HEX
Server: Apache
System: Linux webd004.cluster130.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
User: frenchy (106757)
PHP: 7.4.33
Disabled: _dyuweyrj4,_dyuweyrj4r,dl
$ pwd: /home/frenchy/refonte2023/wordpress/evenements/admin/
Upload Files
File: /home/frenchy/refonte2023/wordpress/evenements/admin/inscrits.php
<?php
include ("function.resize.php");
require_once("_ident.php");
require_once("message.php");
require_once("../_mysql.php");

$post = array();
foreach($_POST as $key => $val) {
  $post[$key] = $val;
}
extract($post);

$get = array();
foreach($_GET as $key => $val) {
  $get[$key] = $val;
}
extract($get);

$mysql_tbl = 'inscrits';
$primary_field = 'id_contact';
$hidden_fields_on_lst = Array('id_contact', 'portable_assistant', 'email_assistant');
$hidden_fields = Array('id_contact');
$readonly_fields = Array('id_contact');
$html_text_fields = Array();
$fckeditor_fields = Array();
$displayed_fields_name = Array('id_inscription'=>'Type Membre');
$neededFields = Array('nom_contact');
$noWraps = Array();

$image_upload_fields = Array();
$image_upload_name = 'upload_%FN%_%ID%.%EXT%';
$image_upload_dir = '../upload/';
$image_upload_mod = Array();
$image_upload_vignette = Array();
$linked_fields = Array('id_inscription'=>"select libelle_inscription from inscriptions where id_inscription=%VAL%");
$external_choice_fields = Array('id_inscription'=>'inscriptions');
$enumFields = Array('top_paiement'=>Array('NON PAYE','PAYE PAYPAL', 'ANNULE PAYPAL', 'CHEQUE'));
$comboFields = Array();

$TITLE = "Adhesions";
$maxEntries = 9999999;
$orderBy = 'nom_contact asc';
$disableCreation = false;
// Exporter vers Excel

$exportExcel = true;
if(isset($action) && $action == 'exportexcel')
{
  $id_evenement = $_GET['id'];
  require_once("exportexcel.php");
  $action = 'modify';
}



$THIS_SCRIPT = $_SERVER['SCRIPT_NAME'];

echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
echo '<html xmlns="http://www.w3.org/1999/xhtml">';
echo '<title>Console d\'administration</title>';
echo '<head>';
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
echo '<link href="styles/styles.css" rel="stylesheet" type="text/css">';
echo '<script type="text/javascript" src="scripts/sorttable.js"></script>';
echo '</head>';
echo '<body>';

//Suppression des lignes parasites
if(!isset($action) && count($neededFields)>0)
{
  $conds = '1';
  foreach($neededFields as $f) $conds .= " AND $f='' ";
  mysqli_query($link_bdd, "delete from $mysql_tbl where ($conds)");
}

// Suppression d'une ligne en cas d'annulation de cr�ation.
if(isset($delrow))
{
  mysqli_query($link_bdd, "delete from $mysql_tbl where $primary_field = '".$_GET['delrow']."'");
}

// Suppression d'un fichier upload�
if(isset($supprFichier))
{
  $result=mysqli_query($link_bdd, "select ".$cols." from $mysql_tbl where $primary_field = '".$whereprimkey."'");
  $line = mysqli_fetch_assoc($result);

  @unlink($image_upload_dir.$line[$cols]);
  @unlink($image_upload_dir.'p_'.$line[$cols]);
  mysqli_query($link_bdd, "update $mysql_tbl set $cols = '' where $primary_field = '".$whereprimkey."'");
  $action = 'modify';
}

