big update :
- ajout des objets de sessions afin de permettre les alertes, les retours à la page précédente, les token contre le xss, le chargement asynchrone de css ou de javascript - ajout de la favico de sand - ajout de l'acces denied en fonction de la session et des accès de l'utilisateur - ajout de l'affichage des erreurs pdo dans les environnements de test et de dev - ajout de la constante d'environnementmain 2.5.0
Emmanuel ROY
parent
fc111abccf
commit
3f0d453ef8
|
|
@ -23,11 +23,16 @@ class Application
|
|||
|
||||
public function launch()
|
||||
{
|
||||
//print_r($this->route);
|
||||
//on declare la session lors du chargement du controlleur,
|
||||
// ainsi on instancie la page précédente et le javascript et le css asynchrone
|
||||
\MVC\Object\Session::createAndTestSession();
|
||||
|
||||
$controlleur = new Controlleur($this);
|
||||
//si la page n'est un controlleur d'action alors on affiche l'écran
|
||||
if (!$this->url->page['control']) {
|
||||
print($controlleur->vue->ecran);
|
||||
//si on affiche l'écran alors on vide les alertes de la session
|
||||
\MVC\Object\Alert::remove();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,38 +0,0 @@
|
|||
<?php
|
||||
|
||||
|
||||
namespace MVC\Classe;
|
||||
|
||||
class Asynchonous
|
||||
{
|
||||
private $_css;
|
||||
private $_javascript;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->_css = "";
|
||||
$this->_javascript = "";
|
||||
}
|
||||
|
||||
public function addCss($code)
|
||||
{
|
||||
$this->_css .= "\n";
|
||||
$this->_css .= $code;
|
||||
}
|
||||
|
||||
public function addJs($code)
|
||||
{
|
||||
$this->_javascript .= "\n";
|
||||
$this->_javascript .= $code;
|
||||
}
|
||||
|
||||
public function printCss()
|
||||
{
|
||||
echo $this->_css;
|
||||
}
|
||||
|
||||
public function printJs()
|
||||
{
|
||||
echo $this->_javascript;
|
||||
}
|
||||
}
|
||||
|
|
@ -25,6 +25,11 @@ class Bdd
|
|||
public function faireSQLRequete($sql)
|
||||
{
|
||||
$req = $this->bdd->query($sql);
|
||||
// Print Pdo::ERRORs
|
||||
if (!$req && (ENV == 'TEST' || ENV == 'DEV')) {
|
||||
echo "\nPDO::errorInfo():\n";
|
||||
print_r($this->bdd->errorInfo());
|
||||
}
|
||||
return $req;
|
||||
}
|
||||
|
||||
|
|
@ -57,6 +62,11 @@ class Bdd
|
|||
}
|
||||
}
|
||||
$req->execute();
|
||||
// Print Pdo::ERRORs
|
||||
if (!$req && (ENV == 'TEST' || ENV == 'DEV')) {
|
||||
echo "\nPDO::errorInfo():\n";
|
||||
print_r($this->bdd->errorInfo());
|
||||
}
|
||||
//$req->closeCursor();
|
||||
return $req;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,5 +7,7 @@
|
|||
// ou : "my-app/dev/
|
||||
define("BASE_SERVER_DIRECTORY", "");
|
||||
|
||||
// Optionnel! il n'est nécessaire que si vous l'utilisez dans les fichier de traitement
|
||||
define('PATH_URL', $_SERVER['REQUEST_SCHEME'] . "://www.domain.org");
|
||||
// Optionnel! il n'est nécessaire que si vous l'utilisez dans les fichiers de traitement
|
||||
define('PATH_URL', $_SERVER['REQUEST_SCHEME'] . "://www.domain.org");
|
||||
|
||||
define('ENV', "TEST");
|
||||
|
|
@ -53,7 +53,7 @@ class DefaultAction extends Action
|
|||
return $this->render('action', array('var1' => $var1, 'var2' => $var2, 'var3' => $var3));
|
||||
}
|
||||
|
||||
public function makeHttp11($data)
|
||||
public function makeHttp11()
|
||||
{
|
||||
$data = array('myval' => 25);
|
||||
//Dumper::dump($data);
|
||||
|
|
@ -61,7 +61,7 @@ class DefaultAction extends Action
|
|||
$request = new HttpMethodRequete();
|
||||
$request->setUrl(Url::absolute_link_rewrite(false, 'accueil', ['var10'=>'val10']))->get($data);
|
||||
$request->setUrl(Url::absolute_link_rewrite(false, 'accueil', ['var10'=>'val10']))->post($data);
|
||||
$request->setUrl(Url::absolute_link_rewrite(false, 'accueil', ['var10' => 'val10']))->put($data);
|
||||
$request->setUrl(Url::absolute_link_rewrite(false, 'accueil', ['var10'=>'val10']))->put($data);
|
||||
$request->setUrl(Url::absolute_link_rewrite(false, 'accueil', ['var10'=>'val10']))->delete($data);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,2 +1,3 @@
|
|||
<?php
|
||||
|
||||
\MVC\Object\Alert::addAlert('NOT OK!','You should not go to the admin access.','warning');
|
||||
\MVC\Object\Session::checkACL_admin();
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Controlleur permettant d'afficher la page d'erreur 403 accès restreint
|
||||
*/
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
name : error-access-denied
|
||||
page_title : Page 403 (Accès restreint) de l'application
|
||||
description : Page 403 (Accès restreint) de l'application
|
||||
params : module_params
|
||||
|
||||
|
|
@ -1,5 +1,4 @@
|
|||
name : error
|
||||
page_title: Erreurs de l'application
|
||||
description : abracadabla
|
||||
engine : blade
|
||||
page_title: Page 404 (Page Non Trouvé) de l'application
|
||||
description : Page 404 (Page Non Trouvé) de l'application
|
||||
params : params
|
||||
|
|
|
|||
|
|
@ -0,0 +1,15 @@
|
|||
@extends('system')
|
||||
|
||||
@section('body')
|
||||
<!-- Body Inner -->
|
||||
<div class="body-inner">
|
||||
|
||||
<section id="page-content">
|
||||
<div class="container">
|
||||
@yield('content')
|
||||
</div>
|
||||
</section>
|
||||
|
||||
</div>
|
||||
<!-- end: Body Inner -->
|
||||
@endsection
|
||||
|
|
@ -9,7 +9,7 @@
|
|||
<div class="container">
|
||||
<ul class="top-menu">
|
||||
<li @if($name == 'docs_route' || $name == 'docs_name_route') class="actual" @endif ><a href="{{ \MVC\Classe\Url::link_rewrite( false, 'docs', []) }}">Documentation</a></li>
|
||||
<li @if($name == 'depots') class="actual" @endif ><a href="{{ \MVC\Classe\Url::link_rewrite( false, 'gitlist/SAND-FrameWork', []) }}">Dépot</a></li>
|
||||
<li @if($name == 'depots') class="actual" @endif ><a href="{{ \MVC\Classe\Url::link_rewrite( false, 'gitlist/SAND-FrameWork', []) }}">Dépot</a></li>
|
||||
<li @if($name == 'donate') class="actual" @endif ><a href="{{ \MVC\Classe\Url::link_rewrite( false, 'Donate', []) }}">Donate</a></li>
|
||||
<li @if($name == 'cgu') class="actual" @endif ><a href="{{ \MVC\Classe\Url::link_rewrite( false, 'CGU', []) }}"> CGU Terms</a></li>
|
||||
<li @if($name == 'policy') class="actual" @endif ><a href="{{ \MVC\Classe\Url::link_rewrite( false, 'Policy', []) }}">Policy</a></li>
|
||||
|
|
@ -50,10 +50,29 @@
|
|||
</div>
|
||||
</header>
|
||||
<!-- end: Header -->
|
||||
|
||||
<!-- Subbar -->
|
||||
<div id="sub-bar" class="fullwidth">
|
||||
<div class="container">
|
||||
<span style="float:left;">Vous êtes connecté en tant que {{$_SESSION['user_login']}}</span>
|
||||
<span style="float:right;"><a href="{{ \MVC\Classe\Url::link_rewrite( false, 'Logout', []) }}">Se Deconnecter</a></span>
|
||||
</div>
|
||||
</div>
|
||||
<!-- end: Subbar -->
|
||||
<section id="page-content">
|
||||
<div class="container">
|
||||
|
||||
<!--Alerts-->
|
||||
@if(isset($_SESSION['alerts']))
|
||||
@foreach($_SESSION['alerts'] as $alert)
|
||||
<div class="alert alert-{{$alert['type']}} alert-dismissible fade show" role="alert">
|
||||
<strong>{{$alert['title']}}</strong> {{$alert['message']}}.
|
||||
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
|
||||
</div>
|
||||
@endforeach
|
||||
@endif
|
||||
<!--end: Alerts-->
|
||||
@yield('content')
|
||||
|
||||
</div>
|
||||
</section>
|
||||
|
||||
|
|
|
|||
|
|
@ -8,6 +8,24 @@
|
|||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="description" lang="fr" content="{{$description}}"/>
|
||||
|
||||
<link rel="apple-touch-icon" sizes="57x57" href="/apple-icon-57x57.png">
|
||||
<link rel="apple-touch-icon" sizes="60x60" href="/apple-icon-60x60.png">
|
||||
<link rel="apple-touch-icon" sizes="72x72" href="/apple-icon-72x72.png">
|
||||
<link rel="apple-touch-icon" sizes="76x76" href="/apple-icon-76x76.png">
|
||||
<link rel="apple-touch-icon" sizes="114x114" href="/apple-icon-114x114.png">
|
||||
<link rel="apple-touch-icon" sizes="120x120" href="/apple-icon-120x120.png">
|
||||
<link rel="apple-touch-icon" sizes="144x144" href="/apple-icon-144x144.png">
|
||||
<link rel="apple-touch-icon" sizes="152x152" href="/apple-icon-152x152.png">
|
||||
<link rel="apple-touch-icon" sizes="180x180" href="/apple-icon-180x180.png">
|
||||
<link rel="icon" type="image/png" sizes="192x192" href="/android-icon-192x192.png">
|
||||
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
|
||||
<link rel="icon" type="image/png" sizes="96x96" href="/favicon-96x96.png">
|
||||
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
|
||||
<link rel="manifest" href="/manifest.json">
|
||||
<meta name="msapplication-TileColor" content="#ffffff">
|
||||
<meta name="msapplication-TileImage" content="/ms-icon-144x144.png">
|
||||
<meta name="theme-color" content="#ffffff">
|
||||
|
||||
@section('top-css')
|
||||
<link rel="stylesheet" href="{{ \MVC\Classe\Url::asset_rewrite('assets/bootstrap-5.0.0-beta1-dist/css/bootstrap.min.css')}}">
|
||||
<link rel="stylesheet" href="{{ \MVC\Classe\Url::asset_rewrite('assets/css/custom.css')}}">
|
||||
|
|
|
|||
|
|
@ -0,0 +1,34 @@
|
|||
{{-- Vue Blade de la page d'erreur 403 accès restreint--}}
|
||||
@extends('body-nomenu')
|
||||
|
||||
@section('content')
|
||||
<div id="access-denied">
|
||||
<div class="container">
|
||||
<h1>Accès non Autorisé</h1>
|
||||
<p>
|
||||
Vous ne possédez pas les accès à cette application.
