forked from vergnet/site-accueil-insa
Added password protection to ajax requests and admin site
This commit is contained in:
keplyx
parent
8a3bd58be1
commit
cc0da3590f
15 changed files with 76 additions and 53 deletions
|
|
@ -1,7 +1,7 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project version="4">
|
||||
<component name="JavaScriptLibraryMappings">
|
||||
<file url="PROJECT" libraries="{@types/jquery-countdown, jquery-3.3.1}" />
|
||||
<file url="PROJECT" libraries="{jquery-3.3.1, jquery-confirm}" />
|
||||
<includedPredefinedLibrary name="HTTP Response Handler" />
|
||||
</component>
|
||||
</project>
|
||||
|
|
@ -6,5 +6,7 @@
|
|||
<orderEntry type="sourceFolder" forTests="false" />
|
||||
<orderEntry type="library" name="jquery-3.3.1" level="application" />
|
||||
<orderEntry type="library" name="@types/jquery-countdown" level="application" />
|
||||
<orderEntry type="library" name="jquery-3.3.1" level="application" />
|
||||
<orderEntry type="library" name="jquery-confirm" level="application" />
|
||||
</component>
|
||||
</module>
|
||||
6
admin/.htaccess
Executable file → Normal file
6
admin/.htaccess
Executable file → Normal file
|
|
@ -1 +1,5 @@
|
|||
Options -Indexes
|
||||
AuthName "MDP ?"
|
||||
AuthType Basic
|
||||
#AuthUserFile /home/keplyx/Web/site-accueil-insa/includes/.htpassajax
|
||||
AuthUserFile /home_clubs/accueil_insa/public_html/includes/.htpassajax #production only
|
||||
require valid-user
|
||||
|
|
|
|||
51
ajax/read/index.php
Normal file
51
ajax/read/index.php
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
<?php
|
||||
require_once '../../classes/dao.php';
|
||||
|
||||
|
||||
if (isset($_GET['function'])) {
|
||||
if ($_GET['function'] == "get_scores")
|
||||
get_scores();
|
||||
elseif ($_GET['function'] == "get_map_info")
|
||||
get_map_info();
|
||||
elseif ($_GET['function'] == "get_activities_of_day")
|
||||
get_activities_of_day();
|
||||
} else
|
||||
show_error();
|
||||
|
||||
function get_scores() {
|
||||
if (isset($_GET['team'])) {
|
||||
header('Content-Type: application/json');
|
||||
$dao = new Dao('../');
|
||||
echo json_encode($dao->get_score_team($_GET['team']));
|
||||
} else {
|
||||
show_error();
|
||||
}
|
||||
}
|
||||
|
||||
function get_map_info() {
|
||||
if (isset($_GET['selector'])) {
|
||||
header('Content-Type: application/json');
|
||||
$dao = new Dao('../');
|
||||
echo json_encode($dao->get_map_info($_GET['selector']));
|
||||
} else {
|
||||
show_error();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
function get_activities_of_day() {
|
||||
if (isset($_GET['day'])) {
|
||||
header('Content-Type: application/json');
|
||||
$dao = new Dao('../');
|
||||
echo json_encode($dao->get_activities_of_day($_GET['day']));
|
||||
} else {
|
||||
show_error();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
function show_error() {
|
||||
echo "Échec : ";
|
||||
var_dump($_GET);
|
||||
}
|
||||
5
ajax/write/.htaccess
Normal file
5
ajax/write/.htaccess
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
AuthName "MDP ?"
|
||||
AuthType Basic
|
||||
#AuthUserFile /home/keplyx/Web/site-accueil-insa/includes/.htpassajax
|
||||
AuthUserFile /home_clubs/accueil_insa/public_html/includes/.htpassajax #production only
|
||||
require valid-user
|
||||
38
admin/ajax_load.php → ajax/write/index.php
Executable file → Normal file
38
admin/ajax_load.php → ajax/write/index.php
Executable file → Normal file
|
|
@ -1,18 +1,12 @@
|
|||
<?php
|
||||
require_once '../classes/dao.php';
|
||||
require_once '../../classes/dao.php';
|
||||
|
||||
|
||||
if (isset($_GET['function'])) {
|
||||
if ($_GET['function'] == "save_scores")
|
||||
save_scores();
|
||||
elseif ($_GET['function'] == "get_scores")
|
||||
get_scores();
|
||||
elseif ($_GET['function'] == "get_map_info")
|
||||
get_map_info();
|
||||
elseif ($_GET['function'] == "save_map_info")
|
||||
save_map_info();
|
||||
elseif ($_GET['function'] == "get_activities_of_day")
|
||||
get_activities_of_day();
|
||||
elseif ($_GET['function'] == "save_day_activities")
|
||||
save_day_activities();
|
||||
} else
|
||||
