From ae217a6e4b0c29346381e2a410fd7810cb33ce3f Mon Sep 17 00:00:00 2001 From: polo Date: Wed, 10 Jun 2026 20:56:25 +0200 Subject: =?UTF-8?q?Tous=20les=20contr=C3=B4leurs=20retournent=20une=20Resp?= =?UTF-8?q?onse!?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/controller/ArticleController.php | 119 ++++--- src/controller/CalendarController.php | 30 +- src/controller/ContactFormController.php | 50 ++- src/controller/FileUploadController.php | 18 +- src/controller/HeadFootController.php | 37 +- src/controller/ImageUploadController.php | 51 +-- src/controller/MaintenanceController.php | 37 +- src/controller/MenuAndPathsController.php | 57 ++- src/controller/PageManagementController.php | 126 ++++--- src/controller/UserController.php | 57 +-- src/controller/ViewDirector.php | 11 +- src/service/Router.php | 515 ++++++++++++---------------- src/service/User.php | 23 ++ 13 files changed, 508 insertions(+), 623 deletions(-) create mode 100644 src/service/User.php (limited to 'src') diff --git a/src/controller/ArticleController.php b/src/controller/ArticleController.php index 2364c50..7019f5c 100644 --- a/src/controller/ArticleController.php +++ b/src/controller/ArticleController.php @@ -8,10 +8,12 @@ use App\Entity\Article; use Doctrine\ORM\EntityManager; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpFoundation\JsonResponse; +use Symfony\Component\HttpFoundation\RedirectResponse; class ArticleController { - static public function fetch(EntityManager $entityManager, Request $request): void + static public function fetch(EntityManager $entityManager, Request $request): JsonResponse { if($request->query->has('id') && !empty($request->query->get('id')) && $request->query->has('last_article')){ $id = (int)$request->get('id'); // type et nettoie @@ -29,6 +31,9 @@ class ArticleController elseif($parent_block->getName() === 'news_block'){ $builder_name = 'NewBuilder'; } + else{ + return new JsonResponse(['success' => false, 'error' => 'server side error'], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); + } $html = ''; foreach($bulk_data as $article){ @@ -36,24 +41,20 @@ class ArticleController $html .= $builder->render(); } - echo json_encode(['success' => true, 'html' => $html, 'truncated' => $get_articles_return[1]]); - die; + return new JsonResponse(['success' => true, 'html' => $html, 'truncated' => $get_articles_return[1]]); } else{ - echo json_encode(['success' => false, 'error' => 'mauvais type de bloc']); - die; + return new JsonResponse(['success' => false, 'error' => 'server side error']); } } else{ - echo json_encode(['success' => false, 'error' => 'la requête ne comporte pas les paramètres attendus']); - die; + return new JsonResponse(['success' => false, 'error' => 'bad parameters']); } } - static public function editorSubmit(EntityManager $entityManager, array $json): void + static public function editorSubmit(EntityManager $entityManager, array $json): JsonResponse { - if(json_last_error() === JSON_ERROR_NONE) - { + if(json_last_error() === JSON_ERROR_NONE){ $id = $json['id']; if(in_array($id[0], ['t', 'p', 'i', 'd'])){ $id = substr($id, 1); @@ -76,8 +77,7 @@ class ArticleController if($json['id'][0] === 'n'){ // ici $id est un bloc $section_id = (int)substr($id, 1); // id du bloc
if(!$model->findNodeById($section_id)){ // erreur mauvais id - echo json_encode(['success' => false, 'error' => 'article_not_saved, bad id']); - die; + return new JsonResponse(['success' => false, 'error' => 'article_not_saved, bad id']); } $model->makeSectionNode(); $section = $model->getNode(); @@ -85,8 +85,7 @@ class ArticleController // ajout d'une news if(is_array($content)){ if($section->getPage()->getEndOfPath() !