|
||||
<br/>
|
||||
Si c'est une erreur : veuillez bien contacter l'administrateur de l'application afin qu'il vous alloue un accès
|
||||
<br/>
|
||||
<a href="mailto:administrateur@sand-framework.fr">administrateur@sand-framework.fr</a>
|
||||
</p>
|
||||
<br /><br />
|
||||
<div id="gears">
|
||||
<svg xmlns="http://www.w3.org/2000/svg" width="120px" height="120px" viewBox="0 0 100 100" preserveAspectRatio="xMidYMid" class="uil-gears">
|
||||
<rect x="0" y="0" width="100" height="100" fill="none" class="bk"/>
|
||||
<g transform="translate(-20,-20)">
|
||||
<path d="M79.9,52.6C80,51.8,80,50.9,80,50s0-1.8-0.1-2.6l-5.1-0.4c-0.3-2.4-0.9-4.6-1.8-6.7l4.2-2.9c-0.7-1.6-1.6-3.1-2.6-4.5 L70,35c-1.4-1.9-3.1-3.5-4.9-4.9l2.2-4.6c-1.4-1-2.9-1.9-4.5-2.6L59.8,27c-2.1-0.9-4.4-1.5-6.7-1.8l-0.4-5.1C51.8,20,50.9,20,50,20 s-1.8,0-2.6,0.1l-0.4,5.1c-2.4,0.3-4.6,0.9-6.7,1.8l-2.9-4.1c-1.6,0.7-3.1,1.6-4.5,2.6l2.1,4.6c-1.9,1.4-3.5,3.1-5,4.9l-4.5-2.1 c-1,1.4-1.9,2.9-2.6,4.5l4.1,2.9c-0.9,2.1-1.5,4.4-1.8,6.8l-5,0.4C20,48.2,20,49.1,20,50s0,1.8,0.1,2.6l5,0.4 c0.3,2.4,0.9,4.7,1.8,6.8l-4.1,2.9c0.7,1.6,1.6,3.1,2.6,4.5l4.5-2.1c1.4,1.9,3.1,3.5,5,4.9l-2.1,4.6c1.4,1,2.9,1.9,4.5,2.6l2.9-4.1 c2.1,0.9,4.4,1.5,6.7,1.8l0.4,5.1C48.2,80,49.1,80,50,80s1.8,0,2.6-0.1l0.4-5.1c2.3-0.3,4.6-0.9,6.7-1.8l2.9,4.2 c1.6-0.7,3.1-1.6,4.5-2.6L65,69.9c1.9-1.4,3.5-3,4.9-4.9l4.6,2.2c1-1.4,1.9-2.9,2.6-4.5L73,59.8c0.9-2.1,1.5-4.4,1.8-6.7L79.9,52.6 z M50,65c-8.3,0-15-6.7-15-15c0-8.3,6.7-15,15-15s15,6.7,15,15C65,58.3,58.3,65,50,65z" fill="#8f7f59" transform="rotate(32.43 50 50)">
|
||||
<animateTransform attributeName="transform" type="rotate" from="90 50 50" to="0 50 50" dur="1s" repeatCount="indefinite"/>
|
||||
</path>
|
||||
</g>
|
||||
<g transform="translate(20,20) rotate(15 50 50)">
|
||||
<path d="M79.9,52.6C80,51.8,80,50.9,80,50s0-1.8-0.1-2.6l-5.1-0.4c-0.3-2.4-0.9-4.6-1.8-6.7l4.2-2.9c-0.7-1.6-1.6-3.1-2.6-4.5 L70,35c-1.4-1.9-3.1-3.5-4.9-4.9l2.2-4.6c-1.4-1-2.9-1.9-4.5-2.6L59.8,27c-2.1-0.9-4.4-1.5-6.7-1.8l-0.4-5.1C51.8,20,50.9,20,50,20 s-1.8,0-2.6,0.1l-0.4,5.1c-2.4,0.3-4.6,0.9-6.7,1.8l-2.9-4.1c-1.6,0.7-3.1,1.6-4.5,2.6l2.1,4.6c-1.9,1.4-3.5,3.1-5,4.9l-4.5-2.1 c-1,1.4-1.9,2.9-2.6,4.5l4.1,2.9c-0.9,2.1-1.5,4.4-1.8,6.8l-5,0.4C20,48.2,20,49.1,20,50s0,1.8,0.1,2.6l5,0.4 c0.3,2.4,0.9,4.7,1.8,6.8l-4.1,2.9c0.7,1.6,1.6,3.1,2.6,4.5l4.5-2.1c1.4,1.9,3.1,3.5,5,4.9l-2.1,4.6c1.4,1,2.9,1.9,4.5,2.6l2.9-4.1 c2.1,0.9,4.4,1.5,6.7,1.8l0.4,5.1C48.2,80,49.1,80,50,80s1.8,0,2.6-0.1l0.4-5.1c2.3-0.3,4.6-0.9,6.7-1.8l2.9,4.2 c1.6-0.7,3.1-1.6,4.5-2.6L65,69.9c1.9-1.4,3.5-3,4.9-4.9l4.6,2.2c1-1.4,1.9-2.9,2.6-4.5L73,59.8c0.9-2.1,1.5-4.4,1.8-6.7L79.9,52.6 z M50,65c-8.3,0-15-6.7-15-15c0-8.3,6.7-15,15-15s15,6.7,15,15C65,58.3,58.3,65,50,65z" fill="#9f9fab" transform="rotate(57.57 50 50)">
|
||||
<animateTransform attributeName="transform" type="rotate" from="0 50 50" to="90 50 50" dur="1s" repeatCount="indefinite"/>
|
||||
</path>
|
||||
</g>
|
||||
</svg>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@endsection
|
||||
|
|
@ -1 +1 @@
|
|||
{{$app->load('gitlist')}}
|
||||
{{$app->load('gitlist')}}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,23 @@
|
|||
<?php
|
||||
|
||||
namespace MVC\Object;
|
||||
|
||||
class Alert
|
||||
{
|
||||
|
||||
public static function addAlert($title,$message,$type)
|
||||
{
|
||||
$alert = array(
|
||||
'title' => $title,
|
||||
'message' => $message,
|
||||
'type' => $type
|
||||
);
|
||||
|
||||
$_SESSION['alerts'][] = $alert;
|
||||
}
|
||||
|
||||
public static function remove(){
|
||||
$_SESSION['alerts'] = array();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,36 @@
|
|||
<?php
|
||||
|
||||
|
||||
namespace MVC\Object;
|
||||
|
||||
class Asynchronous
|
||||
{
|
||||
|
||||
public static function declare()
|
||||
{
|
||||
$_SESSION['css'] = "";
|
||||
$_SESSION['javascript'] = "";
|
||||
}
|
||||
|
||||
public static function addCss($code)
|
||||
{
|
||||
$_SESSION['css'] .= "\n";
|
||||
$_SESSION['css'] .= $code;
|
||||
}
|
||||
|
||||
public static function addJs($code)
|
||||
{
|
||||
$_SESSION['javascript'] .= "\n";
|
||||
$_SESSION['javascript'] .= $code;
|
||||
}
|
||||
|
||||
public static function printCss()
|
||||
{
|
||||
echo $_SESSION['css'];
|
||||
}
|
||||
|
||||
public static function printJs()
|
||||
{
|
||||
echo $_SESSION['javascript'];
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
|
||||
namespace MVC\Object;
|
||||
|
||||
class History
|
||||
{
|
||||
|
||||
public static function setPagePrecedente(){
|
||||
if(!isset($_SESSION['pagePrecedente'])){
|
||||
$_SESSION['pagePrecedente'] = '';
|
||||
$_SESSION['pageActuelle'] = $_SERVER['REQUEST_URI'];
|
||||
}else{
|
||||
$_SESSION['pagePrecedente'] = $_SESSION['pageActuelle'];
|
||||
$_SESSION['pageActuelle'] = $_SERVER['REQUEST_URI'];
|
||||
}
|
||||
}
|
||||
|
||||
public static function getPagePrecedente(){
|
||||
return $_SESSION['pagePrecedente'];
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,111 @@
|
|||
<?php
|
||||
|
||||
namespace MVC\Object;
|
||||
|
||||
/**
|
||||
* Class Session
|
||||
* Classe de domaine portant sur les Sessions lors des accès à l'application
|
||||
* @package MVC\Object
|
||||
*/
|
||||
class Session
|
||||
{
|
||||
/**
|
||||
* Méthode appelée dans toutes les page nécessitant une authentification
|
||||
*/
|
||||
public static function createAndTestSession()
|
||||
{
|
||||
self::authentification();
|
||||
self::checkSession();
|
||||
\MVC\Object\History::setPagePrecedente();
|
||||
\MVC\Object\Asynchronous::declare();
|
||||
}
|
||||
|
||||
/**
|
||||
* Méthode permettant de lancer la session, obsolète depuis phpCAS 1.3.9
|
||||
*/
|
||||
public static function sessionStart()
|
||||
{
|
||||
session_start();
|
||||
}
|
||||
|
||||
/**
|
||||
* Méthode permettant de lancer l'authentification par le CAS de l'université
|
||||
* @throws \Exception
|
||||
*/
|
||||
public static function authentification()
|
||||
{
|
||||
self::sessionStart();
|
||||
$_SESSION['user_login'] = 'root';
|
||||
$_SESSION['acl_admin'] = 0;
|
||||
}
|
||||
|
||||
public static function casAuthentification()
|
||||
{
|
||||
if (ENV == "DEV") {
|
||||
// Load the settings from the central config file
|
||||
require_once CONFIG_PATH . DIRECTORY_SEPARATOR . 'cas-authentification-config.php';
|
||||
|
||||
// Enable debugging
|
||||
\phpCAS::setLogger();
|
||||
// Enable verbose error messages. Disable in production!
