1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
| <?php
mysql_connect("SERVEURBD", "Craft", "xxxxx");
mysql_select_db("MABASE");
session_start();
//J'enleve le html des post via htmlentities
$pseudo = $_SESSION['login'];
$titre_html = $_POST['titre'];
$titre = htmlentities($titre_html);
$source= $_POST['source'];
$source = htmlentities($source);
$lien= $_POST['lien'];
$message_avec_html = $_POST['message'];
$message_sans_html = htmlentities($message_avec_html);
//Je remplace les retour à la ligne dans le post par <br />
$message = nl2br($message_sans_html);
$source = nl2br($source);
//BBCODE
$message = preg_replace('!\[g\](.+)\[/g\]!i', '<strong>$1</strong>', $message);
$message = preg_replace('!\[s\](.+)\[/s\]!i', '<span style="text-decoration:underline">$1</span>', $message);
$message = preg_replace('!\[i\](.+)\[/i\]!i', '<i>$1</i>', $message);
$message = preg_replace('!\[centre\](.+)\[/centre\]!i', '<center>$1</center>', $message);
$message = preg_replace('!\[gauche\](.+)\[/gauche\]!i', '<div align="left">$1</div>', $message);
$message = preg_replace('!\[droite\](.+)\[/droite\]!i', '<div align="right">$1</div>', $message);
$message = preg_replace('!\[note\](.+)\[/note\]!i', '<center><table width=110 border=1 cellspacing=0 cellpadding=0><tr><td width=110 height=35 class=TITREBLANC><center><span class="Stylecolor1">Note</span></center>
</table></center><table width=330 border=0 cellspacing=0 cellpadding=0><tr><td><span class="Stylecolor2"><code><enter>$1</center></code></span></table>', $message);
$message = preg_replace('!\[couleur=(red|green|blue|yellow|purple|olive)\](.+)\[/couleur\]!isU', '<span style="color:$1">$2</span>', $message);
$message = preg_replace('!http://[a-z0-9._/-]+!i', '<a href="$0">$0</a>', $message);
$lien = preg_replace('!http://[a-z0-9._/-]+!i', '<a href="$0">Télécharger</a>', $lien);
//contenue final
$contenue_brut = '<!--MESSAGE_DEBUT-->
<table width="500" border="0" cellspacing="0" cellpadding="0"><tr><td colspan="3"><table width="500" border="0" cellspacing="0" cellpadding="0"><tr><td><img src="images/maquette_19.gif" width="31" height="36"></td><td background="images/maquette_20.gif" width="300" class="TITREBLANC"><a name="'.$donnees['id_python'].'" id="'.$donnees['id_python'].'"></a>' . $pseudo . ' ' . $titre . '</td><td><img src="images/maquette_21.gif" width="300" height="36"></td></tr></table></td></tr><tr> <td background="images/maquette_25.gif" width="22"> </td><td width="597" valign="top" class="TEXT" height="100">' . $message . '<br>
<div class="news">
<h3>Source</h3>
</div>
<br>'.$source.'<br>
<p><center>'.$lien.'</center></p></td>
<td background="images/maquette_27.gif"><img src="images/maquette_27.gif" width="19" height="92"></td></tr><tr> <td colspan="3"><img src="images/maquette_31.gif" width="503" height="28"></td></tr></table>
<!--MESSAGE_FIN-->';
// j'enleve les anti-slash pour les accents et apostrophes
$contenue = stripslashes($contenue_brut);
//j'enregistre dans la table
mysql_query("INSERT INTO x_table VALUES('', '$pseudo', '$contenue')");
mysql_close();
?> |
Partager