Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ob_start();
- include 'inc/database.php';
- include 'inc/header.php';
- if (!isset($_SESSION)) {
- session_start();
- }
- $username = $_SESSION['username'];
- if (isset($_POST['message']) & isset($_POST['subject']) & isset($_SESSION['username'])) {
- // Faille réglé par SwizeoConcours hehe ^^
- $subject = htmlspecialchars($con, $_POST['subject']);
- $message = htmlspecialchars($con, $_POST['message']);
- $date = date("Y-m-d");
- mysqli_query($con, "INSERT INTO `support` (`from`, `to`, `subject`, `message`, `date`) VALUES ('$username', 'admin', '$subject', '$message', DATE('$date'))") or die(mysqli_error($con));
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
- <meta name="description" content="">
- <meta name="author" content="24/7">
- <meta name="keyword" content="">
- <link rel="shortcut icon" href="<?php echo $favicon;?>">
- <title><?php echo $website;?> - Support</title>
- <!-- Bootstrap core CSS -->
- <link href="css/bootstrap.min.css" rel="stylesheet">
- <link href="css/bootstrap-reset.css" rel="stylesheet">
- <!--external css-->
- <link href="assets/font-awesome/css/font-awesome.css" rel="stylesheet" />
- <!-- Custom styles for this template -->
- <link href="css/style.css" rel="stylesheet">
- <link href="css/style-responsive.css" rel="stylesheet" />
- <!-- HTML5 shim and Respond.js IE8 support of HTML5 tooltipss and media queries -->
- <!--[if lt IE 9]>
- <script src="js/html5shiv.js"></script>
- <script src="js/respond.min.js"></script>
- <![endif]-->
- </head>
- <body>
- <section id="container" >
- <!--header start-->
- <header class="header white-bg">
- <div class="sidebar-toggle-box">
- <div data-original-title="Toggle Navigation" data-placement="right" class="icon-reorder tooltips"></div>
- </div>
- <!--logo start-->
- <a href="index.php" class="logo"><?php echo $website;?></a>
- <!--logo end-->
- <div class="nav notify-row" id="top_menu">
- <!-- notification start -->
- <ul class="nav top-menu">
- <!-- inbox dropdown start-->
- <?php
- $result = mysqli_query($con, "SELECT * FROM `support` WHERE `to` = '$username' AND `read` = '0' ORDER BY `id`");
- $messages = mysqli_num_rows($result);
- if($messages > 0){
- echo '
- <li id="header_inbox_bar" class="dropdown">
- <a data-toggle="dropdown" class="dropdown-toggle" href="#">
- <i class="icon-envelope-alt"></i>
- <span class="badge bg-important">'.$messages.'</span>
- </a>
- <ul class="dropdown-menu extended inbox">
- <div class="notify-arrow notify-arrow-red"></div>
- <li>
- <p class="red">You have '.$messages.' new messages</p>
- </li>
- ';
- while ($row = mysqli_fetch_assoc($result)) {
- echo '
- <li>
- <a href="support.php">
- <span class="subject">
- <span class="from">'.$row['subject'].'</span>
- <span class="time">'.$row['date'].'</span>
- </span>
- <span class="message">
- '.$row['message'].'
- </span>
- </a>
- </li>
- ';
- }
- echo '
- <li>
- <a href="support.php">See all messages</a>
- </li>
- </ul>
- </li>
- ';
- }else{
- echo '
- <li id="header_inbox_bar" class="dropdown">
- <a data-toggle="dropdown" class="dropdown-toggle" href="#">
- <i class="icon-envelope-alt"></i>
- <span class="badge bg-important">0</span>
- </a>
- <ul class="dropdown-menu extended inbox">
- <div class="notify-arrow notify-arrow-red"></div>
- <li>
- <p class="red">You have '.$messages.' new messages</p>
- </li>
- <li>
- <a href="support.php">See all messages</a>
- </li>
- </ul>
- </li>
- ';
- }
- ?>
- <!-- inbox dropdown end -->
- </div>
- <div class="top-nav ">
- <!--user info start-->
- <ul class="nav pull-right top-menu">
- <!-- user login dropdown start-->
- <li class="dropdown">
- <a data-toggle="dropdown" class="dropdown-toggle" href="#">
- <img alt="" src="img/avatar_small.png">
- <span class="username"><?php echo $username;?></span>
- <b class="caret"></b>
- </a>
- <ul class="dropdown-menu extended logout">
- <div class="log-arrow-up"></div>
- <li><a href="#"><i class=" icon-suitcase"></i>Profil</a></li>
- <li><a href="#"><i class="icon-cog"></i> Réglages</a></li>
