mode maintenance, optimisation moins de contrôles en mode run, dossier service et déplacement fichiers, sessions et entité User préparées à l'implémentation hypothétique des rôles, entité AppMetadata, meilleure sécurité de fillStartingDatabase

author: polo <ordipolo@gmx.fr> 2026-03-24 22:39:29 +0100
committer: polo <ordipolo@gmx.fr> 2026-03-24 22:40:33 +0100
commit: 3b369122645b07b290f7fcc7bccb4787745cd5ea (patch)
tree: 3f9c2d1fbd5fe8b26162202e9b1e6cd5c8a940f6 /src/FormValidation.php
parent: a70dee9b5021a137ae07041c38921553442b0c11 (diff)
download: cms-3b369122645b07b290f7fcc7bccb4787745cd5ea.tar.gz
cms-3b369122645b07b290f7fcc7bccb4787745cd5ea.tar.bz2
cms-3b369122645b07b290f7fcc7bccb4787745cd5ea.zip
1 files changed, 0 insertions, 215 deletions
diff --git a/src/FormValidation.php b/src/FormValidation.php
deleted file mode 100644
index b3a3793..0000000
--- a/src/FormValidation.php
+++ /dev/null
@@ -1,215 +0,0 @@
-<?php
-// src/FormValidation.php
-declare(strict_types=1);
-class FormValidation
-{
-        private array $data; // tableau associatif (probablement $_POST)
-        private string $validation_strategy; // à remplacer plus tard par un objet (pattern stratégie) d'interface ValidationStrategy
-        private array $errors;
-        private bool $validated = false;
-        public function __construct(array $data, string $validation_strategy){
-                $this->data = $data;
-                $this->validation_strategy = $validation_strategy;
-        }
-        public function validate(): bool
-        {
-                $this->errors = [];
-                // pattern stratégie en une seule classe
-                switch($this->validation_strategy){
-                        // bloc formulaire de contact
-                        case 'email_send':
-                                $this->emailStrategy();
-                                break;
-                        case 'email_params': // paramètrage en mode admin
-                                $this->emailParamsStrategy();
-                                break;
-                        // formulaires pages spéciales
-                        case 'create_user':
-                                $this->createUserStrategy();
-                                break;
-                        case 'connection':
-                                $this->connectionStrategy();
-                                break;
-                        case 'username_update':
-                                $this->usernameUpdateStrategy();
-                                break;
-                        case 'password_update':
-                                $this->passwordUpdateStrategy();
-                                break;
-                        default:
-                                http_response_code(500); // c'est un peu comme jeter une exception
-                                echo json_encode(['success' => false, 'error' => 'server_error']);
-                                die;
-                }
-                $this->validated = true;
-                return empty($this->errors);
-        }
-        public function getErrors(): array
-        {
-                return $this->errors;
-        }
-        public function getField(string $field): string
-        {
-                return $this->validated ? $this->data[$field] : '';
-        }
-        // méthodes de validation
-        private function captchaValidate(bool $clean_session = true): void
-        {
-                $captcha_solution = (isset($_SESSION['captcha']) && is_int($_SESSION['captcha'])) ? $_SESSION['captcha'] : 0;
-                $captcha_try = isset($this->data['captcha']) ? Captcha::controlInput($this->data['captcha']) : 0;
-                if($clean_session){
-                        unset($_SESSION['captcha']);
-                }
-                
-                if($captcha_try == 0){
-                        $error = 'error_non_valid_captcha';
-                }
-                elseif($captcha_solution == 0){ // ne peut pas arriver, si?
-                        $error = 'captcha_server_error';
-                }
-                elseif($captcha_try !== $captcha_solution){
-                        $this->errors[] = 'bad_solution_captcha';
-                }
-        }
-        
-        // erreurs à la création des mots de passe
-        static private function removeSpacesTabsCRLF(string $chaine): string
-        {
-                $cibles = [' ', "\t", "\n", "\r"]; // doubles quotes !!
-                return(str_replace($cibles, '', $chaine));
-        }
-        // stratégies
-        private function emailStrategy(): void
-        {
-                $this->captchaValidate(false);
-                if(!isset($this->data['name']) || empty($this->data['name'])
-                        || !isset($this->data['email']) || empty($this->data['email'])
-                        || !isset($this->data['message']) || empty($this->data['message'])
-                        || !isset($this->data['hidden']) || !empty($this->data['hidden'])){
-                        $this->errors[] = 'missing_fields';
-                }
-                
-                elseif(!filter_var(trim($this->data['email']), FILTER_VALIDATE_EMAIL)){
-                        $this->errors[] = 'bad_email_address';
-                }
-                $this->data['name'] = htmlspecialchars(trim($this->data['name']));
-                $this->data['email'] = htmlspecialchars(trim($this->data['email']));
-                $this->data['message'] = htmlspecialchars($this->data['message']);
-        }
-        private function emailParamsStrategy(): void
-        {
-                if(!isset($this->data['id'], $this->data['what_param'], $this->data['value'], $this->data['hidden'])
-                        || !empty($this->data['hidden'])){
-                        $this->errors[] = 'missing_fields';
-                }
-                elseif($this->data['value'] !== ''){
-                        if(!in_array($this->data['what_param'], ['smtp_host', 'smtp_secure', 'smtp_username', 'smtp_password', 'email_dest'])){
-                                $this->errors[] = 'unknown_parameter';
-                        }
-                        elseif($this->data['what_param'] === 'smtp_username' || $this->data['what_param'] === 'email_dest'){
-                                if(!filter_var($this->data['value'], FILTER_VALIDATE_EMAIL)){
-                                        $this->errors[] = 'invalide_email_address';
-                                }
-                        }
-                }
-                // htmlspecialchars exécutés à l'affichage dans FormBuilder
-        }
-        private function createUserStrategy(): void
-        {
-                $this->captchaValidate();
-                // test mauvais paramètres
-                if(!isset($this->data['login']) || empty($this->data['login'])
-                || !isset($this->data['password']) || empty($this->data['password'])
-                || !isset($this->data['password_confirmation']) || empty($this->data['password_confirmation'])
-                || !isset($this->data['create_user_hidden']) || !empty($this->data['create_user_hidden']))
-                {
-                        $this->errors[] = 'bad_login_or_password';
-                }
-                if($this->data['password'] !== $this->data['password_confirmation']){
-                        $this->errors[] = 'different_passwords';
-                }
-                if($this->data['login'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['login']))
-                        || $this->data['password'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['password']))){
-                        $this->errors[] = 'forbidden_characters';
-                }
-        }
-        private function connectionStrategy(): void
-        {
-                $this->captchaValidate();
-                if(!isset($this->data['login']) || empty($this->data['login'])
-                        || !isset($this->data['password']) || empty($this->data['password'])
-                        || !isset($this->data['connection_hidden']) || !empty($this->data['connection_hidden']))
-                {
-                        $this->errors[] = 'bad_login_or_password';
-                }
-        }
-        private function usernameUpdateStrategy(): void
-        {
-                $this->captchaValidate();
-                if(!isset($this->data['login']) || empty($this->data['login'])
-                        || !isset($this->data['password']) || empty($this->data['password'])
-                        || !isset($this->data['new_login']) || empty($this->data['new_login'])
-                        || !isset($this->data['modify_username_hidden']) || !empty($this->data['modify_username_hidden']))
-                {
-                        $this->errors[] = 'bad_login_or_password';
-                }
-                $new_login = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_login']));
-                if($new_login !== $this->data['new_login']){
-                        $this->errors[] = 'forbidden_characters';
