API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 21st, 2017
67
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.72 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. ob_start();
  4.  
  5. include 'inc/database.php';
  6. include 'inc/header.php';
  7.  
  8. if (!isset($_SESSION)) {
  9. session_start();
  10. }
  11.  
  12. $username = $_SESSION['username'];
  13.  
  14. if (isset($_POST['message']) & isset($_POST['subject']) & isset($_SESSION['username'])) {
  15. // Faille réglé par SwizeoConcours hehe ^^
  16. $subject = htmlspecialchars($con, $_POST['subject']);
  17. $message = htmlspecialchars($con, $_POST['message']);
  18. $date = date("Y-m-d");
  19. mysqli_query($con, "INSERT INTO `support` (`from`, `to`, `subject`, `message`, `date`) VALUES ('$username', 'admin', '$subject', '$message', DATE('$date'))") or die(mysqli_error($con));
  20. }
  21.  
  22. ?>
  23.  
  24. <!DOCTYPE html>
  25. <html lang="en">
  26. <head>
  27. <meta charset="utf-8">
  28. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  29. <meta name="description" content="">
  30. <meta name="author" content="24/7">
  31. <meta name="keyword" content="">
  32. <link rel="shortcut icon" href="<?php echo $favicon;?>">
  33.  
  34. <title><?php echo $website;?> - Support</title>
  35.  
  36. <!-- Bootstrap core CSS -->
  37. <link href="css/bootstrap.min.css" rel="stylesheet">
  38. <link href="css/bootstrap-reset.css" rel="stylesheet">
  39. <!--external css-->
  40. <link href="assets/font-awesome/css/font-awesome.css" rel="stylesheet" />
  41. <!-- Custom styles for this template -->
  42. <link href="css/style.css" rel="stylesheet">
  43. <link href="css/style-responsive.css" rel="stylesheet" />
  44.  
  45. <!-- HTML5 shim and Respond.js IE8 support of HTML5 tooltipss and media queries -->
  46. <!--[if lt IE 9]>
  47. <script src="js/html5shiv.js"></script>
  48. <script src="js/respond.min.js"></script>
  49. <![endif]-->
  50. </head>
  51.  
  52. <body>
  53.  
  54. <section id="container" >
  55. <!--header start-->
  56. <header class="header white-bg">
  57. <div class="sidebar-toggle-box">
  58. <div data-original-title="Toggle Navigation" data-placement="right" class="icon-reorder tooltips"></div>
  59. </div>
  60. <!--logo start-->
  61. <a href="index.php" class="logo"><?php echo $website;?></a>
  62. <!--logo end-->
  63. <div class="nav notify-row" id="top_menu">
  64. <!-- notification start -->
  65. <ul class="nav top-menu">
  66. <!-- inbox dropdown start-->
  67. <?php
  68. $result = mysqli_query($con, "SELECT * FROM `support` WHERE `to` = '$username' AND `read` = '0' ORDER BY `id`");
  69. $messages = mysqli_num_rows($result);
  70. if($messages > 0){
  71. echo '
  72. <li id="header_inbox_bar" class="dropdown">
  73. <a data-toggle="dropdown" class="dropdown-toggle" href="#">
  74. <i class="icon-envelope-alt"></i>
  75. <span class="badge bg-important">'.$messages.'</span>
  76. </a>
  77. <ul class="dropdown-menu extended inbox">
  78. <div class="notify-arrow notify-arrow-red"></div>
  79. <li>
  80. <p class="red">You have '.$messages.' new messages</p>
  81. </li>
  82. ';
  83. while ($row = mysqli_fetch_assoc($result)) {
  84. echo '
  85. <li>
  86. <a href="support.php">
  87. <span class="subject">
  88. <span class="from">'.$row['subject'].'</span>
  89. <span class="time">'.$row['date'].'</span>
  90. </span>
  91. <span class="message">
  92. '.$row['message'].'
  93. </span>
  94. </a>
  95. </li>
  96. ';
  97. }
  98. echo '
  99. <li>
  100. <a href="support.php">See all messages</a>
  101. </li>
  102. </ul>
  103. </li>
  104. ';
  105. }else{
  106. echo '
  107. <li id="header_inbox_bar" class="dropdown">
  108. <a data-toggle="dropdown" class="dropdown-toggle" href="#">
  109. <i class="icon-envelope-alt"></i>
  110. <span class="badge bg-important">0</span>
  111. </a>
  112. <ul class="dropdown-menu extended inbox">
  113. <div class="notify-arrow notify-arrow-red"></div>
  114. <li>
  115. <p class="red">You have '.$messages.' new messages</p>
  116. </li>
  117. <li>
  118. <a href="support.php">See all messages</a>
  119. </li>
  120. </ul>
  121. </li>
  122. ';
  123. }
  124. ?>
  125. <!-- inbox dropdown end -->
  126. </div>
  127. <div class="top-nav ">
  128. <!--user info start-->
  129. <ul class="nav pull-right top-menu">
  130. <!-- user login dropdown start-->
  131. <li class="dropdown">
  132. <a data-toggle="dropdown" class="dropdown-toggle" href="#">
  133. <img alt="" src="img/avatar_small.png">
  134. <span class="username"><?php echo $username;?></span>
  135. <b class="caret"></b>
  136. </a>
  137. <ul class="dropdown-menu extended logout">
  138. <div class="log-arrow-up"></div>
  139. <li><a href="#"><i class=" icon-suitcase"></i>Profil</a></li>
  140. <li><a href="#"><i class="icon-cog"></i> Réglages</a></li>
