git-archimport-id: opensource@polytechnique.org--2005/platal--mainline--0.9--patch-198
require_once("xorg.inc.php");
new_admin_page('admin/index.tpl');
-$res = $globals->db->query("
+$res = $globals->xdb->iterRow("
SELECT h1, h2, texte, url
FROM admin_a AS a
INNER JOIN admin_h2 AS h2 USING(h2id)
INNER JOIN admin_h1 AS h1 USING(h1id)
ORDER BY h1.prio, h2.prio, a.prio");
$index = Array();
-while(list($h1,$h2,$txt,$url) = mysql_fetch_row($res)) {
+while(list($h1,$h2,$txt,$url) = $res->next()) {
$index[$h1][$h2][] = Array('txt' => $txt, 'url'=>$url);
}
$page->assign_by_ref('index', $index);
if(Env::has('suid_button') && $login) {
$_SESSION['log']->log("suid_start", "login by ".Session::get('forlife'));
$_SESSION['suid'] = $_SESSION;
- $r = $globals->db->query("SELECT id FROM aliases WHERE alias='$login'");
- if(list($uid) = mysql_fetch_row($r)) {
+ $r = $globals->xdb->query("SELECT id FROM aliases WHERE alias={?}", $login);
+ if($uid = $r->fetchOneCell()) {
start_connexion($uid,true);
header("Location: ../");
}
- mysql_free_result($r);
}
if ($login) {
- $r = $globals->db->query("SELECT *, a.alias AS forlife
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias='$login' AND type!='homonyme' )");
- $mr = mysql_fetch_assoc($r);
- mysql_free_result($r);
+ $r = $globals->xdb->query("SELECT *, a.alias AS forlife
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON ( a.id = u.user_id AND a.alias={?} AND type!='homonyme' )", $login);
+ $mr = $r->fetchOneAssoc();
$redirect = new Redirect($mr['user_id']);
case "del_alias":
if (!empty($val)) {
- $globals->db->query("DELETE FROM aliases WHERE id='{$mr['user_id']}' AND alias='$val'
- AND type!='a_vie' AND type!='homonyme'");
+ $globals->xdb->execute("DELETE FROM aliases WHERE id={?} AND alias={?}
+ AND type!='a_vie' AND type!='homonyme'", $mr['user_id'], $val);
fix_bestalias($nr['user_id']);
$page->trig($val." a été supprimé");
}
break;
case "add_alias":
- $globals->db->query("INSERT INTO aliases (id,alias,type)
- VALUES ('{$mr['user_id']}','".Env::get('email')."','alias')");
+ $globals->xdb->execute("INSERT INTO aliases (id,alias,type) VALUES ({?}, {?}, 'alias')",
+ $mr['user_id'], Env::get('email'));
break;
case "best":
- $globals->db->query("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id='{$mr['user_id']}'");
- $globals->db->query("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id='{$mr['user_id']}'");
- $globals->db->query("UPDATE aliases
- SET flags=CONCAT(flags,',','bestalias')
- WHERE id='{$mr['user_id']}' AND alias='$val'");
+ $globals->xdb->execute("UPDATE aliases SET flags='' WHERE flags='bestalias' AND id={?}", $mr['user_id']);
+ $globals->xdb->execute("UPDATE aliases SET flags='epouse' WHERE flags='epouse,bestalias' AND id={?}", $mr['user_id']);
+ $globals->xdb->execute("UPDATE aliases
+ SET flags=CONCAT(flags,',','bestalias')
+ WHERE id={?} AND alias={?}", $mr['user_id'], $val);
break;
naissance = '$naiss',
password = '$pass_md5B',
perms = '$perms',
- prenom = '$prenm',
- nom = '$nom',
+ prenom = '".addslashes($prenm)."',
+ nom = '".addslashes($nom)."',
promo = $promo,
- comment = '$comm'
+ comment = '".addslashes($comm)."'
