From 13fe75b05a062ea8b4f43dacc850e93423013ed6 Mon Sep 17 00:00:00 2001 From: Noe GARNIER Date: Tue, 22 Nov 2022 15:17:05 +0100 Subject: [PATCH] =?UTF-8?q?Misa=20a=20jour=20de=20s=C3=A9curit=C3=A9=20+?= =?UTF-8?q?=20=20Gestion=20des=20vues=20d'erreurs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- WEB/Config/Config.php | 8 +- WEB/Config/Validation.php | 9 +- WEB/Controller/Controller.php | 64 +++++++---- WEB/Controller/InvalidMdpException.php | 10 -- WEB/Controller/JoueurGateway.php | 8 +- WEB/Controller/JoueurNotFoundException.php | 10 -- WEB/View/Error/Erreur.php | 9 -- WEB/View/Error/Erreur404.php | 9 -- WEB/View/Error/ErreurBd.php | 9 -- WEB/View/Error/ErreurLoginEmail.php | 10 -- WEB/View/Error/ErreurLoginMdp.php | 10 -- WEB/View/Error/ErreurSignUp.php | 10 -- WEB/View/src/CSS/Erreur.css | 125 +++++++++++++++++++++ WEB/View/src/pages/Erreur.php | 40 +++++++ 14 files changed, 218 insertions(+), 113 deletions(-) delete mode 100644 WEB/Controller/InvalidMdpException.php delete mode 100644 WEB/Controller/JoueurNotFoundException.php delete mode 100644 WEB/View/Error/Erreur.php delete mode 100644 WEB/View/Error/Erreur404.php delete mode 100644 WEB/View/Error/ErreurBd.php delete mode 100644 WEB/View/Error/ErreurLoginEmail.php delete mode 100644 WEB/View/Error/ErreurLoginMdp.php delete mode 100644 WEB/View/Error/ErreurSignUp.php create mode 100644 WEB/View/src/CSS/Erreur.css create mode 100644 WEB/View/src/pages/Erreur.php diff --git a/WEB/Config/Config.php b/WEB/Config/Config.php index 5a2ef453..1bd68050 100644 --- a/WEB/Config/Config.php +++ b/WEB/Config/Config.php @@ -23,9 +23,5 @@ $vues['signUp'] = 'View/src/pages/LogSign/SignUp.php'; $vues['enigme'] = 'View/src/pages/Enigme/palindrome.html'; //Error -$vues['erreurSignUp'] = 'View/Error/ErreurSignUp.php'; -$vues['erreur'] = 'View/Error/Erreur.php'; -$vues['erreurBd'] = 'View/Error/ErreurBd.php'; -$vues['erreurLoginEmail'] = 'View/Error/ErreurLoginEmail.php'; -$vues['erreurLoginMdp'] = 'View/Error/ErreurLoginMdp.php'; -$vues['erreur404'] = 'View/Error/Erreur404.php'; +$vues['erreur'] = 'View/src/pages/Erreur.php'; +$error = ""; diff --git a/WEB/Config/Validation.php b/WEB/Config/Validation.php index 16477f87..45cb01cd 100644 --- a/WEB/Config/Validation.php +++ b/WEB/Config/Validation.php @@ -30,10 +30,11 @@ class Validation return true; } public function ValidateUsername(string $username) : bool{ - if(!filter_var($username,FILTER_VALIDATE_REGEXP,array("options" => array( "regexp" => "^[^&=_'\-+;<>.]{1,18}$" )))) - { - return false; - } + + // if(!filter_var($username,FILTER_VALIDATE_REGEXP,array("options" => array( "regexp" => "^[^&=_'\-+;<>.]{1,18}$" )))) + // { + // return false; + // } return true; } public function ValidatePassword(string $password) : bool{ diff --git a/WEB/Controller/Controller.php b/WEB/Controller/Controller.php index 4c58ff95..39139345 100644 --- a/WEB/Controller/Controller.php +++ b/WEB/Controller/Controller.php @@ -1,4 +1,5 @@ con=$con; session_start(); try{ - global $rep, $vues; + global $rep, $vues, $error; $action=$_REQUEST['action']; switch($action) { case NULL: @@ -41,96 +42,111 @@ class Controller } } catch (PDOException $e) { - require ($rep.$vues['erreurBd']); + $error = $e->getMessage(); + require ($rep.$vues['erreur']); } } private function signUp() { - global $rep, $vues, $sel; + global $rep, $vues, $sel, $error; try { $gateway = new JoueurGateway($this->con); $validation = new Validation(); if (! $validation->ValidateEmail($_REQUEST['email'])) { + $error = "Email invalides."; throw (new Exception("Email non valide")); } if(! $validation->ValidateUsername($_REQUEST['username'])){ + $error = "Nom d'utilisateur invalides. Il ne doit pas contenir de caractère spéciaux."; throw(new Exception("Pseudo non valide")); } if(! $validation->ValidatePassword($_REQUEST['password'])){ - throw(new InvalidMdpException("Mot de passe non valide")); + $error = "Mots de passe invalides. Il ne doit pas dépasser 100 caractères."; + throw(new Exception("Mot de passe non valide")); } - $password = password_hash($_REQUEST['password']+$selNoHash, PASSWORD_DEFAULT); + $j = $gateway->getJoueurByEmail($_REQUEST['email']); + if ($j != null) { + $error = "Email déjà utilisé."; + throw (new Exception("Email déjà utilisé")); + } + $password = password_hash($_REQUEST['password'], PASSWORD_DEFAULT); $joueur = new Joueur($_REQUEST['email'], $_REQUEST['username'], $password); $gateway->insert($joueur); $_SESSION['connected'] = 'true'; require ($rep.$vues['main']); }catch (Exception $e){ - require($rep.$vues['erreurSignUp']); + require($rep.$vues['erreur']); } } private function login(){ - global $rep, $vues, $sel; + global $rep, $vues, $sel, $error; try { $gateway = new JoueurGateway($this->con); $joueur = $gateway->getJoueurByEmail($_REQUEST['email']); if ($joueur->getEmail() == null){ - throw new JoueurNotFoundException("Joueur introuvable"); + $error = "Joueur non trouvé."; + throw new Exception("Joueur introuvable"); } $mdp = $gateway->getMdpByEmail($_REQUEST['email']); - if (password_verify($mdp, $_REQUEST['password']+$sel)){ - throw new InvalidMdpException("Mot de passe invalide"); + if (password_verify($mdp, $_REQUEST['password'])){ + $error = "Mot de passe incorrect."; + throw new Exception("Mot de passe invalide"); } $_SESSION['connected'] = 'true'; require ($rep.$vues['main']); - }catch (JoueurNotFoundException $e){ - require($rep.$vues['erreurLoginEmail']); - }catch (InvalidMdpException $m) { - require($rep . $vues['erreurLoginMdp']); + }catch (Exception $e){ + require($rep.$vues['erreur']); } } + // require error page with given message private function goToPresentation() { - global $rep, $vues; + global $rep, $vues, $error; try { require ($rep.$vues['presenation']); }catch (Exception $e){ - require($rep.$vues['erreur404']); + $error = "Erreur Inconnue"; + require($rep.$vues['erreur']); } } private function goToHome() { - global $rep, $vues; + global $rep, $vues, $error; try { require ($rep.$vues['main']); }catch (Exception $e){ - require($rep.$vues['erreur404']); + $error = "404"; + require($rep.$vues['erreur']); } } private function goToLogin() { - global $rep, $vues; + global $rep, $vues, $error; try { require ($rep.$vues['login']); }catch (Exception $e){ - require($rep.$vues['erreur404']); + $error = "404"; + require($rep.$vues['erreur']); } } private function goToSignUp() { - global $rep, $vues; + global $rep, $vues, $error; try { require ($rep.$vues['signUp']); }catch (Exception $e){ - require($rep.$vues['erreur404']); + $error = "404"; + require($rep.$vues['erreur']); } } private function goToEnigme() { - global $rep, $vues; + global $rep, $vues, $error; try { require ($rep.$vues['enigme']); }catch (Exception $e){ - require($rep.$vues['erreur404']); + $error = "404"; + require($rep.$vues['erreur']); } } } \ No newline at end of file diff --git a/WEB/Controller/InvalidMdpException.php b/WEB/Controller/InvalidMdpException.php deleted file mode 100644 index 6b8c9097..00000000 --- a/WEB/Controller/InvalidMdpException.php +++ /dev/null @@ -1,10 +0,0 @@ -getLine().' in '.$this->getFile() - .': '.$this->getMessage().' Mdp invalide'; - return $errorMsg; - } -} \ No newline at end of file diff --git a/WEB/Controller/JoueurGateway.php b/WEB/Controller/JoueurGateway.php index f6737e72..0f867088 100644 --- a/WEB/Controller/JoueurGateway.php +++ b/WEB/Controller/JoueurGateway.php @@ -35,6 +35,7 @@ class JoueurGateway } public function getJoueurByEmail(string $email) : Joueur{ + global $error; $query = "SELECT * FROM Joueur WHERE email=:email"; $this->con->executeQuery($query, array( ':email' => array($email,PDO::PARAM_STR) @@ -46,12 +47,14 @@ class JoueurGateway $mdp=$row['mdp']; } if ($results == null){ - throw new JoueurNotFoundException("Joueur Introuvable"); + $error = "Joueur non trouvé."; + throw new Exception("Joueur Introuvable"); } return new Joueur($email, $pseudo, $mdp); } public function getMdpByEmail(string $email) : string{ + global $error; $query = "SELECT mdp FROM Joueur WHERE email=:email"; $this->con->executeQuery($query, array( ':email' => array($email,PDO::PARAM_STR) @@ -61,7 +64,8 @@ class JoueurGateway $mdp=$row['mdp']; } if ($results == null){ - throw new InvalidMdpException("Mots de passe Incorrect"); + $error = "Mot de passe non trouvé."; + throw new Exception("Mots de passe Incorrect"); } return $mdp; } diff --git a/WEB/Controller/JoueurNotFoundException.php b/WEB/Controller/JoueurNotFoundException.php deleted file mode 100644 index 0b604c42..00000000 --- a/WEB/Controller/JoueurNotFoundException.php +++ /dev/null @@ -1,10 +0,0 @@ -getLine().' in '.$this->getFile() - .': '.$this->getMessage().' Joueur not found'; - return $errorMsg; - } -} \ No newline at end of file diff --git a/WEB/View/Error/Erreur.php b/WEB/View/Error/Erreur.php deleted file mode 100644 index e11be05c..00000000 --- a/WEB/View/Error/Erreur.php +++ /dev/null @@ -1,9 +0,0 @@ - - -

ERREUR

-

Erreur inatendu

- - - \ No newline at end of file diff --git a/WEB/View/Error/Erreur404.php b/WEB/View/Error/Erreur404.php deleted file mode 100644 index 84b9c616..00000000 --- a/WEB/View/Error/Erreur404.php +++ /dev/null @@ -1,9 +0,0 @@ - - -

ERREUR

-

Page introuvable

- - - diff --git a/WEB/View/Error/ErreurBd.php b/WEB/View/Error/ErreurBd.php deleted file mode 100644 index 8c80510e..00000000 --- a/WEB/View/Error/ErreurBd.php +++ /dev/null @@ -1,9 +0,0 @@ - - -

ERREUR

-

Erreur avec la base de donnée

- - - diff --git a/WEB/View/Error/ErreurLoginEmail.php b/WEB/View/Error/ErreurLoginEmail.php deleted file mode 100644 index f939830c..00000000 --- a/WEB/View/Error/ErreurLoginEmail.php +++ /dev/null @@ -1,10 +0,0 @@ - - -

ERREUR

-

Joueur introuvable

- - - - diff --git a/WEB/View/Error/ErreurLoginMdp.php b/WEB/View/Error/ErreurLoginMdp.php deleted file mode 100644 index 4db8f12b..00000000 --- a/WEB/View/Error/ErreurLoginMdp.php +++ /dev/null @@ -1,10 +0,0 @@ - - -

ERREUR

-

Mot de passe invalide

- - - - diff --git a/WEB/View/Error/ErreurSignUp.php b/WEB/View/Error/ErreurSignUp.php deleted file mode 100644 index e27b2689..00000000 --- a/WEB/View/Error/ErreurSignUp.php +++ /dev/null @@ -1,10 +0,0 @@ - - -

ERREUR

-

- - - - diff --git a/WEB/View/src/CSS/Erreur.css b/WEB/View/src/CSS/Erreur.css new file mode 100644 index 00000000..0af34f7e --- /dev/null +++ b/WEB/View/src/CSS/Erreur.css @@ -0,0 +1,125 @@ +@import 'https://fonts.googleapis.com/css?family=Inconsolata'; + +html { + min-height: 100%; +} + +body { + box-sizing: border-box; + height: 100%; + background-color: #000000; + background-image: radial-gradient(#11581E, #041607), url("https://media.giphy.com/media/oEI9uBYSzLpBK/giphy.gif"); + background-repeat: no-repeat; + background-size: cover; + font-family: 'Inconsolata', Helvetica, sans-serif; + font-size: 1.5rem; + color: rgba(128, 255, 128, 0.8); + text-shadow: + 0 0 1ex rgba(51, 255, 51, 1), + 0 0 2px rgba(255, 255, 255, 0.8); +} + +.noise { + pointer-events: none; + position: absolute; + width: 100%; + height: 100%; + background-image: url("https://media.giphy.com/media/oEI9uBYSzLpBK/giphy.gif"); + background-repeat: no-repeat; + background-size: cover; + z-index: -1; + opacity: .02; +} + +.overlay { + pointer-events: none; + position: absolute; + width: 100%; + height: 100%; + background: + repeating-linear-gradient( + 180deg, + rgba(0, 0, 0, 0) 0, + rgba(0, 0, 0, 0.3) 50%, + rgba(0, 0, 0, 0) 100%); + background-size: auto 4px; + z-index: 1; +} + +.overlay::before { + content: ""; + pointer-events: none; + position: absolute; + display: block; + top: 0; + left: 0; + right: 0; + bottom: 0; + width: 100%; + height: 100%; + background-image: linear-gradient( + 0deg, + transparent 0%, + rgba(32, 128, 32, 0.2) 2%, + rgba(32, 128, 32, 0.8) 3%, + rgba(32, 128, 32, 0.2) 3%, + transparent 100%); + background-repeat: no-repeat; + animation: scan 7.5s linear 0s infinite; +} + +@keyframes scan { + 0% { background-position: 0 -100vh; } + 35%, 100% { background-position: 0 100vh; } +} + +.terminal { + box-sizing: inherit; + position: absolute; + height: 100%; + width: auto; + max-width: 100%; + padding: 4rem; + text-transform: uppercase; +} + +.output { + color: rgba(128, 255, 128, 0.8); + text-shadow: + 0 0 1px rgba(51, 255, 51, 0.4), + 0 0 2px rgba(255, 255, 255, 0.8); +} + +.output::before { + content: "> "; +} + +/* +.input { + color: rgba(192, 255, 192, 0.8); + text-shadow: + 0 0 1px rgba(51, 255, 51, 0.4), + 0 0 2px rgba(255, 255, 255, 0.8); +} + +.input::before { + content: "$ "; +} +*/ + +a { + color: #fff; + text-decoration: none; +} + +a::before { + content: "["; +} + +a::after { + content: "]"; +} + +.errorcode { + color: white; +} \ No newline at end of file diff --git a/WEB/View/src/pages/Erreur.php b/WEB/View/src/pages/Erreur.php new file mode 100644 index 00000000..169e00e5 --- /dev/null +++ b/WEB/View/src/pages/Erreur.php @@ -0,0 +1,40 @@ + + + + Scripted + + + + + + +
+
+
+Error 404'; + echo '

La page que vous recherchez a peut-être été supprimée, a changé de nom ou est temporairement indisponible.

'; + echo '

Veuillez essayer de retourner en arrière ou de retourné à la page d\'accueil.

'; + echo '

Bonne Chance Utilisateur.

'; +} +elseif ($error == ""){ + echo '

Error 000

'; + echo '

Erreur inconnue

'; + echo '

Veuillez essayer de retourner en arrière ou de retourné à la page d\'accueil.

'; + echo '

Bonne Chance Utilisateur.

'; +} + +else{ + echo '

Error 000

'; + echo '

'.$error.'

'; + echo '

Veuillez essayer de retourner en arrière ou de retourné à la page d\'accueil.

'; + echo '

Bonne Chance Utilisateur.

'; +} +?> +
+ +