); # création de la miniature $img_mini = imagecreatetruecolor($x, $y) or $img_mini = imagecreate($x, $y); // copie de l'image, avec le redimensionnement. imagecopyresized($img_mini,$img_big,0,0,0,0,$x,$y,$size[0],$size[1]); imagejpeg($img_mini,$destination ); } elseif ($size['mime']=='image/png' ) { $img_big = imagecreatefrompng($file); # On ouvre l'image d'origine $img_new = imagecreate($x, $y); # création de la miniature $img_mini = imagecreatetruecolor($x, $y) or $img_mini = imagecreate($x, $y); // copie de l'image, avec le redimensionnement. imagecopyresized($img_mini,$img_big,0,0,0,0,$x,$y,$size[0],$size[1]); imagepng($img_mini,$destination ); } elseif ($size['mime']=='image/gif' ) { $img_big = imagecreatefromgif($file); # On ouvre l'image d'origine $img_new = imagecreate($x, $y); # création de la miniature $img_mini = imagecreatetruecolor($x, $y) or $img_mini = imagecreate($x, $y); // copie de l'image, avec le redimensionnement. imagecopyresized($img_mini,$img_big,0,0,0,0,$x,$y,$size[0],$size[1]); imagegif($img_mini,$destination ); } } } function new_avatar() { $sql = new sql; // Taille maximum 1 Mo $MAX_FILE_SIZE = 1500000; // Dossier de destination du fichier $folder = "./upload_area/"; // Tableau array des différents types $allowed_types = array("image/bmp", "image/gif", "image/pjpeg", "image/jpeg", "image/jpg", "image/png", "multipart/x-zip", "video/msvideo"); // Variables récupérée par methode POST du formulaires $fname = $_FILES['fichier']['name']; $ftype = $_FILES['fichier']['type']; $fsize = $_FILES['fichier']['size']; $ftmp = $_FILES['fichier']['tmp_name']; // Diverses test afin de savoir si : // Le format de fichier correspond à notre tableau array if(!in_array($ftype, $allowed_types)){$error = 1;} // La taille du fichier n'est pas dépassée if($fize > $MAX_FILE_SIZE){$error = 2;} // Le fichier n'existe pas déjà if(file_exists($folder."m_".$fname)){$error = 3;} // Si tout va bien, c'est bien déroulé $img_num = time().rand(0,1000); $img_name = $img_num.".jpg"; // Generer grande miniature miniature(110, 75,$ftmp, "./upload_area/".$img_num."_avat.jpg"); if(copy($ftmp,''.$folder.''.$img_name.'')) {$error = 0;} // Inserer dans la base de données $query = "UPDATE membres SET avatar = '$img_num' WHERE id = '".$_SESSION['id']."'"; $sql = new sql; $sql->sql_query($query); return "php/profil_membre.php"; // Switch servant simplement à la gestion des erreures switch($error){ case'0': echo("Fichier correctement envoyé."); break; case'1': echo("Format de fichier incorrecte."); break; case'2': echo("Fichier trop volumineux."); break; case'3': echo("Fichier déjà existant."); break; } } function check_pseudo($pseudo) { $sql = new sql; $query = "select * from membres where pseudo like '".sql_escape($pseudo)."'"; $sql->sql_query($query); if($sql->sql_num_rows()) { return true; } return false; } function check_password($pseudo, $password) { $sql = new sql; $query = "select * from membres where pseudo like '".sql_escape($pseudo)."' and password like '".sql_escape($password)."'"; $sql->sql_query($query); if($sql->sql_num_rows()) { return true; } return false; } function update_ip($pseudo, $password) { $sql = new sql; $query = "UPDATE membres SET last_ip = '".