$uid = Session::getInt('uid');
$pass = Env::get('smtppass1');
-$log = Env::getMixed('log');
+$log = Session::getMixed('log');
if ( Env::get('op') == "Valider" && Env::get('smtppass1') == Env::get('smtppass2') && strlen($pass) >= 6 ) {
- $globals->db->query("update auth_user_md5 set smtppass = '$pass' where user_id = $uid");
+ $globals->xdb->execute('update auth_user_md5 set smtppass = {?} where user_id = {?}', $pass, $uid);
$page->trig('Mot de passe enregistré');
$log->log("passwd_ssl");
} elseif (Env::get('op') == "Supprimer") {
- $globals->db->query("update auth_user_md5 set smtppass = '' where user_id = $uid");
+ $globals->xdb->execute('update auth_user_md5 set smtppass = "" where user_id = {?}', $uid);
$page->trig('Compte SMTP et NNTP supprimé');
$log->log("passwd_del");
}
-$result = $globals->db->query("select IF(smtppass != '', 'actif', '') from auth_user_md5 where user_id = ".$uid);
-list($actif) = mysql_fetch_row($result);
-mysql_free_result($result);
-
-$page->assign('actif', $actif);
-$page->run($actif);
+$res = $globals->xdb->query("select IF(smtppass != '', 'actif', '') from auth_user_md5 where user_id = {?}", $uid);
+$page->assign('actif', $res->fetchOneCell());
+$page->run();
// vim:et:sw=4:
?>
} else {
$sql = 'DESCRIBE applis_def type';
}
- $res = $globals->db->query($sql);
- $row = mysql_fetch_row($res);
+ $res = $globals->xdb->query($sql);
+ $row = $res->fetchOneRow();
if (Env::has('school')) {
$types = $row[0];
} else {
$types = explode('(',$row[1]);
$types = str_replace("'","",substr($types[1],0,-1));
}
- mysql_free_result($res);
$page->assign('choix_diplomas', explode(',',$types));
}
$page->assign('demande', AliasReq::get_unique_request($uid));
//Récupération des alias éventuellement existants
-$sql = "SELECT alias
- FROM virtual
- INNER JOIN virtual_redirect USING(vid)
- WHERE ( redirect='$forlife@{$globals->mail->domain}'
- OR redirect='$forlife@{$globals->mail->domain2}' )
- AND alias LIKE '%@{$globals->mail->alias_dom}'";
-if($result = $globals->db->query($sql)) {
- list($aliases) = mysql_fetch_row($result);
- mysql_free_result($result);
- $page->assign('actuel',$aliases);
-}
+$res = $globals->xdb->query(
+ "SELECT alias
+ FROM virtual
+ INNER JOIN virtual_redirect USING(vid)
+ WHERE ( redirect={?} OR redirect= {?} )
+ AND alias LIKE '%@{$globals->mail->alias_dom}'",
+ $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
+$page->assign('actuel', $res->fetchOneCell());
//Si l'utilisateur vient de faire une damande
if (Env::has('alias') and Env::has('raison')) {
$page->run('error');
} else {
//vérifier que l'alias n'est pas déja pris
- $result = $globals->db->query("SELECT 1 FROM virtual WHERE alias='$alias@{$globals->mail->alias_dom}'");
- if (mysql_num_rows($result)>0) {
+ $res = $globals->xdb->query('SELECT COUNT(*) FROM virtual WHERE alias={?}', $alias.'@'.$globals->mail->alias_dom);
+ if ($res->fetchOneCell() > 0) {
$page->trig("L'alias $alias@{$globals->mail->alias_dom} a déja été attribué.
Tu ne peux donc pas l'obtenir.");
$page->run('error');
}
/* on parcourt les entrees de groupes_auth */
-$res = $globals->db->query("select privkey,name,datafields from groupesx_auth");
-while (list($privkey,$name,$datafields) = mysql_fetch_row($res)) {
+$res = $globals->xdb->iterRow('select privkey,name,datafields from groupesx_auth');
+
+while (list($privkey,$name,$datafields) = $res->next()) {
if (md5($gpex_challenge.$privkey) == $gpex_pass) {
$returl = $gpex_url.gpex_make_params($gpex_challenge,$privkey,$datafields);
header("Location:$returl");
$uid = Session::getInt('uid');
if (Post::has('best')) {
- $globals->db->query("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id=$uid");
- $globals->db->query("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id=$uid");
- $globals->db->query("UPDATE aliases
- SET flags=CONCAT(flags,',','bestalias')
- WHERE id=$uid AND alias='".Post::get('best')."'");
+ $globals->xdb->execute("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id={?}", $uid);
+ $globals->xdb->execute("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id={?}", $uid);
+ $globals->xdb->execute("UPDATE aliases SET flags=CONCAT(flags,',','bestalias') WHERE id={?} AND alias={?}", $uid, Post::get('best'));
}
// on regarde si on a affaire à un homonyme
// on regarde si l'utilisateur a un alias et si oui on l'affiche !
$forlife = Session::get('forlife');
-$sql = "SELECT alias
- FROM virtual AS v
- INNER JOIN virtual_redirect AS vr USING(vid)
- WHERE ( redirect='$forlife@{$globals->mail->domain}'
- OR redirect='$forlife@{$globals->mail->domain2}' )
- AND alias LIKE '%@{$globals->mail->alias_dom}'";
-$result = $globals->db->query($sql);
-if ($result && list($aliases) = mysql_fetch_row($result)) {
- list($melix) = split('@', $aliases);
- $page->assign('melix', $melix);
-}
-mysql_free_result($result);
+$res = $globals->xdb->query(
+ "SELECT alias
+ FROM virtual AS v
+ INNER JOIN virtual_redirect AS vr USING(vid)
+ WHERE (redirect={?} OR redirect={?})
+ AND alias LIKE '%@{$globals->mail->alias_dom}'",
+ $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
+$page->assign('melix', $res->fetchOneCell());
$page->run();
?>
new_skinned_page('epouse.tpl', AUTH_MDP);
-$res = $globals->db->query(
- "SELECT u.nom,u.epouse,u.flags,e.alias
- FROM auth_user_md5 AS u
- LEFT JOIN aliases AS e ON(u.user_id = e.id)
- WHERE user_id=".Session::getInt('uid');
+$res = $globals->xdb->query(
+ "SELECT u.nom,u.epouse,u.flags,e.alias
+ FROM auth_user_md5 AS u
+ LEFT JOIN aliases AS e ON(u.user_id = e.id)
+ WHERE user_id={?}", Session::getInt('uid'));
-list($nom,$epouse_old,$flags,$alias_old) = mysql_fetch_row($res);
-$flags=new flagset($flags);
+list($nom,$epouse_old,$flags,$alias_old) = $res->fetchOneRow();
+$flags = new flagset($flags);
$page->assign('is_femme', $flags->hasflag("femme"));
$page->assign('epouse_old', $epouse_old);
$page->assign('alias_old', $alias_old);
}
if (Env::has('mat')) {
- $res = $globals->db->query("SELECT alias
- FROM aliases AS a
- INNER JOIN auth_user_md5 AS u ON (a.id=u.user_id AND a.type='a_vie')
- WHERE matricule=".Env::getInt('mat'));
- if (!(list($login) = mysql_fetch_row($res))) {
+ $res = $globals->xdb->query(
+ "SELECT alias
+ FROM aliases AS a
+ INNER JOIN auth_user_md5 AS u ON (a.id=u.user_id AND a.type='a_vie')
+ WHERE matricule={?}", Env::getInt('mat'));
+ $login = $res->fetchOneCell();
+ if (empty($login)) {
$page->kill("cette page n'existe pas");
}
- mysql_free_result($res);
}
$new = Env::get('modif') == 'new';
exit;
}
-$reqsql = "SELECT prenom, nom, user_id, promo, cv, a.alias AS bestalias
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (u.user_id=a.id AND FIND_IN_SET('bestalias',a.flags))
- INNER JOIN aliases AS a1 ON (u.user_id=a1.id AND a1.alias = '".Env::get('user')."' AND a1.type!='homonyme')";
-$result = $globals->db->query($reqsql);
-if (mysql_num_rows($result)!=1) {
+$res = $globals->xdb->query(
+ "SELECT prenom, nom, user_id, promo, cv, a.alias AS bestalias
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON (u.user_id=a.id AND FIND_IN_SET('bestalias',a.flags))
+ INNER JOIN aliases AS a1 ON (u.user_id=a1.id AND a1.alias = {?} AND a1.type!='homonyme')",
+ Env::get('user'));
+if ($res->numRows() != 1) {
exit;
}
-if (list($prenom, $nom, $user_id, $promo, $cv, $bestalias) = mysql_fetch_row($result)) {
- mysql_free_result($result);
-}
+list($prenom, $nom, $user_id, $promo, $cv, $bestalias) = $res->fetchOneRow();
$page->assign('prenom', $prenom);
$page->assign('nom', $nom);
//recuperation des infos professionnelles
-$reqsql =
- "SELECT e.entreprise, s.label as secteur , ss.label as ss_secteur , f.fonction_fr as fonction,
- e.poste, e.adr1, e.adr2, e.adr3, e.cp, e.ville,
- gp.pays, gr.name, e.tel, e.fax
- FROM entreprises AS e
- LEFT JOIN emploi_secteur AS s ON(e.secteur = s.id)
- LEFT JOIN emploi_ss_secteur AS ss ON(e.ss_secteur = ss.id AND e.secteur = ss.secteur)
- LEFT JOIN fonctions_def AS f ON(e.fonction = f.id)
- LEFT JOIN geoloc_pays AS gp ON (gp.a2 = e.pays)
- LEFT JOIN geoloc_region AS gr ON (gr.a2 = e.pays and gr.region = e.region)
- WHERE e.uid = $user_id
- ORDER BY e.entrid
- ";
-
-$result = $globals->db->query($reqsql);
-
-while($tmp = mysql_fetch_assoc($result)) {
- if (trim(join('',$tmp))) {
- $adr_pro[] = $tmp;
- }
-}
-$page->assign_by_ref('adr_pro', $adr_pro);
-mysql_free_result($result);
+$res = $globals->xdb->query(
+ "SELECT e.entreprise, s.label as secteur , ss.label as ss_secteur , f.fonction_fr as fonction,
+ e.poste, e.adr1, e.adr2, e.adr3, e.cp, e.ville,
+ gp.pays, gr.name, e.tel, e.fax
+ FROM entreprises AS e
+ LEFT JOIN emploi_secteur AS s ON(e.secteur = s.id)
+ LEFT JOIN emploi_ss_secteur AS ss ON(e.ss_secteur = ss.id AND e.secteur = ss.secteur)
+ LEFT JOIN fonctions_def AS f ON(e.fonction = f.id)
+ LEFT JOIN geoloc_pays AS gp ON (gp.a2 = e.pays)
+ LEFT JOIN geoloc_region AS gr ON (gr.a2 = e.pays and gr.region = e.region)
+ WHERE e.uid = {?}
+ ORDER BY e.entrid", $user_id);
+$page->assign('adr_pro', $res->fetchAllAssoc());
///// recuperations infos referent
-$pays = $secteurs = $ss_secteurs = Array();
//expertise
-$result = $globals->db->query("SELECT expertise FROM mentor WHERE uid = $user_id");
-if(list($expertise) = mysql_fetch_row($result)) {
- $page->assign('expertise', $expertise);
-}
-mysql_free_result($result);
+$res = $globals->xdb->query("SELECT expertise FROM mentor WHERE uid = {?}", $user_id);
+$page->assign('expertise', $res->fetchOneCell());
//secteurs
-$result = $globals->db->query("SELECT s.label, ss.label
- FROM mentor_secteurs AS m
- LEFT JOIN emploi_secteur AS s ON(m.secteur = s.id)
- LEFT JOIN emploi_ss_secteur AS ss ON(m.secteur = ss.secteur AND m.ss_secteur = ss.id)
- WHERE uid = $user_id");
-while(list($sec, $ssec) = mysql_fetch_row($result)) {
+$secteurs = $ss_secteurs = Array();
+$res = $globals->xdb->iterRow(
+ "SELECT s.label, ss.label
+ FROM mentor_secteurs AS m
+ LEFT JOIN emploi_secteur AS s ON(m.secteur = s.id)
+ LEFT JOIN emploi_ss_secteur AS ss ON(m.secteur = ss.secteur AND m.ss_secteur = ss.id)
+ WHERE uid = {?}", $user_id);
+while (list($sec, $ssec) = $res->next()) {
$secteurs[] = $sec;
$ss_secteurs[] = $ssec;
}
-mysql_free_result($result);
-
-//pays
-$result = $globals->db->query("SELECT gp.pays
- FROM mentor_pays AS m
- LEFT JOIN geoloc_pays AS gp ON(m.pid = gp.a2)
- WHERE uid = $user_id");
-while (list($p) = mysql_fetch_row($result)) {
- $pays[] = $p;
-}
-mysql_free_result($result);
-
$page->assign_by_ref('secteurs', $secteurs);
$page->assign_by_ref('ss_secteurs', $ss_secteurs);
-$page->assign_by_ref('pays', $pays);
+//pays
+$res = $globals->xdb->query(
+ "SELECT gp.pays
+ FROM mentor_pays AS m
+ LEFT JOIN geoloc_pays AS gp ON(m.pid = gp.a2)
+ WHERE uid = {?}", $user_id);
+$page->assign('pays', $res->fetchColumn());
$page->run();
?>
echo $myphoto->data;
} else {
if(preg_match('/^\d*$/', Env::get('x'))) {
- $result = $globals->db->query('SELECT attachmime, attach FROM photo WHERE uid = '.Env::getInt('x'));
+ $res = $globals->xdb->query('SELECT attachmime, attach FROM photo WHERE uid = {?}', Env::getInt('x'));
} else {
- $sql = "SELECT attachmime, attach
- FROM photo AS p
- INNER JOIN aliases AS a ON p.uid=a.id
- WHERE alias='".Env::get('x')."'";
- $result = $globals->db->query($sql);
+ $res = $globals->xdb->query(
+ "SELECT attachmime, attach
+ FROM photo AS p
+ INNER JOIN aliases AS a ON p.uid=a.id
+ WHERE alias={?}", Env::get('x'));
}
- if( list($type,$data) = @mysql_fetch_row($result) ) {
+ if( list($type,$data) = $res->fetchOneRow() ) {
Header( "Content-type: image/$type");
echo $data;
} else {
require_once('xorg.inc.php');
new_skinned_page('login.tpl', AUTH_COOKIE);
-$param=$globals->db->query('SELECT date,naissance FROM auth_user_md5 WHERE user_id='.Session::getInt('uid'));
-list($date,$naissance) = mysql_fetch_row($param);
-mysql_free_result($param);
+$res = $globals->xdb->query('SELECT date,naissance FROM auth_user_md5 WHERE user_id={?}', Session::getInt('uid'));
+list($date,$naissance) = $res->fetchOneRow();
if ($naissance==0 || $naissance=='0000-00-00') {
$page->assign('ask_naissance', true);
// incitation à mettre à jour la fiche
-$res = $globals->db->query('SELECT date FROM auth_user_md5 WHERE user_id='.Session::getInt('uid'));
