67 lines
2.5 KiB
PHP
Executable File
67 lines
2.5 KiB
PHP
Executable File
<?php
|
|
$nomFicAppelant = basename(__FILE__);
|
|
// ---------------------------------------------------
|
|
// Variables
|
|
// Protection contre les XSS (Cross-Site Scripting) avec htmlspecialchars()
|
|
if (!empty($theMessage)) { $theMessage = htmlspecialchars($theMessage, ENT_QUOTES, "UTF-8", false); }
|
|
if (!empty($theTitle)) { $theTitle = htmlspecialchars($theTitle, ENT_QUOTES, "UTF-8", false); }
|
|
if (!empty($theStyle)) { $theStyle = htmlspecialchars($theStyle, ENT_QUOTES, "UTF-8", false); }
|
|
|
|
// ---------------------------------------------------
|
|
// Requete update message
|
|
// ---------------------------------------------------
|
|
if (empty($theAfficher)) $theAfficher=0;
|
|
// $reqUpdate="UPDATE `languenav` SET afficher=" .$theAfficher. ", imgPt" .$_SESSION['lgCouranteCode']. "='" .$theIco. "', title" .$_SESSION['lgCouranteCode']. "='" .$theTitle. "', $_SESSION['lgCouranteCode']. "='" .$theMessage. "', style='" .$theStyle. "' WHERE id=" .$idLanguenav. ";";
|
|
if(isset($idLanguenav) && $idLanguenav!='') {
|
|
$codeLangue = $_SESSION['lgCouranteCode'];
|
|
$reqUpdate = "UPDATE `languenav` SET
|
|
afficher = :afficher,
|
|
imgPt$codeLangue = :img,
|
|
title$codeLangue = :title,
|
|
$codeLangue = :message,
|
|
style = :style
|
|
WHERE id = :id";
|
|
|
|
try {
|
|
$stmt = $idPdo->prepare($reqUpdate);
|
|
// Valeurs à lier à la requête préparée
|
|
$params = [
|
|
':afficher' => $theAfficher,
|
|
':img' => $theIco,
|
|
':title' => $theTitle,
|
|
':message' => $theMessage,
|
|
':style' => $theStyle,
|
|
':id' => $idLanguenav
|
|
];
|
|
|
|
// Exécution de la requête
|
|
$resConn = $stmt->execute($params);
|
|
|
|
if ($resConn) {
|
|
$admMsg .= "Mise à jour du message effectuée avec succès !";
|
|
$admMsgClass = 'ok';
|
|
} else {
|
|
$admMsg .= "Échec de la mise à jour du message !";
|
|
$admMsgClass = 'ko';
|
|
}
|
|
|
|
// Debug optionnel
|
|
if (isset($debug[2]) && $debug[2] === '1') {
|
|
$debugReq = $reqUpdate;
|
|
foreach ($params as $key => $value) {
|
|
$debugReq = str_replace($key, "'" . addslashes($value) . "'", $debugReq); // Ajoute les quotes et échappe les valeurs
|
|
}
|
|
$debugMsg .= monDebug(2, ['Requete update' => $debugReq], 'reqUpdate.messCom.php');
|
|
}
|
|
|
|
} catch (PDOException $e) {
|
|
if (isset($debug[2]) && $debug[2] === '1') { $debugMsg .= monDebug(2, ['Requete update' => $reqUpdate, 'PDO erreur' => $e->getMessage()], 'reqUpdate.messCom.php'); }
|
|
$admMsg .= "Erreur lors de la mise à jour !";
|
|
$admMsgClass = 'ko';
|
|
}
|
|
}
|
|
else {
|
|
if (isset($debug[2]) && $debug[2] === '1') { $debugMsg .= monDebug(2, ['idLangueNav vide' => ''], 'reqUpdate.messCom.php'); }
|
|
}
|
|
?>
|