|
|
@ -28,26 +22,6 @@ function save_scores() {
|
|||
show_error();
|
||||
}
|
||||
|
||||
function get_scores() {
|
||||
if (isset($_GET['team'])) {
|
||||
header('Content-Type: application/json');
|
||||
$dao = new Dao('../');
|
||||
echo json_encode($dao->get_score_team($_GET['team']));
|
||||
} else {
|
||||
show_error();
|
||||
}
|
||||
}
|
||||
|
||||
function get_map_info() {
|
||||
if (isset($_GET['selector'])) {
|
||||
header('Content-Type: application/json');
|
||||
$dao = new Dao('../');
|
||||
echo json_encode($dao->get_map_info($_GET['selector']));
|
||||
} else {
|
||||
show_error();
|
||||
}
|
||||
}
|
||||
|
||||
function save_map_info() {
|
||||
if (isset($_GET['selector']) && isset($_GET['info'])) {
|
||||
$dao = new Dao('../');
|
||||
|
|
@ -58,16 +32,6 @@ function save_map_info() {
|
|||
}
|
||||
}
|
||||
|
||||
function get_activities_of_day() {
|
||||
if (isset($_GET['day'])) {
|
||||
header('Content-Type: application/json');
|
||||
$dao = new Dao('../');
|
||||
echo json_encode($dao->get_activities_of_day($_GET['day']));
|
||||
} else {
|
||||
show_error();
|
||||
}
|
||||
}
|
||||
|
||||
function save_day_activities() {
|
||||
if (isset($_GET['day']) && isset($_GET['entries'])) {
|
||||
$dao = new Dao('../');
|
||||
|
|
@ -17,7 +17,7 @@ function clicked(elem){
|
|||
'selector': get_name(elem.id),
|
||||
};
|
||||
return $.ajax({
|
||||
url: 'admin/ajax_load.php',
|
||||
url: 'ajax/read',
|
||||
data: object,
|
||||
method: 'get'
|
||||
}).done(function (data) {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
let ajaxurl = 'ajax_load.php';
|
||||
|
||||
$(document).ready(function () {
|
||||
getMapInfo(getSelectedMap());
|
||||
|
|
@ -12,7 +11,7 @@ $(document).ready(function () {
|
|||
'info': info,
|
||||
};
|
||||
$.get(
|
||||
ajaxurl,
|
||||
"../ajax/write",
|
||||
object,
|
||||
function (data) {
|
||||
alert(data);
|
||||
|
|
@ -34,7 +33,7 @@ function getMapInfo(selector) {
|
|||
'selector': selector,
|
||||
};
|
||||
$.get(
|
||||
ajaxurl,
|
||||
"../ajax/read",
|
||||
object,
|
||||
function (data) {
|
||||
console.log(data);
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
let ajaxurl = 'admin/ajax_load.php';
|
||||
let ajaxurl = 'ajax/read';
|
||||
|
||||
|
||||
let tableWrapper = $('#tablePlanning');
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
let ajaxurl = 'ajax_load.php';
|
||||
let uniqueID = 0;
|
||||
|
||||
let currentActivities = [];
|
||||
|
|
@ -143,7 +142,7 @@ function saveDayActivities() {
|
|||
"entries": currentActivities,
|
||||
};
|
||||
$.get(
|
||||
ajaxurl,
|
||||
"../ajax/write",
|
||||
object,
|
||||
function (data) {
|
||||
alert(data);
|
||||
|
|
@ -157,7 +156,7 @@ function getDayActivities(day) {
|
|||
'day': day,
|
||||
};
|
||||
$.get(
|
||||
ajaxurl,
|
||||
"../ajax/read",
|
||||
object,
|
||||
function (data) {
|
||||
currentActivities = data;
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ function showScores(team) {
|
|||
'team': team,
|
||||
};
|
||||
return $.ajax({
|
||||
url: 'admin/ajax_load.php',
|
||||
url: "ajax/read",
|
||||
data: object,
|
||||
method: 'get'
|
||||
}).done(function (data) {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
let uniqueID = 0;
|
||||
let ajaxurl = 'ajax_load.php';
|
||||
|
||||
let entryTemplate =
|
||||
'<tr class="entry">' +
|
||||
|
|
@ -24,7 +23,7 @@ $(document).ready(function () {
|
|||
"lines": lines,
|
||||
};
|
||||
$.get(
|
||||
ajaxurl,
|
||||
"../ajax/write",
|
||||
object,
|
||||
function (data) {
|
||||
alert(data);
|
||||
|
|
@ -85,7 +84,7 @@ function getScores(team) {
|
|||
'team': team,
|
||||
};
|
||||
$.get(
|
||||
ajaxurl,
|
||||
"../ajax/read",
|
||||
object,
|
||||
function (data) {
|
||||
for (let i = 0; i < data.length; i++) {
|
||||
|
|
|
|||
2
includes/.htpassajax
Executable file
2
includes/.htpassajax
Executable file
|
|
@ -0,0 +1,2 @@
|
|||
admin:$apr1$kQeLzJ44$jOg93m9Vbz6FRkj.ViuIf.
|
||||
|
||||
|
|
@ -1 +0,0 @@
|
|||
urss:$apr1$be3lzprv$6ML9yz0HALe/oI9DRKEaw0
|
||||
|
|
@ -1 +0,0 @@
|
|||
usa:$apr1$53morzy0$GxlXNPAdPtiin1/7/xQo4/
|
||||
Loading…
Reference in a new issue