nouveau fichier sql a upload dans votre bdd, la principal différence …

…est la profile picture de user qui apr défaut point sur img/default.png

acceptfriend.php

@@ -1,8 +1,17 @@
 <?php
 include("config.php");
-session_start();
 
-//pour objectposts
+if(empty($_SESSION['id'])){
+  header('location:login.html');
+  exit;
+}
+
+if (!isset($_GET['ident'])) {
+  // code...
+  header('location:index.php');
+  exit;
+}
+
 $id = $_SESSION['id'];
 $idp = isset($_GET['ident'])?$_GET['ident']:null;
 

addfriend.php

@@ -1,6 +1,16 @@
 <?php
 include("config.php");
-session_start();
+
+if(empty($_SESSION['id'])){
+  header('location:login.html');
+  exit;
+}
+
+if (!isset($_GET['ident'])) {
+  // code...
+  header('location:index.php');
+  exit;
+}
 
 //pour objectposts
 $id = $_SESSION['id'];
@@ -15,5 +25,5 @@
 mysqli_stmt_close($req);
 
 header("Location: {$_SERVER['HTTP_REFERER']}");
-//exit;
+exit;
 ?>

comment.php

@@ -1,6 +1,15 @@
 <?php
 include("config.php");
-session_start();
+
+if(empty($_SESSION['id'])){
+  header('location:login.html');
+  exit;
+}
+
+if(empty($_POST["description"])){
+  header('location:index.php');
+  exit;
+}
 
 //pour objectposts
 $id_User = $_SESSION['id'];
@@ -24,6 +33,6 @@
 mysqli_stmt_close($req);
 
 //echo "<meta http-equiv=\"refresh\" content=\"0\"> ";
-header("Location: {$_SERVER['HTTP_REFERER']}");
-//exit;
+header("Location: index.php");
+exit;
 ?>

config.php

@@ -6,4 +6,6 @@
 
 $db = mysqli_connect($mysqli_hostname, $mysqli_user, $mysqli_password) or die("Opps some thing went wrong");
 mysqli_select_db($db, $mysqli_database) or die("Opps some thing went wrong");
+
+session_start();
 ?>

deletefriend.php

@@ -1,6 +1,16 @@
 <?php
 include("config.php");
-session_start();
+
+if(empty($_SESSION['id'])){
+  header('location:login.html');
+  exit;
+}
+
+if (!isset($_GET['ident'])) {
+  // code...
+  header('location:index.php');
+  exit;
+}
 
 //pour objectposts
 $id = $_SESSION['id'];

discussion.php

@@ -1,6 +1,10 @@
 <?php
 include("config.php");
-session_start();
+
+if(empty($_SESSION['id'])){
+  header('location:login.html');
+  exit;
+}
 
 if(!empty($_GET['idDiscussion'])){
   //on enregistre l'id de la discussion
@@ -14,9 +18,8 @@
   $req = mysqli_prepare($db, "UPDATE chatgroups SET Notif = 'viewed' WHERE id = ? && ID_User = ?");
   mysqli_stmt_bind_param($req, "ii", $idDiscussion, $id);
   mysqli_stmt_execute($req);
-
 }
-else {
+elseif(!empty($_POST['idUser'])){
   $_SESSION['idDiscussion'] = null;
   $_SESSION['idUser'] = $_POST['idUser'];
   $_SESSION['firstname'] = $_POST['firstname'];
@@ -45,6 +48,6 @@
 
 $_SESSION['idDiscussion'] = $idDiscussion;
 
-header("Location: {$_SERVER['HTTP_REFERER']}");
+header("Location: messages.php");
 exit;
 ?>

index.php

@@ -1,11 +1,13 @@
 <!doctype html>
 <?php
-session_start();
+include("config.php");
 
 if(empty($_SESSION['id'])){
   header('location:login.html');
+  exit;
 }
 ?>
+
 <html lang="en">
 <head>
   <meta charset="utf-8">
@@ -92,7 +94,7 @@
 
   <div>
     <?php
-    include("config.php");
+
     $id = $_SESSION["id"];
 
     $requete = "SELECT DISTINCT o.*, us.Firstname, us.Lastname, e.Date, e.Location, e.Status FROM events e, objectposts o, users us ";
@@ -123,7 +125,7 @@
         }
         echo "<div>";
         echo "<form action='comment.php' class='form-post' method='post'>";
-        echo "<input class='form-control mr-sm-2 multitext' name='description' id='description' type='text' placeholder='Leave a comment' aria-label='Comment'>";
+        echo "<input class='form-control mr-sm-2 multitext' name='description' id='description' type='text'  placeholder='Leave a comment' aria-label='Comment' required>";
         echo "<input type='hidden' name='idpost' value='$colID' id='idpost'> ";
         echo "<button class='btn btn-primary mr-sm-2'  style='' type='submit' >Comment</button>";
         echo "</form>";

interested.php

@@ -1,9 +1,14 @@
 <!doctype html>
 <?php
-session_start();
+include("config.php");
 
 if(empty($_SESSION['id'])){
   header('location:login.html');
+  exit;
+}
+
+if(empty($_GET['idobj'])){
+  header("Location: jobs.php");
 }
 ?>
 <html lang="en">
@@ -76,13 +81,9 @@
   <div class='container'><h3 style='color:white; font-weight:700; font-size:3em;'>My Offers</h3></div>
 