WHERE user_id = '{$mr['user_id']}'";
- if ($globals->db->query($query)) {
+ if ($globals->xdb->execute($query)) {
// FIXME: recherche
system('echo 1 > /tmp/flag_recherche');
$page->trig("updaté correctement.");
}
- $r = $globals->db->query("SELECT *, a.alias AS forlife
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON (u.user_id=a.id)
- WHERE user_id = {$mr['user_id']}");
- $mr = mysql_fetch_assoc($r);
- mysql_free_result($r);
+ $r = $globals->xdb->query("SELECT *, a.alias AS forlife
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON (u.user_id=a.id)
+ WHERE user_id = {?}", $mr['user_id']);
+ $mr = $r->fetchOneAssoc();
break;
// DELETE FROM auth_user_md5
}
}
- $result=$globals->db->query("SELECT UNIX_TIMESTAMP(start), host
+ $res = $globals->xdb->query("SELECT UNIX_TIMESTAMP(start), host
FROM logger.sessions
- WHERE uid={$mr['user_id']} AND suid=0
+ WHERE uid={?} AND suid=0
ORDER BY start DESC
- LIMIT 1");
- list($lastlogin,$host) = mysql_fetch_row($result);
- mysql_free_result($result);
+ LIMIT 1", $mr['user_id']);
+ list($lastlogin,$host) = $res->fetchOneRow();
$page->assign('lastlogin', $lastlogin);
$page->assign('host', $host);
if (Get::has('email') && Get::has('action')) {
$email = valide_email(Get::get('email'));
// vérifications d'usage
- $sel = $globals->db->query(
+ $sel = $globals->xdb->query(
"SELECT e.uid, a.alias
FROM emails AS e
INNER JOIN auth_user_md5 AS u ON e.uid = u.user_id
INNER JOIN aliases AS a ON (e.uid = a.id AND type!='homonyme' AND FIND_IN_SET('bestalias',a.flags))
- WHERE e.email='$email'");
+ WHERE e.email={?}", $email);
- if (list($uid, $dest) = mysql_fetch_row($sel)) {
+ if (list($uid, $dest) = $sel->fetchOneRow()) {
// envoi du mail
$message = "Bonjour !
} elseif (Post::has('email')) {
$email = valide_email(Post::get('email'));
$page->assign('email',$email);
- $sel = $globals->db->query(
+ $sel = $globals->xdb->query(
"SELECT e1.uid, e1.panne != 0 AS panne, count(e2.uid) AS nb_mails, u.nom, u.prenom, u.promo
FROM emails as e1
LEFT JOIN emails as e2 ON(e1.uid = e2.uid AND FIND_IN_SET('active', e2.flags) AND e1.email != e2.email)
INNER JOIN auth_user_md5 as u ON(e1.uid = u.user_id)
- WHERE e1.email ='$email'
- GROUP BY e1.uid");
- if ($x = mysql_fetch_assoc($sel)) {
+ WHERE e1.email = {?}
+ GROUP BY e1.uid", $email);
+ if ($x = $sel->fetchOneAssoc()) {
// on écrit dans la base que l'adresse est cassée
if (!$x['panne']) {
- $globals->db->query("UPDATE emails SET panne='".date('Y-m-d')."' WHERE email = '$email'");
+ $globals->xdb->execute("UPDATE emails SET panne=NOW() WHERE email = {?}", $email);
}
$page->assign_by_ref('x', $x);
}
$page->assign('retour', $redirect->modify_email($actifs, Env::getMixed('emails_rewrite',Array())));
}
}
-$sql = "SELECT alias
- FROM virtual
- INNER JOIN virtual_redirect USING(vid)
- WHERE ( redirect='$forlife@{$globals->mail->domain}'
- OR redirect='$forlife@{$globals->mail->domain2}' )
- AND alias LIKE '%@{$globals->mail->alias_dom}'";
-$res = $globals->db->query($sql);
-if (mysql_num_rows($res)) {
- list($melix) = mysql_fetch_row($res);
+$res = $globals->xdb->query(
+ "SELECT alias
+ FROM virtual
+ INNER JOIN virtual_redirect USING(vid)
+ WHERE (redirect={?} OR redirect={?})
+ AND alias LIKE '%@{$globals->mail->alias_dom}'",