-list($d) = mysql_fetch_row($res);
-$date_maj = mktime(0, 0, 0, substr($d, 5, 2), substr($d, 8, 2), substr($d, 0, 4));
-if(( (time() - $date_maj) > 60 * 60 * 24 * 400)) { // si fiche date de + de 400j;
+$res = $globals->xdb->query('SELECT date FROM auth_user_md5 WHERE user_id={?}', Session::getInt('uid'));
+$d = $res->fetchOneCell();
+$d2 = mktime(0, 0, 0, substr($d, 5, 2), substr($d, 8, 2), substr($d, 0, 4));
+if( (time() - $d2) > 60 * 60 * 24 * 400 ) {
+ // si fiche date de + de 400j;
$page->assign('fiche_incitation', $d);
}
// incitation à mettre une photo
-$res = $globals->db->query('SELECT 1 FROM photo WHERE uid='.Session::getInt('uid'));
-if (mysql_num_rows($res) == 0)
- $page->assign('photo_incitation', true);
-mysql_free_result($res);
+$res = $globals->xdb->query('SELECT COUNT(*) FROM photo WHERE uid={?}', Session::getInt('uid'));
+$page->assign('photo_incitation', $res->fetchOneCell() == 0);
// affichage de la boîte avec quelques liens
if (Env::has('response2')) {
$_SESSION['password'] = $password = Post::get('response2');
- $sql = "UPDATE auth_user_md5 SET password='$password' WHERE user_id=".Session::getInt('uid');
- $globals->db->query($sql);
+ $globals->xdb->execute('UPDATE auth_user_md5 SET password={?} WHERE user_id={?}', $password, Session::getInt('uid'));
$log =& Session::getMixed('log');
$log->log('passwd', '');
// pour tous les tabs, on recupere les bits car on a besoin de tous les bits pour en mettre a jour un, la date d naissance pour verifier
// quelle est bien rentree et la date.
-$sql = "SELECT FIND_IN_SET('mobile_public', bits), FIND_IN_SET('mobile_ax', bits),
- FIND_IN_SET('web_public', bits), FIND_IN_SET('libre_public', bits),
- naissance, DATE_FORMAT(date,'%d.%m.%Y')
- FROM auth_user_md5
- WHERE user_id=".Session::getInt('uid');
-$result = $globals->db->query($sql);
-list($mobile_public, $mobile_ax,$web_public, $libre_public, $naissance, $date_modif_profil) = mysql_fetch_row($result);
+$res = $globals->xdb->query(
+ "SELECT FIND_IN_SET('mobile_public', bits), FIND_IN_SET('mobile_ax', bits),
+ FIND_IN_SET('web_public', bits), FIND_IN_SET('libre_public', bits),
+ naissance, DATE_FORMAT(date,'%d.%m.%Y')
+ FROM auth_user_md5
+ WHERE user_id={?}", Session::getInt('uid'));
+list($mobile_public, $mobile_ax,$web_public, $libre_public, $naissance, $date_modif_profil) = $res->fetchOneRow();
// lorsqu'on n'a pas la date de naissance en base de données
if (!$naissance) {
//sinon
$birth = sprintf("%s-%s-%s", substr(Env::get('birth'),4,4), substr(Env::get('birth'),2,2), substr(Env::get('birth'),0,2));
- $globals->db->query("UPDATE auth_user_md5 SET naissance='$birth' WHERE user_id=".Session::getInt('uid'));
+ $globals->xdb->execute("UPDATE auth_user_md5 SET naissance={?} WHERE user_id={?}", $birth, Session::getInt('uid'));
$page->assign('etat_naissance','ok');
$page->run();
} else {
/* on sauvegarde les changements dans user_changes :
* on a juste besoin d'insérer le user_id de la personne dans la table
*/
- $globals->db->query('REPLACE INTO user_changes SET user_id='.Session::getInt('uid'));
+ $globals->xdb->execute('REPLACE INTO user_changes SET user_id={?}', Session::getInt('uid'));
//Mise a jour des bits
// bits : set('mobile_public','mobile_ax','web_public','libre_public')
if ($web_public) $bits_reply .= 'web_public,';
if ($libre_public) $bits_reply .= 'libre_public,';
if (!empty($bits_reply)) $bits_reply = substr($bits_reply, 0, -1);
- $sql = "UPDATE auth_user_md5 set bits = '$bits_reply' WHERE user_id=".Session::getInt('uid');
- $globals->db->query($sql);
+ $globals->xdb->execute('UPDATE auth_user_md5 set bits={?} WHERE user_id={?}', $bits_reply, Session::getInt('uid'));
if (!Session::has('suid')) {
require_once('notifs.inc.php');
// paragraphe rajouté : si la date de naissance dans la base n'existe pas, on l'update
// avec celle fournie ici en espérant que c'est la bonne
- $sql="SELECT user_id, naissance
