Tfe

Ongi etorri tfe-ren webgunera...

Old stuff/old_sites/newepik/include/addfile.php

(Deskargatu)
<?
$date = date("d/m/Y");
$heure = date("H:i");
?>
<? if (@$_GET['addfile'] == 'ok')

{ 
echo"<p><font color=\"#990033\" size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\"><strong>&raquo;
Ajout de fichier au site #Informatique :</strong></font></p><br>";

$erreur="";

// VERIFIE LE FORMULAIRE  XSS aller vous faire voire!

if ((!empty($_POST['nom'])) && (!empty($_POST['categorie'])) && (!empty($_POST['date'])) && (!empty($_POST['heure'])) && (!empty($_POST['posteur'])) && (!empty($_POST['description'])) && (!empty($_POST['taille'])) && (!empty($_POST['softype'])) && (!empty($_POST['download'])))
{

$st = array ("'<'",
             "'>'",
             "'\"'");

$rt = array ("&lt;",
             "&gt;",
             "&quot;");

$nom = preg_replace ($st, $rt, $_POST['nom']);
$description = preg_replace ($st, $rt, $_POST['description']);
$site = preg_replace ($st, $rt, $_POST['site']);
$download = preg_replace ($st, $rt, $_POST['download']);

}

else

{
$erreur="1";
echo"Veuillez remplir tous les champs. ";
}

if ($erreur != "")

{
echo "<br><br> En raison d'erreurs nous vous demandons de bien re-remplir le formulaire.<br>";
}

else
{if ((!empty($_POST['nom'])) && (!empty($_POST['categorie'])) && (!empty($_POST['date'])) && (!empty($_POST['heure'])) && (!empty($_POST['posteur'])) && (!empty($_POST['description'])) && (!empty($_POST['taille'])) && (!empty($_POST['softype'])) && (!empty($_POST['site'])) && (!empty($_POST['download'])))
{
 $resultat = mysql_query("INSERT INTO `news` VALUES ('', '".$nom."', '".$_POST['categorie']."', '".$_POST['date']."','".$_POST['heure']."','".$_POST['posteur']."', '".$description."','".$_POST['taille']."','".$_POST['softype']."', '".$site."', '".$download."')") or die (mysql_error());

    echo "Le fichier $nom a bien �t� ajout�.<br>";
    echo "<a href=\"zoneadmin.php\">Retour � l'accueil</a>";

} 
else 
{ ?>
<form method="POST" action="index.php?page=zoneadmin/addfile.php&addfile=ok">
  <table width="517" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Nom du soft 
        : </font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="nom" size="58" tabindex="4">
        </font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Categorie 
        :</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <select name="categorie" id="categorie">
          <option value="Windows" selected>Windows</option>
          <option value="UNIX-Linux">UNIX-Linux</option>
          <option value="MAC">MAC</option>
        </select>
        </font></td>
    </tr>
    <tr> 
      <td width="150"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Date 
        :</font></td>
      <td width="367"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="date" type="text" tabindex="1" value="<? echo $date; ?>" readonly="true">
        </font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Heure :</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="heure" size="9" value="<? echo $heure; ?>" tabindex="2" readonly="true">
        </font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Posteur 
        :</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">
        <input name="posteur" size="9" value="<? echo $IdPseudo; ?>" tabindex="2" readonly="true">
        </font><font size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp; 
        </font></td>
    </tr>
    <tr> 
      <td align="left" valign="top"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Description 
        :</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <textarea name="description" cols="52" rows="5" id="categorie"></textarea>
        </font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Taille (kB) 
        :</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="taille" size="9" tabindex="2">
        </font></td>
    </tr>
    <tr> 
      <td>Type :</td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <select name="softype" id="softype">
          <option value="Freeware" selected>Freeware</option>
          <option value="Shareware">Shareware</option>
          <option value="GPL">GPL</option>
          <option value="Autre">Autre</option>
        </select>
        </font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Site de 
        l'auteur :</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="site" size="25" tabindex="2">
        </font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">URL download 
        :</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
        <input name="download" size="25" tabindex="2">
        </font></td>
    </tr>
    <tr> 
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp;</font></td>
      <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp;</font></td>
    </tr>
    <tr> 
      <td colspan="2" align="center" valign="middle"><font face="Verdana"> 
        <input class="button" type="submit" value="Envoyer" name="B1" tabindex="5">
        &nbsp;&nbsp; </font><font face="Verdana"> 
        <input type="reset" value="Annuler" name="B2" tabindex="6">
        </font></td>
    </tr>
  </table>
  <p><br>
    <br>
  </p>
</form>