// Affichage du tableau
if(!isset($action))
{
  echo '<h1><center>'.strtoupper($TITLE).'</center></h1>';
  echo '<br />';
  echo "<form action='$THIS_SCRIPT' method=post>";
  echo '<table>';
  echo '<tr>';
  echo '<td>';
  $resEvenements = mysqli_query($link_bdd, "select * from evenements order by libelle_evenement");
  echo "<select name='lstevenements' onChange='javascript:this.form.submit();'>";
  if (!isset($_POST['lstevenements']))
  {
    echo "<option value=0 selected>Tous les evenements</option>";
  }
  else
  {
    echo "<option value=0>Tous les evenements</option>";
  }
  echo "</select>";
  echo '</td>';
  echo '<td>';
  echo "<select name='lstetats' onChange='javascript:this.form.submit();'>";
  if (!isset($_POST['lstetats']) || $_POST['lstetats'] == 0)
  {
    echo "<option value='0' selected>PAYE PAYPAL + CHEQUE</option>";
    echo "<option value='1'>Tous</option>";
  }
  else
  {
    echo "<option value='0'>PAYE PAYPAL + CHEQUE</option>";
    echo "<option value='1' selected>Tous</option>";
  }
  echo "</select>";
  echo '</td>';
  echo '</tr>';
  echo '</table>';
  echo '</form>';
  // G�n�ration de l'ent�te
  echo "<table class='rounded-corner sortable' summary='".strtoupper($mysql_tbl)."'>";
  echo "<thead>";
  echo "<tr>";
  $res = mysqli_query($link_bdd, "desc $mysql_tbl");
  $num = 0;
  $numafficher = 0;
  $FType = Array();
  $FMSize = Array();
  $FName = Array();
  while($field = mysqli_fetch_assoc($res))
  {
    if(!in_array($field['Field'], $hidden_fields_on_lst))
    {
      $numafficher++;
      if ($num == 0)
      {
        $classcss = "rounded-left";
      }
      else
      {
        $classcss = "rounded-".$num;
      }
      if (array_key_exists($field['Field'], $displayed_fields_name))
      {
        echo "<th class='".$classcss."'>".$displayed_fields_name[$field['Field']]."</th>";
      }
      else
      {
        echo "<th class='".$classcss."'>".ucfirst(str_replace('_',' ',$field['Field']))."</th>";
      }
    }
    $FName[] = $field['Field'];
    $num++;
  }
  echo "<th class='rounded-right sorttable_nosort'>";
  if ($disableCreation == false)
  {
    echo "<a href='#' onclick='location=\"".$THIS_SCRIPT."?action=modify&add=1\"'><img src='images/add.gif' border=no alt=\"Ajouter un &eacute;l&eacute;ment\"></a>&nbsp;";
  }
  else
  {
    echo "&nbsp;";
  }
  if ($exportExcel == true)
  {
    echo "<a href='#' onclick='location=\"".$THIS_SCRIPT."?action=exportexcel&id=".$_POST['lstevenements']."&type=".$_POST['lstetats']."\"'><img src='images/iconeexcel.jpg' border=no alt=\"Exporter au format Excel\"></a>";
  }
  else
  {
    echo "&nbsp;";
  }
  echo "</th>";
  echo "</tr>";
  echo "</thead>";
  // Fin de g�n�ration de l'ent�te
  // G�n�ration du pied de page
  echo "<tfoot>";
  echo "<tr>";
  echo "<td colspan='".$numafficher."' class='rounded-foot-left'>";
  echo "&nbsp;";
  echo "</td>";
  echo "<td class='rounded-foot-right' width='35px'>";
  if ($disableCreation == false)
  {
    echo "<center><a href='#' onclick='location=\"".$THIS_SCRIPT."?action=modify&add=1\"'><img src='images/add.gif' border=no alt='Ajouter un &eacute;l&eacute;ment'></a></center>";
  }
  else
  {
    echo "&nbsp;";
  }
  echo "</td>";
  echo "</tr>";
  echo "</tfoot>";
  // Fin de g�n�ration du pied de page

  // G�n�ration des lignes de la table
  echo "<tbody>";
  $numEntries = 0;
  $conds="";
  
  if (isset($_POST['lstevenements']) && $_POST['lstevenements'] != 0)
  {
    $conds .= " and id_evenement=".$_POST['lstevenements'];
  }

  if (!isset($_POST['lstetats']) || $_POST['lstetats'] == '0')
  {
    $conds .= " and ( top_paiement = 'PAYE PAYPAL' or top_paiement = 'CHEQUE' or top_paiement = 'AUCUN' )";
  }