$_SERVER['REMOTE_ADDR']."' WHERE pseudo like '".sql_escape($pseudo)."' and password like '".sql_escape($password)."'"; $sql->sql_query($query); } function check_ban($ip) { $sql = new sql; $query = "SELECT * FROM bans WHERE ip = '$ip'"; $sql->sql_query($query); if($sql->sql_num_rows()) { return true; } return false; } function rate() { $photo = isset($_GET['number']) && is_numeric($_GET['number'])? $_GET['number'] : null; $sql = new sql; $query = "select id_membre from photos where number = '".sql_escape($photo)."'"; $sql->sql_query($query); $membre = $sql->sql_fetch_object(); $membre = $membre->id_membre; if($photo && $membre) { if(!deja_vote_bis($membre) && !deja_vote_ip_bis($membre)) { $query = "insert into votes( votant, beneficiaire, date_time, photo_number, ip_address ) values ( ".$_SESSION['id'].", ".$membre.", NOW(), '".sql_escape($photo)."', '".$_SERVER["REMOTE_ADDR"]."' )"; $sql->sql_query($query); return "php/home_membres.php"; } return "php/home_membres.php"; } else { return "php/home_membres.php"; } } function getCompteType($pseudo) { $sql = new sql; $query = "select * from membres where pseudo like '".sql_escape($pseudo)."'"; $sql->sql_query($query); $obj = $sql->sql_fetch_object(); return $obj->type_compte; } function sql_escape($pseudo) { return str_replace("'", "''", $pseudo); } function VerifierAdresseMail($adresse) { $sql = new sql; $query = "SELECT * FROM membres WHERE email = '$adresse'"; $sql->sql_query($query); $row = $sql->sql_num_rows(); if($row != 0) { return false; } $Syntaxe='#^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,6}$#'; if(preg_match($Syntaxe,$adresse)) return true; else return false; } function load_info($pseudo) { $sql = new sql; $query = "select * from membres where pseudo like'".sql_escape($pseudo)."'"; $sql->sql_query($query); $res = $sql->sql_fetch_object(); $_SESSION['id'] = $res->id; $_SESSION['id_membre'] = $res->id; $_SESSION['email'] = $res->email; $_SESSION['is_admin'] = $res->admin; } function deja_vote_bis($beneficiaire) { $sql_tmp = new sql; $query = "select * from votes where beneficiaire = '".$beneficiaire."' and votant = ".$_SESSION['id']." and DATE(date_time) = DATE(NOW())"; $sql_tmp->sql_query($query); if($sql_tmp->sql_num_rows()) { return true; } return false; } function deja_vote_ip_bis($beneficiaire) { $sql_tmp = new sql; $query = "select * from votes where beneficiaire = '".$beneficiaire."' and ip_address = '".$_SERVER["REMOTE_ADDR"]."' and DATE(date_time) = DATE(NOW())"; $sql_tmp->sql_query($query); if($sql_tmp->sql_num_rows()) { return true; } return false; } function photos() { return "php/photos.php"; } function detail_photo() { return "php/details_photos.php"; } function dyn() { $p = $_GET['p']; $sql = new sql; if(($p == "qatar") or ($p == "photobox") or ($p == "chapka") or ($p == "lsi") or ($p == "lonely") or ($p == "comment") or ($p == "reglement") or ($p == "mentions") or ($p == "partenaires") or ($p == "plan") or ($p == "contact")) { $query = "SELECT * FROM pages WHERE identifiant = '$p'"; $sql_tmp = $sql->sql_query($query); $record = $sql->sql_fetch_object(); $_SESSION['contenu_dyn'] = $record->text; } return "php/dynamique.php"; } function profil() { if(isset($_SESSION['id'])) { return "php/profil_membre.php"; } else { $ac = "login"; $_SESSION['error'] = "Vous devez vous connecter pour afficher la page suivante"; header("location: index.php?ac=$ac"); exit(); } } function modifier_profil() { if(!VerifierAdresseMail($_POST['email'])) { $_SESSION['error'] = "Votre email n'est pas valide"; return "php/profil_membre.php"; } if(!is_numeric($_POST['code_postal'])) { $_SESSION['error'] = "Votre Code postal n'est pas