   <?php
-  include("config.php");
-  $id = $_SESSION['id'];
 
-  if(empty($_GET['idobj']))
-  header("Location: jobs.php");
+  $id = $_SESSION['id'];
 
-  include("config.php");
   $id_obj = $_GET['idobj'];
 
   $requete = "SELECT DISTINCT us.ID, us.Firstname, us.Lastname, us.Pseudo FROM users us, joboffers jo, objectposts ob, jobreacts jr";

jobs.php

@@ -1,9 +1,10 @@
 <!doctype html>
 <?php
-session_start();
+include("config.php");
 
 if(empty($_SESSION['id'])){
   header('location:login.html');
+  exit;
 }
 ?>
 <html lang="en">
@@ -79,18 +80,18 @@
   </div>
 
   <?php
-  include("config.php");
+
   $id = $_SESSION['id'];
 
-  $requete = "SELECT jo.*, us.ID, us.FirstName, us.LastName, ob.Date_Post FROM joboffers jo, objectposts ob, users us";
+  $requete = "SELECT jo.ID_Object, jo.Title, us.ID, us.FirstName, us.LastName FROM joboffers jo, objectposts ob, users us";
   $requete .= " WHERE jo.ID_Object = ob.ID AND ob.ID_User = us.ID ORDER BY ob.Date_Post DESC";
 
   $req = mysqli_prepare($db, $requete);
   mysqli_stmt_execute($req);
 
   mysqli_stmt_store_result($req);
 
-  mysqli_stmt_bind_result($req, $col_IDObj, $col_JobLoc, $col_Company, $col_Title, $col_JobDescri, $col_Len, $col_Skills, $col_Area, $col_ID, $col_FirstName, $col_LastName, $col_DatePost);
+  mysqli_stmt_bind_result($req, $col_IDObj, $col_Title, $col_ID, $col_FirstName, $col_LastName);
 
   while(mysqli_stmt_fetch($req)){
     if($col_ID == $id){

lock.php

@@ -1,6 +1,5 @@
 <?php
-include('config.php');
-session_start();
+if(!empty($_SESSION['login_user'])){
 $user_check=$_SESSION['login_user'];
 
 $ses_sql=mysqli_query($db,"select username from admin where username='$user_check' ");
@@ -12,5 +11,12 @@
 if(!isset($login_session))
 {
 header("Location: login.php");
+exit;
+}
+}
+else {
+  // code...
+  header('location:index.php');
+  exit;
 }
 ?>

login.php

@@ -1,8 +1,17 @@
 <?php
 
 include("config.php");
-session_start();
-$error = "";
+
+if(!empty($_SESSION['id'])){
+  header('location:index.php');
+  exit;
+}
+
+elseif(empty($_POST['inputEmail'])) {
+  // code...
+  header('location:login.html');
+  exit;
+}
 
 if($_SERVER["REQUEST_METHOD"] == "POST")
 {
@@ -32,14 +41,16 @@
 
 
     if ($isPasswordCorrect) {
-        session_start();
         $_SESSION['email'] = $mymail;
-        header("location: welcome.php");
+        include('lock.php');
+        header("location: index.php");
+        exit;
     }
     else {
       //echo $phash;
 
         header("location: login.html");
+        exit;
     }
 
 }

logout.php

@@ -6,5 +6,6 @@
 if(session_destroy())
 {
 header("location: login.html");
+exit;
 }
 ?>

messages.php

@@ -1,9 +1,10 @@
 <!doctype html>
 <?php
-session_start();
+include("config.php");
 
 if(empty($_SESSION['id'])){
   header('location:login.html');
+  exit;
 }
 ?>
 
@@ -79,7 +80,7 @@
           <h3 style='color:white; font-weight:700; font-size:3em;'>My messages</h3><br>
         </div>
         <?php
-        include("config.php");
+
         $id = $_SESSION["id"];
 
         $requete = "SELECT g.ID, g.Name, g.Notif FROM chatgroups g JOIN chatmessages m on m.ID_Conv = g.ID ";
@@ -95,7 +96,7 @@
         echo "<div>";
         while(mysqli_stmt_fetch($req)){
           $i += 1;
-          if($i == 3){
+          if($i == 5){
             echo "</div>
             <div id='otherDiscussions' style ='display: none;'> ";
           }
@@ -107,7 +108,7 @@
           echo "onclick=\"window.location.href='discussion.php?idDiscussion={$col_ID}'\" type='submit' > $col_Name </button><br>";
         }
         echo "</div>";
-        if($i>2){
+        if($i>4){
           echo "<button class='btn btn-sm btn-success btn-block' onclick='showhide()' id='hidebutton' >Show More</button><br>";
         }
 

network.php

@@ -1,9 +1,10 @@
 <!doctype html>
 <?php
-session_start();
+include("config.php");
 
 if(empty($_SESSION['id'])){
   header('location:login.html');
+  exit;
 }
 ?>
 <html lang="en">
@@ -76,7 +77,7 @@
   <div class='container'><h3 style='color:white; font-weight:700; font-size:3em;'>My network</h3></div>
 
   <?php
-  include("config.php");
+
   $id = $_SESSION['id'];
 
   $requete = "SELECT DISTINCT us.ID, us.Firstname, us.Lastname, us.Pseudo FROM users us, friendships fs WHERE fs.ID_User1 = ?";