From 017c661b0e4a891e6dd667d6f4c398f17d527659 Mon Sep 17 00:00:00 2001 From: "patrick.brugiere" Date: Sat, 18 Nov 2023 19:05:28 +0100 Subject: [PATCH] =?UTF-8?q?ajout=20d'une=20fonction=20pour=20ne=20pas=20po?= =?UTF-8?q?uvoir=20utilis=C3=A9=20un=20id=20qui=20n'est=20pas=20dans=20la?= =?UTF-8?q?=20base=20de=20donn=C3=A9e=20et=20,j'ai=20fait=20les=20is=20pou?= =?UTF-8?q?r=20admin=20et=20student=20(a=20revoir)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Project/php/controller/FrontController.php | 11 ++++++ Project/php/controller/StudentController.php | 3 ++ Project/php/gateway/UserGateway.php | 13 ++++++++ Project/php/model/MdlAdmin.php | 29 +++++++++++++++- Project/php/model/MdlStudent.php | 35 ++++++++++++++++++-- 5 files changed, 88 insertions(+), 3 deletions(-) diff --git a/Project/php/controller/FrontController.php b/Project/php/controller/FrontController.php index bb85901..1987d76 100755 --- a/Project/php/controller/FrontController.php +++ b/Project/php/controller/FrontController.php @@ -38,6 +38,10 @@ class FrontController $controller = $match['target'] ?? null; $action = Validation::val_action($match['params']['action'] ?? null); $id = $match['params']['id'] ?? null; + if(!$this->checkIdExist($id)) { + throw new Exception("L'identifiant est invalide"); + } + print 'user Id received ' . $id . '
'; print 'controleur appelé ' . $controller . '
'; print $action . '
'; @@ -93,4 +97,11 @@ class FrontController $user = $model->connection($login, $password); $this->home(); } + public function checkIdExist($id):bool + { + $mdl = new MdlStudent(); + $res = $mdl->checkIdExist($id); + return $res; + } + } \ No newline at end of file diff --git a/Project/php/controller/StudentController.php b/Project/php/controller/StudentController.php index eda3c1c..b2a9571 100755 --- a/Project/php/controller/StudentController.php +++ b/Project/php/controller/StudentController.php @@ -8,6 +8,8 @@ use Exception; class StudentController { + + public function affAllVocab(): void { global $twig; @@ -17,6 +19,7 @@ class StudentController } + public function affAllStudent(): void { global $twig; diff --git a/Project/php/gateway/UserGateway.php b/Project/php/gateway/UserGateway.php index fee192a..1bff787 100755 --- a/Project/php/gateway/UserGateway.php +++ b/Project/php/gateway/UserGateway.php @@ -296,4 +296,17 @@ class UserGateway extends AbsGateway throw new Exception($e->getMessage()); } } + public function checkIdExist(int $id): bool { + $query = "SELECT COUNT(*) AS count FROM User_ WHERE id = :id"; + $args = array(':id' => array($id, PDO::PARAM_INT)); + $this->con->executeQuery($query, $args); + $results = $this->con->getResults(); + + if (is_array($results) && count($results) > 0) { + $count = $results[0]['count']; + return ($count > 0); + } + + return false; + } } \ No newline at end of file diff --git a/Project/php/model/MdlAdmin.php b/Project/php/model/MdlAdmin.php index aceb76a..85859de 100755 --- a/Project/php/model/MdlAdmin.php +++ b/Project/php/model/MdlAdmin.php @@ -74,6 +74,33 @@ class MdlAdmin extends AbsModel public function is() { - // TODO: Implement is() method. + if ( + isset($_SESSION['id']) && + isset($_SESSION['password']) && + isset($_SESSION['email']) && + isset($_SESSION['name']) && + isset($_SESSION['surname']) && + isset($_SESSION['nickname']) && + isset($_SESSION['image']) && + isset($_SESSION['extraTime']) && + isset($_SESSION['group']) && + isset($_SESSION['roles']) && + $_SESSION['roles'] === 'admin' + ) { + $id = (int)$_SESSION['id']; + $password = $_SESSION['password']; + $email = $_SESSION['email']; + $name = $_SESSION['name']; + $surname = $_SESSION['surname']; + $nickname = $_SESSION['nickname']; + $image = $_SESSION['image']; + $extraTime = (bool)$_SESSION['extraTime']; + $group = (int)$_SESSION['group']; + $roles = $_SESSION['roles']; + + return new User($id, $password, $email, $name, $surname, $nickname, $image, $extraTime, $group, $roles); + } else { + return null; + } } } \ No newline at end of file diff --git a/Project/php/model/MdlStudent.php b/Project/php/model/MdlStudent.php index befc845..9685efe 100755 --- a/Project/php/model/MdlStudent.php +++ b/Project/php/model/MdlStudent.php @@ -13,9 +13,12 @@ class MdlStudent extends AbsModel { parent::__construct("student"); } + public function checkIdExist(int $id):bool { + $gtw = new UserGateway(); + return $gtw->checkIdExist($id); + } public function getAll():array{ - global $twig; $gtw = new VocabularyListGateway(); return $gtw->findAll(); /* @@ -49,7 +52,35 @@ class MdlStudent extends AbsModel public function is() { - // TODO: Implement is() method. + if ( + isset($_SESSION['id']) && + isset($_SESSION['password']) && + isset($_SESSION['email']) && + isset($_SESSION['name']) && + isset($_SESSION['surname']) && + isset($_SESSION['nickname']) && + isset($_SESSION['image']) && + isset($_SESSION['extraTime']) && + isset($_SESSION['group']) && + isset($_SESSION['roles']) && + $_SESSION['roles'] === 'student' + ) { + $id = (int)$_SESSION['id']; + $password = $_SESSION['password']; + $email = $_SESSION['email']; + $name = $_SESSION['name']; + $surname = $_SESSION['surname']; + $nickname = $_SESSION['nickname']; + $image = $_SESSION['image']; + $extraTime = (bool)$_SESSION['extraTime']; + $group = (int)$_SESSION['group']; + $roles = $_SESSION['roles']; + + return new User($id, $password, $email, $name, $surname, $nickname, $image, $extraTime, $group, $roles); + } else { + return null; + } } + }