1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125
|
<?php require_once('Connections/biban.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) :
mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO php_membre (id_membre, pseudo, statut, avatar) VALUES (%s,
%s, %s, %s)",
GetSQLValueString($_POST['id_membre'], "int"),
GetSQLValueString($_POST['pseudo'], "text"),
GetSQLValueString($_POST['statut'], "text"),
GetSQLValueString($_FILES['photo']['name'], "text"));
mysql_select_db($database_biban, $biban);
$Result1 = mysql_query($insertSQL, $biban) or die(mysql_error());
$insertGoTo = "succes.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
if(isset($_FILES['photo']))
{
// params
unset($erreur);
$extensions_ok = array('png', 'gif', 'jpg', 'jpeg');
$taille_max = 1000000;
$dest_dossier = '/.../avatar/';// vérifications
if( !in_array( substr(strrchr($_FILES['photo']['name'], '.'), 1), $extensions_ok ) )
{
$erreur = 'Veuillez sélectionner un fichier de type png, gif ou jpg !';
}
elseif( file_exists($_FILES['photo']['tmp_name'])
and filesize($_FILES['photo']['tmp_name']) > $taille_max)
{
$erreur = 'Votre fichier doit faire moins de 1Mo !';
}
// copie du fichier
if(!isset($erreur))
{
$dest_fichier = basename($_FILES['photo']['name']);
// formatage nom fichier
// enlever les accents
$dest_fichier = strtr($dest_fichier,
'ÀÁÂÃÄÅÇÈÉÊËÌÍÎÏÒÓÔÕÖÙÚÛÜÝàáâãäåçèéêëìíîïðòóôõöùúûüýÿ',
'AAAAAACEEEEIIIIOOOOOUUUUYaaaaaaceeeeiiiioooooouuuuyy');
// remplacer les caracteres autres que lettres, chiffres et point par _
$dest_fichier = preg_replace('/([^.a-z0-9]+)/i', '_', $dest_fichier);
//enregistrement dans la base
mysql_select_db($database_ConnexionInscription, $ConnexionInscription);
$insertProfil = "INSERT INTO php_membre (avatar) VALUES ('$photo_name')";
mysql_query($insertProfil, $ConnexionInscription) or die(mysql_error());
// copie du fichier
move_uploaded_file($_FILES['photo']['tmp_name'] ,$dest_fichier.$_FILES['photo']['name' ]);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Document sans titre</title>
</head>
<body>
<form action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1">
<table align="center">
<tr valign="baseline">
<td nowrap="nowrap" align="right">Id_membre:</td>
<td><input type="text" name="id_membre" value="" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Pseudo:</td>
<td><input type="text" name="pseudo" value="" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Statut:</td>
<td><input type="text" name="statut" value="" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Avatar:</td>
<td><label for="photo"></label>
<input type="file" name="photo" id="photo" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"> </td>
<td><input type="submit" value="Insérer un enregistrement" /></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="form1" />
</form>
<p> </p>
</body>
</html> |
Partager