ответвлён от mougnibas/archinsa
		
	ça marche (+csp header ) :D
Этот коммит содержится в:
		
							родитель
							
								
									c782ccb0c0
								
							
						
					
					
						коммит
						f3eb274144
					
				
					 7 изменённых файлов: 40 добавлений и 27 удалений
				
			
		|  | @ -1,4 +1,4 @@ | |||
| <?php | ||||
|     $page = str_replace(".php","",basename($_SERVER['SCRIPT_FILENAME'])); | ||||
| ?>
 | ||||
| <script src="js/<?=$page?>.js"> | ||||
| <script src="js/<?=$page?>.js"></script> | ||||
|  |  | |||
|  | @ -1,3 +1,6 @@ | |||
| <?php | ||||
| header("Content-Security-Policy: default-src 'self'; connect-src 'self'; script-src 'self'; img-src 'self'; font-src 'self'; media-src 'self'; frame-src 'self'; sandbox allow-forms; object-src 'none'; frame-ancestors 'none'; form-action 'self'; base-uri 'self'; worker-src 'none'; manifest-src : 'none'; prefetch-src : 'none'; navigate-to 'self';") | ||||
| ?>
 | ||||
| <head> | ||||
|     <meta charset="UTF-8"> | ||||
|     <meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||||
|  |  | |||
							
								
								
									
										2
									
								
								api.php
									
									
									
									
									
								
							
							
						
						
									
										2
									
								
								api.php
									
									
									
									
									
								
							|  | @ -11,7 +11,7 @@ | |||
| 
 | ||||
|     */ | ||||
| 
 | ||||
|     include("session_verif.php"); | ||||
|     //include("session_verif.php");
 | ||||
|     include("bdd.php"); | ||||
| 
 | ||||
|     include('php-csrf.php'); | ||||
|  |  | |||
							
								
								
									
										10
									
								
								index.php
									
									
									
									
									
								
							
							
						
						
									
										10
									
								
								index.php
									
									
									
									
									
								
							|  | @ -2,8 +2,8 @@ | |||
| <!DOCTYPE html> | ||||
| <html lang="en"> | ||||
| <?php | ||||
|     $tire_page = "Ach'INSA"; | ||||
|     include "_patials/head.php" | ||||
|     $titre_page = "Arch'INSA"; | ||||
|     include "_partials/_head.php"; | ||||
| ?>
 | ||||
| <body> | ||||
| <?php | ||||
|  | @ -11,8 +11,8 @@ | |||
|     session_start(); | ||||
| 
 | ||||
| ?>
 | ||||
|     <a href="javascript:authenticate_user();">connection</a> | ||||
|     <a href="javascript:unauthenticate_user();">déconnection</a> | ||||
|     <button id="btn-connection">connection</button> | ||||
|     <button id="lien-deconnection">déconnection</button> | ||||
| 
 | ||||
|     <div id="user_status"> | ||||
| 
 | ||||
|  | @ -32,6 +32,6 @@ | |||
| 
 | ||||
| </body> | ||||
| <?php | ||||
|     include "_partials/footer.php"; | ||||
|     include "_partials/_footer.php"; | ||||
| ?>
 | ||||
| </html> | ||||
|  |  | |||
							
								
								
									
										24
									
								
								js/index.js
									
									
									
									
									
								
							
							
						
						
									
										24
									
								
								js/index.js
									
									
									
									
									
								
							|  | @ -150,15 +150,16 @@ async function gen_chronologie(){ | |||
| } | ||||
| 
 | ||||
| 
 | ||||
| gen_chronologie(); | ||||
| document.addEventListener("DOMContentLoaded", (event)=>{ | ||||
|     gen_chronologie(); | ||||
| 
 | ||||
| test_auth(); | ||||
| document.getElementById("recherche_input").onkeydown =function(event) { | ||||
|     test_auth(); | ||||
|     document.getElementById("recherche_input").onkeydown =function(event) { | ||||
|         if (event.key === "Enter"){ | ||||
|             rechercher(); | ||||
|         } | ||||
| } | ||||
| document.getElementById("themes_input").onkeydown =function(event) { | ||||
|     } | ||||
|     document.getElementById("themes_input").onkeydown =function(event) { | ||||
|         if (event.key === "Enter"){ | ||||
|             var theme = document.createElement("div"); | ||||
|             theme.setAttribute("class","theme"); | ||||
|  | @ -167,4 +168,15 @@ document.getElementById("themes_input").onkeydown =function(event) { | |||
|             document.getElementById("recherche_form").appendChild(theme); | ||||
|             document.getElementById("themes_input").value = ""; | ||||
|         } | ||||
| } | ||||
|     } | ||||
| 
 | ||||
| 
 | ||||
|     document.getElementById("btn-connection").addEventListener("click", (event) => { | ||||
|         authenticate_user(); | ||||
|     }); | ||||
|     document.getElementById("btn-deconnection").addEventListener("click", (event) => { | ||||
|         unauthenticate_user(); | ||||
|     }); | ||||
| 
 | ||||
| }); | ||||
| 
 | ||||
|  |  | |||
|  | @ -10,7 +10,7 @@ phpCAS::setLogger(); | |||
| phpCAS::setVerbose(true); | ||||
| 
 | ||||
| // Initialize phpCAS
 | ||||
| phpCAS::client(CAS_VERSION_2_0, "cas.insa-toulouse.fr", 443, 'cas',"https://cas.insa-toulouse.fr"); | ||||
| phpCAS::client(CAS_VERSION_2_0, "cas.insa-toulouse.fr", 443, 'cas',"https://arch.etud.insa-toulouse.fr"); | ||||
| 
 | ||||
| // For production use set the CA certificate that is the issuer of the cert
 | ||||
| // on the CAS server and uncomment the line below
 | ||||
|  |  | |||
|  | @ -6,14 +6,12 @@ | |||
| ?>
 | ||||
| <body> | ||||
| <?php | ||||
| include("session_verif.php"); | ||||
| // Include the PHP-CSRF library
 | ||||
| //include("session_verif.php");
 | ||||
| include('php-csrf.php'); | ||||
| 
 | ||||
| $csrf = new CSRF(); | ||||
| ?>
 | ||||
| 
 | ||||
| <!-- Input to choose files --> | ||||
| 
 | ||||
| <form id="uploadForm" enctype="multipart/form-data"> | ||||
| <input type="file" id="fileInput" multiple> | ||||
|  |  | |||
		Загрузка…
	
		Сослаться в новой задаче