anna.boudoul
/
ProjetPHP
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Merging

Browse Source
visitor-controller
Anna BOUDOUL 2 years ago
parent 03a4766c92 f04cfc060b
commit 6b1c67a410
8 changed files with 80 additions and 31 deletions
Show Stats Download Patch File Download Diff File

33
config/Validation.php
Unescape View File

@ -0,0 +1,33 @@
<?php
class Validation {
static function val_form_texte(&$texte, &$TMessage) {
if (!isset($texte)||$texte=="") {
$TMessage[] ="Empty fields";
$texte="";
}
if ($texte != filter_var($texte, FILTER_SANITIZE_STRING))
{
$TMessage[]="Attempt to inject code (security attack)";
$texte="";
}
}
static function val_form_mdp(&$mdp, &$TMessage) {
if (!isset($mdp)||$mdp=="") {
$TMessage[] ="Password not specified";
$mdp="";
}
if ($mdp != filter_var($mdp, FILTER_SANITIZE_SPECIAL_CHARS))
{
$TMessage[] ="Password must not contain special characters";
$mdp="";
}
}
}
?>

4
config/config.php
Unescape View File

@ -3,8 +3,8 @@
$rep=__DIR__.'/../'; $rep=__DIR__.'/../';
$con = new Connection('mysql:host=localhost;dbname=phpproject', 'nifranco', 'achanger'); //$con = new Connection('mysql:host=localhost;dbname=phpproject', 'nifranco', 'achanger');
//$con = new Connection('mysql:host=localhost;dbname=dbanboudoul', 'anboudoul', 'mdpMYSQL'); $con = new Connection('mysql:host=localhost;dbname=dbanboudoul', 'anboudoul', 'mdpMYSQL');
$TMessage = array(); $TMessage = array();
?> ?>

5
controller/FrontCtrl.php
Unescape View File

@ -13,10 +13,7 @@ class FrontCtrl
$this->action_User = array('deconnexion','loadListePriv','newListPrivate'); $this->action_User = array('deconnexion','loadListePriv','newListPrivate');
try{ try{
$this->isUser = $this->usrMdl->isConnected(); // cette fonction retourne quoi? $this->isUser = $this->usrMdl->isConnected(); // cette fonction retourne quoi?
if(isset($_REQUEST['action'])) $action = $_REQUEST['action'] ?? null;
$action = $_REQUEST['action'];
else
$action = null;
if(($i = array_search($action,$this->action_User)) !== false){ # si action dans la liste d'actions user if(($i = array_search($action,$this->action_User)) !== false){ # si action dans la liste d'actions user
if(!$this->isUser){ # si pas conncter if(!$this->isUser){ # si pas conncter

46
controller/UserCtrl.php
Unescape View File

@ -12,27 +12,31 @@ class UserCtrl
$this->con = $con; $this->con = $con;
$this->userModel = new UserModel($this->con); $this->userModel = new UserModel($this->con);
$this->taskModel = new TaskModel($this->con); $this->taskModel = new TaskModel($this->con);
// try{ try{
// $action=$_REQUEST['action']; $action=$_REQUEST['action'];
// switch($action){ switch($action){
// // voir les listes privees // voir les listes privees
// case 'voirListePriv': case 'voirListePriv':
// $this->loadListePriv(); $this->loadListePriv();
// break; break;
// // ajouter une liste privee // ajouter une liste privee
// case 'creerListePriv': case 'creerListePriv':
// $this->newListPrivate(); $this->newListPrivate();
// break; break;
// case 'deconnecter': case 'deconnecter':
// $this->deconnexion(); $this->deconnexion();
// break; break;
default:
// } $TMessage[] = 'Unexpected error';
// } catch(Exception $e) { require($rep.$vues['']);
// require("../view/erreur.php"); break;
// }
}
} catch(Exception $e) {
require("../view/erreur.php");
}
} }
public function loadListePriv(){ public function loadListePriv(){

2
controller/VisitorCtrl.php
Unescape View File

@ -71,7 +71,7 @@ class VisitorCtrl
default: default:
# #
$dvueErreur[] = 'Erreur inattendue'; $TMessage[] = 'Unexpected error';
require($rep.$vues['']); require($rep.$vues['']);
break; break;
} }