- <li><a href="#"><i class="icon-envelope-alt"></i> Messages</a></li>
- <li><a href="lib/logout.php"><i class="icon-key"></i> Déconnexion</a></li>
- </ul>
- </li>
- <!-- user login dropdown end -->
- </ul>
- <!--user info end-->
- </div>
- </header>
- <!--header end-->
- <!--sidebar start-->
- <aside>
- <div id="sidebar" class="nav-collapse ">
- <!-- sidebar menu start-->
- <ul class="sidebar-menu" id="nav-accordion">
- <li>
- <a href="index.php">
- <i class="icon-dashboard"></i>
- <span>Tableau de bord</span>
- </a>
- </li>
- <li>
- <a href="purchase.php">
- <i class="icon-shopping-cart"></i>
- <span>Acheter</span>
- </a>
- </li>
- <li>
- <a href="generator.php">
- <i class="icon-refresh"></i>
- <span>Générateur</span>
- </a>
- </li>
- <li>
- <a class="active" href="support.php">
- <i class="icon-envelope"></i>
- <span>Support</span>
- </a>
- </li>
- <?php
- if (($_SESSION['rank']) == "5") {
- echo '
- <legend style="margin-bottom: 5px;"></legend>
- <li class="sub-menu">
- <a href="javascript:;" >
- <i class="icon-laptop"></i>
- <span>Administration</span>
- </a>
- <ul class="sub">
- <li><a href="admin-manage.php">Gerer</a></li>
- <li><a href="admin-support.php">Support</a></li>
- <li><a href="admin-statistics.php">Statistiques</a></li>
- <li><a href="admin-flagged.php">Signalés</a></li>
- <li><a href="admin-news.php">Annonces</a></li>
- <li><a href="admin-subscriptions.php">Abonnés</a></li>
- <li><a href="admin-users.php">Utilisateurs</a></li>
- </ul>
- </li>
- ';
- }
- ?>
- </ul>
- <!-- sidebar menu end-->
- </div>
- </aside>
- <!--sidebar end-->
- <!--main content start-->
- <section id="main-content">
- <section class="wrapper">
- <div class="row">
- <div class="col-lg-6">
- <section class="panel">
- <div class="panel-body">
- <div class="task-thumb-details">
- <h1>Demande au support</h1>
- </div>
- </div>
- <div id="menu">
- <div class="list-group">
- <?php
- $supportquery = mysqli_query($con, "SELECT * FROM `support` WHERE `to` = '$username' ORDER BY `date` DESC");
- while ($row = mysqli_fetch_assoc($supportquery)) {
- echo '
- <a href="#" class="list-group-item" data-toggle="collapse" data-target="#message'.$row[id].'" data-parent="#menu">
- <span class="name" style="min-width: 120px;display: inline-block;">'.$row["from"].'</span> <span class="">'.$row["subject"].'</span>
- <span class="badge">'.$row["date"].'</span>
- </span>
- </a>
- <div id="message'.$row[id].'" class="sublinks collapse">
- <textarea class="form-control" rows="8">'.$row[message].'</textarea>
- </div>
- ';
- }
- ?>
- </div>
- </div>
- </section>
- </div>
- <div class="col-lg-6">
- <section class="panel">
- <div class="panel-body">
- <div class="task-thumb-details">
- <h1>Envoyer au support</h1></br>
- </div>
- <legend></legend>
- <form method="POST"/>
- <label>Objet:</label></br>
- <input type="text" name="subject" class="form-control" /></br>
- <label>Message:</label></br>
- <textarea name="message" class="form-control" rows="8"></textarea></br>
- <button class="btn btn-info btn-large btn-block">Envoyer</button>
- </form>
- </div>
- </section>
- </div>
- </div>
- </section>
- </section>
- <!--main content end-->
- <!--footer start-->
- <footer class="site-footer">
- <div class="text-center">
- <?php echo $footer;?>
- <a href="#" class="go-top">
- <i class="icon-angle-up"></i>
- </a>
- </div>
- </footer>
- <!--footer end-->
- </section>
- <!-- js placed at the end of the document so the pages load faster -->
- <script src="js/jquery.js"></script>
- <script src="js/jquery-1.8.3.min.js"></script>
- <script src="js/bootstrap.min.js"></script>
- <script src="js/jquery.scrollTo.min.js"></script>
- <script src="js/jquery.nicescroll.js" type="text/javascript"></script>
- <script src="js/jquery.customSelect.min.js" ></script>
- <script src="js/respond.min.js" ></script>
- <script class="include" type="text/javascript" src="js/jquery.dcjqaccordion.2.7.js"></script>
- <!--common script for all pages-->
- <script src="js/common-scripts.js"></script>
- </body>
- </html>
- htmlspecialchars()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement