1 files changed, 186 insertions, 0 deletions
diff --git a/src/FormValidation.php b/src/FormValidation.php
new file mode 100644
index 0000000..743cd13
--- /dev/null
+++ b/src/FormValidation.php
@@ -0,0 +1,186 @@
+<?php
+// src/FormValidation.php
+class FormValidation
+{
+        private array $data; // tableau associatif (probablement $_POST)
+        private string $validation_strategy; // à remplacer plus tard par un objet (pattern stratégie) d'interface ValidationStrategy
+        private array $errors;
+        private bool $validated = false;
+        public function __construct(array $data, string $validation_strategy){
+                $this->data = $data;
+                $this->validation_strategy = $validation_strategy;
+        }
+        public function validate(): bool
+        {
+                $this->errors = [];
+                // pattern stratégie en une seule classe
+                switch($this->validation_strategy){
+                        case 'email':
+                                $this->emailStrategy();
+                                break;
+                        case 'create_user':
+                                $this->createUserStrategy();
+                                break;
+                        case 'connection':
+                                $this->connectionStrategy();
+                                break;
+                        case 'username_update':
+                                $this->usernameUpdateStrategy();
+                                break;
+                        case 'password_update':
+                                $this->passwordUpdateStrategy();
+                                break;
+                        default:
+                                http_response_code(500); // c'est un peu comme jeter une exception
+                                echo json_encode(['success' => false, 'error' => 'server_error']);
+                                die;
+                }
+                $this->validated = true;
+                return empty($this->errors);
+        }
+        public function getErrors(): array
+        {
+                return $this->errors;
+        }
+        public function getField(string $field): string
+        {
+                return $this->validated ? $this->data[$field] : '';
+        }
+        // méthodes de validation
+        private function captchaValidate(bool $clean_session = true): void
+        {
+                $captcha_solution = (isset($_SESSION['captcha']) && is_int($_SESSION['captcha'])) ? $_SESSION['captcha'] : 0;
+                $captcha_try = isset($this->data['captcha']) ? Captcha::controlInput($this->data['captcha']) : 0;
+                if($clean_session){
+                        unset($_SESSION['captcha']);
+                }
+                
+                if($captcha_try == 0){
+                        $error = 'error_non_valid_captcha';
+                }
+                elseif($captcha_solution == 0){ // ne peut pas arriver, si?
+                        $error = 'captcha_server_error';
+                }
+                elseif($captcha_try !== $captcha_solution){
+                        $this->errors[] = 'bad_solution_captcha';
+                }
+        }
+        
+        // erreurs à la création des mots de passe
+        static private function removeSpacesTabsCRLF(string $chaine): string
+        {
+                $cibles = [' ', "\t", "\n", "\r"]; // doubles quotes !!
+                return(str_replace($cibles, '', $chaine));
+        }
+        // stratégies
+        private function emailStrategy(): void
+        {
+                $this->captchaValidate(false);
+                if(!isset($this->data['name']) || empty($this->data['name'])
+                        || !isset($this->data['email']) || empty($this->data['email'])
+                        || !isset($this->data['message']) || empty($this->data['message'])
+                        || !isset($this->data['hidden']) || !empty($this->data['hidden'])){
+                        $this->errors[] = 'missing_fields';
+                }
+                
+                if(!filter_var(trim($this->data['email']), FILTER_VALIDATE_EMAIL)){
+                        $this->errors[] = 'bad_email_address';
+                }
+                $this->data['name'] = htmlspecialchars(trim($this->data['name']));
+                $this->data['email'] = htmlspecialchars(trim($this->data['email']));
+                $this->data['message'] = htmlspecialchars($this->data['message']);
+        }
+        private function createUserStrategy(): void
+        {
+                $this->captchaValidate();
+                // test mauvais paramètres
+                if(!isset($this->data['login']) || empty($this->data['login'])
+                || !isset($this->data['password']) || empty($this->data['password'])
+                || !isset($this->data['password_confirmation']) || empty($this->data['password_confirmation'])
+                || !isset($this->data['create_user_hidden']) || !empty($this->data['create_user_hidden']))
+                {
+                        $this->errors[] = 'bad_login_or_password';
+                }
+                if($this->data['password'] !== $this->data['password_confirmation']){
+                        $this->errors[] = 'different_passwords';
+                }
+                if($this->data['login'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['login']))
+                        || $this->data['password'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['password']))){
+                        $this->errors[] = 'forbidden_characters';
+                }
+        }
+        private function connectionStrategy(): void
+        {
+                $this->captchaValidate();
+                if(!isset($this->data['login']) || empty($this->data['login'])
+                        || !isset($this->data['password']) || empty($this->data['password'])
+                        || !isset($this->data['connection_hidden']) || !empty($this->data['connection_hidden']))
+                {
+                        $this->errors[] = 'bad_login_or_password';
+                }
+        }
+        private function usernameUpdateStrategy(): void
+        {
+                $this->captchaValidate();
+                if(!isset($this->data['login']) || empty($this->data['login'])
+                        || !isset($this->data['password']) || empty($this->data['password'])
+                        || !isset($this->data['new_login']) || empty($this->data['new_login'])
+                        || !isset($this->data['modify_username_hidden']) || !empty($this->data['modify_username_hidden']))
+                {
+                        $this->errors[] = 'bad_login_or_password';
+                }
+                $new_login = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_login']));
+                if($new_login !== $this->data['new_login']){
+                        $this->errors[] = 'forbidden_characters';
+                }
+                if($this->data['login'] !== $_SESSION['user']){
+                        $this->errors[] = 'bad_login_or_password';
+                }
+                if($this->data['login'] === $new_login){
+                        $this->errors[] = 'same_username_as_before';
+                }
+        }
+        private function passwordUpdateStrategy(): void
+        {
+                $this->captchaValidate();
+                if(!isset($this->data['login']) || empty($this->data['login'])
+                        || !isset($this->data['password']) || empty($this->data['password'])
+                        || !isset($this->data['new_password']) || empty($this->data['new_password'])
+                        || !isset($this->data['modify_password_hidden']) || !empty($this->data['modify_password_hidden']))
+                {
+                        $this->errors[] = 'bad_login_or_password';
+                }
+                $new_password = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_password']));
+                if($new_password !== $this->data['new_password']){
+                        $this->errors[] = 'forbidden_characters';
+                }
+                if($this->data['login'] !== $_SESSION['user']){
+                        $this->errors[] = 'bad_login_or_password';
+                }
+                if($this->data['password'] === $new_password){
+                        $this->errors[] = 'same_password_as_before';
+                }
+        }
+}
+\ No newline at end of file

diff --git a/src/FormValidation.php b/src/FormValidation.php new file mode 100644 index 0000000..743cd13 --- /dev/null +++ b/src/FormValidation.php
@@ -0,0 +1,186 @@
	1	<?php
	2	// src/FormValidation.php
	3
	4	class FormValidation
	5	{
	6	private array $data; // tableau associatif (probablement $_POST)
	7	private string $validation_strategy; // à remplacer plus tard par un objet (pattern stratégie) d'interface ValidationStrategy
	8	private array $errors;
	9	private bool $validated = false;
	10
	11	public function __construct(array $data, string $validation_strategy){
	12	$this->data = $data;
	13	$this->validation_strategy = $validation_strategy;
	14	}
	15
	16	public function validate(): bool
	17	{
	18	$this->errors = [];
	19
	20	// pattern stratégie en une seule classe
	21	switch($this->validation_strategy){
	22	case 'email':
	23	$this->emailStrategy();
	24	break;
	25	case 'create_user':
	26	$this->createUserStrategy();
	27	break;
	28	case 'connection':
	29	$this->connectionStrategy();
	30	break;
	31	case 'username_update':
	32	$this->usernameUpdateStrategy();
	33	break;
	34	case 'password_update':
	35	$this->passwordUpdateStrategy();
	36	break;
	37	default:
	38	http_response_code(500); // c'est un peu comme jeter une exception
	39	echo json_encode(['success' => false, 'error' => 'server_error']);
	40	die;
	41	}
	42
	43	$this->validated = true;
	44	return empty($this->errors);
	45	}
	46
	47	public function getErrors(): array
	48	{
	49	return $this->errors;
	50	}
	51
	52	public function getField(string $field): string
	53	{
	54	return $this->validated ? $this->data[$field] : '';
	55	}
	56
	57	// méthodes de validation
	58	private function captchaValidate(bool $clean_session = true): void
	59	{
	60	$captcha_solution = (isset($_SESSION['captcha']) && is_int($_SESSION['captcha'])) ? $_SESSION['captcha'] : 0;
	61	$captcha_try = isset($this->data['captcha']) ? Captcha::controlInput($this->data['captcha']) : 0;
	62	if($clean_session){
	63	unset($_SESSION['captcha']);
	64	}
	65
	66	if($captcha_try == 0){
	67	$error = 'error_non_valid_captcha';
	68	}
	69	elseif($captcha_solution == 0){ // ne peut pas arriver, si?
	70	$error = 'captcha_server_error';
	71	}
	72	elseif($captcha_try !== $captcha_solution){
	73	$this->errors[] = 'bad_solution_captcha';
	74	}
	75	}
	76
	77	// erreurs à la création des mots de passe
	78	static private function removeSpacesTabsCRLF(string $chaine): string
	79	{
	80	$cibles = [' ', "\t", "\n", "\r"]; // doubles quotes !!