  $res = mysqli_query($link_bdd, "select * from $mysql_tbl where 1=1 ".$conds.($orderBy?" order by $orderBy":''));
  
  while($row = mysqli_fetch_row($res))
  {
    echo "<tr>";
    $row_primary_value='';
    for($f=0; $f<$num; $f++)
    {
      $data = $row[$f];
      if(count($linked_fields) != 0 && array_key_exists($FName[$f],$linked_fields))
      {
        $data = mysqli_query($link_bdd, str_replace('%VAL%',$data,$linked_fields[$FName[$f]]));
        $data = mysqli_fetch_row($data);
        $data = $data[0];
      }
      if($FName[$f]==$primary_field)
      {
        $row_primary_value = $data;
        echo "";
      }
      $firstRowDone=0;
      if(!in_array($FName[$f], $hidden_fields_on_lst))
      {
        $nowrap = '';
        if(count($noWraps) != 0 && in_array($FName[$f], $noWraps))
        {
          $nowrap = 'nowrap';
        }
        echo "<td $nowrap>".(in_array($FName[$f], $image_upload_fields)?"<center><img height=50 src='".$image_upload_dir.'p_'.$data."'></center>":($data.''!==''?$data:'&nbsp;'))."</td>";
      }
    }
    echo  "<td width='40px'><a href=\"".$THIS_SCRIPT."?action=modify&mod=1&whereprimkey=".$row_primary_value."\"><img alt=\"Modifier\" border=0 src='images/download.gif'></a>".
          "&nbsp;"."<a onclick='if(!confirm(\"Etes vous sur de vouloir supprimer cet &eacute;l&eacute;ment ?\"))return false;' href=\"".$THIS_SCRIPT."?action=delete&whereprimkey=".$row_primary_value."\"><img alt='Supprimer' border=0 src=images/delete.gif></a>
          <a name=row$row_primary_value /></td>";
    echo "</tr>";
    $numEntries++;
  }
  echo "</tbody>";
  echo "</table>";
}


if(isset($action) && $action == 'modify') {
  if(isset($_GET['add'])) {
    mysqli_query($link_bdd, "insert into $mysql_tbl () values ()");
    $whereprimkey = mysqli_insert_id($link_bdd);
  }

  $res = mysqli_query($link_bdd, "desc $mysql_tbl");
  $FIELDS = Array();
  while($field = mysqli_fetch_assoc($res)) {
     $FIELDS[] = $field;
  }
  echo '<h1><center>'.(!isset($_GET['add'])?"MODIFICATION DE L'&Eacute;L&Eacute;MENT":"AJOUT D'UN NOUVEL &Eacute;L&Eacute;MENT").'</center></h1>';
  echo '<br />';
  echo '<form action=\''.$THIS_SCRIPT.'\' method=post ENCTYPE=\'multipart/form-data\'><input type=hidden name=action value=modify2><input type=hidden name=whereprimkey value=\''.$whereprimkey.'\'>';
  echo '<table class="rounded-corner">';
  echo '<thead>';
  echo '<tr>';
  echo '<th class="rounded-left">Informations</th>';
  echo '<th class="rounded-right">Valeur</th>';
  echo '</tr>';
  echo '</thead>';
  echo '<tfoot>';
  echo '<tr>';
  echo '<td class="rounded-foot-left">&nbsp;</td>';
  echo '<td class="rounded-foot-right">&nbsp;</td>';
  echo '</tr>';
  echo '</tfoot>';
  echo '<tbody>';
  $row = mysqli_query($link_bdd, "select * from $mysql_tbl where $primary_field = '$whereprimkey'");
  $row = mysqli_fetch_row($row);
  for($f=0; $f<sizeOf($FIELDS); $f++)
  {
    $FName = $FIELDS[$f]['Field'];
    if((count($hidden_fields_on_lst) != 0 && in_array($FName, $hidden_fields)) || (count($readonly_fields) != 0 && in_array($FName, $readonly_fields))) continue;
    echo '<tr>';
    if(!in_array($field['Field'], $hidden_fields))
    {
      if (array_key_exists($FName, $displayed_fields_name))
      {
        echo "<td width=50>".str_replace(' ','&nbsp;', $displayed_fields_name[$FName])."&nbsp;:&nbsp;&nbsp;</td>";
      }
      else
      {
        if ($FName == 'photo_artiste')
        {
          echo "<td width=50 style='background-color:#B9C9FE;'>".str_replace(' ','&nbsp;', ucfirst(str_replace('_',' ',$FName)))."&nbsp;:&nbsp;&nbsp;</td>";
        }
        else
        {
          echo "<td width=50>".str_replace(' ','&nbsp;', ucfirst(str_replace('_',' ',$FName)))."&nbsp;:&nbsp;&nbsp;</td>";
        }
      }
    }
    $data = $row[$f];
    $pPos = strpos($FIELDS[$f]['Type'], '(');
    $FType = substr($FIELDS[$f]['Type'], 0, $pPos?$pPos:50);
    $FMSize = $pPos?intval(substr($FIELDS[$f]['Type'], $pPos+1, 10)):'';
    echo "<td width='100%'>";
    
