Validation et nettoyage

2 years ago · 3f94ffb4cd
parent 6a199bdc2b
commit 3f94ffb4cd
5 changed files with 55 additions and 15 deletions
--- a/WEB/Config/Nettoyage.php
+++ b/WEB/Config/Nettoyage.php
@ -0,0 +1,27 @@
+<?php
+Class Nettoyage{
+    public function clean($input)
+    {
+        // Supprime les espaces en début et fin de chaîne
+        $output = trim($input);
+
+        // Supprime les balises HTML
+        $output = strip_tags($output);
+
+        // Supprime les caractères spéciaux
+        // $output = htmlspecialchars($output);
+
+        return $output;
+    }
+    public function cleanEmail($input){
+        $output = $this->clean($input);
+        $output = filter_var($output, FILTER_SANITIZE_EMAIL);
+        return $output;
+    }
+
+    public function cleanInt($input){
+        $output = $this->clean($input);
+        $output = filter_var($output, FILTER_SANITIZE_NUMBER_INT);
+        return $output;
+    }
+}
--- a/WEB/Controller/FrontController.php
+++ b/WEB/Controller/FrontController.php
@ -5,26 +5,30 @@ class FrontController
    {
        try { 
            global $error, $view, $rep;
+            $nettoyage = new Nettoyage();
            session_start();
            // Check role permissions
            if (isset($_SESSION['role'])) {
-                $role = $_SESSION['role'];
+                $role = $nettoyage->clean($_SESSION['role']);
            } else {
                $role = "visitor";
            }
            // Check if action exists
-            $action = $_REQUEST['action'];
+            $action = $nettoyage->clean($_REQUEST['action']);
            if ($role == "user") {
                if ($action == NULL) {
+                    $_REQUEST['action'] = $action;
                    new UserController();
                } else if (method_exists('UserController', $action) == false) {
                    $error = "Action non valide " . $action;
                    require($rep . $view['erreur']);
                }
                else {
+                    $_REQUEST['action'] = $action;
                    new UserController();
                }
            } else {
+                $_REQUEST['action'] = $action;
                new VisitorController();
            }
        } catch (Exception $e) {
--- a/WEB/Controller/UserController.php
+++ b/WEB/Controller/UserController.php
@ -3,11 +3,13 @@
 class UserController
 {
    private UserModel $model;
+    private Nettoyage $nettoyage;
    function __construct()
    {
        try {
            global $dsn, $rep, $vues, $error;
            $this->model = new UserModel();
+            $this->nettoyage = new Nettoyage();
            $action = $_REQUEST['action'];
            //register_event_handler('add_to_queue',array($this,"onAddToQueue"));
            switch ($action) {
@ -170,6 +172,7 @@ class UserController
    {
        try {
            global $rep, $vues, $error;
+            $num = $this->nettoyage->cleanInt($_REQUEST['num']);
            require($rep . $vues['next'].$_REQUEST['num'].".html");
        } catch (Exception $e) {
            $error = "Erreur Inconnue";
--- a/WEB/Model/UserModel.php
+++ b/WEB/Model/UserModel.php
@ -5,6 +5,8 @@ class UserModel
    private EnigmeGateway $enigme_gateway;
    private PartieGateway $partie_gateway;
    private UtilisateurGateway $utilisateur_gateway;
+    private Nettoyage $nettoyage;
+    private Validation $validation;

    function __construct()
    {
@ -13,15 +15,17 @@ class UserModel
            $this->enigme_gateway = new EnigmeGateway();
            $this->partie_gateway = new PartieGateway();
            $this->utilisateur_gateway = new UtilisateurGateway();
+            $this->nettoyage = new Nettoyage();
+            $this->validation = new Validation();
        } catch (Exception $e) {
            $error = $e->getMessage();
            require($rep . $view['erreur']);
        }
    }
-    public function addToQueue(){
-        echo '1';
-        if($this->utilisateur_gateway->isAlreadyInqueue($_SESSION['utilisateur']))
+    public function addToQueue()
    {
+        echo '1';
+        if ($this->utilisateur_gateway->isAlreadyInqueue($_SESSION['utilisateur'])) {
            return;
        }
        echo '2';
@ -29,9 +33,8 @@ class UserModel
            echo '3';
            $tabEnigme = $this->enigme_gateway->findMultiEnigma();
            $idNewPartie = $this->partie_gateway->findPartieMaxId();
-            $partie=$this->partie_gateway->creerPartieMulti($idNewPartie,$tabEnigme);
-        }
-        else{
+            $partie = $this->partie_gateway->creerPartieMulti($idNewPartie, $tabEnigme);
+        } else {
            echo '4';
            $idPartieInQueue = $this->partie_gateway->findPartieInQueue();
            echo '5';
@ -41,21 +44,24 @@ class UserModel
            echo '7';
        }
        echo '8';
-        $this->utilisateur_gateway->addToQueue($_SESSION['utilisateur'],$partie);
-        $userGroup=$this->utilisateur_gateway->findUsersInQueue();
+        $this->utilisateur_gateway->addToQueue($_SESSION['utilisateur'], $partie);
+        $userGroup = $this->utilisateur_gateway->findUsersInQueue();
        //trigger_event('add_to_queue',$userGroup);
    }

-    public function AddUserToQueueEvent(){
-        $userGroup=$this->utilisateur_gateway->findUsersInQueue();
-        if($userGroup.count()>=4)
+    public function AddUserToQueueEvent()
    {
+        $userGroup = $this->utilisateur_gateway->findUsersInQueue();
+        if ($userGroup . count() >= 4) {
            $this->utilisateur_gateway->launchGame();
        }
    }

    public function logout()
    {
+        session_unset();
+        session_destroy();
+        $_SESSION = array();
        $_SESSION['role'] = 'visitor';
        header('Location: index.php');
    }
--- a/WEB/index.php
+++ b/WEB/index.php
@ -3,7 +3,7 @@ require_once('./Config/Config.php');
 require_once('./Config/Autoload.php');
 Autoload::charger();

-echo "test1\n";
+// echo "test1\n";
 // try {
 //     $con = new Connection($dsn);