API tools faq
paste
Advertisement
Guest User

ajout_de_point

a guest
Jan 15th, 2012
213
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.16 KB | None | 0 0
raw download clone embed print report
  1. <?php require_once('Connections/toast_sql.php'); ?>
  2. <?php
  3. if (!isset($_SESSION)) {
  4.   session_start();
  5. }
  6. $MM_authorizedUsers = "";
  7. $MM_donotCheckaccess = "true";
  8.  
  9. // *** Restrict Access To Page: Grant or deny access to this page
  10. function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
  11.   // For security, start by assuming the visitor is NOT authorized.
  12.   $isValid = False;
  13.  
  14.   // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
  15.   // Therefore, we know that a user is NOT logged in if that Session variable is blank.
  16.   if (!empty($UserName)) {
  17.     // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
  18.     // Parse the strings into arrays.
  19.     $arrUsers = Explode(",", $strUsers);
  20.     $arrGroups = Explode(",", $strGroups);
  21.     if (in_array($UserName, $arrUsers)) {
  22.       $isValid = true;
  23.     }
  24.     // Or, you may restrict access to only certain users based on their username.
  25.     if (in_array($UserGroup, $arrGroups)) {
  26.       $isValid = true;
  27.     }
  28.     if (($strUsers == "") && true) {
  29.       $isValid = true;
  30.     }
  31.   }
  32.   return $isValid;
  33. }
  34.  
  35. $MM_restrictGoTo = "user_profil.php";
  36. if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {  
  37.   $MM_qsChar = "?";
  38.   $MM_referrer = $_SERVER['PHP_SELF'];
  39.   if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  40.   if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
  41.   $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
  42.   $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  43.   header("Location: ". $MM_restrictGoTo);
  44.   exit;
  45. }
  46. ?>
  47. <?php
  48. if (!function_exists("GetSQLValueString")) {
  49. function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
  50. {
  51.   if (PHP_VERSION < 6) {
  52.     $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  53.   }
  54.  
  55.   $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
  56.  
  57.   switch ($theType) {
  58.     case "text":
  59.       $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
  60.       break;    
  61.     case "long":
  62.     case "int":
  63.       $theValue = ($theValue != "") ? intval($theValue) : "NULL";
  64.       break;
  65.     case "double":
  66.       $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
  67.       break;
  68.     case "date":
  69.       $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
  70.       break;
  71.     case "defined":
  72.       $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
  73.       break;
  74.   }
  75.   return $theValue;
  76. }
  77. }
  78.  
  79. $colname_Recordset1 = "-1";
  80. if (isset($_SESSION['MM_Username'])) {
  81.   $colname_Recordset1 = $_SESSION['MM_Username'];
  82. }
  83. mysql_select_db($database_toast_sql, $toast_sql);
  84. $query_Recordset1 = sprintf("SELECT * FROM users WHERE pseudo = %s", GetSQLValueString($colname_Recordset1, "text"));
  85. $Recordset1 = mysql_query($query_Recordset1, $toast_sql) or die(mysql_error());
  86. $row_Recordset1 = mysql_fetch_assoc($Recordset1);
  87. $totalRows_Recordset1 = mysql_num_rows($Recordset1);$colname_Recordset1 = "-1";
  88. if (isset($_SESSION['MM_Username'])) {
  89.   $colname_Recordset1 = $_SESSION['MM_Username'];
  90. }
  91. mysql_select_db($database_toast_sql, $toast_sql);
  92. $query_Recordset1 = sprintf("SELECT * FROM users WHERE pseudo = %s", GetSQLValueString($colname_Recordset1, "text"));
  93. $Recordset1 = mysql_query($query_Recordset1, $toast_sql) or die(mysql_error());
  94. $row_Recordset1 = mysql_fetch_assoc($Recordset1);
  95. $totalRows_Recordset1 = mysql_num_rows($Recordset1);
  96.  
  97.   session_start();
  98. mysql_query('UPDATE users SET point =(point+10) WHERE pseudo = ');
  99. header ('location: user_profil.php');
  100. ?>
  101. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  102. <html xmlns="http://www.w3.org/1999/xhtml">
  103. <head>
  104. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  105. <title>Document sans titre</title>
  106. </head>
  107.  
  108. <body>
  109. </body>
  110. </html>
  111. <?php
  112. mysql_free_result($Recordset1);
  113. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!