Temoignages
/
SAE4.01_FORMULAIRE
5
3
Fork 0
Code Issues 1 Pull Requests Packages Projects 1 Releases Wiki Activity

Nettoyage et validation des données version 1
continuous-integration/drone/push Build is passing Details

Browse Source
interestingProfiles
Johan LACHENAL 2 years ago
parent f14c6b07df
commit 2872f25859
6 changed files with 91 additions and 29 deletions
Show Stats Download Patch File Download Diff File

27
Source/Config/Clean.php
Unescape View File

@ -15,11 +15,30 @@ class Clean
public static function simpleString(string $string): string
{
$string = trim($string);
$string = strip_tags($string);
return htmlspecialchars($string);
$string = trim($string);
$string = strip_tags($string);
return htmlspecialchars($string);
}
/**
* Cette fonction prend un tableau de chaînes de caractères en entrée et retourne un tableau de chaînes
* nettoyées.
* Elle supprime les espaces de début et de fin, ainsi que toutes les balises HTML, et encode les
* caractères spéciaux.
*
* @param array $array Le tableau de chaînes à nettoyer
* @return array Le tableau de chaînes nettoyées
*/
public static function simpleStringArray(array $array): array
{
$array = array_map('trim', $array);
$array = array_map('strip_tags', $array);
$array = array_map('htmlspecialchars', $array);
return $array;
}
/**
* Cette fonction prend une chaîne de caractères en entrée et retourne une version nettoyée de cette chaîne.
* Elle supprime les espaces de début et de fin, ainsi que toutes les balises HTML, et encode les
@ -45,4 +64,6 @@ class Clean
{
return filter_var($int, FILTER_SANITIZE_NUMBER_INT);
}
}

25
Source/Config/Validate.php
Unescape View File

@ -98,10 +98,35 @@ class Validate
global $responseMaxLength;
return (strlen($response) <= $responseMaxLength);
}
/**
* Vérifie si le nom est valide.
*
* @param string $name Le nom a vérifié.
* @return bool Vrai si le nom est valide, faux sinon.
*/
public static function username(string $username): bool
{
global $usernameMaxLength;
return (strlen($username) >= 3 && preg_match("#[a-zA-Z0-9]+#", $username) && strlen($username) <= $usernameMaxLength);
}
/**
* Vérifie si la description est valide.
*
* @param string $description La description a vérifié.
* @return bool Vrai si la description est valide, faux sinon.
*/
public static function categories(array $categories): bool
{
global $categoryMaxLength;
foreach ($categories as $category) {
if (strlen($category) > $categoryMaxLength) {
return false;
}
}
return true;
}
}

1
Source/Config/config.php
Unescape View File

@ -49,4 +49,5 @@ $keyWordMaxLength=50;
$titleMaxLength=50;
$typeMaxLength=50;
$responseMaxLength=200;
$categoryMaxLenght=150;

18
Source/Controller/ControllerAdmin.php
Unescape View File

@ -3,6 +3,8 @@
namespace Controller;
use Model\ModelAdmin;
use Config\Clean;
use Config\Validate;
/**
* Permet de controller les réponses à fournir en fonction des actions passer dans l'URL
@ -19,7 +21,7 @@ class ControllerAdmin
*/
public function addQuestion(): void
{
$type = $_POST['type'];
$type = Clean::simpleString($_POST['type']);
$idQuestion = (new ModelAdmin())->addQuestion();
if (strcmp($type, "BusinessClass\TextQuestion") == 0) {
$this->goToQuestions();
@ -52,9 +54,9 @@ class ControllerAdmin
{
(new ModelAdmin())->addResponse();
$categories = (new ModelAdmin())->getCategories();
$idQuestion = $_POST['idQuestion'];
$questionContent = $_POST['question'];
$type = $_POST['type'];
$idQuestion = Clean::int($_POST['idQuestion']);
$questionContent = Clean::simpleString($_POST['question']);
$type = Clean::simpleString($_POST['type']);
global $rep, $views;
require_once($rep.$views['continue']);
}
@ -79,12 +81,12 @@ class ControllerAdmin
*/
public function continueResponse(): void
{
$choose = $_POST['choose'];
$choose = Clean::simpleString($_POST['choose']);
if ($choose == "Oui") {
$idQuestion = $_POST['idQuestion'];
$idQuestion = Clean::int($_POST['idQuestion']);
$categories = (new ModelAdmin())->getCategories();
$questionContent = $_POST['question'];
$type = $_POST['type'];
$questionContent = Clean::simpleString($_POST['question']);
$type = Clean::simpleString($_POST['type']);
global $rep, $views;
require_once($rep.$views['possibleResponsesForm']);
} else {

