From 8eb9458caea81464acbf7a4552e564db55457549 Mon Sep 17 00:00:00 2001 From: Lucie Bedouret Date: Fri, 9 Dec 2022 09:22:42 +0100 Subject: [PATCH] MODIF: better .htaccess --- api-rest/.htaccess | 12 +++-- api-rest/gateways/gameGateway.php | 8 ++- api-rest/index.php | 87 ++++++++++++++++--------------- db-config.sql | 4 +- 4 files changed, 62 insertions(+), 49 deletions(-) diff --git a/api-rest/.htaccess b/api-rest/.htaccess index e833542..7308adc 100644 --- a/api-rest/.htaccess +++ b/api-rest/.htaccess @@ -6,8 +6,14 @@ RewriteRule (.+) index.php?p=$1 [QSA,L] - -Order Allow,Deny -Allow From all +# Redirecting 403 errors to index.php (does not work) +ErrorDocument 403 http://localhost:8888/api-rest/index.php + +# Refusing access to all files ending with php +Require all denied + +# Allowing access to index.php + + Require all granted diff --git a/api-rest/gateways/gameGateway.php b/api-rest/gateways/gameGateway.php index 2875ab2..299bc1c 100644 --- a/api-rest/gateways/gameGateway.php +++ b/api-rest/gateways/gameGateway.php @@ -25,7 +25,9 @@ class GameGateway{ foreach($res as $row){ $tabGames[]= new Game($row['PK_ID'], $row['GAM_NAME'], - $row['GAM_IMAGE']); + $row['GAM_IMAGE'], + $row['GAM_NB_PLAYER_MIN'], + $row['GAM_NB_PLAYER_MAX']); } return $tabGames; } @@ -41,7 +43,9 @@ class GameGateway{ foreach($res as $row){ $game= new Game($row['PK_ID'], $row['GAM_NAME'], - $row['GAM_IMAGE']); + $row['GAM_IMAGE'], + $row['GAM_NB_PLAYER_MIN'], + $row['GAM_NB_PLAYER_MAX']); } return $game; } diff --git a/api-rest/index.php b/api-rest/index.php index bb41cb1..c1213d6 100644 --- a/api-rest/index.php +++ b/api-rest/index.php @@ -1,4 +1,5 @@ getUserById($id); header('Content-Type: application/json'); echo json_encode($user, JSON_PRETTY_PRINT); @@ -69,7 +70,7 @@ } } elseif($method_name === "getUserByUsername"){ // test : OK - $username = !empty($url[3]) ? (string) $url[3] : null; + $username = !empty($url[4]) ? (string) $url[4] : null; if ($username !== null){ $user =$usergw->getUserByUsername($username); header('Content-Type: application/json'); @@ -80,8 +81,8 @@ } } elseif($method_name === "getUserForConnection"){ // test : OK - $username = !empty($url[3]) ? (string) $url[3] : null; - $password = !empty($url[4]) ? (string) $url[4] : null; + $username = !empty($url[4]) ? (string) $url[4] : null; + $password = !empty($url[5]) ? (string) $url[5] : null; if ($username != null || $password != null){ $user =$usergw->getUserForConnection($username,$password); header('Content-Type: application/json'); @@ -105,7 +106,7 @@ http_response_code(200); } elseif($method_name === "getGameById"){ // test : OK - $id = !empty($url[3]) ? (int) $url[3] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; if ($id !== null){ $game = $gamegw->getGameById($id); header('Content-Type: application/json'); @@ -117,7 +118,7 @@ } } elseif($method_name === "getMatchById"){ // test : OK - $id = !empty($url[3]) ? (int) $url[3] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; if ($id !== null){ $match = $matchgw->getMatchById($id); header('Content-Type: application/json'); @@ -129,7 +130,7 @@ } } elseif($method_name === "getConversations"){ // tests : OK - $id = !empty($url[3]) ? (int) $url[3] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; if ($id !