ça marche (+csp header ) :D
This commit is contained in:
parent
c782ccb0c0
commit
f3eb274144
7 changed files with 40 additions and 27 deletions
|
@ -1,4 +1,4 @@
|
||||||
<?php
|
<?php
|
||||||
$page = str_replace(".php","",basename($_SERVER['SCRIPT_FILENAME']));
|
$page = str_replace(".php","",basename($_SERVER['SCRIPT_FILENAME']));
|
||||||
?>
|
?>
|
||||||
<script src="js/<?=$page?>.js">
|
<script src="js/<?=$page?>.js"></script>
|
||||||
|
|
|
@ -1,3 +1,6 @@
|
||||||
|
<?php
|
||||||
|
header("Content-Security-Policy: default-src 'self'; connect-src 'self'; script-src 'self'; img-src 'self'; font-src 'self'; media-src 'self'; frame-src 'self'; sandbox allow-forms; object-src 'none'; frame-ancestors 'none'; form-action 'self'; base-uri 'self'; worker-src 'none'; manifest-src : 'none'; prefetch-src : 'none'; navigate-to 'self';")
|
||||||
|
?>
|
||||||
<head>
|
<head>
|
||||||
<meta charset="UTF-8">
|
<meta charset="UTF-8">
|
||||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
|
@ -6,5 +9,5 @@
|
||||||
?>
|
?>
|
||||||
<title><?=$titre_page?></title>
|
<title><?=$titre_page?></title>
|
||||||
<link rel="stylesheet" src="css/<?=$page?>.css">
|
<link rel="stylesheet" src="css/<?=$page?>.css">
|
||||||
|
|
||||||
</head>
|
</head>
|
2
api.php
2
api.php
|
@ -11,7 +11,7 @@
|
||||||
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
include("session_verif.php");
|
//include("session_verif.php");
|
||||||
include("bdd.php");
|
include("bdd.php");
|
||||||
|
|
||||||
include('php-csrf.php');
|
include('php-csrf.php');
|
||||||
|
|
10
index.php
10
index.php
|
@ -2,8 +2,8 @@
|
||||||
<!DOCTYPE html>
|
<!DOCTYPE html>
|
||||||
<html lang="en">
|
<html lang="en">
|
||||||
<?php
|
<?php
|
||||||
$tire_page = "Ach'INSA";
|
$titre_page = "Arch'INSA";
|
||||||
include "_patials/head.php"
|
include "_partials/_head.php";
|
||||||
?>
|
?>
|
||||||
<body>
|
<body>
|
||||||
<?php
|
<?php
|
||||||
|
@ -11,8 +11,8 @@
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<a href="javascript:authenticate_user();">connection</a>
|
<button id="btn-connection">connection</button>
|
||||||
<a href="javascript:unauthenticate_user();">déconnection</a>
|
<button id="lien-deconnection">déconnection</button>
|
||||||
|
|
||||||
<div id="user_status">
|
<div id="user_status">
|
||||||
|
|
||||||
|
@ -32,6 +32,6 @@
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
<?php
|
<?php
|
||||||
include "_partials/footer.php";
|
include "_partials/_footer.php";
|
||||||
?>
|
?>
|
||||||
</html>
|
</html>
|
||||||
|
|
42
js/index.js
42
js/index.js
|
@ -150,21 +150,33 @@ async function gen_chronologie(){
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
gen_chronologie();
|
document.addEventListener("DOMContentLoaded", (event)=>{
|
||||||
|
gen_chronologie();
|
||||||
|
|
||||||
test_auth();
|
test_auth();
|
||||||
document.getElementById("recherche_input").onkeydown =function(event) {
|
document.getElementById("recherche_input").onkeydown =function(event) {
|
||||||
if (event.key === "Enter"){
|
if (event.key === "Enter"){
|
||||||
rechercher();
|
rechercher();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
document.getElementById("themes_input").onkeydown =function(event) {
|
||||||
|
if (event.key === "Enter"){
|
||||||
|
var theme = document.createElement("div");
|
||||||
|
theme.setAttribute("class","theme");
|
||||||
|
theme.innerText = document.getElementById("themes_input").value;
|
||||||
|
|
||||||
|
document.getElementById("recherche_form").appendChild(theme);
|
||||||
|
document.getElementById("themes_input").value = "";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
document.getElementById("themes_input").onkeydown =function(event) {
|
|
||||||
if (event.key === "Enter"){
|
|
||||||
var theme = document.createElement("div");
|
|
||||||
theme.setAttribute("class","theme");
|
|
||||||
theme.innerText = document.getElementById("themes_input").value;
|
|
||||||
|
|
||||||
document.getElementById("recherche_form").appendChild(theme);
|
|
||||||
document.getElementById("themes_input").value = "";
|
document.getElementById("btn-connection").addEventListener("click", (event) => {
|
||||||
}
|
authenticate_user();
|
||||||
}
|
});
|
||||||
|
document.getElementById("btn-deconnection").addEventListener("click", (event) => {
|
||||||
|
unauthenticate_user();
|
||||||
|
});
|
||||||
|
|
||||||
|
});
|
||||||
|
|
||||||
|
|
|
@ -10,7 +10,7 @@ phpCAS::setLogger();
|
||||||
phpCAS::setVerbose(true);
|
phpCAS::setVerbose(true);
|
||||||
|
|
||||||
// Initialize phpCAS
|
// Initialize phpCAS
|
||||||
phpCAS::client(CAS_VERSION_2_0, "cas.insa-toulouse.fr", 443, 'cas',"https://cas.insa-toulouse.fr");
|
phpCAS::client(CAS_VERSION_2_0, "cas.insa-toulouse.fr", 443, 'cas',"https://arch.etud.insa-toulouse.fr");
|
||||||
|
|
||||||
// For production use set the CA certificate that is the issuer of the cert
|
// For production use set the CA certificate that is the issuer of the cert
|
||||||
// on the CAS server and uncomment the line below
|
// on the CAS server and uncomment the line below
|
||||||
|
|
|
@ -6,14 +6,12 @@
|
||||||
?>
|
?>
|
||||||
<body>
|
<body>
|
||||||
<?php
|
<?php
|
||||||
include("session_verif.php");
|
//include("session_verif.php");
|
||||||
// Include the PHP-CSRF library
|
|
||||||
include('php-csrf.php');
|
include('php-csrf.php');
|
||||||
|
|
||||||
$csrf = new CSRF();
|
$csrf = new CSRF();
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<!-- Input to choose files -->
|
|
||||||
|
|
||||||
<form id="uploadForm" enctype="multipart/form-data">
|
<form id="uploadForm" enctype="multipart/form-data">
|
||||||
<input type="file" id="fileInput" multiple>
|
<input type="file" id="fileInput" multiple>
|
||||||
|
|
Loading…
Reference in a new issue