== $json['from']){ // erreur mauvais from - echo json_encode(['success' => false, 'error' => 'article_not_saved, bad from']); - die; + return new JsonResponse(['success' => false, 'error' => 'article_not_saved, bad from']); } $date = new \DateTime($content['d'] . ':' . (new \DateTime)->format('s')); // l'input type="datetime-local" ne donne pas les secondes, on les ajoute: 'hh:mm' . ':ss' @@ -112,14 +111,12 @@ class ArticleController $entityManager->persist($article_node); $entityManager->flush(); - echo json_encode(['success' => true, 'article_id' => $article_node->getId()]); - die; + return new JsonResponse(['success' => true, 'article_id' => $article_node->getId()]); } // modification article //else{} - if($model->makeArticleNode($id)) // une entrée est trouvée - { + if($model->makeArticleNode($id)){ // une entrée est trouvée $node = $model->getArticleNode(); switch($json['id'][0]){ case 'i': @@ -132,54 +129,74 @@ class ArticleController $node->getArticle()->setTitle($content); // html de l'éditeur break; case 'd': - echo json_encode(['success' => false, 'message' => 'l\'action editor_submit ne supporte pas les dates, utiliser date_submit.']); - die; + return new JsonResponse(['success' => false, 'message' => 'l\'action editor_submit ne supporte pas les dates, utiliser date_submit.']); default: // modif article simple (id sans lettre devant) $node->getArticle()->setContent($content); } $entityManager->flush(); - echo json_encode(['success' => true]); + return new JsonResponse(['success' => true]); } - else - { - echo json_encode(['success' => false, 'message' => 'article non identifié']); + else{ + return new JsonResponse(['success' => false, 'message' => 'article non identifié']); } } else{ - echo json_encode(['success' => false, 'message' => 'Erreur de décodage JSON']); + return new JsonResponse(['success' => false, 'message' => 'Erreur de décodage JSON']); } - die; } - static public function deleteArticle(EntityManager $entityManager, array $data): Response // $data peut être un $_GET ou du JSON + static public function deleteArticle(EntityManager $entityManager, Request $request): Response { $model = new Model($entityManager); - if(!$model->makeArticleNode($data['id'], true)){ - return new Response( - '{"success": false, "message": "Erreur: pas d\'article à supprimer"}', - Response::HTTP_INTERNAL_SERVER_ERROR); // 500 + + if($request->headers->get('Content-Type') === 'application/json'){ + $id = json_decode($request->getContent(), true)['id']; + } + elseif($request->headers->get('Content-Type') === 'application/x-www-form-urlencoded'){ + $id = $request->query->get('id'); + } + // ni JSON ni form, c'est quoi? un POST vide? + else{ + return new Response('la méthode deleteArticle ne peut être appelée de cette manière'); } - $article = $model->getArticleNode(); - $section = $model->getNode(); - $entityManager->remove($article); - $section->removeChild($article); - $section->sortChildren(true); // régénère les positions + if(!$model->makeArticleNode($id, true)){ + $params = ['false', "Erreur 500 pas d\'article à supprimer"]; + } + else{ + $article = $model->getArticleNode(); + $section = $model->getNode(); + + $entityManager->remove($article); + $section->removeChild($article); + $section->sortChildren(true); // régénère les positions + + try{ + $entityManager->flush(); + $params = ['true', 'Article supprimé avec succès']; + } + catch(Exception $e){ + $params = ['false', 'Erreur 500 ' . $e->getMessage()]; + } + } - try{ - $entityManager->flush(); - return new Response( - '{"success": true, "message": "Article supprimé avec succès"}', - Response::HTTP_OK); // 200 - } - catch(Exception $e){ - return new Response( - '{"success": false, "message": "Erreur: ' . $e->getMessage() . '"}', - Response::HTTP_INTERNAL_SERVER_ERROR); // 500 + if($request->headers->get('Content-Type') === 'application/json'){ + return new JsonResponse( + ['success' => $params[0], 'message' => $params[1]], + $params[0] ? JsonResponse::HTTP_OK : JsonResponse::HTTP_INTERNAL_SERVER_ERROR + ); } + elseif($request->headers->get('Content-Type') === 'application/x-www-form-urlencoded'){ + $url = new URL(['page' => $request->query->get('from') ?? '', 'success' => $params[0], 'message' => $params[1]]); + return new RedirectResponse((string)$url); + } + else{ + // cas inaccesible + throw new Exception('la méthode deleteArticle ne peut être appelée de cette manière'); + } } - static public function switchPositions(EntityManager $entityManager, array $json): void + static public function switchPositions(EntityManager $entityManager, array $json): JsonResponse { $model = new