	81	return(str_replace($cibles, '', $chaine));
	82	}
	83
	84
	85	// stratégies
	86	private function emailStrategy(): void
	87	{
	88	$this->captchaValidate(false);
	89
	90	if(!isset($this->data['name']) \|\| empty($this->data['name'])
	91	\|\| !isset($this->data['email']) \|\| empty($this->data['email'])
	92	\|\| !isset($this->data['message']) \|\| empty($this->data['message'])
	93	\|\| !isset($this->data['hidden']) \|\| !empty($this->data['hidden'])){
	94	$this->errors[] = 'missing_fields';
	95	}
	96
	97	if(!filter_var(trim($this->data['email']), FILTER_VALIDATE_EMAIL)){
	98	$this->errors[] = 'bad_email_address';
	99	}
	100
	101	$this->data['name'] = htmlspecialchars(trim($this->data['name']));
	102	$this->data['email'] = htmlspecialchars(trim($this->data['email']));
	103	$this->data['message'] = htmlspecialchars($this->data['message']);
	104	}
	105	private function createUserStrategy(): void
	106	{
	107	$this->captchaValidate();
	108
	109	// test mauvais paramètres
	110	if(!isset($this->data['login']) \|\| empty($this->data['login'])
	111	\|\| !isset($this->data['password']) \|\| empty($this->data['password'])
	112	\|\| !isset($this->data['password_confirmation']) \|\| empty($this->data['password_confirmation'])
	113	\|\| !isset($this->data['create_user_hidden']) \|\| !empty($this->data['create_user_hidden']))
	114	{
	115	$this->errors[] = 'bad_login_or_password';
	116	}
	117
	118	if($this->data['password'] !== $this->data['password_confirmation']){
	119	$this->errors[] = 'different_passwords';
	120	}
	121
	122	if($this->data['login'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['login']))
	123	\|\| $this->data['password'] !== self::removeSpacesTabsCRLF(htmlspecialchars($this->data['password']))){
	124	$this->errors[] = 'forbidden_characters';
	125	}
	126	}
	127	private function connectionStrategy(): void
	128	{
	129	$this->captchaValidate();
	130
	131	if(!isset($this->data['login']) \|\| empty($this->data['login'])
	132	\|\| !isset($this->data['password']) \|\| empty($this->data['password'])
	133	\|\| !isset($this->data['connection_hidden']) \|\| !empty($this->data['connection_hidden']))
	134	{
	135	$this->errors[] = 'bad_login_or_password';
	136	}
	137	}
	138	private function usernameUpdateStrategy(): void
	139	{
	140	$this->captchaValidate();
	141
	142	if(!isset($this->data['login']) \|\| empty($this->data['login'])
	143	\|\| !isset($this->data['password']) \|\| empty($this->data['password'])
	144	\|\| !isset($this->data['new_login']) \|\| empty($this->data['new_login'])
	145	\|\| !isset($this->data['modify_username_hidden']) \|\| !empty($this->data['modify_username_hidden']))
	146	{
	147	$this->errors[] = 'bad_login_or_password';
	148	}
	149
	150	$new_login = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_login']));
	151	if($new_login !== $this->data['new_login']){
	152	$this->errors[] = 'forbidden_characters';
	153	}
	154
	155	if($this->data['login'] !== $_SESSION['user']){
	156	$this->errors[] = 'bad_login_or_password';
	157	}
	158	if($this->data['login'] === $new_login){
	159	$this->errors[] = 'same_username_as_before';
	160	}
	161	}
	162	private function passwordUpdateStrategy(): void
	163	{
	164	$this->captchaValidate();
	165
	166	if(!isset($this->data['login']) \|\| empty($this->data['login'])
	167	\|\| !isset($this->data['password']) \|\| empty($this->data['password'])
	168	\|\| !isset($this->data['new_password']) \|\| empty($this->data['new_password'])
	169	\|\| !isset($this->data['modify_password_hidden']) \|\| !empty($this->data['modify_password_hidden']))
	170	{
	171	$this->errors[] = 'bad_login_or_password';
	172	}
	173
	174	$new_password = self::removeSpacesTabsCRLF(htmlspecialchars($this->data['new_password']));
	175	if($new_password !== $this->data['new_password']){
	176	$this->errors[] = 'forbidden_characters';
	177	}
	178
	179	if($this->data['login'] !== $_SESSION['user']){
	180	$this->errors[] = 'bad_login_or_password';
	181	}
	182	if($this->data['password'] === $new_password){
	183	$this->errors[] = 'same_password_as_before';
	184	}
	185	}
	186	} \ No newline at end of file