    if(count($image_upload_fields) != 0 && in_array($FName, $image_upload_fields))
    {
      echo "<input style='zwidth:0px' type=file name=upload_$FName zcols=5 onchange='img_$FName.src=this.value'>";
	  if ($data != '')
	  {
	    if (file_exists($image_upload_dir.'p_'.$data))
	    {
	      echo "&nbsp;<a href='".$image_upload_dir.$data."?".rand(1000,9999)."' target='_blank'><img border='no' src ='".$image_upload_dir.'p_'.$data."?".rand(1000,9999)."' style='vertical-align:middle;' width='50px'></a>&nbsp;";
	    }
	    else
	    {
	      echo "&nbsp;<a href='".$image_upload_dir.$data."?".rand(1000,9999)."' target='_blank'><img border='no' src ='".$image_upload_dir.$data."?".rand(1000,9999)."' style='vertical-align:middle;' width='50px'></a>&nbsp;";
	    }
	    echo "<a href=\"$THIS_SCRIPT?supprFichier&cols=$FName&whereprimkey=$whereprimkey\" onclick='if(!confirm(\"Etes vous sur de vouloir supprimer cet &eacute;l&eacute;ment ?\"))return false;'>Supprimer le fichier (".$data.")</a>";
	  }
	}
    else if(count($enumFields) != 0 && array_key_exists($FName, $enumFields)) {
       echo "<select name=field_".$FName.">";
       foreach($enumFields[$FName] as $possT)
         echo "<option value='$possT' ".($data==$possT?'selected':'').">$possT</option>";
       echo "</select>";
    }

    else if(count($comboFields) != 0 && in_array($FName, $comboFields))
    {
      echo "<input style='width:100%;border:0px white solid;' type=text name=field_".$FName." id=combo_field_".$FName." value=\"".str_replace('"','&#34;',$data)."\">";
      $reqCF = mysqli_query($link_bdd, "select `$FName` as possVal from $mysql_tbl group by `$FName`");
      while($lineCF = mysqli_fetch_assoc($reqCF))
      {
        $possT = $lineCF['possVal'];
        if(!trim($possT)) continue;
        echo "<a href=\"javascript:;\" onclick=\"document.getElementById('combo_field_".$FName."').value='".mysqli_real_escape_string($link_bdd, $possT)."';\">$possT</a> | ";
      }
    }

    else if(count($external_choice_fields) != 0 && array_key_exists($FName, $external_choice_fields)) {
      $req = "select * from ".$external_choice_fields[$FName];
      echo "<select name=field_".$FName.">";
      echo "<option value='0'>&nbsp;</option>";
      $req = mysqli_query($link_bdd, $req);
      while($reqR = mysqli_fetch_row($req))
        echo "<option value='".$reqR[0]."' ".($reqR[0]==$data?'selected':'').">".$reqR[1]."</option>";
      echo "</select>";
    }

    else if(count($fckeditor_fields) != 0 && in_array($FName, $fckeditor_fields))
    {
      $oFCKeditor = new FCKeditor('field_'.$FName) ;
      $oFCKeditor->Height = '400px';
      $oFCKeditor->BasePath = 'fckeditor/' ;
      $oFCKeditor->Value =  $data;
      $oFCKeditor->Create() ;
    }

    else if(substr_count($FIELDS[$f]['Type'], 'text'))
      echo "<textarea style='width:100%;border:0px white solid;height:100px;' name=field_".$FName.">".(in_array($FName, $html_text_fields)?str_replace('<br>',"\r\n",$data):$data)."</textarea>";