Model($entityManager); $model->makeArticleNode($json['id1'], true); @@ -202,11 +219,10 @@ class ArticleController $article2->setPosition($tmp); $entityManager->flush(); - echo json_encode(['success' => true]); - die; + return new JsonResponse(['success' => true]); } - static public function dateSubmit(EntityManager $entityManager, array $json): void + static public function dateSubmit(EntityManager $entityManager, array $json): JsonResponse { $id = substr($json['id'], 1); $date = new DateTime($json['date']); @@ -217,7 +233,6 @@ class ArticleController $node->getArticle()->setDateTime($date); $entityManager->flush(); - echo json_encode(['success' => true]); - die; + return new JsonResponse(['success' => true]); } } \ No newline at end of file diff --git a/src/controller/CalendarController.php b/src/controller/CalendarController.php index b60ff11..1a62afa 100644 --- a/src/controller/CalendarController.php +++ b/src/controller/CalendarController.php @@ -5,10 +5,11 @@ declare(strict_types=1); use Doctrine\ORM\EntityManager; use App\Entity\Event; +use Symfony\Component\HttpFoundation\JsonResponse; class CalendarController { - static public function getData(EntityManager $entityManager): void + static public function getData(EntityManager $entityManager): JsonResponse { // bornes début et fin du calendrier affiché à l'heure locale // noter que la vue "planning" est similaire à la vue "semaine" @@ -33,50 +34,41 @@ class CalendarController $events[] = $event->toArray(); } - header('Content-Type: application/json'); - echo json_encode($events); - die; + return new JsonResponse($events); } - static public function newEvent(array $json, EntityManager $entityManager):void + static public function newEvent(array $json, EntityManager $entityManager): JsonResponse { try{ $event = new Event($json); } catch(InvalidArgumentException $e){ - echo json_encode(['success' => false, 'error' => $e->getMessage()]); - http_response_code(400); - die; + return new JsonResponse(['success' => false, 'error' => $e->getMessage()], JsonResponse::HTTP_BAD_REQUEST); // code 400 } $entityManager->persist($event); $entityManager->flush(); - echo json_encode(['success' => true, 'id' => $event->getId()]); - die; + return new JsonResponse(['success' => true, 'id' => $event->getId()]); } - static public function updateEvent(array $json, EntityManager $entityManager):void + static public function updateEvent(array $json, EntityManager $entityManager): JsonResponse { $event = $entityManager->find('App\Entity\Event', (int)$json['id']); try{ $event->securedUpdateFromJSON($json); } catch(InvalidArgumentException $e){ - echo json_encode(['success' => false, 'error' => $e->getMessage()]); - http_response_code(400); - die; + return new JsonResponse(['success' => false, 'error' => $e->getMessage()], JsonResponse::HTTP_BAD_REQUEST); // code 400 } $entityManager->flush(); - echo json_encode(['success' => true]); - die; + return new JsonResponse(['success' => true]); } - static public function removeEvent(array $json, EntityManager $entityManager):void + static public function removeEvent(array $json, EntityManager $entityManager): JsonResponse { $event = $entityManager->find('App\Entity\Event', (int)$json['id']); $entityManager->remove($event); $entityManager->flush(); - echo json_encode(['success' => true]); - die; + return new JsonResponse(['success' => true]); } } \ No newline at end of file diff --git a/src/controller/ContactFormController.php b/src/controller/ContactFormController.php index 468b732..6b89161 100644 --- a/src/controller/ContactFormController.php +++ b/src/controller/ContactFormController.php @@ -4,28 +4,27 @@ declare(strict_types=1); use Doctrine\ORM\EntityManager; +use Symfony\Component\HttpFoundation\JsonResponse; class ContactFormController { - static public function keepEmails(EntityManager $entityManager, array $json): void + static public function keepEmails(EntityManager $entityManager, array $json): JsonResponse { $form_data = $entityManager->find('App\Entity\NodeData', $json['id']); $form_data->updateData('keep_emails', $json['checked'] ? true : false); $entityManager->persist($form_data); $entityManager->flush(); - echo json_encode(['success' => true, 