From 5be385c057ffe31a2a39b42d0ecd998d03b8de5a Mon Sep 17 00:00:00 2001
From: majean5 <Mathilde.JEAN3@etu.uca.fr>
Date: Tue, 13 Dec 2022 15:58:15 +0100
Subject: [PATCH 1/3] changement validation

---
 config/Validation.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/Validation.php b/config/Validation.php
index 4ee277a..2d2e6ea 100644
--- a/config/Validation.php
+++ b/config/Validation.php
@@ -13,7 +13,7 @@
         }
 
         static function clear_string($champ){
-            // A changer filter_var
+            return filter_var($champ, FILTER_SANITIZE_SPECIAL_VAR);
         }
     }
 

From 70e733d0b6cee9363f25d18b740d9d51395f9421 Mon Sep 17 00:00:00 2001
From: majean5 <Mathilde.JEAN3@etu.uca.fr>
Date: Tue, 13 Dec 2022 16:38:37 +0100
Subject: [PATCH 2/3] fin validation

---
 config/Validation.php              | 38 ++++++++++++++++++++++++++++++
 controleurs/ControleurVisiteur.php |  5 ++--
 2 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/config/Validation.php b/config/Validation.php
index fb6eaa4..dfad6b4 100644
--- a/config/Validation.php
+++ b/config/Validation.php
@@ -6,10 +6,20 @@
                 $dataVueEreur[] ="Nom d'utilisateur manquant";
                 throw new Exception('pas de username');
             }
+            $username = Validation::clear_string($username);
+            if($username == false){
+                $dataVueEreur[] = "Sanitizing error";
+                throw new Exception('sanitizing fail');
+            }
             if (!isset($mdp)||$mdp=="") {
                 $dataVueEreur[] ="Mot de passe manquant";
                 throw new Exception('pas de password');
             }
+            $mdp = Validation::clear_string($mdp);
+            if($mdp == false){
+                $dataVueEreur[] = "Sanitizing error";
+                throw new Exception('sanitizing fail');
+            }
             return $dataVueEreur;
         }
 
@@ -18,14 +28,29 @@
                 $dataVueEreur[] ="Nom d'utilisateur manquant";
                 throw new Exception('pas de username');
             }
+            $username = Validation::clear_string($username);
+            if($username == false){
+                $dataVueEreur[] = "Sanitizing error";
+                throw new Exception('sanitizing fail');
+            }
             if (!isset($pwd1)||$pwd1==="") {
                 $dataVueEreur[] ="Mot de passe manquant";
                 throw new Exception('pas de password');
             }
+            $pwd1 = Validation::clear_string($pwd1);
+            if($pwd1 == false){
+                $dataVueEreur[] = "Sanitizing error";
+                throw new Exception('sanitizing fail');
+            }
             if (!isset($pwd2)||$pwd2==="") {
                 $dataVueEreur[] ="Confirmation mot de passe manquant";
                 throw new Exception('pas de confirmation password');
             }
+            $pwd2 = Validation::clear_string($pwd2);
+            if($pwd2 == false){
+                $dataVueEreur[] = "Sanitizing error";
+                throw new Exception('sanitizing fail');
+            }
             if($pwd1 !== $pwd2){
                 $dataVueEreur[]="Mot de passe et confirmation différents";
                 throw new Exception("Mot de passe et confirmation différents");
@@ -33,6 +58,19 @@
             return $dataVueEreur;
         }
 