|
||||
\phpCAS::setVerbose(true);
|
||||
|
||||
// Initialize phpCAS
|
||||
\phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context);
|
||||
|
||||
// For production use set the CA certificate that is the issuer of the cert
|
||||
// on the CAS server and uncomment the line below
|
||||
// phpCAS::setCasServerCACert($cas_server_ca_cert_path);
|
||||
|
||||
// For quick testing you can disable SSL validation of the CAS server.
|
||||
// THIS SETTING IS NOT RECOMMENDED FOR PRODUCTION.
|
||||
// VALIDATING THE CAS SERVER IS CRUCIAL TO THE SECURITY OF THE CAS PROTOCOL!
|
||||
\phpCAS::setNoCasServerValidation();
|
||||
|
||||
// force CAS authentication
|
||||
\phpCAS::forceAuthentication();
|
||||
|
||||
$_SESSION['user_login'] = \phpCAS::getAttribute('uid');
|
||||
|
||||
} elseif (ENV == "PROD" || ENV == "PREPROD") {
|
||||
// Load the settings from the central config file
|
||||
require_once CONFIG_PATH . DIRECTORY_SEPARATOR . 'cas-authentification-config.php';
|
||||
|
||||
\phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context);
|
||||
|
||||
// For production use set the CA certificate that is the issuer of the cert
|
||||
// on the CAS server and uncomment the line below
|
||||
\phpCAS::setCasServerCACert($cas_server_ca_cert_path);
|
||||
|
||||
// force CAS authentication
|
||||
\phpCAS::forceAuthentication();
|
||||
|
||||
$_SESSION['user_login'] = \phpCAS::getAttribute('uid');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Méthode permettant de rédiriger le visiteur s'il n'est pas authentifier
|
||||
*/
|
||||
public static function checkSession()
|
||||
{
|
||||
if (!isset($_SESSION['user_login'])) {
|
||||
header('location:' . Url::link_rewrite(false, 'index'));
|
||||
die();
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Méthode permettant de rediriger le visiteur si son utilisateur n'as pas les droits administrateur
|
||||
*/
|
||||
public static function checkACL_admin()
|
||||
{
|
||||
if (!isset($_SESSION['acl_admin'])) {
|
||||
header('location:'.\MVC\Classe\Url::link_rewrite(false, "error-access-denied", []));
|
||||
die();
|
||||
} elseif ($_SESSION['acl_admin'] != 1) {
|
||||
header('location:'.\MVC\Classe\Url::link_rewrite(false, "error-access-denied", []));
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,29 @@
|
|||
<?php
|
||||
|
||||
namespace MVC\Object;
|
||||
|
||||
class XssToken
|
||||
{
|
||||
|
||||
public static function getNew($title,$message,$type)
|
||||
{
|
||||
$_SESSION['xss_token'] = generateUniqueToken('xss',25);
|
||||
}
|
||||
|
||||
public static function remove(){
|
||||
$_SESSION['xss_token'] = '';
|
||||
}
|
||||
|
||||
public static function generateUniqueToken($prefix = 'xss_', $length = 13){
|
||||
// uniqid gives 13 chars, but you could adjust it to your needs.
|
||||
if (function_exists("random_bytes")) {
|
||||
$bytes = random_bytes(ceil($length / 2));
|
||||
} elseif (function_exists("openssl_random_pseudo_bytes")) {
|
||||
$bytes = openssl_random_pseudo_bytes(ceil($length / 2));
|
||||
} else {
|
||||
throw new Exception("no cryptographically secure random function available");
|
||||
}
|
||||
return $prefix . substr(bin2hex($bytes), 0, $length);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -19,7 +19,7 @@
|
|||
# Options +SymLinksIfOwnerMatch
|
||||
|
||||
# (4)
|
||||
#RewriteBase /fiches3pro/public/
|
||||
#RewriteBase /directory/public/
|
||||
#RewriteBase /
|
||||
|
||||
# (5)
|
||||
|
|
@ -27,8 +27,9 @@
|
|||
|
||||
# (6)
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
#RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule . index.php [L]
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule ^(.*)$ /index.php [L]
|
||||
RewriteRule ^$ /index.php [L]
|
||||
|
||||
</IfModule>
|
||||
|
||||
|
|
|
|||
Binary file not shown.
