logs connexions

author: polo <ordipolo@gmx.fr> 2025-05-29 11:21:15 +0200
committer: polo <ordipolo@gmx.fr> 2025-05-29 11:21:15 +0200
commit: 03668b9bb9f224f6db985bc9980dc75fab2fa4d5 (patch)
tree: 7380b4e32a2608853982bef2a798a95a4c976ecf
parent: 8c663379dcb9859a060e07681cc9082c025cf203 (diff)
download: cms-03668b9bb9f224f6db985bc9980dc75fab2fa4d5.tar.gz
cms-03668b9bb9f224f6db985bc9980dc75fab2fa4d5.tar.bz2
cms-03668b9bb9f224f6db985bc9980dc75fab2fa4d5.zip
3 files changed, 35 insertions, 2 deletions
diff --git a/src/controller/password.php b/src/controller/password.php
index 4b387ca..2a38508 100644
--- a/src/controller/password.php
+++ b/src/controller/password.php
@@ -7,6 +7,7 @@ declare(strict_types=1);
 use Doctrine\ORM\EntityManager;
 use App\Entity\User;
+use App\Entity\Log;
 // exécutée dans installation.php à l'ouverture de chaque page
 function existUsers(EntityManager $entityManager)
@@ -164,6 +165,9 @@ function connect(LoginBuilder $builder, EntityManager $entityManager)
                // enregistrement et redirection
                if(!empty($user) && $login === $user->getLogin() && password_verify($password, $user->getPassword()))
                {
+                        $log = new Log;
+                        $entityManager->persist($log);
+                        $entityManager->flush();
                        session_regenerate_id(true); // protection fixation de session, si l'attaquant a créé un cookie de session (attaque XSS), il est remplacé
                        //unset($_SESSION['captcha']);
                        $_SESSION['user'] = $login;
diff --git a/src/model/entities/Log.php b/src/model/entities/Log.php
new file mode 100644
index 0000000..7c2caa9
--- /dev/null
+++ b/src/model/entities/Log.php
@@ -0,0 +1,28 @@
+<?php
+// src/model/entities/Log.php
+declare(strict_types=1);
+namespace App\Entity;
+use Doctrine\ORM\Mapping as ORM;
+use Doctrine\Common\Collections\ArrayCollection;
+use Doctrine\Common\Collections\Collection;
+#[ORM\Entity]
+#[ORM\Table(name: TABLE_PREFIX . "log")]
+class Log
+{
+    #[ORM\Id]
+    #[ORM\GeneratedValue]
+    #[ORM\Column(type: "integer")]
+    private int $id_log;
+    #[ORM\Column(type: 'datetime', options: ['default' => 'CURRENT_TIMESTAMP'])]
+    //#[ORM\Column(type: 'datetime', columnDefinition: "TIMESTAMP DEFAULT CURRENT_TIMESTAMP")]
+    private ?\DateTime $date_time ; // le type datetime de doctrine convertit en type \DateTime de PHP
+    public function __construct(){
+        $this->date_time = new \DateTime();
+    }
+}
diff --git a/src/model/entities/Node.php b/src/model/entities/Node.php
index fea9d50..850f37d 100644
--- a/src/model/entities/Node.php
+++ b/src/model/entities/Node.php
@@ -36,12 +36,13 @@ class Node
    #[ORM\JoinColumn(name: "parent_id", referencedColumnName: "id_node", onDelete: "SET NULL", nullable: true)]
    private ?self $parent = null;
+    // un onDelete: "CASCADE" serait logique ici mais dangereux, on pourrait aussi faire en sorte que les noeuds soient récupérables si la page est brutalement supprimée
    #[ORM\ManyToOne(targetEntity: Page::class)]
-    #[ORM\JoinColumn(name: "page_id", referencedColumnName: "id_page", onDelete: "SET DEFAULT", nullable: true)]
+    #[ORM\JoinColumn(name: "page_id", referencedColumnName: "id_page", nullable: true)]
    private ?Page $page;
    #[ORM\ManyToOne(targetEntity: Article::class, cascade: ['persist'])]
-    #[ORM\JoinColumn(name: "article_id", referencedColumnName: "id_article", onDelete: "SET NULL", nullable: true)]
+    #[ORM\JoinColumn(name: "article_id", referencedColumnName: "id_article", onDelete: "CASCADE", nullable: true)] // supprimer le contenu d'un article supprime les noeuds associés, faux dans l'autre sens
    private ?Article $article = null;
    // propriété non mappée dans la table "node", la jointure est décrite dans NodeData
author	polo <ordipolo@gmx.fr>	2025-05-29 11:21:15 +0200
committer	polo <ordipolo@gmx.fr>	2025-05-29 11:21:15 +0200
commit	03668b9bb9f224f6db985bc9980dc75fab2fa4d5 (patch)
tree	7380b4e32a2608853982bef2a798a95a4c976ecf
parent	8c663379dcb9859a060e07681cc9082c025cf203 (diff)
download	cms-03668b9bb9f224f6db985bc9980dc75fab2fa4d5.tar.gz cms-03668b9bb9f224f6db985bc9980dc75fab2fa4d5.tar.bz2 cms-03668b9bb9f224f6db985bc9980dc75fab2fa4d5.zip