+        static function val_intitule($intitule, $dataVueEreur){
+            if (!isset($intitule)||$intitule==="") {
+                $dataVueEreur[] ="Intitulé manquant";
+                throw new Exception('pas d\'intitule');
+            }
+            $intitule = Validation::clear_string($intitule);
+            if($intitule == false){
+                $dataVueEreur[] = "Sanitizing error";
+                throw new Exception('sanitizing fail');
+            }
+            return $dataVueEreur;
+        }
+
         static function clear_string($champ){
             return filter_var($champ, FILTER_SANITIZE_SPECIAL_VAR);
         }
diff --git a/controleurs/ControleurVisiteur.php b/controleurs/ControleurVisiteur.php
index c07f498..dd1f9cc 100644
--- a/controleurs/ControleurVisiteur.php
+++ b/controleurs/ControleurVisiteur.php
@@ -62,8 +62,7 @@ class ControleurVisiteur {
         global $rep,$vues,$dataView;
         $usrname=$_POST['login']; 
         $pwd=$_POST['mdp'];
-        Validation::clear_string($pwd);
-        Validation::val_connexion($usrname,$pwd,$vues_erreur);
+        $vues_erreur=Validation::val_connexion($usrname,$pwd,$vues_erreur);
         $model= new VisiteurModel();
         if($model->existUser($usrname)){
             if(password_verify($pwd,$model->getHashedPassword($usrname))){
@@ -100,6 +99,7 @@ class ControleurVisiteur {
     public function creerListe(array $vues_erreur){
         global $rep, $vues;
         $nom=$_POST['name'];
+        $vues_erreur=Validation::val_intitule($nom, $vues_erreur);
         $model = new ListeModel();
         if(isset($_SESSION['login'])){
             foreach($_POST['private'] as $valeur){
@@ -127,6 +127,7 @@ class ControleurVisiteur {
         require($rep.$vues['creerTache']);
 
         $intitule = $_POST['intitule'];
+        $vues_erreur=Validation::val_intitule($intitule, $vues_erreur);
 
         $model = new ListeModel();
         $model->creerTache();

From af5fea1c58a88dfdc5f302cb417baabd5616ead6 Mon Sep 17 00:00:00 2001
From: majean5 <mathilde.jean3@etu.uca.fr>
Date: Wed, 14 Dec 2022 10:00:17 +0100
Subject: [PATCH 3/3] corrections classe Vaildation

---
 .DS_Store             | Bin 8196 -> 8196 bytes
 config/Validation.php |   6 +++---
 config/config.php     |   2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.DS_Store b/.DS_Store
index fd00510955bde19de481934cfdffab0b42677380..2cb82518cc0f830fbd039957884b5ced5909d5e1 100644
GIT binary patch
delta 38
ucmZp1XmOa}&nUbxU^hRb@Ma!?UgpiKMU)sf@8<Dg-pnrXjb&p6J2L?CEDRR_

delta 319
zcmZp1XmOa}&nUVvU^hRb=w=>)UgmmXh608RAP!(CV#sI6Vn}63W+-7$U@!ziJs>s$
zlEw_?1tm#7rNt#h3=9mO48aVQ48=fIsSLRc`V3(}eK`!JKz1rnRG-0xArUB-2xNr<
z`Kds2L82fP$qbo5K1fAAkPX&R&yWXH3{v39;K$&`;16U4Fn9p5K30d}5@lc@-Xnfc
nk8lBP5XA8N=4ryJj2nxsm^QOZd}EosM`+39ei5CG#pX-^A`L<n

diff --git a/config/Validation.php b/config/Validation.php
index dfad6b4..eecc2f7 100644
--- a/config/Validation.php
+++ b/config/Validation.php
@@ -6,8 +6,8 @@
                 $dataVueEreur[] ="Nom d'utilisateur manquant";
                 throw new Exception('pas de username');
             }
-            $username = Validation::clear_string($username);
-            if($username == false){
+            $usrName = Validation::clear_string($usrName);
+            if($usrName == false){
                 $dataVueEreur[] = "Sanitizing error";
                 throw new Exception('sanitizing fail');
             }
@@ -72,7 +72,7 @@
         }
 
         static function clear_string($champ){
-            return filter_var($champ, FILTER_SANITIZE_SPECIAL_VAR);
+            return filter_var($champ, FILTER_SANITIZE_SPECIAL_CHARS);
         }
     }
 
diff --git a/config/config.php b/config/config.php
index b2c1b84..e80b258 100644
--- a/config/config.php
+++ b/config/config.php
@@ -3,7 +3,7 @@
 //Prefixe
 $rep=__DIR__.'/../';
 //BD
-$bd['dsn'] = "mysql:host=localhost;port=8888;dbname=dbPhp";
+$bd['dsn'] = "mysql:host=localhost;port=8888;dbname=bdPhp";
 $bd['user'] = "root";
 $bd['pswd'] = "root";
 //Vues