Merge branch 'pre-master'

1 year ago · a2bdaf2c12
parent 0121031e4b 5ac8cfe062
commit a2bdaf2c12
6 changed files with 66 additions and 22 deletions
--- a/fluxRSS/src/config/Validation.php
+++ b/fluxRSS/src/config/Validation.php
@ -1,6 +1,8 @@
 <?php
 namespace config;

+use http\Exception\InvalidArgumentException;
+
 class Validation
 {
    public static function val_action($action)
@ -8,7 +10,7 @@ class Validation
        if (!isset($action)) {
            throw new \Exception('pas d\'action');
            //on pourrait aussi utiliser
-            //$action = $_GET['action'] ?? 'no';
+            $action = $_GET['action'] ?? '';
            // This is equivalent to:
            //$action =  if (isset($_GET['action'])) $action=$_GET['action']  else $action='no';
        }
@ -31,4 +33,27 @@ class Validation
            $age         = 0;
        }
    }
+    public static function validationLogin(string &$username)
+    {
+        $username = trim($username);
+        if (!isset($username) || !filter_var($username, FILTER_SANITIZE_STRING) || !filter_var($username, FILTER_FLAG_EMPTY_STRING_NULL)){
+            return false;
+        }
+        return true;
+    }
+    public static function validationMdp(string &$mdp)
+    {
+        $mdp = trim($mdp);
+        if (!isset($mdp) || !filter_var($mdp, FILTER_SANITIZE_STRING) || !filter_var($mdp, FILTER_FLAG_EMPTY_STRING_NULL)){
+            return false;
+        }
+        return true;
+    }
+    public static function ValidationFlux(string &$flux)
+    {
+        if (!isset($flux) || !filter_var($flux, FILTER_SANITIZE_URL) || !filter_var($flux, FILTER_VALIDATE_URL)){
+            return false;
+        }
+        return true;
+    }
 }
--- a/fluxRSS/src/controleur/AdminControleur.php
+++ b/fluxRSS/src/controleur/AdminControleur.php
@ -2,10 +2,12 @@

 namespace controleur;

+use config\Validation;
 use DAL\ArticleGateway;
 use DAL\Connection;
 use DAL\FluxGateway;
 use http\Exception;
+use http\Url;
 use metier\Flux;
 use model\AdminModel;
 use model\ArticleModel;
@ -143,7 +145,9 @@ class AdminControleur
    public function ajoutFlux(){
        if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['fluxAdd'])){
            $fluxModel = new FluxModel();
-            $fluxModel->addFluxBySrc($_POST['fluxAdd']);
+            if(Validation::ValidationFlux($_POST['fluxAdd'])){
+                $fluxModel->addFluxBySrc($_POST['fluxAdd']);
+            }
            $_REQUEST['action'] = 'listFlux';
            unset($_POST['fluxAdd']);
            $this->init();
--- a/fluxRSS/src/model/AdminModel.php
+++ b/fluxRSS/src/model/AdminModel.php
@ -2,6 +2,7 @@

 namespace model;

+use config\Validation;
 use DAL\AdminGateway;
 use DAL\Connection;
 use metier\Admin;
@ -12,17 +13,19 @@ class AdminModel
     * @throws \Exception
     */
    public function connection (string $username, string $mdp){
-        //Validation::validationLogin($username);
-        //Validation::validationMdp($mdp);

-        $gwArticle = new AdminGateway(new Connection('mysql:host=londres.uca.local;dbname=dbrorossetto','rorossetto','tpphp'));
-        $lmdp = $gwArticle->login($username);