3
index.php
Unescape View File

@ -1,8 +1,9 @@
<?php <?php
require_once("config/config.php"); require_once("config/config.php");
require_once("controller/FrontCtrl.php"); require_once("controller/FrontCtrl.php");
require('config/Validation.php');
require("view/erreur.php");
$fc = new FrontCtrl($con); $fc = new FrontCtrl($con);
?> ?>

1
model/TaskModel.php
Unescape View File

@ -43,6 +43,7 @@ class TaskModel
/* LIST FUNCTIONS */ /* LIST FUNCTIONS */
public function addList($nom,$owner="",$dc=0,$id=0) public function addList($nom,$owner="",$dc=0,$id=0)
{ {
Validation::val_form_texte($owner, $TMessage);
$l = new ListTask($nom,$owner,$dc); $l = new ListTask($nom,$owner,$dc);
$this->gtw->insertL($l); $this->gtw->insertL($l);
// retourne quoi? con->lastInsertId() ?? // retourne quoi? con->lastInsertId() ??

21
model/UserModel.php
Unescape View File

@ -1,6 +1,8 @@
<?php <?php
require('business/User.php'); require('business/User.php');
require('dal/UserGateway.php'); require('dal/UserGateway.php');
require_once("config/config.php");
class UserModel{ class UserModel{
private $con; private $con;
private $gat; private $gat;
@ -11,12 +13,14 @@
} }
function connexion($login, $mdp){ function connexion($login, $mdp){
Validation::val_form_texte($login, $TMessage);
Validation::val_form_mdp($mdp, $TMessage);
$result = $this->gat->findUser($login, $mdp); $result = $this->gat->findUser($login, $mdp);
if(!isset($result)) echo 'not set works'; if(!isset($result)) echo 'not set works';
// if (isset($result)) else
// { {
// $_SESSION['login'] = $result; $_SESSION['login'] = $result;
// } }
} }
function deconnexion(){ function deconnexion(){
@ -26,6 +30,7 @@
} }
function isConnected(){ //teste rôle dans la session, retourne instance dobjet ou booleen function isConnected(){ //teste rôle dans la session, retourne instance dobjet ou booleen
Validation::val_form_texte($_SESSION['login'], $TMessage);
if(isset($_SESSION['login'])){ if(isset($_SESSION['login'])){
return true; return true;
} else { } else {
@ -34,20 +39,26 @@
} }
function ajouter($login, $mdp){ function ajouter($login, $mdp){
Validation::val_form_texte($login, $TMessage);
Validation::val_form_mdp($mdp, $TMessage);
$user = $this->findByLogin($login); $user = $this->findByLogin($login);
if (empty($user)) if (empty($user))
$this->gat->create($login, $mdp); $this->gat->create($login, $mdp);
} }
function supprimer($login){ function supprimer($login){
Validation::val_form_texte($login, $TMessage);
$this->gat->delete($login); $this->gat->delete($login);
} }
function modifMdp($login, $mdp){ function modifMdp($login, $mdp){
Validation::val_form_texte($login, $TMessage);
Validation::val_form_mdp($mdp, $TMessage);
$this->gat->updateMdp($login, $mdp); $this->gat->updateMdp($login, $mdp);
} }
function findByLogin($login){ function findByLogin($login){
Validation::val_form_texte($login, $TMessage);
$user = null; $user = null;
if ($login !== " " && $login != null ) if ($login !== " " && $login != null )
{ {
@ -60,6 +71,8 @@
} }
function modifLogin($oldLogin, $newLogin){ function modifLogin($oldLogin, $newLogin){
Validation::val_form_texte($oldLogin, $TMessage);
Validation::val_form_texte($newLogin, $TMessage);
$user = $this->findByLogin($oldLogin); $user = $this->findByLogin($oldLogin);
if (empty($user)) if (empty($user))
$this->gat->updateLogin($oldLogin, $newLogin); $this->gat->updateLogin($oldLogin, $newLogin);

Write Preview
Loading…
Cancel
Save