-                }
-                if($this->data['login'] !== $_SESSION['user']){
-                        $this->errors[] = 'bad_login_or_password';
-                }
-                if($this->data['login'] === $new_login){
-                        $this->errors[] = 'same_username_as_before';
-                }
-        }
-        private function passwordUpdateStrategy(): void
-        {
-                $this->captchaValidate();
-                if(!isset($this->data['login']) || empty($this->data['login'])
-                        || !isset($this->data['password']) || empty($this->data['password'])
-                        || !isset($this->data['new_password']) || empty($this->data['new_password'])
-                        || !isset($this->data['modify_password_hidden']) || !empty($this->data['modify_password_hidden']))
-                {
-                        $this->errors[] = 'bad_login_or_password';
-                }
-                $new_password = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_password']));
-                if($new_password !== $this->data['new_password']){
-                        $this->errors[] = 'forbidden_characters';
-                }
-                if($this->data['login'] !== $_SESSION['user']){
-                        $this->errors[] = 'bad_login_or_password';
-                }
-                if($this->data['password'] === $new_password){
-                        $this->errors[] = 'same_password_as_before';
-                }
-        }
-}
-\ No newline at end of file
author	polo <ordipolo@gmx.fr>	2026-03-24 22:39:29 +0100
committer	polo <ordipolo@gmx.fr>	2026-03-24 22:40:33 +0100
commit	3b369122645b07b290f7fcc7bccb4787745cd5ea (patch)
tree	3f9c2d1fbd5fe8b26162202e9b1e6cd5c8a940f6 /src/FormValidation.php
parent	a70dee9b5021a137ae07041c38921553442b0c11 (diff)
download	cms-3b369122645b07b290f7fcc7bccb4787745cd5ea.tar.gz cms-3b369122645b07b290f7fcc7bccb4787745cd5ea.tar.bz2 cms-3b369122645b07b290f7fcc7bccb4787745cd5ea.zip

diff --git a/src/FormValidation.php b/src/FormValidation.php deleted file mode 100644 index b3a3793..0000000 --- a/src/FormValidation.php +++ /dev/null
@@ -1,215 +0,0 @@
1	<?php
2	// src/FormValidation.php
3
4	declare(strict_types=1);
5
6	class FormValidation
7	{
8	private array $data; // tableau associatif (probablement $_POST)
9	private string $validation_strategy; // à remplacer plus tard par un objet (pattern stratégie) d'interface ValidationStrategy
10	private array $errors;
11	private bool $validated = false;
12
13	public function __construct(array $data, string $validation_strategy){
14	$this->data = $data;
15	$this->validation_strategy = $validation_strategy;
16	}
17
18	public function validate(): bool
19	{
20	$this->errors = [];
21
22	// pattern stratégie en une seule classe
23	switch($this->validation_strategy){
24	// bloc formulaire de contact
25	case 'email_send':
26	$this->emailStrategy();
27	break;
28	case 'email_params': // paramètrage en mode admin
29	$this->emailParamsStrategy();
30	break;
31
32	// formulaires pages spéciales
33	case 'create_user':
34	$this->createUserStrategy();
35	break;
36	case 'connection':
37	$this->connectionStrategy();
38	break;
39	case 'username_update':
40	$this->usernameUpdateStrategy();
41	break;
42	case 'password_update':
43	$this->passwordUpdateStrategy();
44	break;
45
46	default:
47	http_response_code(500); // c'est un peu comme jeter une exception
48	echo json_encode(['success' => false, 'error' => 'server_error']);
49	die;
50	}
51
52	$this->validated = true;
53	return empty($this->errors);
54	}
55
56	public function getErrors(): array
57	{
58	return $this->errors;
59	}
60
61	public function getField(string $field): string
62	{
63	return $this->validated ? $this->data[$field] : '';
64	}
65
66	// méthodes de validation
67	private function captchaValidate(bool $clean_session = true): void
68	{
69	$captcha_solution = (isset($_SESSION['captcha']) && is_int($_SESSION['captcha'])) ? $_SESSION['captcha'] : 0;
70	$captcha_try = isset($this->data['captcha']) ? Captcha::controlInput($this->data['captcha']) : 0;
71	if($clean_session){
72	unset($_SESSION['captcha']);
73	}
74
75	if($captcha_try == 0){
76	$error = 'error_non_valid_captcha';
77	}
78	elseif($captcha_solution == 0){ // ne peut pas arriver, si?
79	$error = 'captcha_server_error';
80	}
81	elseif($captcha_try !== $captcha_solution){
82	$this->errors[] = 'bad_solution_captcha';
83	}
84	}
85
86	// erreurs à la création des mots de passe
87	static private function removeSpacesTabsCRLF(string $chaine): string
88	{
89	$cibles = [' ', "\t", "\n", "\r"]; // doubles quotes !!