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (u.user_id=a.id AND type!='homonyme')
- WHERE a.alias='$mailorg' AND u.perms IN ('admin','user') AND u.deces=0";
- $result=$globals->db->query($sql);
- if (list($uid,$naissance)=mysql_fetch_array($result)) {
- if((strlen($naissance))<5) {
- $globals->db->query("UPDATE auth_user_md5 SET naissance='$birth' WHERE user_id=$uid");
- $naissance = $birth;
- }
- }
- mysql_free_result($result);
+ $res = $globals->xdb->query(
+ "SELECT user_id, naissance
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON (u.user_id=a.id AND type!='homonyme')
+ WHERE a.alias={?} AND u.perms IN ('admin','user') AND u.deces=0", $mailorg);
+ list($uid, $naissance) = $res->fetchOneRow();
if ($naissance == $birth) {
$page->assign('ok', true);
- $url = rand_url_id();
- $stamp = date('Y-m-d H:i:s');
- $sql = "INSERT INTO perte_pass (certificat,uid,created) VALUES ('$url',$uid,'$stamp')";
-
- $globals->db->query($sql);
- // on recupere les emails sans tenir comptes du flags active (ni des autres)
- // sauf qu'il ne faut pas prendre la ligne qui possède l'éventuel appel
- // au filtre personnel (ligne dont le num = 0)
- $result=$globals->db->query("select email from emails where uid = $uid and NOT FIND_IN_SET('filter', flags)");
-
- $emails = array();
- while(list($email) = mysql_fetch_row($result)) {
- $emails[] = $email;
- }
- mysql_free_result($result);
- $emails = implode(',', $emails);
+ $url = rand_url_id();
+ $globals->xdb->execute('INSERT INTO perte_pass (certificat,uid,created) VALUES ({?},{?},NOW())', $url, $uid);
+ $res = $globals->xdb->query('SELECT email FROM emails WHERE uid = {?} AND NOT FIND_IN_SET("filter", flags)', $uid);
+ $mails = implode(', ', $res->fetchColumn());
require_once("diogenes.hermes.inc.php");
$mymail = new HermesMailer();
$mymail->setFrom('"Gestion des mots de passe" <support+password@polytechnique.org>');
- $mymail->addTo($emails);
+ $mymail->addTo($mails);
$mymail->setSubject('Ton certificat d\'authentification');
$mymail->setTxtBody("Visite la page suivante qui expire dans six heures :
{$globals->baseurl}/tmpPWD.php?certificat=$url
$page->assign('ss_secteur_selectionne',$ss_secteur_selectionne);
//recuperation des noms de secteurs
-$res = $globals->db->query("SELECT id, label FROM emploi_secteur");
+$res = $globals->xdb->iterRow("SELECT id, label FROM emploi_secteur");
$secteurs[''] = '';
-while(list($tmp_id, $tmp_label) = mysql_fetch_row($res)) {
+while (list($tmp_id, $tmp_label) = $res->next()) {
$secteurs[$tmp_id] = $tmp_label;
}
-mysql_free_result($res);
$page->assign_by_ref('secteurs', $secteurs);
//on recupere les sous-secteurs si necessaire
$ss_secteurs[''] = '';
-if(!empty($secteur_selectionne))
+if (!empty($secteur_selectionne))
{
- $res = $globals->db->query("SELECT id, label FROM emploi_ss_secteur
- WHERE secteur = '$secteur_selectionne'");
- while(list($tmp_id, $tmp_label) = mysql_fetch_row($res)) {
- $ss_secteurs[$tmp_id] = $tmp_label;
+ $res = $globals->xdb->iterRow("SELECT id, label FROM emploi_ss_secteur WHERE secteur = {?}", $secteur_selectionne);
+ while (list($tmp_id, $tmp_label) = $res->next()) {
+ $ss_secteurs[$tmp_id] = $tmp_label;
}
- mysql_free_result($res);
}
$page->assign_by_ref('ss_secteurs', $ss_secteurs);
//recuperation des noms de pays
-$res = $globals->db->query("SELECT a2, pays FROM geoloc_pays WHERE pays <> '' ORDER BY pays");
+$res = $globals->xdb->iterRow("SELECT a2, pays FROM geoloc_pays WHERE pays <> '' ORDER BY pays");
$pays['00'] = '';
-while(list($tmp_id, $tmp_label) = mysql_fetch_row($res)) {
+while (list($tmp_id, $tmp_label) = $res->next()) {
$pays[$tmp_id] = $tmp_label;
}
-mysql_free_result($res);
$page->assign_by_ref('pays', $pays);
//On vient d'un formulaire
$champ_select = $champ_select.', mp.pid';
$champ_select = $champ_select.', ms.secteur, ms.ss_secteur';
- $clause_from = ' FROM mentor as m LEFT JOIN auth_user_md5 AS a ON(m.uid = a.user_id)'
- . ' INNER JOIN aliases AS l ON (a.user_id=l.id AND FIND_IN_SET(\'bestalias\',l.flags)'