46
Source/Model/ModelAdmin.php
Unescape View File

@ -7,6 +7,8 @@ use Exception;
use GuzzleHttp\Client;
use GuzzleHttp\Exception\GuzzleException;
use PDOException;
use Config\Validate;
use Config\Clean;
/**
* Permet de développer les fonctions appelées par le controllerAdmin pour gérer
@ -39,26 +41,29 @@ class ModelAdmin
*/
public function addQuestion(): int
{
$questionContent = $_POST['question'];
$type = $_POST['type'];
$questionContent = Clean::simpleString($_POST['question']);
$type = Clean::simpleString($_POST['type']);
try {
if (validate::type($type)) {
$question = new $type(0, $questionContent);
$res = $this->client->request('GET', 'https://codefirst.iut.uca.fr/containers/Temoignages-deploy_api_form/getForm');
$form = json_decode($res->getBody());
if (!empty($form)) {
$res = $this->client->request('POST', 'https://codefirst.iut.uca.fr/containers/Temoignages-deploy_api_form/addQuestion?
content='.$questionContent.'&
classQuestion='.get_class($question).'&
idForm='.$form[0]['id']
$res = $this->client->request(
'POST',
'https://codefirst.iut.uca.fr/containers/Temoignages-deploy_api_form/addQuestion?
content='.$questionContent.'&
classQuestion='.get_class($question).'&
idForm='.$form[0]['id']
);
return json_decode($res->getBody());
}
} else {
throw new Exception('Type de question invalide');
}
}catch (GuzzleException $g){
throw new Exception($g->getMessage(),$g->getCode(),$g);
}
return -1;
}
@ -70,9 +75,12 @@ class ModelAdmin
*/
public function deleteQuestion():void
{
$idQuestion = $_POST["idQuestion"];
$type = $_POST["type"];
$idQuestion = Clean::int($_POST["idQuestion"]);
$type = Clean::simpleString($_POST["type"]);
try {
if (!validate::type($type)) {
throw new Exception('Type de question invalide');
}
$res = $this->client->request('DELETE', 'https://codefirst.iut.uca.fr/containers/Temoignages-deploy_api_form/deleteQuestion?
classQuestion='.$type.'&
id='.$idQuestion
@ -93,13 +101,16 @@ class ModelAdmin
*/
public function addResponse(): void
{
$idQuestion = $_POST['idQuestion'];
$response = $_POST['response'];
$categories = $_POST['categories'];
$idQuestion = Clean::int($_POST['idQuestion']);
$response = Clean::simpleString($_POST['response']);
$categories = Clean::simpleStringArray($_POST['categories']);
if ($categories == null) {
$categories = [];
}
try {
if(!validate::categories($categories)){
throw new Exception('Categories invalides');
}
$this->client->request('POST', 'https://codefirst.iut.uca.fr/containers/Temoignages-deploy_api_form/insertResponseInQuestion?
response='.$response.'&
categories='.$categories.'&
@ -162,8 +173,11 @@ class ModelAdmin
*/
public function addKeyword(): void
{
$keyword = $_POST['keyword'];
$keyword = Clean::simpleString($_POST['keyword']);
try {
if(!validate::keyword($keyword)){
throw new Exception('Mot-clef invalide');
}
$this->client->request('POST', 'https://codefirst.iut.uca.fr/containers/Temoignages-deploy_api_form/insertKeyword?
keyword='.$keyword
);
@ -276,7 +290,7 @@ class ModelAdmin
{
try {
$res = $this->client->request('DELETE', 'https://codefirst.iut.uca.fr/containers/Temoignages-deploy_api_form/deleteListResponseOfCandidate?
id='.$_POST["idResponseCandidate"]
id='.Clean::int($_POST["idResponseCandidate"])
);
if ($res->getStatusCode()!=200){
throw new Exception('DeleteListResponseOfCandidate failed');

3
Source/Model/ModelCandidate.php
Unescape View File

@ -32,9 +32,8 @@ class ModelCandidate
public function submitForm(): void
{
$answersAndCategories = $_POST['answers'];
$dataIds = null;
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'submitForm') {
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && Clean::simpleString($_POST['action']) === 'submitForm') {
$dataIdsJson = $_POST['data_ids'];
$dataIds = json_decode($dataIdsJson);
}

Write Preview
Loading…
Cancel
Save