+ $forlife.'@'.$globals->mail->domain, $forlife.'@'.$globals->mail->domain2);
+$melix = $res->fetchOneCell();
+if ($melix) {
list($melix) = split('@', $melix);
$page->assign('melix',$melix);
}
if (isset($_SESSION["chall"]) && $_SESSION["chall"] != "" && $_GET["PASS"] == md5($_SESSION["chall"].$cle)) {
- $res = $globals->db->query("SELECT password FROM auth_user_md5 WHERE user_id=10154");
- list($pass) = mysql_fetch_row($res);
- mysql_free_result($res);
-
+ $res = $globals->xdb->query("SELECT password FROM auth_user_md5 WHERE user_id=10154");
+ $pass = $res->fetchOneCell();
$client = new xmlrpc_client("http://10154:$pass@localhost:4949/polytechnique.org");
$members = $client->get_members('x-econfiance');
if(is_array($members)) {
- $membres = Array();
- foreach($members[1] as $member) {
- if(preg_match('/^([^.]*.[^.]*.(\d\d\d\d))@polytechnique.org$/', $member[1], $matches)) {
- $membres[] = "a.alias='{$matches[1]}'";
- }
- }
+ $membres = Array();
+ foreach($members[1] as $member) {
+ if(preg_match('/^([^.]*.[^.]*.(\d\d\d\d))@polytechnique.org$/', $member[1], $matches)) {
+ $membres[] = "a.alias='{$matches[1]}'";
+ }
+ }
}
$where = join(' OR ',$membres);
- $all = $globals->db->query("SELECT u.prenom,u.nom,a.alias
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON ( u.user_id = a.id AND a.type!='homonyme' )
- WHERE $where
- ORDER BY nom");
+ $all = $globals->xdb->fetchRow(
+ "SELECT u.prenom,u.nom,a.alias
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON ( u.user_id = a.id AND a.type!='homonyme' )
+ WHERE $where
+ ORDER BY nom");
$res = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n\n<membres>\n\n";
- while (list ($prenom1,$nom1,$email1) = mysql_fetch_row($all)) {
- $res .= "<membre>\n";
- $res .= "\t<nom>".$nom1."</nom>\n";
- $res .= "\t<prenom>".$prenom1."</prenom>\n";
- $res .= "\t<email>".$email1."</email>\n";
- $res .= "</membre>\n\n";
+ while (list ($prenom1,$nom1,$email1) = $all->next()) {
+ $res .= "<membre>\n";
+ $res .= "\t<nom>".$nom1."</nom>\n";
+
$res .= "\t<prenom>".$prenom1."</prenom>\n";
+ $res .= "\t<email>".$email1."</email>\n";
+ $res .= "</membre>\n\n";
}
- mysql_free_result($all);
$res .= "</membres>\n\n";
$page->trig('le nom de la liste ne doit contenir que des lettres, chiffres et tirets');
}
- $res = $globals->db->query("SELECT COUNT(*) FROM aliases WHERE alias='$liste'");
- list($n) = mysql_fetch_row($res);
- mysql_free_result($res);
+ $res = $globals->xdb->query("SELECT COUNT(*) FROM aliases WHERE alias={?}", $liste);
+ $n = $res->fetchOneCell();
if($n) {
$page->trig('cet alias est déjà pris');
header("Location: ?liste=$liste");
}
-function getList($offset,$limit) {
+function getList($offset,$limit)
+{
global $client, $globals;
$liste = Env::get('liste');
list($total,$members) = $client->get_members_limit($liste,$offset,$limit);
$membres = Array();
- foreach($members as $member) {
+ foreach ($members as $member) {
list($m) = split('@',$member[1]);
- $res = $globals->db->query("SELECT prenom,IF(epouse='', nom, epouse) AS nom, promo, a.alias AS forlife
- FROM auth_user_md5 AS u
- INNER JOIN aliases AS a ON u.user_id = a.id
- WHERE a.alias = '$m'");
- if($tmp = mysql_fetch_assoc($res)) {
+ $res = $globals->xdb->query("SELECT prenom,IF(epouse='', nom, epouse) AS nom, promo, a.alias AS forlife
+ FROM auth_user_md5 AS u