diff --git a/src/controller/password.php b/src/controller/password.php index 4b387ca..2a38508 100644 --- a/src/controller/password.php +++ b/src/controller/password.php
@@ -7,6 +7,7 @@ declare(strict_types=1);
7		7
8	use Doctrine\ORM\EntityManager;	8	use Doctrine\ORM\EntityManager;
9	use App\Entity\User;	9	use App\Entity\User;
		10	use App\Entity\Log;
10		11
11	// exécutée dans installation.php à l'ouverture de chaque page	12	// exécutée dans installation.php à l'ouverture de chaque page
12	function existUsers(EntityManager $entityManager)	13	function existUsers(EntityManager $entityManager)
@@ -164,6 +165,9 @@ function connect(LoginBuilder $builder, EntityManager $entityManager)
164	// enregistrement et redirection	165	// enregistrement et redirection
165	if(!empty($user) && $login === $user->getLogin() && password_verify($password, $user->getPassword()))	166	if(!empty($user) && $login === $user->getLogin() && password_verify($password, $user->getPassword()))
166	{	167	{
		168	$log = new Log;
		169	$entityManager->persist($log);
		170	$entityManager->flush();
167	session_regenerate_id(true); // protection fixation de session, si l'attaquant a créé un cookie de session (attaque XSS), il est remplacé	171	session_regenerate_id(true); // protection fixation de session, si l'attaquant a créé un cookie de session (attaque XSS), il est remplacé
168	//unset($_SESSION['captcha']);	172	//unset($_SESSION['captcha']);
169	$_SESSION['user'] = $login;	173	$_SESSION['user'] = $login;


diff --git a/src/model/entities/Log.php b/src/model/entities/Log.php new file mode 100644 index 0000000..7c2caa9 --- /dev/null +++ b/src/model/entities/Log.php
@@ -0,0 +1,28 @@
		1	<?php
		2	// src/model/entities/Log.php
		3
		4	declare(strict_types=1);
		5
		6	namespace App\Entity;
		7
		8	use Doctrine\ORM\Mapping as ORM;
		9	use Doctrine\Common\Collections\ArrayCollection;
		10	use Doctrine\Common\Collections\Collection;
		11
		12	#[ORM\Entity]
		13	#[ORM\Table(name: TABLE_PREFIX . "log")]
		14	class Log
		15	{
		16	#[ORM\Id]
		17	#[ORM\GeneratedValue]
		18	#[ORM\Column(type: "integer")]
		19	private int $id_log;
		20
		21	#[ORM\Column(type: 'datetime', options: ['default' => 'CURRENT_TIMESTAMP'])]
		22	//#[ORM\Column(type: 'datetime', columnDefinition: "TIMESTAMP DEFAULT CURRENT_TIMESTAMP")]
		23	private ?\DateTime $date_time ; // le type datetime de doctrine convertit en type \DateTime de PHP
		24
		25	public function __construct(){
		26	$this->date_time = new \DateTime();
		27	}
		28	}


diff --git a/src/model/entities/Node.php b/src/model/entities/Node.php index fea9d50..850f37d 100644 --- a/src/model/entities/Node.php +++ b/src/model/entities/Node.php
@@ -36,12 +36,13 @@ class Node
36	#[ORM\JoinColumn(name: "parent_id", referencedColumnName: "id_node", onDelete: "SET NULL", nullable: true)]	36	#[ORM\JoinColumn(name: "parent_id", referencedColumnName: "id_node", onDelete: "SET NULL", nullable: true)]
37	private ?self $parent = null;	37	private ?self $parent = null;
38		38
		39	// un onDelete: "CASCADE" serait logique ici mais dangereux, on pourrait aussi faire en sorte que les noeuds soient récupérables si la page est brutalement supprimée
39	#[ORM\ManyToOne(targetEntity: Page::class)]	40	#[ORM\ManyToOne(targetEntity: Page::class)]
40	#[ORM\JoinColumn(name: "page_id", referencedColumnName: "id_page", onDelete: "SET DEFAULT", nullable: true)]	41	#[ORM\JoinColumn(name: "page_id", referencedColumnName: "id_page", nullable: true)]
41	private ?Page $page;	42	private ?Page $page;
42		43
43	#[ORM\ManyToOne(targetEntity: Article::class, cascade: ['persist'])]	44	#[ORM\ManyToOne(targetEntity: Article::class, cascade: ['persist'])]
44	#[ORM\JoinColumn(name: "article_id", referencedColumnName: "id_article", onDelete: "SET NULL", nullable: true)]	45	#[ORM\JoinColumn(name: "article_id", referencedColumnName: "id_article", onDelete: "CASCADE", nullable: true)] // supprimer le contenu d'un article supprime les noeuds associés, faux dans l'autre sens
45	private ?Article $article = null;	46	private ?Article $article = null;
46		47
47	// propriété non mappée dans la table "node", la jointure est décrite dans NodeData	48	// propriété non mappée dans la table "node", la jointure est décrite dans NodeData