- . ' LEFT JOIN mentor_pays AS mp ON(m.uid = mp.uid)'
- . ' LEFT JOIN mentor_secteurs AS ms ON(m.uid = ms.uid)';
+ $clause_from = ' FROM mentor AS m
+ LEFT JOIN auth_user_md5 AS a ON(m.uid = a.user_id)
+ INNER JOIN aliases AS l ON (a.user_id=l.id AND FIND_IN_SET(\'bestalias\',l.flags)
+ LEFT JOIN mentor_pays AS mp ON(m.uid = mp.uid)
+ LEFT JOIN mentor_secteurs AS ms ON(m.uid = ms.uid)';
- $clause_where = 'WHERE';
+ $clause_where = '';
if ($pays_selectionne != '00') {
- $clause_where = $clause_where." mp.pid = '$pays_selectionne' AND";
+ $clause_where = $clause_where." mp.pid = '".addslashes($pays_selectionne)."' AND";
}
- if ($secteur_selectionne != '')
- {
- $clause_where = $clause_where." ms.secteur = '$secteur_selectionne' AND";
- if($ss_secteur_selectionne)
- $clause_where = $clause_where." ms.ss_secteur = '$ss_secteur_selectionne' AND";
+ if ($secteur_selectionne) {
+ $clause_where = $clause_where." ms.secteur = '".addslashes($secteur_selectionne)."' AND";
+ if($ss_secteur_selectionne) {
+ $clause_where = $clause_where." ms.ss_secteur = '".addslashes($ss_secteur_selectionne)."' AND";
+ }
}
- if($expertise_champ != '')
- {
- $clause_where = $clause_where." MATCH(m.expertise) AGAINST('".addslashes($expertise_champ)."') AND";
+ if($expertise_champ) {
+ $clause_where = $clause_where." MATCH(m.expertise) AGAINST('".addslashes($expertise_champ)."') AND";
}
- if($clause_where != 'WHERE'){
-
- $show_formulaire = false;
- $clause_where = substr($clause_where, 0, -3); //on vire le dernier AND
-
- $sql = "SELECT $champ_select $clause_from $clause_where
- GROUP BY uid ORDER BY RAND(".Session::getInt('uid').')';
-
- $res = $globals->db->query($sql);
-
- if (mysql_num_rows($res) == 0) {
- $page->assign('recherche_trop_large',true);
- mysql_free_result($res);
- }
- else{
- if (Env::has('page_courante')) {
- $page_courante = Env::getInt('page_courante');
- }
- else{
- $page_courante = 1;
- }
-
- $current_uid = 0;
- $nb_resultats = 0;
- $page->assign('resultats',true);
- $personnes = Array();
- $page->assign_by_ref('personnes',$personnes);
- while((list($uid, $prenom, $nom, $promo, $bestalias,
- $expertise_bd, $pays_id, $secteur_id, $ss_secteur_id) = mysql_fetch_row($res))
- || ($nb_resultats >= $nb_max_resultats_total)){
- if($current_uid != $uid){
- $current_uid = $uid;
- $page_correspondante = (int)($nb_resultats / $nb_max_resultats_par_page) +1;
- $nb_resultats++;
- if( $page_correspondante == $page_courante){
- $pers_trouve['nom'] = $nom;
- $pers_trouve['prenom'] = $prenom;
- $pers_trouve['promo'] = $promo;
- $pers_trouve['bestalias'] = $bestalias;
- $pers_trouve['expertise'] = $expertise_bd;
- $personnes[] = $pers_trouve;
- }
- }
- }
- $nb_pages = (int) ($nb_resultats/$nb_max_resultats_par_page) + 1;
- $page->assign('nb_pages_total', $nb_pages);
- $page->assign('page_courante', $page_courante);
- mysql_free_result($res);
- }//fin else
- }//fin if clause_where non vide
-}//fin if Chercher
-//sinon on affiche le formulaire
+ if($clause_where) {
+
+ $show_formulaire = false;
+ $clause_where = substr($clause_where, 0, -3); //on vire le dernier AND
+
+ $sql = "SELECT $champ_select $clause_from WHERE $clause_where GROUP BY uid ORDER BY RAND(".Session::getInt('uid').')';
+ $res = $globals->xdb->iterRow($sql);
+
+ if ($res->total() == 0) {
+ $page->assign('recherche_trop_large',true);
+ } else {
+ if (Env::has('page_courante')) {
+ $page_courante = Env::getInt('page_courante');
+ } else {
+ $page_courante = 1;
+ }
+
+ $current_uid = 0;
+ $nb_resultats = 0;
+ $page->assign('resultats',true);
+ $personnes = Array();
+ $page->assign_by_ref('personnes',$personnes);
+ while( (list($uid, $prenom, $nom, $promo, $bestalias,
+ $expertise_bd, $pays_id, $secteur_id, $ss_secteur_id) = $res->next())
+ || ($nb_resultats >= $nb_max_resultats_total)){
+ if ($current_uid != $uid) {
+ $current_uid = $uid;
+ $page_correspondante = (int)($nb_resultats / $nb_max_resultats_par_page) +1;