'checked' => $json['checked']]); - die; + return new JsonResponse(['success' => true, 'checked' => $json['checked']]); } - static public function setEmailsRetentionPeriod(EntityManager $entityManager, array $json): void + static public function setEmailsRetentionPeriod(EntityManager $entityManager, array $json): JsonResponse { $form_data = $entityManager->find('App\Entity\NodeData', $json['id']); $form_data->updateData($json['field'], (int)$json['months']); $entityManager->persist($form_data); $entityManager->flush(); - echo json_encode(['success' => true, 'months' => $json['months']]); - die; + return new JsonResponse(['success' => true, 'months' => $json['months']]); } - static public function setEmailParam(EntityManager $entityManager, array $json): void + static public function setEmailParam(EntityManager $entityManager, array $json): JsonResponse { $form = new FormValidation($json, 'email_params'); @@ -41,16 +40,15 @@ class ContactFormController } if(empty($error)){ - echo json_encode(['success' => true]); + return new JsonResponse(['success' => true]); } else{ - echo json_encode(['success' => false, 'error' => $error]); + return new JsonResponse(['success' => false, 'error' => $error]); } - die; } // les deux méthodes suivantes sont "factorisables", elles ne se distinguent que par la gestion ou non du formulaire rempli par le visiteur - static public function sendVisitorEmail(EntityManager $entityManager, array $json): void + static public function sendVisitorEmail(EntityManager $entityManager, array $json): JsonResponse { $form = new FormValidation($json, 'email_send'); @@ -59,9 +57,7 @@ class ContactFormController // destinataire = e-mail par défaut dans config.ini OU choisi par l'utilisateur $form_data = $entityManager->find('App\Entity\NodeData', $json['id']); if($form_data === null){ - http_response_code(500); - echo json_encode(['success' => false, 'error' => 'server_error']); - die; + return new JsonResponse(['success' => false, 'error' => 'server_error'], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); // code 500 } if(!EmailService::send($entityManager, $form_data, false, $form->getField('name'), $form->getField('email'), $form->getField('message'))){ @@ -73,45 +69,39 @@ class ContactFormController } if(empty($error)){ - echo json_encode(['success' => true]); + return new JsonResponse(['success' => true]); } else{ - echo json_encode(['success' => false, 'error' => $error]); + return new JsonResponse(['success' => false, 'error' => $error]); } - die; } - static public function sendTestEmail(EntityManager $entityManager, array $json): void + static public function sendTestEmail(EntityManager $entityManager, array $json): JsonResponse { // destinataire = e-mail par défaut dans config.ini OU choisi par l'utilisateur $form_data = $entityManager->find('App\Entity\NodeData', $json['id']); if($form_data === null){ - http_response_code(500); - echo json_encode(['success' => false, 'error' => 'server_error']); - die; + return new JsonResponse(['success' => false, 'error' => 'server_error'], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); } if(EmailService::send($entityManager, $form_data, true, 'nom du visiteur', 'adresse@du_visiteur.fr', "TEST d'un envoi d'e-mail depuis le site web")){ - echo json_encode(['success' => true]); + return new JsonResponse(['success' => true]); } else{ - echo json_encode(['success' => false, 'error' => 'email_not_sent']); + return new JsonResponse(['success' => false, 'error' => 'email_not_sent']); } - die; } - static public function deleteEmail(EntityManager $entityManager, array $json): void + static public function deleteEmail(EntityManager $entityManager, array $json): JsonResponse { $email = $entityManager->find('App\Entity\Email', $json['id']); $entityManager->remove($email); $entityManager->flush(); - echo json_encode(['success' => true]); - die; + return new JsonResponse(['success' => true]); } - static public function toggleSensitiveEmail(EntityManager $entityManager, array $json): void + static public function toggleSensitiveEmail(EntityManager $entityManager, array $json): JsonResponse { $email = $entityManager->find('App\Entity\Email', $json['id']); $email->makeSensitive($json['checked']); $entityManager->flush(); - echo json_encode(['success' => true, 'checked' => $json['checked'], 'deletion_date' => $email->getDeletionDate()->format('d/m/Y')]); - die; + return new JsonResponse(['success' => true, 'checked' => $json['checked'], 'deletion_date' => $email->getDeletionDate()->format('d/m/Y')]); } } \ No newline at end of file diff --git a/src/controller/FileUploadController.php b/src/controller/FileUploadController.php index f53f5c2..3cd5e6b 100644 --- a/src/controller/FileUploadController.php +++ b/src/controller/FileUploadController.php @@ -3,9 +3,11 @@ declare(strict_types=1); +use Symfony\Component\HttpFoundation\JsonResponse; + class FileUploadController { - static public function checkFileDownload(array $file): bool + static private function checkFileDownload(array $file): bool { $extensions_white_list = ['pdf', 'rtf', 'doc', 'docx', 'xls', 'xlsx', 'ppt', 'pptx', 'odt', 'ods', 'odp']; // = extensions_white_list côté javascript $mime_type_white_list = ['application/pdf', 'application/rtf', 'text/rtf', 'application/msword', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'application/vnd.ms-excel', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'application/vnd.ms-powerpoint', 'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'application/vnd.oasis.opendocument.text', 'application/vnd.oasis.opendocument.spreadsheet', 'application/vnd.oasis.opendocument.presentation']; @@ -32,7 +34,7 @@ class FileUploadController return in_array($real_type, $mime_type_white_list, true); } - static public function fileUploadTinyMce(): void + static public function fileUploadTinyMce(): JsonResponse { if(isset($_FILES['file'])){ $dest = 'user_data/media/'; @@ -46,22 +48,18 @@ class FileUploadController if(self::checkFileDownload($_FILES['file'])){ if(move_uploaded_file($_FILES['file']['tmp_name'], $file_path)){ - echo json_encode(['location' => $file_path]); + return new JsonResponse(['location' => $file_path]); } else{ - http_response_code(500); - echo json_encode(['message' => 'Erreur enregistrement du fichier.']); + return new JsonResponse(['message' => 'Erreur enregistrement du fichier.'], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); // code 500 } } else{ - http_response_code(400); - echo json_encode(['message' => 'Erreur 400: fichier non valide.']); + return new JsonResponse(['message' => 'Erreur 400: fichier non valide.'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } } else{ - http_response_code(400); - echo json_encode(['message' => 'Erreur 400: Bad Request']); + return new JsonResponse(['message' => 'Erreur 400: Bad Request'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } - die; } } \ No newline at end of file diff --git a/src/controller/HeadFootController.php b/src/controller/HeadFootController.php index df6d022..72487d8 100644 --- a/src/controller/HeadFootController.php +++ b/src/controller/HeadFootController.php @@ -7,15 +7,15 @@ use App\Entity\NodeData; use App\Entity\Asset; use App\Entity\AssetEmployment; use Doctrine\ORM\EntityManager; +use Symfony\Component\HttpFoundation\JsonResponse; class HeadFootController { - static public function setTextData(EntityManager $entityManager, string $request_params, array $json): void + static public function setTextData(EntityManager $entityManager, string $request_params, array $json): JsonResponse { $params_array = explode('_', $request_params); // header_title, header_description, footer_name, footer_address, footer_email if(count($params_array) !