-        foreach ($lmdp as $motDePasse){
-            if (true){//password_verify($mdp,$motDePasse['password']) or $mdp == $motDePasse['password']){
-                $_SESSION['role'] = 'admin';
-                $_SESSION['pseudo'] = $username;
-                return new Admin($username,$motDePasse['mail']);
+        $gwArticle = new AdminGateway(new Connection('mysql:host=londres.uca.local;dbname=dbrorossetto','rorossetto','tpphp'));
+        if (Validation::validationLogin($username)){
+            $lmdp = $gwArticle->login($username);
+        }
+        if(Validation::validationMdp($mdp)){
+            foreach ($lmdp as $motDePasse){
+                if (password_verify($mdp,$motDePasse['password']) or $mdp == $motDePasse['password']){
+                    $_SESSION['role'] = 'admin';
+                    $_SESSION['pseudo'] = $username;
+                    return new Admin($username,$motDePasse['mail']);
+                }
            }
        }
        return null;
--- a/fluxRSS/templates/listArticle.html
+++ b/fluxRSS/templates/listArticle.html
@ -23,14 +23,18 @@
        <button type="submit">Change number of articles</button>
    </form>
 </div>
-{% for article in dVue.data %}
-<p class="caseInfo">
-    {{article.dateStr()}}<br>
-    <img class="img-thumbnail imgArticle"  src="{{ article.getMediaContent }}"/>
-    <a class="modal-content enTitre" href="{{ article.getLink() }}" target="_blank">{{ article.getTitle() }}</a>
-    {{ article.getDescription() }}
-</p>
-{% endfor %}
+{% if dVue.data is defined %}
+    {% for article in dVue.data %}
+    <p class="caseInfo">
+        {{article.dateStr()}}<br>
+        <img class="img-thumbnail imgArticle"  src="{{ article.getMediaContent }}"/>
+        <a class="modal-content enTitre" href="{{ article.getLink() }}" target="_blank">{{ article.getTitle() }}</a>
+        {{ article.getDescription() }}
+    </p>
+    {% endfor %}
+{% else %}
+    <p class="d-flex justify-content-center enTitre"> Pas d'articles à afficher</p>
+{% endif %}
 <script>
    // Actualiser la page toutes les 3 heures
    setTimeout(function(){
--- a/fluxRSS/templates/listArticleAdmin.html
+++ b/fluxRSS/templates/listArticleAdmin.html
@ -14,17 +14,21 @@
    <h1 class="d-flex justify-content-center entete">Vue des articles</h1>
 </div>
 <form class="margOp" method="POST" action="changeNbArticle">
-    <input name="nbArticle" type="number" min="0">
+    <input name="nbArticleAdmin" type="number" min="0">
    <button type="submit">Change number of articles</button>
 </form>
-{% for article in dVue.data %}
+{% if dVue.data is defined %}
+    {% for article in dVue.data %}
    <p class="caseInfo">
        {{article.dateStr()}}<br>
        <img class="imgArticle" src="{{ article.getMediaContent }}"/><br>
        <a class="modal-content enTitre" href="{{ article.getLink() }}"target="_blank">{{ article.getTitle() }}</a>
        {{ article.getDescription() }}
    </p>
-{% endfor %}
+    {% endfor %}
+{% else %}
+    <p class="d-flex justify-content-center enTitre">Pas d'articles à afficher</p>
+{% endif %}
 <script>
    // Actualiser la page toutes les 3 heures
    setTimeout(function(){
--- a/fluxRSS/templates/listFlux.html
+++ b/fluxRSS/templates/listFlux.html
@ -12,6 +12,7 @@
 <div class="margOp">
    <h1 class="d-flex justify-content-center entete">Liste flux</h1>
 </div>
+{% if dVue.data is defined %}
    {% for value in dVue.data %}
    <div class="margOp enTitre caseInfo">
        {{ value.getFlux() }}
@ -21,6 +22,9 @@
        </form>
    </div>
    {% endfor %}
+{% else %}
+    <p class="justify-content-center d-flex enTitre">Pas de flux présent</p>
+{% endif %}
    <form method="POST" action="ajoutFlux">
        <input name="fluxAdd" type="text">
        <button type="submit">Ajouter Flux</button>