From 7a13d53e43c7db7fe39474208ffa54ba2906d308 Mon Sep 17 00:00:00 2001
From: polo <ordipolo@gmx.fr>
Date: Tue, 24 Jun 2025 23:57:59 +0200
Subject: =?UTF-8?q?petites=20am=C3=A9liorations=20au=20syst=C3=A8me=20de?=
 =?UTF-8?q?=20mot=20de=20passe?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 public/index.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'public/index.php')

diff --git a/public/index.php b/public/index.php
index d6ca8d4..56af032 100644
--- a/public/index.php
+++ b/public/index.php
@@ -31,6 +31,10 @@ ini_set('session.use_strict_mode', 'On');
 ini_set('session.cookie_secure', 'On');
 session_start();
 $_SESSION['admin'] = !isset($_SESSION['admin']) ? false : $_SESSION['admin']; // intialisation sur faux
+if($_SESSION['admin'] === false || empty($_SESSION['user'])){ // OUT !!
+    $_SESSION['user'] = '';
+    $_SESSION['admin'] = false;
+}
 
 // login, mot de passe et captcha
 require '../src/controller/password.php';
@@ -49,8 +53,8 @@ require '../src/controller/post.php';
 $id = '';
 if(!empty($_GET['id']))
 {
-    //$id = (int)$_GET['id']; // (int) = moyen basique d'éviter les injections
-    $id = Security::secureString($_GET['id']);
+    $id = (int)$_GET['id']; // (int) évite les injections, pas parfait d'après chatgpt
+    //$id = Security::quelqueChose($_GET['id']);
 }
 
 if(isset($_GET['action']) && $_GET['action'] === 'deconnexion')
-- 
cgit v1.2.3