quelques patch
This commit is contained in:
parent
742f957900
commit
0796d64cd3
10 changed files with 43 additions and 28 deletions
10
api.php
10
api.php
|
@ -131,6 +131,9 @@
|
||||||
|
|
||||||
case "generer_chronologie":
|
case "generer_chronologie":
|
||||||
|
|
||||||
|
|
||||||
|
if(isset($_SESSION["utilisateur_authentifie"]) && ($_SESSION["utilisateur_authentifie"] == 1)){
|
||||||
|
|
||||||
try{
|
try{
|
||||||
|
|
||||||
$res = generer_chronologie();
|
$res = generer_chronologie();
|
||||||
|
@ -140,7 +143,10 @@
|
||||||
}catch(Exception $e){
|
}catch(Exception $e){
|
||||||
echo( json_encode(["status"=> "0","msg"=> $e->getMessage() ]) );
|
echo( json_encode(["status"=> "0","msg"=> $e->getMessage() ]) );
|
||||||
}
|
}
|
||||||
|
}else{
|
||||||
|
echo(json_encode(["status"=>"1","resultats"=>[]]));
|
||||||
|
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
|
||||||
|
@ -297,11 +303,11 @@
|
||||||
$mailtest = new Mail();
|
$mailtest = new Mail();
|
||||||
$mailtest->setContent(
|
$mailtest->setContent(
|
||||||
"Inscription sur Arch'INSA",
|
"Inscription sur Arch'INSA",
|
||||||
"https://127.0.0.1/archinsa/api.php/verification_inscription?token=".$token,
|
"https://annales.insat.fr/api.php/verification_inscription?token=".$token,
|
||||||
"Salut Salut !!",
|
"Salut Salut !!",
|
||||||
"La validation du compte permettra de vous connecter et de publier du contenu sur Arch'INSA :D",
|
"La validation du compte permettra de vous connecter et de publier du contenu sur Arch'INSA :D",
|
||||||
);
|
);
|
||||||
if(!$mailtest->send("mougnibas@insa-toulouse.fr", "Eh toi là !")) {
|
if(!$mailtest->send($username, "Eh toi là !")) {
|
||||||
echo $mailtest->getError(); //si le mail n'a pas été envoyé
|
echo $mailtest->getError(); //si le mail n'a pas été envoyé
|
||||||
$succes = false;
|
$succes = false;
|
||||||
}
|
}
|
||||||
|
|
18
bdd.php
18
bdd.php
|
@ -33,14 +33,15 @@ $pdf_extensions = ['pdf'];
|
||||||
$presentation_extensions = ['ppt', 'pptx','odp','pptm','ppsx'];
|
$presentation_extensions = ['ppt', 'pptx','odp','pptm','ppsx'];
|
||||||
|
|
||||||
// pour les fonctions speciales comme les quiz html...
|
// pour les fonctions speciales comme les quiz html...
|
||||||
$ext_speciales = ["html"];
|
$ext_speciales = ["html","sh","txt"];
|
||||||
|
|
||||||
// Fusionner les listes en une seule liste
|
// Fusionner les listes en une seule liste
|
||||||
$ext_autorisees = array_merge($image_extensions, $pdf_extensions, $presentation_extensions,$ext_speciales);
|
$ext_autorisees = array_merge($image_extensions, $pdf_extensions, $presentation_extensions,$ext_speciales);
|
||||||
|
|
||||||
function check_ext($filename) {
|
function check_ext($filename) {
|
||||||
|
global $ext_autorisees;
|
||||||
$extension = pathinfo($filename, PATHINFO_EXTENSION);
|
$extension = pathinfo($filename, PATHINFO_EXTENSION);
|
||||||
return in_array(strtolower($extension), $GLOBALS["ext_autorisees"]);
|
return in_array(strtolower($extension), $ext_autorisees);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -58,9 +59,9 @@ function ajouter_doc($request){
|
||||||
|
|
||||||
try{
|
try{
|
||||||
$stm = $conn->prepare($sql);
|
$stm = $conn->prepare($sql);
|
||||||
$request['commentaire_auteur'] = htmlspecialchars($request["commentaire_auteur"]);
|
$request['commentaire_auteur'] = htmlentities($request["commentaire_auteur"]);
|
||||||
$request["corrige_inclu"] = boolval($request["corrige_inclu"]);
|
$request["corrige_inclu"] = boolval($request["corrige_inclu"]);
|
||||||
$request["date_conception"] = htmlspecialchars($request["date_conception"]);
|
$request["date_conception"] = htmlentities($request["date_conception"]);
|
||||||
$stm->bind_param("sisi",$request['commentaire_auteur'],$request["corrige_inclu"],$request["date_conception"],$_SESSION["user_id"]);
|