+ $nb_resultats++;
+ if( $page_correspondante == $page_courante){
+ $pers_trouve['nom'] = $nom;
+ $pers_trouve['prenom'] = $prenom;
+ $pers_trouve['promo'] = $promo;
+ $pers_trouve['bestalias'] = $bestalias;
+ $pers_trouve['expertise'] = $expertise_bd;
+ $personnes[] = $pers_trouve;
+ }
+ }
+ }
+ $nb_pages = (int) ($nb_resultats/$nb_max_resultats_par_page) + 1;
+ $page->assign('nb_pages_total', $nb_pages);
+ $page->assign('page_courante', $page_courante);
+ mysql_free_result($res);
+ }
+ }
+}
if ($show_formulaire) {
- $res = $globals->db->query("SELECT count(*) FROM mentor");
- list($nb) = mysql_fetch_row($res);
- mysql_free_result($res);
-
- $page->assign('mentors_number',$nb);
+ $res = $globals->xdb->query("SELECT count(*) FROM mentor");
+ $page->assign('mentors_number', $res->fetchOneCell());
}
$page->run();
new_skinned_page('skins.tpl', AUTH_COOKIE);
if (Env::has('newskin')) { // formulaire soumis, traitons les données envoyées
- $globals->db->query('UPDATE auth_user_quick
- SET skin='.Env::getInt('newskin').'
- WHERE user_id='.Session::getInt('uid'));
+ $globals->xdb->execute('UPDATE auth_user_quick SET skin={?} WHERE user_id={?}', Env::getInt('newskin'), Session::getInt('uid'));
set_skin();
}
LEFT JOIN auth_user_quick AS a ON s.id=a.skin
WHERE skin_tpl != '' AND ext != ''
GROUP BY id ORDER BY s.date DESC";
-$page->mysql_assign($sql, 'skins');
+$page->assign_by_ref('skins', $globals->xdb->iterator($sql));
$page->run();
?>
require_once("xorg.inc.php");
-$sql = "DELETE FROM perte_pass WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created";
-$globals->db->query($sql);
+$globals->xdb->execute('DELETE FROM perte_pass WHERE DATE_SUB(NOW(), INTERVAL 380 MINUTE) > created');
-$certificat = Env::get('certificat');
-$sql = "SELECT uid FROM perte_pass WHERE certificat='$certificat'";
-$result = $globals->db->query($sql);
+$certif = Env::get('certificat');
+$res = $globals->xdb->query('SELECT uid FROM perte_pass WHERE certificat={?}', $certif);
-if ($ligne = mysql_fetch_array($result)) {
- $uid=$ligne["uid"];
- if (Post::has('response2')) { // la variable $response existe-t-elle ?
- // OUI, alors changeons le mot de passe
+if ($ligne = $res->fetchOneAssoc()) {
+ $uid = $ligne["uid"];
+ if (Post::has('response2')) {
$password = Post::get('response2');
- $sql = "UPDATE auth_user_md5 SET password='$password' WHERE user_id='$uid' AND perms IN('admin','user')";
- $globals->db->query($sql);
$logger = new DiogenesCoreLogger($uid);
+ $globals->xdb->query('UPDATE auth_user_md5 SET password={?} WHERE user_id={?} AND perms IN("admin","user")', $password, $uid);
+ $globals->xdb->query('DELETE FROM perte_pass WHERE certificat={?}', $certif);
$logger->log("passwd","");
- $sql = "DELETE FROM perte_pass WHERE certificat='$certificat'";
- $globals->db->query($sql);
new_skinned_page('tmpPWD.success.tpl', AUTH_PUBLIC);
$page->run();
} else {
}
} elseif (Env::get('suppr')) {
// effacement de la photo
- $globals->db->query('DELETE FROM photo WHERE uid = '.Session::getInt('uid'));
- $globals->db->query('DELETE FROM requests WHERE user_id = '.Session::getInt('uid').' AND type="photo"');
+ $globals->xdb->execute('DELETE FROM photo WHERE uid = {?}', Session::getInt('uid'));
+ $globals->xdb->execute('DELETE FROM requests WHERE user_id = {?} AND type="photo"', Session::getInt('uid'));
}
-$sql = $globals->db->query('SELECT * FROM requests WHERE user_id='.Session::getInt('uid').' AND type="photo"');
-$page->assign('submited', mysql_num_rows($sql) > 0);
+$sql = $globals->xdb->query('SELECT COUNT(*) FROM requests WHERE user_id={?} AND type="photo"', Session::getInt('uid'));
+$page->assign('submited', $sql->fetchOneCell());
$page->run();
$xpromo = Env::getInt('xpromo');
$where = ( $xpromo>0 ? "WHERE promo='$xpromo'" : "" );
- $res = $globals->db->query("SELECT COUNT(*)
- FROM auth_user_md5 AS u
- RIGHT JOIN photo AS p ON u.user_id=p.uid
- $where");
