couche de sécu en plus

This commit is contained in:
Baptiste 2022-06-16 14:38:31 +02:00
parent 72037a668b
commit 34b2dbbe03
2 changed files with 55 additions and 50 deletions

View file

@ -9,6 +9,7 @@ $req = $db->query("SELECT * FROM enigma WHERE id = 1");
$r = $req -> fetchAll(PDO::FETCH_ASSOC); $r = $req -> fetchAll(PDO::FETCH_ASSOC);
if(isset($_POST['send'])) { if(isset($_POST['send'])) {
if($user['perm'] >= 2) {
if(isset($_POST['answer']) AND !empty($_POST['answer'])) { if(isset($_POST['answer']) AND !empty($_POST['answer'])) {
$ans = htmlspecialchars($_POST['answer']); $ans = htmlspecialchars($_POST['answer']);
$req = $db->prepare("UPDATE enigma SET answer = ? WHERE id = 1"); $req = $db->prepare("UPDATE enigma SET answer = ? WHERE id = 1");
@ -36,6 +37,7 @@ if(isset($_POST['send'])) {
} }
header('Refresh:0'); header('Refresh:0');
} }
}
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>

View file

@ -19,6 +19,8 @@ if(isset($_GET['del']) AND !empty(['del']))
if(isset($_POST['send'])) { if(isset($_POST['send'])) {
if(isset($_POST['pseudo']) AND !empty($_POST['pseudo']) AND isset($_POST['mdp']) AND !empty($_POST['mdp']) AND isset($_POST['perm']) AND !empty($_POST['perm'])) { if(isset($_POST['pseudo']) AND !empty($_POST['pseudo']) AND isset($_POST['mdp']) AND !empty($_POST['mdp']) AND isset($_POST['perm']) AND !empty($_POST['perm'])) {
if($user['perm'] >= 2) {
$pseudo = htmlspecialchars($_POST['pseudo']); $pseudo = htmlspecialchars($_POST['pseudo']);
$mdp = htmlspecialchars($_POST['mdp']); $mdp = htmlspecialchars($_POST['mdp']);
$perm = htmlspecialchars($_POST['perm']); $perm = htmlspecialchars($_POST['perm']);
@ -49,6 +51,7 @@ if(isset($_POST['send'])) {
} else { } else {
$error = "le pseudo ne doit pas dépasser 50 char"; $error = "le pseudo ne doit pas dépasser 50 char";
} }
}
} else { } else {
$error = "Tout les champs doivent être complétés"; $error = "Tout les champs doivent être complétés";
} }