$stm->bind_param("sisi",$request['commentaire_auteur'],$request["corrige_inclu"],$request["date_conception"],$_SESSION["user_id"]);
|
||||||
$stm->execute();
|
$stm->execute();
|
||||||
//$conn->execute_query($sql,array(htmlspecialchars($request['commentaire_auteur']),boolval($request["corrige_inclu"])));
|
//$conn->execute_query($sql,array(htmlspecialchars($request['commentaire_auteur']),boolval($request["corrige_inclu"])));
|
||||||
|
@ -94,11 +95,15 @@ function saveFilesFromPost($postData,$id_ensemble) {
|
||||||
|
|
||||||
|
|
||||||
foreach ($_FILES as $file) {
|
foreach ($_FILES as $file) {
|
||||||
|
|
||||||
|
// Create a unique filename to avoid overwriting existing files
|
||||||
|
$uniqueFileName = uniqid() . '_' . $fileName;
|
||||||
|
|
||||||
// Extract file information
|
// Extract file information
|
||||||
if (isset($file['name'])){
|
if (isset($file['name'])){
|
||||||
$fileName = htmlspecialchars($file['name']);
|
$fileName = htmlspecialchars($file['name']);
|
||||||
if(!check_ext($fileName)){
|
if(!check_ext($fileName)){
|
||||||
echo(json_encode(["status"=>"0","msg"=>"Error saving file '$uniqueFileName'"]));
|
echo(json_encode(["status"=>"0","msg"=>"le fichier '$fileName' n'a pas passé les filtres d'extensions."]));
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -107,8 +112,7 @@ function saveFilesFromPost($postData,$id_ensemble) {
|
||||||
print_r($file);
|
print_r($file);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create a unique filename to avoid overwriting existing files
|
|
||||||
$uniqueFileName = uniqid() . '_' . $fileName;
|
|
||||||
|
|
||||||
// Define the path to save the file
|
// Define the path to save the file
|
||||||
$filePath = $GLOBALS['uploadDir'] . $uniqueFileName;
|
$filePath = $GLOBALS['uploadDir'] . $uniqueFileName;
|
||||||
|
|
|
@ -81,12 +81,10 @@
|
||||||
============================================
|
============================================
|
||||||
</div></a>
|
</div></a>
|
||||||
|
|
||||||
|
|
||||||
<div class="centre-horizontal etaler">
|
<div class="centre-horizontal etaler">
|
||||||
<div id="liste_resultats" class="centre-txt">
|
<div id="liste_resultats" class="centre-txt">
|
||||||
</div>
|
</div>
|
||||||
<div>
|
<div>
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
<?php
|
<?php
|
||||||
include "_partials/_footer.php";
|
include "_partials/_footer.php";
|
||||||
|
|
|
@ -27,16 +27,16 @@ session_start();
|
||||||
<input class="champ" id="password-input" type="password" name="password" placeholder="Mot de passe" required>
|
<input class="champ" id="password-input" type="password" name="password" placeholder="Mot de passe" required>
|
||||||
|
|
||||||
<h4 class=" centre-txt label-input" for="insa-input">Selectionne ton INSA</h4>
|
<h4 class=" centre-txt label-input" for="insa-input">Selectionne ton INSA</h4>
|
||||||
<select class="champ" id="insa-input" type="select" name="insa" required>
|
<select class="champ" id="insa-input" type="select" name="insa" required hidden>
|
||||||
|
|
||||||
<option value="insa_toulouse">INSA Toulouse <3</option>
|
<option value="insa_toulouse">INSA Toulouse <3</option>
|
||||||
<option value="insa_lyon">INSA Lyon</option>
|
<!--<option value="insa_lyon">INSA Lyon</option>
|
||||||
<option value="insa_rennes">INSA Rennes</option>
|
<option value="insa_rennes">INSA Rennes</option>
|
||||||
<option value="insa_cvl">INSA CVL</option>
|
<option value="insa_cvl">INSA CVL</option>
|
||||||
<option value="insa_hdf">INSA HDF</option>
|
<option value="insa_hdf">INSA HDF</option>
|
||||||
<option value="insa_rouen">INSA Rouen</option>
|
<option value="insa_rouen">INSA Rouen</option>
|
||||||
<option value="insa_strasbourg">INSA Strasbourg</option>
|
<option value="insa_strasbourg">INSA Strasbourg</option>
|
||||||
<option value="insa_hdf">INSA HDF</option>
|
<option value="insa_hdf">INSA HDF</option>-->
|
||||||
|
|
||||||