== null){ $conversations = $conversationgw->getConversations($id); header('Content-Type: application/json'); @@ -150,17 +151,17 @@ header("HTTP/1.0 400 Invalid number of arguments"); http_response_code(400); } - $username = !empty($url[3]) ? (string) $url[3] : null; - $password = !empty($url[4]) ? (string) $url[4] : null; + $username = !empty($url[4]) ? (string) $url[4] : null; + $password = !empty($url[5]) ? (string) $url[5] : null; $nationality = !empty($url[5]) ? (string) $url[5] : null; - $sex = !empty($url[6]) ? (string) $url[6] : null; - $dateOfBirth = !empty($url[7]) ? (string) $url[7] : null; + $sex = !empty($url[7]) ? (string) $url[7] : null; + $dateOfBirth = !empty($url[8]) ? (string) $url[8] : null; $usergw->postUser($username,$password,$nationality,$sex,$dateOfBirth); http_response_code(200); } elseif($method_name === "postMatch"){ // test : OK - $idGame = !empty($url[3]) ? (int) $url[3] : null; - $idCreator = !empty($url[4]) ? (int) $url[4] : null; + $idGame = !empty($url[4]) ? (int) $url[4] : null; + $idCreator = !empty($url[5]) ? (int) $url[5] : null; if ($idGame != null || $idCreator != null){ $match =$matchgw->postMatch($idGame,$idCreator); http_response_code(200); @@ -170,8 +171,8 @@ } } elseif($method_name === "postConversation"){ // test : OK - $name = !empty($url[3]) ? (string) $url[3] : null; - $idCreator = !empty($url[4]) ? (int) $url[4] : null; + $name = !empty($url[4]) ? (string) $url[4] : null; + $idCreator = !empty($url[5]) ? (int) $url[5] : null; if ($name != null || $idCreator != null){ $conversationgw->postConversation($name,$idCreator); http_response_code(200); @@ -187,23 +188,23 @@ break; case 'PUT': if($method_name === "putUser"){ // test : OK - if (count($url)<9){ + if (count($url)<10){ header("HTTP/1.0 400 Invalid number of arguments"); http_response_code(400); } - $id = !empty($url[3]) ? (int) $url[3] : null; - $username = !empty($url[4]) ? (string) $url[4] : null; - $password = !empty($url[5]) ? (string) $url[5] : null; - $nbCurrentCoins = !empty($url[6]) ? (int) $url[6] : null; - $totalnbCoins = !empty($url[7]) ? (int) $url[7] : null; - $nbGames = !empty($url[8]) ? (int) $url[8] : null; - $currentSkin = !empty($url[9]) ? (int) $url[9] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; + $username = !empty($url[5]) ? (string) $url[5] : null; + $password = !empty($url[6]) ? (string) $url[6] : null; + $nbCurrentCoins = !empty($url[7]) ? (int) $url[7] : null; + $totalnbCoins = !empty($url[8]) ? (int) $url[8] : null; + $nbGames = !empty($url[9]) ? (int) $url[9] : null; + $currentSkin = !empty($url[10]) ? (int) $url[10] : null; $usergw->putUser($id,$username,$password,$nbCurrentCoins,$totalnbCoins,$nbGames,$currentSkin); http_response_code(200); } elseif($method_name === "putSkinList"){ // test : OK - $idUser = !empty($url[3]) ? (int) $url[3] : null; - $idSkin = !empty($url[4]) ? (int) $url[4] : null; + $idUser = !empty($url[4]) ? (int) $url[4] : null; + $idSkin = !empty($url[5]) ? (int) $url[5] : null; if ($idUser != null || $idSkin != null){ $usergw->putSkinList($idUser,$idSkin); http_response_code(200); @@ -213,7 +214,7 @@ } } elseif($method_name === "putMatch"){ // test : OK - $id = !empty($url[3]) ? (int) $url[3] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; if ($id !