valide"; return "php/profil_membre.php"; } if(!is_numeric($_POST['telephone'])) { $_SESSION['error'] = "Votre téléphone n'est pas valide"; return "php/profil_membre.php"; } if($_POST['email'] && $_POST['prenom'] && $_POST['nom'] && $_POST['password'] && $_POST['adresse'] && $_POST['code_postal'] && $_POST['ville'] && $_POST['telephone'] && ($_POST['type_compte'] == 1 || $_POST['type_compte'] == 2)) { return "php/modifier_profil_fin.php"; } $_SESSION['error'] = "Tous les champs sont obligatoires"; return "php/profil_membre.php"; } function admin() { if($_SESSION['is_admin'] == 1) { return "php/admin_tab.php"; } else { $ac = "login"; $_SESSION['error'] = "Vous devez être admin pour afficher la page suivante"; header("location: index.php?ac=$ac"); exit(); } } function display_commentaires($number,$nb_entrees,$max) { //-- $mysql = new sql; $link = new sql; //-- Creation de la requete $sql = "select * , DATE_FORMAT(date,'%d/%m/%Y') AS date, DATE_FORMAT(date,'%h:%i') AS heure FROM photoscommentaires WHERE number = '".$number."'"; /** On configure les variables pour afficher notre requête */ $requete = $mysql -> sql_query($sql); $nb_entrees = $mysql -> sql_num_rows($requete); $entrees_par_page = $max; // nombre d'entrée à afficher par page $total_pages = ceil($nb_entrees/$entrees_par_page); // calcul du nombre de pages nécessaires pour tout afficher (on arrondit à l'entier supérieur) /** On récupère le numéro de la page depuis l'URL avec la méthode GET*/ if(!isset($_GET['pg'])){ $page_courante = 1; // si aucune page n'existe dans l'URL, on attribue 1 à la page courante } else { $page = $_GET['pg']; if ($page<1) $page_courante=1; // on ne peut avoir de page inférieure à 1 : dans ce cas la valeur par défaut est 1 elseif ($page>$total_pages) $page_courante=$total_pages; // on ne peut avoir de page supérieure au nombre total de pages : dans ce cas la valeur par défaut est la dernière page else $page_courante=$page; // sinon la page courante est celle indiquée dans l'URL } // $start est la valeur de départ du LIMIT dans notre requête SQL (est fonction de la page courante) $start = ($page_courante * $entrees_par_page - $entrees_par_page); //-- Si aucun commentaire n'est enregistré if($nb_entrees==0) { echo "

Aucun commentaire sql_query( $sql." LIMIT ".$start.", ".$entrees_par_page); //-- Creation d'un array avec les données recuperées while($data = $mysql -> sql_fetch_array($requete)) { //-- On recupere les infos d'un membre $sql = "SELECT * FROM membres WHERE id = '".$data['id_membre']."'"; $requete_user = $link->sql_query($sql); $data_user = $link->sql_fetch_array($requete_user); //-- Traitement du commentaire $message = $data['message']; $message = str_replace('
Ecrit par '.troc_chaine($data['auteur'],15,"...").' le '.$data['date'].' à '.$data['heure']; if($_SESSION['is_admin'] == 1) echo "  - Supprimer"; echo ' '; echo ' '; echo '

'.stripslashes($message).'
'; } else { echo '
Ecrit par '.$data['auteur'].' le '.$data['date'].' à '.$data['heure'].'
'.$data['auteur'].'
Message supprimé
'; } } $TabPage['total_pages'] = $total_pages; $TabPage['page_courante'] = $page_courante; return $TabPage; } //-- Fonction limitation d'un texte et remplacement par "..." function troc_chaine($chaine,$nb,$txt_maj) { if($txt_maj==1) $chaine = ucfirst($chaine); if(strlen($chaine) >= $nb) { $chaine = substr($chaine,0,$nb); $chaine.= "..."; } return $chaine; } ?> Jeu concours Phot’OZ by Goaustralie.com >