</select>
|
</select>
|
||||||
|
|
||||||
|
|
|
@ -192,9 +192,9 @@ async function gen_contenu() {
|
||||||
card.classList.add('card');
|
card.classList.add('card');
|
||||||
|
|
||||||
// Construction du contenu de la carte
|
// Construction du contenu de la carte
|
||||||
const idDiv = document.createElement('div');
|
/*const idDiv = document.createElement('div');
|
||||||
idDiv.textContent = `ID: ${doc.id}`;
|
idDiv.textContent = `ID: ${doc.id}`;
|
||||||
card.appendChild(idDiv);
|
card.appendChild(idDiv);*/
|
||||||
|
|
||||||
const titreDiv = document.createElement('div');
|
const titreDiv = document.createElement('div');
|
||||||
titreDiv.classList.add('title');
|
titreDiv.classList.add('title');
|
||||||
|
@ -205,9 +205,9 @@ async function gen_contenu() {
|
||||||
typeDiv.textContent = `Type: ${doc.type}`;
|
typeDiv.textContent = `Type: ${doc.type}`;
|
||||||
card.appendChild(typeDiv);
|
card.appendChild(typeDiv);
|
||||||
|
|
||||||
const uploadPathDiv = document.createElement('div');
|
/*const uploadPathDiv = document.createElement('div');
|
||||||
uploadPathDiv.textContent = `Upload Path: ${doc.upload_path}`;
|
uploadPathDiv.textContent = `Upload Path: ${doc.upload_path}`;
|
||||||
card.appendChild(uploadPathDiv);
|
card.appendChild(uploadPathDiv);*/
|
||||||
|
|
||||||
// Ajout du contenu spécifique selon le type de fichier
|
// Ajout du contenu spécifique selon le type de fichier
|
||||||
let ext = doc.upload_path.toString().split(".").pop();
|
let ext = doc.upload_path.toString().split(".").pop();
|
||||||
|
|
|
@ -280,7 +280,7 @@ document.addEventListener("DOMContentLoaded", (event)=>{
|
||||||
}
|
}
|
||||||
|
|
||||||
document.getElementById("titre").addEventListener("click", (event) => {
|
document.getElementById("titre").addEventListener("click", (event) => {
|
||||||
window.location.pathname = "/archinsa";
|
window.location.pathname = "";
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -66,6 +66,11 @@ D'autres fonctionnalités seront ajoutées petit à petit. (si vous avez des sug
|
||||||
|
|
||||||
### téléverser.php :
|
### téléverser.php :
|
||||||
|
|
||||||
|
|
||||||
|
- changer toutes les variables db avec $db_ devant
|
||||||
|
- rajouter des extensions en whitelist
|
||||||
|
- regex insa touloouse email inscription
|
||||||
|
|
||||||
- tout pack dans un json à l'envoi :
|
- tout pack dans un json à l'envoi :
|
||||||
``
|
``
|
||||||
let ex = [{duree:"10",themes:["algèbre","analyse"],commentaire_exo:"cci est un commenataire"},{duree:"15",themes:["elec analogique"],commentaire_exo:""}];
|
let ex = [{duree:"10",themes:["algèbre","analyse"],commentaire_exo:"cci est un commenataire"},{duree:"15",themes:["elec analogique"],commentaire_exo:""}];
|
||||||
|
|
2
robots.txt
Normal file
2
robots.txt
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
User-agent : *
|
||||||
|
Disallow : /
|
|
@ -8,7 +8,7 @@ if (!isset($_SESSION["utilisateur_authentifie"]) || $_SESSION["utilisateur_authe
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
$conn = new mysqli($servername, $username, $password,$dbname);
|
$conn = new mysqli($servername, $db_username, $db_password,$dbname);
|
||||||
|
|
||||||
if ($conn->connect_error) {
|
if ($conn->connect_error) {
|
||||||
die("Connection failed: " . $conn->connect_error);
|
die("Connection failed: " . $conn->connect_error);
|
||||||
|
|
|
@ -13,7 +13,7 @@ if (!isset($_SESSION["utilisateur_authentifie"]) || $_SESSION["utilisateur_authe
|
||||||
}
|
}
|
||||||
include("test_creds.php");
|
include("test_creds.php");
|
||||||
|
|
||||||
$conn = new mysqli($servername, $username, $password,$dbname);
|
$conn = new mysqli($servername, $db_username, $db_password,$dbname);
|
||||||
|
|
||||||
|
|
||||||
// Function to fetch and display documents
|
// Function to fetch and display documents
|
||||||
|
|
Loading…
Reference in a new issue