+ INNER JOIN aliases AS a ON u.user_id = a.id
+ WHERE a.alias = {?}", $m);
+ if ($tmp = $res->fetchOneAssoc()) {
$membres[$tmp['nom']] = $tmp;
} else {
$membres[$member[0]] = Array('addr' => $member[0]);
$page->assign_by_ref('nl',$nl);
if (Post::has('send')) {
- $res = $globals->db->query('SELECT pref FROM newsletter_ins WHERE user_id='.Session::getInt('uid'));
- if (!(list($format) = mysql_fetch_row($res))) {
- $format = 'html';
- }
- $nl->sendTo(Session::get('prenom'), Session::get('nom'), Session::get('bestalias'), Session::get('femme'), $format=='html');
+ $res = $globals->xdb->query('SELECT pref FROM newsletter_ins WHERE user_id={?}', Session::getInt('uid'));
+ $fmt = $res->fetchOneCell();
+ if (empty($fmt)) { $fmt = 'html'; }
+ $nl->sendTo(Session::get('prenom'), Session::get('nom'), Session::get('bestalias'), Session::get('femme'), $fmt=='html');
}
$page->run();
$montant = "$champ201 $champ202";
/* on extrait les informations sur l'utilisateur */
-$res = $globals->db->query("
+$res = $globals->xdb->query("
SELECT a.prenom,a.nom,a.promo,l.alias,FIND_IN_SET(a.flags,'femme')
FROM auth_user_md5 AS a
INNER JOIN aliases AS l ON (a.user_id=l.id AND type!='homonyme')
- WHERE a.user_id='$uid'");
-if (!list($prenom,$nom,$promo,$forlife,$femme) = mysql_fetch_row($res)) {
+ WHERE a.user_id={?}", $uid);
+if (!list($prenom,$nom,$promo,$forlife,$femme) = $res->fetchOneRow()) {
erreur("uid invalide");
}
}
echo ($ref = $matches[1]);
-$res = $globals->db->query("select mail,text,confirmation from paiement.paiements where id='$ref'");
-if (!list($conf_mail,$conf_title,$conf_text) = mysql_fetch_row($res)) {
+$res = $globals->xdb->query("SELECT mail,text,confirmation FROM paiement.paiements WHERE id={?}", $ref);
+if (!list($conf_mail,$conf_title,$conf_text) = $res->fetchOneRow()) {
erreur("référence de commande inconnue");
}
/* on extrait le code de retour */
if ($champ906 != "0000") {
- $res = $globals->db->query("SELECT rcb.text,c.id,c.text
- FROM paiement.codeRCB AS rcb
- LEFT JOIN paiement.codeC AS c ON rcb.codeC=c.id
- WHERE rcb.id='$champ906'");
- if (list($rcb_text,$c_id,$c_text) = mysql_fetch_row($res))
- erreur("erreur lors du paiement : $c_text ($c_id)");
- else
- erreur("erreur inconnue lors du paiement");
+ $res = $globals->xdb->query("SELECT rcb.text,c.id,c.text
+ FROM paiement.codeRCB AS rcb
+ LEFT JOIN paiement.codeC AS c ON rcb.codeC=c.id
+ WHERE rcb.id='$champ906'");
+ if (list($rcb_text, $c_id, $c_text) = $res->fetchOneRow()) {
+ erreur("erreur lors du paiement : $c_text ($c_id)");
+ } else{
+ erreur("erreur inconnue lors du paiement");
+ }
}
/* on fait l'insertion en base de donnees */
-$globals->db->query("INSERT INTO paiement.transactions (id,uid,ref,fullref,montant,cle)
- VALUES ('$champ901','$uid','$ref','$champ200','$montant','$champ905')");
+$globals->xdb->execute("INSERT INTO paiement.transactions (id,uid,ref,fullref,montant,cle)
+ VALUES ({?},{?},{?},{?},{?},{?})",
+ $champ901, $uid, $ref, $champ200, $montant, $champ905);
/* on genere le mail de confirmation */
$conf_text = str_replace("<prenom>",$prenom,$conf_text);
}
if (Env::has('cp_id')) {
- $res = $globals->db->query("SELECT UNIX_TIMESTAMP(debut) AS debut,
- TIME_FORMAT(duree,'%kh%i') AS duree,
- resume, description, services
- FROM coupures
- WHERE id = ".Env::getInt('cp_id'));
- $cp = @mysql_fetch_assoc($res);
+ $res = $globals->xdb->query("SELECT UNIX_TIMESTAMP(debut) AS debut,
+ TIME_FORMAT(duree,'%kh%i') AS duree,
+ resume, description, services
+ FROM coupures
+ WHERE id = {?}", Env::getInt('cp_id'));
+ $cp = $res->fetchOneAssoc();
}
if($cp) {
define('DUREEJOUR',24*3600);
//recupere le nombre d'inscriptions par jour sur la plage concernée
-$donnees=$globals->db->query("SELECT IF( date_ins>DATE_SUB(NOW(),INTERVAL $JOURS DAY),
- TO_DAYS(date_ins)-TO_DAYS(NOW()),
- ".(-($JOURS+1)).") AS jour,
- count(user_id) AS nb
- FROM auth_user_md5
- WHERE promo = $promo AND perms IN ('admin','user')
- GROUP BY jour");
+$res = $globals->xdb->iterRow(
+ "SELECT IF( date_ins>DATE_SUB(NOW(),INTERVAL $JOURS DAY),
+ TO_DAYS(date_ins)-TO_DAYS(NOW()),
+ ".(-($JOURS+1)).") AS jour,
+ COUNT(user_id) AS nb
+ FROM auth_user_md5
+ WHERE promo = {?} AND perms IN ('admin','user')
+ GROUP BY jour", $promo);
//genere des donnees compatibles avec GNUPLOT
$inscrits='';
// la première ligne contient le total des inscrits avant la date de départ (J - $JOURS)
-list(,$init_nb)=mysql_fetch_row($donnees);
+list(,$init_nb) = $res->next();
$total = $init_nb;
-list($numjour, $nb) = mysql_fetch_row($donnees);
+list($numjour, $nb) = $res->next();
+
for ($i=-$JOURS;$i<=0;$i++) {
if ($numjour<$i) {
- if(!list($numjour, $nb) = mysql_fetch_row($donnees)) {
+ if(!list($numjour, $nb) = $res->next()) {
$numjour = 0;
$nb = 0;
}
require_once("xorg.inc.php");
new_skinned_page('stats/nb_by_promo.tpl', AUTH_COOKIE);
-$result = $globals->db->query("SELECT promo,COUNT(*)
- FROM auth_user_md5
- WHERE promo > 1900 AND perms IN ('admin','user')
- GROUP BY promo
- ORDER BY promo");
+$res = $globals->xdb->iterRow(
+ "SELECT promo,COUNT(*)
+ FROM auth_user_md5
+ WHERE promo > 1900 AND perms IN ('admin','user')
+ GROUP BY promo
+ ORDER BY promo");
$max=0; $min=3000;
-while(list($promo,$nb)=mysql_fetch_row($result)) {
- $promo=intval($promo);
- if(!isset($nbpromo[$promo/10]))
+
+while (list($promo,$nb) = $res->next()) {
+ $promo = intval($promo);
+ if(!isset($nbpromo[$promo/10])) {
$nbpromo[$promo/10] = Array('','','','','','','','','',''); // tableau de 10 cases vides
+ }
$nbpromo[$promo/10][$promo%10]=Array('promo' => $promo, 'nb' => $nb);
}
switch($action) {
case "edit":
if ($op_id) {
- $res=$globals->db->query("select date,label,credit,debit from money_trezo where id='$op_id'");
- list($op_date,$op_label,$op_credit,$op_debit)=mysql_fetch_row($res);
+ $res = $globals->xdb->query("SELECT date,label,credit,debit FROM money_trezo WHERE id={?}", $op_id);
+ list($op_date,$op_label,$op_credit,$op_debit) = $res->fetchOneRow();
}
break;
$mydate = date("Y-m-d");
}
- $sql = "replace into money_trezo set date='$mydate',label='$op_label'";
+ $sql = "replace into money_trezo set date='$mydate',label='".addslashes($op_label)."'";
if ($op_credit) { $sql .= ',credit='.$op_credit; }
if ($op_debit) { $sql .= ",debit=".$op_debit; }
if ($op_id) { $sql .= ",id='$op_id'"; }
- $globals->db->query($sql);
+ $globals->xdb->execute($sql);
break;
case "del":
if ($op_id) {
- $globals->db->query("delete from money_trezo where id='".$op_id."'");
+ $globals->xdb->execute("DELETE FROM money_trezo WHERE id={?}", $op_id);
}
break;
}
projects / platal.git / commitdiff