  141. <li><a href="#"><i class="icon-envelope-alt"></i> Messages</a></li>
  142. <li><a href="lib/logout.php"><i class="icon-key"></i> Déconnexion</a></li>
  143. </ul>
  144. </li>
  145. <!-- user login dropdown end -->
  146. </ul>
  147. <!--user info end-->
  148. </div>
  149. </header>
  150. <!--header end-->
  151. <!--sidebar start-->
  152. <aside>
  153. <div id="sidebar" class="nav-collapse ">
  154. <!-- sidebar menu start-->
  155. <ul class="sidebar-menu" id="nav-accordion">
  156. <li>
  157. <a href="index.php">
  158. <i class="icon-dashboard"></i>
  159. <span>Tableau de bord</span>
  160. </a>
  161. </li>
  162. <li>
  163. <a href="purchase.php">
  164. <i class="icon-shopping-cart"></i>
  165. <span>Acheter</span>
  166. </a>
  167. </li>
  168. <li>
  169. <a href="generator.php">
  170. <i class="icon-refresh"></i>
  171. <span>Générateur</span>
  172. </a>
  173. </li>
  174. <li>
  175. <a class="active" href="support.php">
  176. <i class="icon-envelope"></i>
  177. <span>Support</span>
  178. </a>
  179. </li>
  180. <?php
  181. if (($_SESSION['rank']) == "5") {
  182. echo '
  183. <legend style="margin-bottom: 5px;"></legend>
  184. <li class="sub-menu">
  185. <a href="javascript:;" >
  186. <i class="icon-laptop"></i>
  187. <span>Administration</span>
  188. </a>
  189. <ul class="sub">
  190. <li><a href="admin-manage.php">Gerer</a></li>
  191. <li><a href="admin-support.php">Support</a></li>
  192. <li><a href="admin-statistics.php">Statistiques</a></li>
  193. <li><a href="admin-flagged.php">Signalés</a></li>
  194. <li><a href="admin-news.php">Annonces</a></li>
  195. <li><a href="admin-subscriptions.php">Abonnés</a></li>
  196. <li><a href="admin-users.php">Utilisateurs</a></li>
  197. </ul>
  198. </li>
  199. ';
  200. }
  201. ?>
  202. </ul>
  203. <!-- sidebar menu end-->
  204. </div>
  205. </aside>
  206. <!--sidebar end-->
  207. <!--main content start-->
  208. <section id="main-content">
  209. <section class="wrapper">
  210.  
  211. <div class="row">
  212. <div class="col-lg-6">
  213. <section class="panel">
  214. <div class="panel-body">
  215. <div class="task-thumb-details">
  216. <h1>Demande au support</h1>
  217. </div>
  218. </div>
  219. <div id="menu">
  220. <div class="list-group">
  221. <?php
  222. $supportquery = mysqli_query($con, "SELECT * FROM `support` WHERE `to` = '$username' ORDER BY `date` DESC");
  223. while ($row = mysqli_fetch_assoc($supportquery)) {
  224. echo '
  225. <a href="#" class="list-group-item" data-toggle="collapse" data-target="#message'.$row[id].'" data-parent="#menu">
  226. <span class="name" style="min-width: 120px;display: inline-block;">'.$row["from"].'</span> <span class="">'.$row["subject"].'</span>
  227. <span class="badge">'.$row["date"].'</span>
  228. </span>
  229. </a>
  230. <div id="message'.$row[id].'" class="sublinks collapse">
  231. <textarea class="form-control" rows="8">'.$row[message].'</textarea>
  232. </div>
  233. ';
  234. }
  235. ?>
  236. </div>
  237. </div>
  238. </section>
  239. </div>
  240. <div class="col-lg-6">
  241. <section class="panel">
  242. <div class="panel-body">
  243. <div class="task-thumb-details">
  244. <h1>Envoyer au support</h1></br>
  245. </div>
  246. <legend></legend>
  247. <form method="POST"/>
  248. <label>Objet:</label></br>
  249. <input type="text" name="subject" class="form-control" /></br>
  250. <label>Message:</label></br>
  251. <textarea name="message" class="form-control" rows="8"></textarea></br>
  252. <button class="btn btn-info btn-large btn-block">Envoyer</button>
  253. </form>
  254. </div>
  255. </section>
  256. </div>
  257.  
  258. </div>
  259.  
  260. </section>
  261. </section>
  262. <!--main content end-->
  263. <!--footer start-->
  264. <footer class="site-footer">
  265. <div class="text-center">
  266. <?php echo $footer;?>
  267. <a href="#" class="go-top">
  268. <i class="icon-angle-up"></i>
  269. </a>
  270. </div>
  271. </footer>
  272. <!--footer end-->
  273. </section>
  274.  
  275. <!-- js placed at the end of the document so the pages load faster -->
  276. <script src="js/jquery.js"></script>
  277. <script src="js/jquery-1.8.3.min.js"></script>
  278. <script src="js/bootstrap.min.js"></script>
  279. <script src="js/jquery.scrollTo.min.js"></script>
  280. <script src="js/jquery.nicescroll.js" type="text/javascript"></script>
  281. <script src="js/jquery.customSelect.min.js" ></script>
  282. <script src="js/respond.min.js" ></script>
  283.  
  284. <script class="include" type="text/javascript" src="js/jquery.dcjqaccordion.2.7.js"></script>
  285.  
  286. <!--common script for all pages-->
  287. <script src="js/common-scripts.js"></script>
  288.  
  289. </body>
  290. </html>
  291.  
  292.  
  293.  
  294. htmlspecialchars()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!