90	return(str_replace($cibles, '', $chaine));
91	}
92
93
94	// stratégies
95	private function emailStrategy(): void
96	{
97	$this->captchaValidate(false);
98
99	if(!isset($this->data['name']) \|\| empty($this->data['name'])
100	\|\| !isset($this->data['email']) \|\| empty($this->data['email'])
101	\|\| !isset($this->data['message']) \|\| empty($this->data['message'])
102	\|\| !isset($this->data['hidden']) \|\| !empty($this->data['hidden'])){
103	$this->errors[] = 'missing_fields';
104	}
105
106	elseif(!filter_var(trim($this->data['email']), FILTER_VALIDATE_EMAIL)){
107	$this->errors[] = 'bad_email_address';
108	}
109
110	$this->data['name'] = htmlspecialchars(trim($this->data['name']));
111	$this->data['email'] = htmlspecialchars(trim($this->data['email']));
112	$this->data['message'] = htmlspecialchars($this->data['message']);
113	}
114	private function emailParamsStrategy(): void
115	{
116	if(!isset($this->data['id'], $this->data['what_param'], $this->data['value'], $this->data['hidden'])
117	\|\| !empty($this->data['hidden'])){
118	$this->errors[] = 'missing_fields';
119	}
120
121	elseif($this->data['value'] !== ''){
122	if(!in_array($this->data['what_param'], ['smtp_host', 'smtp_secure', 'smtp_username', 'smtp_password', 'email_dest'])){
123	$this->errors[] = 'unknown_parameter';
124	}
125	elseif($this->data['what_param'] === 'smtp_username' \|\| $this->data['what_param'] === 'email_dest'){
126	if(!filter_var($this->data['value'], FILTER_VALIDATE_EMAIL)){
127	$this->errors[] = 'invalide_email_address';
128	}
129	}
130	}
131
132	// htmlspecialchars exécutés à l'affichage dans FormBuilder
133	}
134	private function createUserStrategy(): void
135	{
136	$this->captchaValidate();
137
138	// test mauvais paramètres
139	if(!isset($this->data['login']) \|\| empty($this->data['login'])
140	\|\| !isset($this->data['password']) \|\| empty($this->data['password'])
141	\|\| !isset($this->data['password_confirmation']) \|\| empty($this->data['password_confirmation'])
142	\|\| !isset($this->data['create_user_hidden']) \|\| !empty($this->data['create_user_hidden']))
143	{
144	$this->errors[] = 'bad_login_or_password';
145	}
146
147	if($this->data['password'] !== $this->data['password_confirmation']){
148	$this->errors[] = 'different_passwords';
149	}
150
151	if($this->data['login'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['login']))
152	\|\| $this->data['password'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['password']))){
153	$this->errors[] = 'forbidden_characters';
154	}
155	}
156	private function connectionStrategy(): void
157	{
158	$this->captchaValidate();
159
160	if(!isset($this->data['login']) \|\| empty($this->data['login'])
161	\|\| !isset($this->data['password']) \|\| empty($this->data['password'])
162	\|\| !isset($this->data['connection_hidden']) \|\| !empty($this->data['connection_hidden']))
163	{
164	$this->errors[] = 'bad_login_or_password';
165	}
166	}
167	private function usernameUpdateStrategy(): void
168	{
169	$this->captchaValidate();
170
171	if(!isset($this->data['login']) \|\| empty($this->data['login'])
172	\|\| !isset($this->data['password']) \|\| empty($this->data['password'])
173	\|\| !isset($this->data['new_login']) \|\| empty($this->data['new_login'])
174	\|\| !isset($this->data['modify_username_hidden']) \|\| !empty($this->data['modify_username_hidden']))
175	{
176	$this->errors[] = 'bad_login_or_password';
177	}
178
179	$new_login = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_login']));
180	if($new_login !== $this->data['new_login']){
181	$this->errors[] = 'forbidden_characters';
182	}
183
184	if($this->data['login'] !== $_SESSION['user']){
185	$this->errors[] = 'bad_login_or_password';
186	}
187	if($this->data['login'] === $new_login){
188	$this->errors[] = 'same_username_as_before';
189	}
190	}
191	private function passwordUpdateStrategy(): void
192	{
193	$this->captchaValidate();
194
195	if(!isset($this->data['login']) \|\| empty($this->data['login'])
196	\|\| !isset($this->data['password']) \|\| empty($this->data['password'])
197	\|\| !isset($this->data['new_password']) \|\| empty($this->data['new_password'])
198	\|\| !isset($this->data['modify_password_hidden']) \|\| !empty($this->data['modify_password_hidden']))
199	{
200	$this->errors[] = 'bad_login_or_password';
201	}
202
203	$new_password = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_password']));
204	if($new_password !== $this->data['new_password']){
205	$this->errors[] = 'forbidden_characters';
206	}
207
208	if($this->data['login'] !== $_SESSION['user']){
209	$this->errors[] = 'bad_login_or_password';
210	}
211	if($this->data['password'] === $new_password){
212	$this->errors[] = 'same_password_as_before';
213	}
214	}
215	} \ No newline at end of file