diff --git a/Project/php/controller/FrontController.php b/Project/php/controller/FrontController.php
index bb85901..1987d76 100755
--- a/Project/php/controller/FrontController.php
+++ b/Project/php/controller/FrontController.php
@@ -38,6 +38,10 @@ class FrontController
$controller = $match['target'] ?? null;
$action = Validation::val_action($match['params']['action'] ?? null);
$id = $match['params']['id'] ?? null;
+ if(!$this->checkIdExist($id)) {
+ throw new Exception("L'identifiant est invalide");
+ }
+
print 'user Id received ' . $id . '
';
print 'controleur appelé ' . $controller . '
';
print $action . '
';
@@ -93,4 +97,11 @@ class FrontController
$user = $model->connection($login, $password);
$this->home();
}
+ public function checkIdExist($id):bool
+ {
+ $mdl = new MdlStudent();
+ $res = $mdl->checkIdExist($id);
+ return $res;
+ }
+
}
\ No newline at end of file
diff --git a/Project/php/controller/StudentController.php b/Project/php/controller/StudentController.php
index eda3c1c..b2a9571 100755
--- a/Project/php/controller/StudentController.php
+++ b/Project/php/controller/StudentController.php
@@ -8,6 +8,8 @@ use Exception;
class StudentController
{
+
+
public function affAllVocab(): void
{
global $twig;
@@ -17,6 +19,7 @@ class StudentController
}
+
public function affAllStudent(): void
{
global $twig;
diff --git a/Project/php/gateway/UserGateway.php b/Project/php/gateway/UserGateway.php
index fee192a..1bff787 100755
--- a/Project/php/gateway/UserGateway.php
+++ b/Project/php/gateway/UserGateway.php
@@ -296,4 +296,17 @@ class UserGateway extends AbsGateway
throw new Exception($e->getMessage());
}
}
+ public function checkIdExist(int $id): bool {
+ $query = "SELECT COUNT(*) AS count FROM User_ WHERE id = :id";
+ $args = array(':id' => array($id, PDO::PARAM_INT));
+ $this->con->executeQuery($query, $args);
+ $results = $this->con->getResults();
+
+ if (is_array($results) && count($results) > 0) {
+ $count = $results[0]['count'];
+ return ($count > 0);
+ }
+
+ return false;
+ }
}
\ No newline at end of file
diff --git a/Project/php/model/MdlAdmin.php b/Project/php/model/MdlAdmin.php
index aceb76a..85859de 100755
--- a/Project/php/model/MdlAdmin.php
+++ b/Project/php/model/MdlAdmin.php
@@ -74,6 +74,33 @@ class MdlAdmin extends AbsModel
public function is()
{
- // TODO: Implement is() method.
+ if (
+ isset($_SESSION['id']) &&
+ isset($_SESSION['password']) &&
+ isset($_SESSION['email']) &&
+ isset($_SESSION['name']) &&
+ isset($_SESSION['surname']) &&
+ isset($_SESSION['nickname']) &&
+ isset($_SESSION['image']) &&
+ isset($_SESSION['extraTime']) &&
+ isset($_SESSION['group']) &&
+ isset($_SESSION['roles']) &&
+ $_SESSION['roles'] === 'admin'
+ ) {
+ $id = (int)$_SESSION['id'];
+ $password = $_SESSION['password'];
+ $email = $_SESSION['email'];
+ $name = $_SESSION['name'];
+ $surname = $_SESSION['surname'];
+ $nickname = $_SESSION['nickname'];
+ $image = $_SESSION['image'];
+ $extraTime = (bool)$_SESSION['extraTime'];
+ $group = (int)$_SESSION['group'];
+ $roles = $_SESSION['roles'];
+
+ return new User($id, $password, $email, $name, $surname, $nickname, $image, $extraTime, $group, $roles);
+ } else {
+ return null;
+ }
}
}
\ No newline at end of file
diff --git a/Project/php/model/MdlStudent.php b/Project/php/model/MdlStudent.php
index befc845..9685efe 100755
--- a/Project/php/model/MdlStudent.php
+++ b/Project/php/model/MdlStudent.php
@@ -13,9 +13,12 @@ class MdlStudent extends AbsModel
{
parent::__construct("student");
}
+ public function checkIdExist(int $id):bool {
+ $gtw = new UserGateway();
+ return $gtw->checkIdExist($id);
+ }
public function getAll():array{
- global $twig;
$gtw = new VocabularyListGateway();
return $gtw->findAll();
/*
@@ -49,7 +52,35 @@ class MdlStudent extends AbsModel
public function is()
{
- // TODO: Implement is() method.
+ if (
+ isset($_SESSION['id']) &&
+ isset($_SESSION['password']) &&
+ isset($_SESSION['email']) &&
+ isset($_SESSION['name']) &&
+ isset($_SESSION['surname']) &&
+ isset($_SESSION['nickname']) &&
+ isset($_SESSION['image']) &&
+ isset($_SESSION['extraTime']) &&
+ isset($_SESSION['group']) &&
+ isset($_SESSION['roles']) &&
+ $_SESSION['roles'] === 'student'
+ ) {
+ $id = (int)$_SESSION['id'];
+ $password = $_SESSION['password'];
+ $email = $_SESSION['email'];
+ $name = $_SESSION['name'];
+ $surname = $_SESSION['surname'];
+ $nickname = $_SESSION['nickname'];
+ $image = $_SESSION['image'];
+ $extraTime = (bool)$_SESSION['extraTime'];
+ $group = (int)$_SESSION['group'];
+ $roles = $_SESSION['roles'];
+
+ return new User($id, $password, $email, $name, $surname, $nickname, $image, $extraTime, $group, $roles);
+ } else {
+ return null;
+ }
}
+
}