== null){ $matchgw->putMatch($id); http_response_code(200); @@ -223,8 +224,8 @@ } } elseif($method_name === "addUserToMatch"){ // test : OK - $idMatch = !empty($url[3]) ? (int) $url[3] : null; - $idUser = !empty($url[4]) ? (int) $url[4] : null; + $idMatch = !empty($url[4]) ? (int) $url[4] : null; + $idUser = !empty($url[5]) ? (int) $url[5] : null; if ($idUser != null || $idMatch != null){ $matchgw->addUserToMatch($idMatch,$idUser); http_response_code(200); @@ -234,7 +235,7 @@ } } elseif($method_name === "deleteUserFromMatch"){ // test : OK - $idUser = !empty($url[3]) ? (int) $url[3] : null; + $idUser = !empty($url[4]) ? (int) $url[4] : null; if ($idUser != null){ $matchgw->deleteUserFromMatch($idUser); http_response_code(200); @@ -244,8 +245,8 @@ } } elseif($method_name === "putConversation"){ // test : OK - $id = !empty($url[3]) ? (int) $url[3] : null; - $newName = !empty($url[4]) ? (string) $url[4] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; + $newName = !empty($url[5]) ? (string) $url[5] : null; if ($id != null && $newName != null){ $conversationgw->putConversation($id,$newName); http_response_code(200); @@ -255,8 +256,8 @@ } } elseif($method_name === "addUserToConversation"){ // test : OK - $idConv = !empty($url[3]) ? (int) $url[3] : null; - $idUser = !empty($url[4]) ? (int) $url[4] : null; + $idConv = !empty($url[4]) ? (int) $url[4] : null; + $idUser = !empty($url[5]) ? (int) $url[5] : null; if ($idConv != null && $idUser != null){ $conversationgw->addUserToConversation($idConv,$idUser); http_response_code(200); @@ -266,8 +267,8 @@ } } elseif($method_name === "deleteUserFromConversation"){ // test : OK - $idConv = !empty($url[3]) ? (int) $url[3] : null; - $idUser = !empty($url[4]) ? (int) $url[4] : null; + $idConv = !empty($url[4]) ? (int) $url[4] : null; + $idUser = !empty($url[5]) ? (int) $url[5] : null; if ($idConv != null && $idUser != null){ $conversationgw->deleteUserFromConversation($idConv,$idUser); http_response_code(200); @@ -277,9 +278,9 @@ } } elseif($method_name === "addMessageToConversation"){ // test : OK - $msg=!empty($url[3]) ? (string) $url[3] : null; - $idSender=!empty($url[4]) ? (int) $url[4] : null; - $idConv=!empty($url[5]) ? (int) $url[5] : null; + $msg=!empty($url[4]) ? (string) $url[4] : null; + $idSender=!empty($url[5]) ? (int) $url[5] : null; + $idConv=!empty($url[6]) ? (int) $url[6] : null; if ($msg != null && $idSender != null && $idConv != null){ $conversationgw->addMessageToConversation($msg,$idSender,$idConv); http_response_code(200); @@ -295,7 +296,7 @@ break; case 'DELETE': if($method_name === "deleteUser"){ // test : OK - $id = !empty($url[3]) ? (int) $url[3] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; if($id!=null){ $usergw->deleteUser($id); http_response_code(200); @@ -305,7 +306,7 @@ } } elseif($method_name == "deleteMatch"){ // test : OK - $id = !empty($url[3]) ? (int) $url[3] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; if($id!=null){ $matchgw->deleteMatch($id); http_response_code(200); @@ -315,7 +316,7 @@ } } elseif($method_name === "deleteConversation"){ // test : OK - $id = !empty($url[3]) ? (int) $url[3] : null; + $id = !empty($url[4]) ? (int) $url[4] : null; if($id!=null){ $conversationgw->deleteConversation($id); http_response_code(200); diff --git a/db-config.sql b/db-config.sql index 0f2978c..8417830 100644 --- a/db-config.sql +++ b/db-config.sql @@ -41,7 +41,9 @@ CREATE TABLE T_H_SKIN_SKI ( CREATE TABLE T_E_GAME_GAM ( PK_ID int AUTO_INCREMENT PRIMARY KEY, GAM_NAME varchar(50) UNIQUE, - GAM_IMAGE varchar(50) UNIQUE + GAM_IMAGE varchar(50) UNIQUE, + GAM_NB_PLAYER_MIN int, + GAM_NB_PLAYER_MAX int ); /* -- Table Match -- */