HB/onyx/hb_game/jeu/envoyer.php

<?php
if(!defined('INDEX')) { header('Location: ../'); exit; }
$page = 'envoyer';
$titre = 'Envoyer un message';

if (!empty($_POST['objet']) && !empty($_POST['nom']) && !empty($_POST['message'])) {
	$util = htmlentities($_POST['nom']);
	$bdd->connexion();
	$bdd->escape($util);
	if ($bdd->unique_query("SELECT pseudo FROM $table_user WHERE pseudo = '$util';")) {
		$message = htmlspecialchars($_POST['message']);
		$objet = htmlspecialchars($_POST['objet']);
		$pseudo = $queryUser["pseudo"];
		$time = time();
		$bdd->escape($message);
		$bdd->escape($objet);
		$bdd->escape($pseudo);
		$bdd->query("INSERT INTO $table_mail VALUES(NULL, '1', '$util', '$pseudo', '$objet', '$message', '$time');");
		$bdd->deconnexion();

		$template->assign('message','Votre message a été envoyé avec succès.');
		$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="?p=messagerie";\', 2500);</script>');
		$template->assign('couleur','green');
		$template->display('game/erreur.tpl');
		exit;
	}
	else {
		$bdd->deconnexion();
		$template->assign('message','Impossible de trouver le destinataire du message.');
		$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="?p=envoyer";\', 2500);</script>');
		$template->assign('couleur','red');
		$template->display('game/erreur.tpl');
		exit;
	}
}

if (isset($_GET['d'])) $template->assign('destinataire', htmlentities($_GET['d']));
if (isset($_GET['o'])) $template->assign('objet', htmlentities($_GET['o']));
?>
Version 1.0a 2008-11-17 11:00:00 +00:00			`<?php`
			`if(!defined('INDEX')) { header('Location: ../'); exit; }`
			`$page = 'envoyer';`
			`$titre = 'Envoyer un message';`

			`if (!empty($_POST['objet']) && !empty($_POST['nom']) && !empty($_POST['message'])) {`
Version 1.7i 2008-11-16 11:00:00 +00:00			`$util = htmlentities($_POST['nom']);`
Version 1.7b 2008-11-04 11:00:00 +00:00			`$bdd->connexion();`
			`$bdd->escape($util);`
			`if ($bdd->unique_query("SELECT pseudo FROM $table_user WHERE pseudo = '$util';")) {`
Version 1.2 2008-11-22 11:00:00 +00:00			`$message = htmlspecialchars($_POST['message']);`
			`$objet = htmlspecialchars($_POST['objet']);`
Version 1.7i 2008-11-16 11:00:00 +00:00			`$pseudo = $queryUser["pseudo"];`
			`$time = time();`
Version 1.7b 2008-11-04 11:00:00 +00:00			`$bdd->escape($message);`
			`$bdd->escape($objet);`
Version 1.7i 2008-11-16 11:00:00 +00:00			`$bdd->escape($pseudo);`
			`$bdd->query("INSERT INTO $table_mail VALUES(NULL, '1', '$util', '$pseudo', '$objet', '$message', '$time');");`
Version 1.7b 2008-11-04 11:00:00 +00:00			`$bdd->deconnexion();`
Version 1.0a 2008-11-17 11:00:00 +00:00
			`$template->assign('message','Votre message a été envoyé avec succès.');`
			`$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="?p=messagerie";\', 2500);</script>');`
			`$template->assign('couleur','green');`
			`$template->display('game/erreur.tpl');`
			`exit;`
			`}`
			`else {`
Version 1.7b 2008-11-04 11:00:00 +00:00			`$bdd->deconnexion();`
Version 1.0a 2008-11-17 11:00:00 +00:00			`$template->assign('message','Impossible de trouver le destinataire du message.');`
			`$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="?p=envoyer";\', 2500);</script>');`
			`$template->assign('couleur','red');`
			`$template->display('game/erreur.tpl');`
			`exit;`
			`}`
			`}`

Version 1.7i 2008-11-16 11:00:00 +00:00			`if (isset($_GET['d'])) $template->assign('destinataire', htmlentities($_GET['d']));`
			`if (isset($_GET['o'])) $template->assign('objet', htmlentities($_GET['o']));`
Version 1.0a 2008-11-17 11:00:00 +00:00			`?>`