Git-Admin/DevWeb
2
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
Files
d76512718942b390faeb693c7a97af6c1e7bc695
DevWeb/index.php.bak
Git-Admin d765127189 Initial commit forum
2026-01-12 22:49:29 +00:00

119 lines
4.2 KiB
PHP
Executable File
Raw Blame History

<?php
session_start();
// Connexion BDD
$conn = new mysqli("127.0.0.1", "dev_user", "zZu,YFy16%;,tmz2`@QOD$@5i", "dev_forum");
$msg = "";
// On vérifie que le formulaire est envoyé
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['content'])) {
// 1. Vérification du Timer (1 minute)
if (isset($_SESSION['last_post_time']) && (time() - $_SESSION['last_post_time'] < 60)) {
$msg = "Erreur : Vous devez attendre 1 minute entre chaque post.";
} else {
// --- LOGIQUE DE L'IMAGE FACULTATIVE ---
$content = htmlspecialchars($_POST['content']);
$ip = $_SERVER['REMOTE_ADDR'];
$target_file = ""; // Par défaut, on dit qu'il n'y a pas d'image
$upload_success = true; // On part du principe que c'est bon
// On ne traite l'image QUE si un fichier a été envoyé
if (!empty($_FILES["fileToUpload"]["name"])) {
$target_dir = "uploads/";
$filename = basename($_FILES["fileToUpload"]["name"]);
$target_file_path = $target_dir . time() . "_" . $filename;
$imageFileType = strtolower(pathinfo($target_file_path, PATHINFO_EXTENSION));
// Vérif extension
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg") {
$msg = "Erreur : Seuls les fichiers JPG, JPEG, PNG sont autorisés.";
$upload_success = false; // On bloque l'insertion
}
// Tentative d'upload
elseif (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file_path)) {
// Si ça marche, on met à jour la variable pour la BDD
$target_file = $target_file_path;
} else {
$msg = "Erreur technique lors de l'upload.";
$upload_success = false;
}
}
// --- INSERTION EN BASE DE DONNÉES ---
// On insère seulement si l'étape d'upload (si elle a eu lieu) est valide
if ($upload_success) {
$stmt = $conn->prepare("INSERT INTO posts (content, image_path, ip_address) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $content, $target_file, $ip);
if ($stmt->execute()) {
$_SESSION['last_post_time'] = time();
$msg = "Message posté avec succès !";
} else {
$msg = "Erreur SQL : " . $conn->error;
}
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Mini Forum CTF</title>
<style>
body { font-family: sans-serif; max-width: 800px; margin: auto; padding: 20px; }
.post { border: 1px solid #ccc; padding: 10px; margin-bottom: 10px; background: #f9f9f9; }
.meta { color: #555; font-size: 0.9em; }
img { max-width: 200px; display: block; margin-top: 10px; }
.menu { margin-bottom: 20px; padding: 10px; background: #eee; }
.alert { color: red; font-weight: bold; }
</style>
</head>
<body>
<div class="menu">
<a href="index.php">Accueil (Forum)</a> |
<a href="login.php">Espace Admin (Flag)</a>
</div>
<h1>Bienvenue sur le Dev Web</h1>
<?php if($msg) echo "<p class='alert'>$msg</p>"; ?>
<div style="border: 2px solid #333; padding: 15px;">
<h3>Poster un message</h3>
<form action="index.php" method="post" enctype="multipart/form-data">
<textarea name="content" rows="4" cols="50" required placeholder="Votre message..."></textarea><br><br>
Image (JPG/PNG, Min 2Mo possible) : <input type="file" name="fileToUpload"<br><br>
<input type="submit" value="Envoyer">
</form>
</div>
<hr>
<h2>Derniers messages</h2>
<?php
$sql = "SELECT * FROM posts ORDER BY id DESC";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<div class='post'>";
echo "<div class='meta'>Posté par IP: <strong>" . $row["ip_address"] . "</strong> le " . $row["created_at"] . "</div>";
echo "<p>" . nl2br($row["content"]) . "</p>";
if ($row["image_path"]) {
echo "<img src='" . $row["image_path"] . "' alt='Image user'>";
}
echo "</div>";
}
} else {
echo "Aucun message pour le moment.";
}
?>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink