diff --git a/Project/php/config/Validation.php b/Project/php/config/Validation.php index a1bb89e..819a35f 100755 --- a/Project/php/config/Validation.php +++ b/Project/php/config/Validation.php @@ -9,9 +9,7 @@ class Validation public static function val_action($action): string { $safeAction = htmlspecialchars($action, ENT_QUOTES); - if (!isset($action)) - throw new \Exception('pas d\'action'); - else if ($safeAction != $action) + if ($safeAction != $action) throw new \Exception("tentative d'injection sql détectée"); else return $safeAction; } diff --git a/Project/php/controller/AdminController.php b/Project/php/controller/AdminController.php index b5dab87..f281a0e 100755 --- a/Project/php/controller/AdminController.php +++ b/Project/php/controller/AdminController.php @@ -13,7 +13,7 @@ class AdminController global $twig; try { - $action = Validation::val_action($_REQUEST['action']); + $action = Validation::val_action($_REQUEST['action'] ?? null); switch($action) { case 'showAllUsers': diff --git a/Project/php/controller/ControleurTmp.php b/Project/php/controller/ControleurTmp.php deleted file mode 100755 index 06532d2..0000000 --- a/Project/php/controller/ControleurTmp.php +++ /dev/null @@ -1,81 +0,0 @@ -Reinit(); - break; - - case 'validationFormulaire': - $this->ValidationFormulaire($dVueEreur); - break; - - //mauvaise action - default: - $dVueEreur[] = "Erreur d'appel php"; - echo $twig->render('vuephp1.html', ['dVueEreur' => $dVueEreur]); - break; - } - } catch (\PDOException $e) { - //si erreur BD, pas le cas ici - $dVueEreur[] = 'Erreur inattendue!!! '; - } catch (\Exception $e2) { - $dVueEreur[] = 'Erreur inattendue!!! '; - echo $twig->render('erreur.html', ['dVueEreur' => $dVueEreur]); - } - - //fin - exit(0); - }//fin constructeur - - public function Reinit() - { - global $twig; // nécessaire pour utiliser variables globales - - $dVue = [ - 'nom' => '', - 'age' => 0, - ]; - echo $twig->render('vuephp1.html', [ - 'dVue' => $dVue - ]); - } - - public function ValidationFormulaire(array $dVueEreur) - { - global $twig; // nécessaire pour utiliser variables globales - - //si exception, ca remonte !!! - $nom = $_POST['txtNom']; // txtNom = nom du champ texte dans le formulaire - $age = $_POST['txtAge']; - \config\Validation::val_form($nom, $age, $dVueEreur); - - $model = new \modeles\Simplemodel(); - $data = $model->get_data(); - - $dVue = [ - 'nom' => $nom, - 'age' => $age, - 'data' => $data, - ]; - - echo $twig->render('vuephp1.html', ['dVue' => $dVue, 'dVueEreur' => $dVueEreur]); - } -}//fin class diff --git a/Project/php/controller/FrontController.php b/Project/php/controller/FrontController.php index 318b6f7..bfedbdb 100755 --- a/Project/php/controller/FrontController.php +++ b/Project/php/controller/FrontController.php @@ -36,7 +36,7 @@ class FrontController $dVueEreur = array(); try { - $action = Validation::val_action($_REQUEST['action']); + $action = Validation::val_action($_REQUEST['action'] ?? null); switch ($action) { case null: diff --git a/Project/php/controller/StudentController.php b/Project/php/controller/StudentController.php index 65e7703..a018836 100755 --- a/Project/php/controller/StudentController.php +++ b/Project/php/controller/StudentController.php @@ -12,7 +12,7 @@ class StudentController global $twig; try { - $action = $_REQUEST['action'] ?? null; + $action = Validation::val_action($_REQUEST['action'] ?? null); switch ($action) { case 'allVocab': $this->affAllVocab(); diff --git a/Project/php/controller/TeacherController.php b/Project/php/controller/TeacherController.php index 3c700d6..e3124ec 100755 --- a/Project/php/controller/TeacherController.php +++ b/Project/php/controller/TeacherController.php @@ -1,6 +1,7 @@