diff --git a/Project/php/controller/AdminController.php b/Project/php/controller/AdminController.php
index 53ef641..a6b99a0 100755
--- a/Project/php/controller/AdminController.php
+++ b/Project/php/controller/AdminController.php
@@ -42,9 +42,9 @@ class AdminController extends UserController
public function removeUser(): void {
try {
- global $user;
+ $userToRemove = Validation::filter_int($_GET['userToRemove'] ?? null);
$model = new MdlAdmin();
- $model->removeUser($user->getId());
+ $model->removeUser($userToRemove);
$this->showAllUsers();
}
catch (Exception $e) {
@@ -80,9 +80,11 @@ class AdminController extends UserController
public function removeUserFromGroup(): void {
try {
- $id = Validation::filter_int($_GET['id'] ?? null);
+ $userToRemove = Validation::filter_int($_GET['userToRemove'] ?? null);
+ $groupID = Validation::filter_int($_GET['selectedGroup'] ?? null);
$model = new MdlAdmin();
- $model->removeUserFromGroup($id);
+ $model->removeUserFromGroup($userToRemove);
+ $_GET['selectedGroup'] = $groupID;
$this->showGroupDetails();
}
catch (Exception $e) {
@@ -120,10 +122,10 @@ class AdminController extends UserController
public function addUserToGroup(): void {
try {
- global $user;
+ $userToAdd = Validation::filter_int($_GET['userToAdd'] ?? null);
$group = Validation::filter_int($_GET['groupID'] ?? null);
$model = new MdlAdmin();
- $model->addUserToGroup($user->getId(), $group);
+ $model->addUserToGroup($userToAdd, $group);
$_GET['selectedGroup'] = $group;
$this->showGroupDetails();
}
diff --git a/Project/php/controller/FrontController.php b/Project/php/controller/FrontController.php
index 323d715..863ca81 100755
--- a/Project/php/controller/FrontController.php
+++ b/Project/php/controller/FrontController.php
@@ -57,16 +57,17 @@ class FrontController
global $user;
$user = call_user_func_array(array($mdl, 'is'), array($_SESSION['login'], $_SESSION['roles']));
+ if ($target == 'User' && $action == null) UserController::home();
+ else if (!$user || $user->getId() != $id) throw new Exception("erreur 403 permission denied");
+
$controller = '\\controller\\' . $target . 'Controller';
$controller = new $controller;
- if ($target == 'User' && $action == null) $controller->home();
- else if (!$user || $user->getId() != $id) throw new Exception("erreur 403 permission denied");
-
if (is_callable(array($controller, $action)))
call_user_func_array(array($controller, $action), array($match['params']));
}
}
+ else if ($target == 'User' && $action == null) UserController::home();
else (new UserController())->login();
}
}
diff --git a/Project/php/controller/UserController.php b/Project/php/controller/UserController.php
index 366b842..9829443 100755
--- a/Project/php/controller/UserController.php
+++ b/Project/php/controller/UserController.php
@@ -54,7 +54,7 @@ class UserController extends VisitorController
}
}
- public function home(): void {
+ public static function home(): void {
global $twig;
global $user;
if(isset($user)){
diff --git a/Project/php/controller/VisitorController.php b/Project/php/controller/VisitorController.php
index 5d6d07b..255eb4c 100755
--- a/Project/php/controller/VisitorController.php
+++ b/Project/php/controller/VisitorController.php
@@ -97,7 +97,7 @@ class VisitorController
if (!$this->checkLoginExist($login)) throw new Exception(("login invalide"));
$user = $model->connection($login, $password);
if ($user == null) throw new Exception("mot de passe invalide");
- FrontController::home();
+ UserController::home();
}
public function checkLoginExist(string $login): bool {
@@ -108,7 +108,7 @@ class VisitorController
public function disconnect(): void {
$mdl = new MdlUser();
$mdl->deconnection();
- FrontController::home();
+ UserController::home();
}
public function resultatsJeux(): void{
diff --git a/Project/php/templates/addGroupForm.twig b/Project/php/templates/addGroupForm.twig
index 3c0ca32..401a681 100755
--- a/Project/php/templates/addGroupForm.twig
+++ b/Project/php/templates/addGroupForm.twig
@@ -1,4 +1,4 @@
-