- list($pnb) = mysql_fetch_row($res);
- mysql_free_result($res);
+ $res = $globals->xdb->query(
+ "SELECT COUNT(*)
+ FROM auth_user_md5 AS u
+ RIGHT JOIN photo AS p ON u.user_id=p.uid
+ $where");
+ $pnb = $res->fetchOneCell();
- $sql = "SELECT promo,user_id,a.alias AS forlife,nom,prenom
- FROM photo AS p
- INNER JOIN auth_user_md5 AS u ON u.user_id=p.uid
- INNER JOIN aliases AS a ON ( u.user_id=a.id AND a.type='a_vie' )
- $where
- ORDER BY promo,nom,prenom LIMIT ".($offset*$limit).",$limit";
-
- $res = $globals->db->query($sql);
- $list = Array();
- while($tmp = mysql_fetch_assoc($res)) $list[] = $tmp;
- mysql_free_result($res);
-
- return Array($pnb, $list);
+ $res = $globals->xdb->query(
+ "SELECT promo,user_id,a.alias AS forlife,nom,prenom
+ FROM photo AS p
+ INNER JOIN auth_user_md5 AS u ON u.user_id=p.uid
+ INNER JOIN aliases AS a ON ( u.user_id=a.id AND a.type='a_vie' )
+ $where
+ ORDER BY promo,nom,prenom LIMIT {?}, {?}", $offset*$limit, $limit);
+
+ return Array($pnb, $res->fetchAllAssoc());
}
if (Env::has('xpromo')) {
$url = Env::get('url');
if ((Env::get('submit') == 'Valider' or Env::get('submit') == 'Modifier') and Env::has('url')) {
- // on change la redirection (attention à http://)
- $globals->db->query("update auth_user_quick set redirecturl = '$url' where user_id = ".Session::getInt('uid'));
- if (mysql_errno() == 0) {
+ if ($globals->xdb->execute('UPDATE auth_user_quick SET redirecturl = {?} WHERE user_id = {?}',
+ $url, Session::getInt('uid')))
+ {
$log->log('carva_add', 'http://'.Env::get('url'));
$page->trig("Redirection activée vers <a href='http://$url'>$url</a>");
} else {
$page->trig('Erreur de mise à jour');
}
} elseif (Env::get('submit') == "Supprimer") {
- // on supprime la redirection
- $globals->db->query("update auth_user_quick set redirecturl = '' where user_id = ".Session::getInt('uid'));
- if (mysql_errno() == 0) {
+ if ($globals->xdb->execute("UPDATE auth_user_quick SET redirecturl = '' WHERE user_id = {?}", Session::getInt('uid')))
+ {
$log->log("carva_del", $url);
- Post::kil('url');
+ Post::kill('url');
$page->trig('Redirection supprimée');
} else {
$page->trig('Erreur de suppression');
}
-$result = $globals->db->query("select redirecturl from auth_user_quick where user_id = ".Session::getInt('uid'));
-list($carva) = mysql_fetch_row($result);
-mysql_free_result($result);
-$page->assign('carva', $carva);
+$res = $globals->xdb->query('SELECT redirecturl FROM auth_user_quick WHERE user_id = {?}', Session::getInt('uid'));
+$page->assign('carva', $res->fetchOneCell());
$page->run();
?>
}
if (!empty($var_found_rows)) {
- $n_res = $globals->db->query('SELECT FOUND_ROWS()');
- $r = mysql_fetch_row($n_res);
- $this->assign($var_found_rows, $r[0]);
- mysql_free_result($n_res);
+ $res = $globals->xdb->query('SELECT FOUND_ROWS()');
+ $this->assign($var_found_rows, $res->fetchOneCell());
//si la trace était activée on affiche la trace sur la requête initiale
if ($switch_trace) {
$globals->db->trace_on();
* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
***************************************************************************}
+<h1>Skins Polytechnique.org</h1>
-<h1>
- Skins Polytechnique.org
-</h1>
<p>
Tu n'aimes pas les couleurs ou l'apparence de Polytechnique.org ? Normal, les goûts et les
couleurs, ça ne se discute pas. Certains préfèrent une page sérieuse, d'autres plus
<form action="{$smarty.server.REQUEST_URI}" method="post">
<table id="skin" cellpadding="0" cellspacing="0" summary="Choix de skins">
-{foreach item=skin from=$skins}
+ {iterate item=skin from=$skins}
<tr>
<td class="skigauche">
<input type="radio" name="newskin" value="{$skin.id}" {if $smarty.session.skin_id eq $skin.id}checked="checked"{/if} onclick="this.form.submit();" />
<img src="images/skins/{$skin.name}.{$skin.ext}" style="width:160px; height:160px;" alt=" [ CAPTURE D'ECRAN ] " />
</td>
</tr>
-{/foreach}
+ {/iterate}
</table>
</form>
projects / platal.git / commitdiff