    else
      echo "<input style='width:100%;border:0px white solid;' type=text name=field_".$FName." value=\"".str_replace('"','&#34;',$data)."\">";

    echo "</td>";
    echo "</tr>";
  }
  echo "</tbody>";
  echo "</table>";
  echo "<br>";
  echo "<center>";
  echo "<table>";
  echo "<tr>";
  echo "<td>";
  if (isset($_GET['add']))
  {
    echo "<a href=\"#\" class=\"button\" onclick='location=\"".$THIS_SCRIPT."?delrow=$whereprimkey\"'><span class=\"delete\">Annuler</span></a>";
  }
  else
  {
    echo "<a href=\"#\" class=\"button\" onclick='location=\"".$THIS_SCRIPT."\"'><span class=\"delete\">Annuler</span></a>";
  }
  echo "</td>";
  echo "<td>";
  echo "<a href=\"#\" class=\"button\" onClick=\"javascript:check();\"><span class=\"add\">Enregistrer</span></a>";
  echo "</td>";
  echo "</tr>";
  echo "</table>";
  echo "</center>";
  echo "</form>";
  echo "<a name=bottom>";
?>

<script>
function check()
{
  stop=0;
  <?php
  foreach($neededFields as $f)
  {
    if(!in_array($f, $hidden_fields))
    {
      if (in_array($f, $displayed_fields_name))
      {
        echo "if(document.forms[0].field_$f) if(!document.forms[0].field_$f.value) {alert(\"Vous devez obligatoirement remplir le champ '".$displayed_fields_name[$f]."' !\"); stop=1;} \r\n";
      }
      else
      {
        echo "if(document.forms[0].field_$f) if(!document.forms[0].field_$f.value) {alert(\"Vous devez obligatoirement remplir le champ '".$f."' !\"); stop=1;} \r\n";
      }
    }
  }
  ?>
  if(stop) return false;
  document.forms[0].submit();
}
</script>

<?php
}
if(isset($action) && $action== 'modify2')
{
  foreach($_POST as $key => $val)
  {
    if(substr($key, 0, strlen('field_'))=='field_')
    {
      $fieldName = substr($key, strlen('field_'), 50);
      $data = stripslashes($val);
      if(in_array($fieldName, $html_text_fields)) $data = str_replace("\r\n",'<br>',$data);
      if (!in_array($fieldName, $fckeditor_fields)) $data = htmlentities($data, ENT_NOQUOTES, 'UTF-8');
      $data = mysqli_real_escape_string($link_bdd, $data);
      mysqli_query($link_bdd, "update $mysql_tbl set $fieldName = '".$data."' where $primary_field = '".$whereprimkey."'");
    }
  }
  $message = str_replace("%MESSAGECONSOLE%", "El&eacute;ment modifi&eacute;.", $message);
  $message = str_replace("%URLREDIRECTION%", $THIS_SCRIPT, $message);
  echo $message;
}


if(isset($action) && $action=='clone') {
  $from = $_GET['from'];
  $res = mysqli_query($link_bdd, "desc $mysql_tbl");
  $FName = Array();
  while($field = mysqli_fetch_assoc($res)) {
    if (count($image_upload_fields) != 0 && in_array($field['Field'], $image_upload_fields)) continue;
    if($field['Field']!=$primary_field) $FName[] = $field['Field'];
  }
  $list = implode(',', $FName);
  $sql = "insert into $mysql_tbl ($list) select $list from $mysql_tbl where $primary_field=$from";
  mysqli_query($link_bdd, $sql);
  $newid = mysqli_insert_id($link_bdd);
  echo "<center><h2><br><br><script>setTimeout('location=\"".$THIS_SCRIPT."?action=modify&whereprimkey=$newid\"',100);</script>";
}

// Suppression d'une ligne
if(isset($action) && $action=='delete') {
  mysqli_query($link_bdd, "delete from $mysql_tbl where $primary_field = '$whereprimkey'");
  $message = str_replace("%MESSAGECONSOLE%", "Element supprim&eacute;.", $message);
  $message = str_replace("%URLREDIRECTION%", $THIS_SCRIPT, $message);
  echo $message;
}

function MoveUpFile($from, $to) {
   return move_uploaded_file($from, $to);
}

?>
@ Telegram