|
After Width: | Height: | Size: 8.8 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 14 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 1.5 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 1.8 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 2.7 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 4.7 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 6.1 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 6.6 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 8.8 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 9.4 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 12 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 2.1 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 2.3 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 2.7 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 3.4 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 14 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 14 KiB |
|
|
@ -55,7 +55,6 @@ dl, ol, ul {
|
|||
width: 250px;
|
||||
border: 2px solid transparent;
|
||||
margin: 0 auto;
|
||||
margin-left: auto;
|
||||
padding: 23px 30px;
|
||||
color: #fff;
|
||||
font-weight: 400;
|
||||
|
|
@ -77,7 +76,15 @@ dl, ol, ul {
|
|||
padding-bottom: 2rem;
|
||||
}
|
||||
|
||||
/** Sub Menu top bar, invisible on mobile **/
|
||||
/** Sub Menu sub bar, visible on mobile **/
|
||||
#sub-bar{
|
||||
height: 25px;
|
||||
background-color: antiquewhite;
|
||||
font-size: 0.7rem;
|
||||
margin-bottom: 2rem;
|
||||
padding-top: 5px;
|
||||
}
|
||||
/** Sub Menu top bar , invisible on mobile **/
|
||||
.top-menu{
|
||||
display: flex;
|
||||
justify-content: end;
|
||||
|
|
@ -117,6 +124,17 @@ li.actual > a {
|
|||
.actual{
|
||||
background-color: white;
|
||||
}
|
||||
header{
|
||||
margin-bottom: 2rem;
|
||||
/** ACCESS DENIED **/
|
||||
#access-denied{
|
||||
display:block;
|
||||
position: relative;
|
||||
width: 70%;
|
||||
height: 70%;
|
||||
border: 1px dotted grey;
|
||||
border-radius:15px;
|
||||
text-align: center;
|
||||
margin: 5% auto;
|
||||
}
|
||||
#access-denied > .container{
|
||||
padding-top: 10%;
|
||||
}
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<browserconfig><msapplication><tile><square70x70logo src="/ms-icon-70x70.png"/><square150x150logo src="/ms-icon-150x150.png"/><square310x310logo src="/ms-icon-310x310.png"/><TileColor>#ffffff</TileColor></tile></msapplication></browserconfig>
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 976 B |
Binary file not shown.
|
After Width: | Height: | Size: 1.4 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 4.7 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 1.1 KiB After Width: | Height: | Size: 1.1 KiB |
|
|
@ -13,7 +13,7 @@
|
|||
|
||||
/* SITE */
|
||||
Standards: HTML5, CSS3
|
||||
Components: Modernizr, jQuery
|
||||
Components: Blade, Vue.js
|
||||
Software:
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,41 @@
|
|||
{
|
||||
"name": "App",
|
||||
"icons": [
|
||||
{
|
||||
"src": "\/android-icon-36x36.png",
|
||||
"sizes": "36x36",
|
||||
"type": "image\/png",
|
||||
"density": "0.75"
|
||||
},
|
||||
{
|
||||
"src": "\/android-icon-48x48.png",
|
||||
"sizes": "48x48",
|
||||
"type": "image\/png",
|
||||
"density": "1.0"
|
||||
},
|
||||
{
|
||||
"src": "\/android-icon-72x72.png",
|
||||
"sizes": "72x72",
|
||||
"type": "image\/png",
|
||||
"density": "1.5"
|
||||
},
|
||||
{
|
||||
"src": "\/android-icon-96x96.png",
|
||||
"sizes": "96x96",
|
||||
"type": "image\/png",
|
||||
"density": "2.0"
|
||||
},
|
||||
{
|
||||
"src": "\/android-icon-144x144.png",
|
||||
"sizes": "144x144",
|
||||
"type": "image\/png",
|
||||
"density": "3.0"
|
||||
},
|
||||
{
|
||||
"src": "\/android-icon-192x192.png",
|
||||
"sizes": "192x192",
|
||||
"type": "image\/png",
|
||||
"density": "4.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 8.8 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 9.3 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 29 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 3.1 KiB |
Loading…
Reference in New Issue