1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130
| <?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "signup")) {
$insertSQL = sprintf("INSERT INTO user (passe, email, acces, perso, sexe, taillep, argent, jaaf, magie, tete, torse, ventre, droite, gauche, ceinture, jdroite, jgauche, arme, distance, bouclier, force, cons, agi, dex, beau, charisme, inte, volonte, taille, perception, vie, souffle, reflexe, actio, badmad, radadd, xptot, xpactu, Agriculture, Alphabetisation, Astronomie, Botanique, Estimation, Geographie, Histoire, Premiers, Psychologie, Religion, Zoologie, Acrobatie, Chant, Armurerie, Comedie, Crocheter, Musique, Cuisine, Danse, Deguisement, Discretion, Dressage, Deuxmains, Escalade, Boucliercom, Etiquette, Contunm, Jeu, Esquive, Jonglage, Hast, Metallurgie, Jet, Natation, Nues, Navigation, Projectiles, Orientation, Tranchantes1m, Passepasse, Pickpocket, Piegeage, Pistage, Cacher, total, totco, description) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['passe'], "text"),
GetSQLValueString($_POST['email'], "text"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['perso'], "text"),
GetSQLValueString($_POST['sexe'], "int"),
GetSQLValueString($_POST['taillep'], "int"),
GetSQLValueString($_POST['argent'], "text"),
GetSQLValueString($_POST['jaaf'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['arme'], "int"),
GetSQLValueString($_POST['distance'], "int"),
GetSQLValueString($_POST['bouclier'], "int"),
GetSQLValueString($_POST['force'], "int"),
GetSQLValueString($_POST['cons'], "int"),
GetSQLValueString($_POST['agi'], "int"),
GetSQLValueString($_POST['dex'], "int"),
GetSQLValueString($_POST['beau'], "int"),
GetSQLValueString($_POST['charisme'], "int"),
GetSQLValueString($_POST['inte'], "int"),
GetSQLValueString($_POST['volonte'], "int"),
GetSQLValueString($_POST['taille'], "int"),
GetSQLValueString($_POST['perception'], "int"),
GetSQLValueString($_POST['vie'], "int"),
GetSQLValueString($_POST['souffle'], "int"),
GetSQLValueString($_POST['reflexe'], "int"),
GetSQLValueString($_POST['actio'], "int"),
GetSQLValueString($_POST['badmad'], "int"),
GetSQLValueString($_POST['radadd'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['mdp'], "int"),
GetSQLValueString($_POST['Agriculture'], "int"),
GetSQLValueString($_POST['Alphabetisation'], "int"),
GetSQLValueString($_POST['Astronomie'], "int"),
GetSQLValueString($_POST['Botanique'], "int"),
GetSQLValueString($_POST['Estimation'], "int"),
GetSQLValueString($_POST['Geographie'], "int"),
GetSQLValueString($_POST['Histoire'], "int"),
GetSQLValueString($_POST['Premiers'], "int"),
GetSQLValueString($_POST['Psychologie'], "int"),
GetSQLValueString($_POST['Religion'], "int"),
GetSQLValueString($_POST['Zoologie'], "int"),
GetSQLValueString($_POST['Acrobatie'], "int"),
GetSQLValueString($_POST['Chant'], "int"),
GetSQLValueString($_POST['Armurerie'], "int"),
GetSQLValueString($_POST['Comedie'], "int"),
GetSQLValueString($_POST['Crocheter'], "int"),
GetSQLValueString($_POST['Musique'], "int"),
GetSQLValueString($_POST['Cuisine'], "int"),
GetSQLValueString($_POST['Danse'], "int"),
GetSQLValueString($_POST['Deguisement'], "int"),
GetSQLValueString($_POST['Discretion'], "int"),
GetSQLValueString($_POST['Dressage'], "int"),
GetSQLValueString($_POST['Deuxmains'], "int"),
GetSQLValueString($_POST['Escalade'], "int"),
GetSQLValueString($_POST['Boucliercomp'], "int"),
GetSQLValueString($_POST['Etiquette'], "int"),
GetSQLValueString($_POST['Contunm'], "int"),
GetSQLValueString($_POST['Jeu'], "int"),
GetSQLValueString($_POST['Esquive'], "int"),
GetSQLValueString($_POST['Jonglage'], "int"),
GetSQLValueString($_POST['Hast'], "int"),
GetSQLValueString($_POST['Metallurgie'], "int"),
GetSQLValueString($_POST['Jet'], "int"),
GetSQLValueString($_POST['Natation'], "int"),
GetSQLValueString($_POST['Nues'], "int"),
GetSQLValueString($_POST['Navigation'], "int"),
GetSQLValueString($_POST['Projectiles'], "int"),
GetSQLValueString($_POST['Orientation'], "int"),
GetSQLValueString($_POST['Tranchantes1m'], "int"),
GetSQLValueString($_POST['Passepasse'], "int"),
GetSQLValueString($_POST['Pickpocket'], "int"),
GetSQLValueString($_POST['Piegeage'], "int"),
GetSQLValueString($_POST['Pistage'], "int"),
GetSQLValueString($_POST['Cacher'], "int"),
GetSQLValueString($_POST['total'], "int"),
GetSQLValueString($_POST['totco'], "int"),
GetSQLValueString($_POST['description'], "text"));
mysql_select_db($database_endo, $endo);
$Result1 = mysql_query($insertSQL, $endo) or die(mysql_error());
$insertGoTo = "/index.php?page=merci";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?from=1";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
} |
Partager