1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81
| <?php
session_start();
include ("bdd.php");
$base = mysql_connect ('localhost', 'root', '');
mysql_select_db ('supforum', $base);
if (isset ($_GET['cat'])) {
$_GET['cat'] = $_POST['cat'];
}
if (isset ($_POST['go'])) {
// on teste la déclaration de nos variables
if (!isset($_POST['description']) || !isset($_POST['titre']) || !isset($_POST['content'])) {
$erreur = 'Les variables nécessaires au script ne sont pas définies.';
}
else
{
if ((empty($_POST['titre'])) || (empty($_POST['content'])) || (empty($_POST['description']))) {
$erreur = 'Au moins un des champs est vide.';
}
else {
$sql = 'INSERT INTO topics VALUES("", "'.mysql_escape_string($_POST['titre']).'" , "'.mysql_escape_string($_POST['description']).'" , "'.$_SESSION['id'].'" , "'.$_POST['cat'].'" , "")';
}
mysql_query($sql) or die('Erreur SQL !'.$sql.'<br />'.mysql_error());
$id_sujet = mysql_insert_id();
$sql = 'INSERT INTO messages VALUES("", "'.mysql_escape_string($_POST['content']).'", "'.$_SESSION['id'].'" ,"'.$id_sujet.'")';
mysql_query($sql) or die('Erreur SQL !'.$sql.'<br />'.mysql_error());
mysql_close();
header('Location: membre.php');
exit();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>SUPFORUM</title>
<style type="text/css">
.Titre {
text-align: center;
font-size: 24px;
font-weight: bold;
color: #000;
}
.Text1 {
text-align: center;
}
<?php include ("wyhead.php"); ?>
</style>
</head>
<body>
<p> </p>
<?php include ("entete2.php"); ?>
<form action="newtopic.php" method="post">
<tr >
<th>
<input type="text" name="titre" value="<?php if (isset($_POST['text'])) echo htmlentities(trim($_POST['text'])); ?>">
<input type="text" name="description" value="<?php if (isset($_POST['text'])) echo htmlentities(trim($_POST['text'])); ?>">
$
</th>
</tr>
<tr>
<th>
<?php include ("wybody.php") ?>
</th>
</tr>
</form>
<?php include ("baspage2.php"); ?>
</body>
</html>
<?php
if (isset($erreur)) echo ' <br /> ', $erreur;
?> |
Partager