diff --git a/config/Validation.php b/config/Validation.php index 2479027..d173cee 100644 --- a/config/Validation.php +++ b/config/Validation.php @@ -5,16 +5,16 @@ if (!isset($usrName)||$usrName=="") { $dataVueEreur[] ="Username or password missing"; } - $usrName = Validation::clear_string($usrName); - if($usrName == false){ - $dataVueEreur[] = "Sanitizing error"; + if ($usrName != Validation::clear_string($usrName)){ + $dataVueEreur[] = "Forbidden characters"; + $usrName=""; } if (!isset($mdp)||$mdp=="") { $dataVueEreur[] ="Username or password missing"; } - $mdp = Validation::clear_string($mdp); - if($mdp == false){ - $dataVueEreur[] = "Sanitizing error"; + if($mdp != Validation::clear_string($mdp)){ + $dataVueEreur[] = "Forbidden characters"; + $mdp=""; } return $dataVueEreur; } @@ -23,24 +23,23 @@ if (!isset($username)||$username==="") { $dataVueEreur[] ="All fields are required"; } - $username = Validation::clear_string($username); - if($username == false){ - $dataVueEreur[] = "Sanitizing error"; - throw new Exception('sanitizing fail'); + if($username != Validation::clear_string($username)){ + $dataVueEreur[] = "Forbidden characters"; + $username=""; } if (!isset($pwd1)||$pwd1==="") { $dataVueEreur[] ="All fields are required"; } - $pwd1 = Validation::clear_string($pwd1); - if($pwd1 == false){ - $dataVueEreur[] = "Sanitizing error"; + if($pwd1 != Validation::clear_string($pwd1)){ + $dataVueEreur[] = "Forbidden characters"; + $pwd1=""; } if (!isset($pwd2)||$pwd2==="") { $dataVueEreur[] ="All fields are required"; } - $pwd2 = Validation::clear_string($pwd2); - if($pwd2 == false){ - $dataVueEreur[] = "Sanitizing error"; + if($pwd2 != Validation::clear_string($pwd2)){ + $dataVueEreur[] = "Forbidden characters"; + $pwd2=""; } if($pwd1 !== $pwd2){ $dataVueEreur[]="Invalid confirmation"; @@ -48,15 +47,24 @@ return $dataVueEreur; } - static function val_intitule($intitule, $dataVueEreur){ - if (!isset($intitule)||$intitule==="") { + static function val_intitule($name, $dataVueEreur){ + if (!isset($name)||$name==="") { $dataVueEreur[] ="Intitulé manquant"; - throw new Exception('pas d\'intitule'); } - $intitule = Validation::clear_string($intitule); - if($intitule == false){ - $dataVueEreur[] = "Sanitizing error"; - throw new Exception('sanitizing fail'); + if($name != Validation::clear_string($name)){ + $dataVueEreur[] = "Forbidden characters"; + $name=""; + } + return $dataVueEreur; + } + + static function val_id($id, $dataVueEreur){ + if (!isset($id)||$id=""){ + $dataVueEreur[] = "Id error"; + } + if($id != filter_var($id, FILTER_VALIDATE_INT)){ + $dataVueEreur[] = "Id validation error"; + $id = 0; } return $dataVueEreur; } diff --git a/config/config.php b/config/config.php index d357c9c..957faeb 100644 --- a/config/config.php +++ b/config/config.php @@ -3,7 +3,7 @@ //Prefixe $rep=__DIR__.'/../'; //BD -$bd['dsn'] = "mysql:host=localhost;port=8888;dbname=dbPhp"; +$bd['dsn'] = "mysql:host=localhost;port=8888;dbname=bdPhp"; $bd['user'] = "root"; $bd['pswd'] = "root"; //Vues diff --git a/controleurs/ControleurVisiteur.php b/controleurs/ControleurVisiteur.php index 40274c6..a2ca653 100644 --- a/controleurs/ControleurVisiteur.php +++ b/controleurs/ControleurVisiteur.php @@ -84,6 +84,7 @@ class ControleurVisiteur { public function accessListInfos($arrayErrorViews){ global $rep,$vues,$dataView; $idListe=$_POST['liste']; + $arrayErrorViews = Validation::val_id($idListe, $arrayErrorViews); $model = new ListeModel(); $dataView = $model->pullListById($idListe); require($rep.$vues['infosListe']); @@ -93,6 +94,8 @@ class ControleurVisiteur { global $rep,$vues,$dataView; $nom=$_POST['name']; $idListe=$_POST['liste']; + $arrayErrorViews = Validation::val_intitule($name, $arrayErrorViews); + $arrayErrorViews = Validation::val_id($idListe, $arrayErrorViews); $model = new TacheModel(); $model->addTache($nom,$idListe); $_REQUEST['action']="accessListInfos"; @@ -102,6 +105,8 @@ class ControleurVisiteur { public function delTache($arrayErrorViews){ global $rep,$vues,$dataView; $idTache=$_POST['tache']; + + $arrayErrorViews = Validation::val_id($idTache, $arrayErrorViews); $model= new TacheModel(); $model->delTache($idTache); $_REQUEST['action']="accessListInfos"; @@ -111,6 +116,7 @@ class ControleurVisiteur { public function changeCompletedTache($arrayErrorViews){ global $rep,$vues,$dataView; $idTache=$_POST['tache']; + $arrayErrorViews = Validation::val_id($idTache, $arrayErrorViews); $model = new TacheModel(); $model->changeCompletedTache($idTache); $_REQUEST['action']="accessListInfos"; @@ -184,6 +190,7 @@ class ControleurVisiteur { public function delListe(array $vues_erreur){ global $rep, $vues; $idListe=$_POST['liste']; + $arrayErrorViews = Validation::val_id($idListe, $arrayErrorViews); $model = new ListeModel(); $model->delListe($idListe); $_REQUEST['action']=null; diff --git a/styles/connectionStyle.css b/styles/connectionStyle.css new file mode 100644 index 0000000..2a3dfa0 --- /dev/null +++ b/styles/connectionStyle.css @@ -0,0 +1,33 @@ +html, +body { + height: 100%; +} + +body { + display: flex; + align-items: center; + padding-top: 40px; + padding-bottom: 40px; + background-color: #f5f5f5; +} + +.form-signin { + max-width: 330px; + padding: 15px; +} + +.form-signin .form-floating:focus-within { + z-index: 2; +} + +.form-signin input[type="text"] { + margin-bottom: -1px; + border-bottom-right-radius: 0; + border-bottom-left-radius: 0; +} + +.form-signin input[type="password"] { + margin-bottom: 10px; + border-top-left-radius: 0; + border-top-right-radius: 0; +} \ No newline at end of file