== 2){ - echo json_encode(['success' => false]); - die; + return new JsonResponse(['success' => false]); } $model = new Model($entityManager); @@ -34,18 +34,16 @@ class HeadFootController } $entityManager->flush(); - echo json_encode(['success' => true]); + return new JsonResponse(['success' => true]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } - static public function uploadAsset(EntityManager $entityManager, string $request_params): void + static public function uploadAsset(EntityManager $entityManager, string $request_params): JsonResponse { if(empty($_FILES)){ - http_response_code(400); - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false], JsonResponse::HTTP_BAD_REQUEST); // code 400 } else{ if(!is_dir(Asset::USER_PATH)){ @@ -81,9 +79,8 @@ class HeadFootController } /* -- écriture du fichier sur le disque -- */ - if(!ImageUploadController::imagickCleanAndWriteImage(file_get_contents($file['tmp_name']), Asset::USER_PATH . $name, $extension)){ // recréer l’image pour la nettoyer - http_response_code(500); - echo json_encode(['success' => false, 'message' => "Erreur de l'enregistrement de l'image: problème de permission ou format non valide.", 'format' => $extension]); + if(!ImageUploadController::imagickCleanAndWriteImage(file_get_contents($file['tmp_name']), Asset::USER_PATH . $name)){ // recréer l’image pour la nettoyer + return new JsonResponse(['success' => false, 'message' => "Erreur de l'enregistrement de l'image: problème de permission ou format non valide.", 'format' => $extension], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); // code 500 } else{ $params_array = explode('_', $request_params); // head_favicon, header_logo, header_background, footer_logo @@ -111,23 +108,20 @@ class HeadFootController $entityManager->persist($asset); } $entityManager->flush(); - echo json_encode(['success' => true, 'location' => Asset::USER_PATH . $name, 'mime_type' => $mime_type]); + return new JsonResponse(['success' => true, 'location' => Asset::USER_PATH . $name, 'mime_type' => $mime_type]); } else{ - http_response_code(500); - echo json_encode(['success' => false, 'message' => "Erreur noeud non trouvé, c'est pas du tout normal!"]); + return new JsonResponse(['success' => false, 'message' => "Erreur noeud non trouvé, c'est pas du tout normal!"], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); // code 500 } } } - die; } - static public function displaySocialNetwork(EntityManager $entityManager, string $request_params, array $json): void + static public function displaySocialNetwork(EntityManager $entityManager, string $request_params, array $json): JsonResponse { $params_array = explode('_', $request_params); if(count($params_array) !== 2){ - echo json_encode(['success' => false]); - die; + return new JsonResponse(['success' => false]); } $model = new Model($entityManager); @@ -138,11 +132,10 @@ class HeadFootController $node_data->updateData('social_show', $social_show); $entityManager->flush(); - echo json_encode(['success' => true, 'checked' => $json['checked']]); + return new JsonResponse(['success' => true, 'checked' => $json['checked']]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } } \ No newline at end of file diff --git a/src/controller/ImageUploadController.php b/src/controller/ImageUploadController.php index ddd99ae..af9a553 100644 --- a/src/controller/ImageUploadController.php +++ b/src/controller/ImageUploadController.php @@ -3,6 +3,8 @@ declare(strict_types=1); +use Symfony\Component\HttpFoundation\JsonResponse; + class ImageUploadController { const ALLOWED_EXTENSIONS = ['jpg', 'jpeg', 'png', 'gif', 'webp', 'tiff', 'tif']; @@ -78,16 +80,13 @@ class ImageUploadController } // téléchargement par le plugin (bouton "insérer une image") - static public function imageUploadTinyMce(): void + static public function imageUploadTinyMce(): JsonResponse { if(!isset($_FILES['file'])){ - http_response_code(400); - echo json_encode(['message' => 'Erreur 400: Bad Request']); + return new JsonResponse(['message' => 'Erreur 400: Bad Request'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } if(!is_uploaded_file($_FILES['file']['tmp_name'])) { - http_response_code(400); - echo json_encode(['message' => "Le fichier n'a pas été téléchargé correctement."]); - die; + return new JsonResponse(['message' => "Le fichier n'a pas été téléchargé correctement."], JsonResponse::HTTP_BAD_REQUEST); // code 400 } $dest = 'user_data/images/'; @@ -113,35 +112,29 @@ class ImageUploadController // if(self::imagickCleanAndWriteImage($image_data, $local_path)){ // recréer l’image pour la nettoyer - echo json_encode(['location' => $local_path]); // renvoyer l'URL de l'image téléchargée + return new JsonResponse(['location' => $local_path]); // renvoyer l'URL de l'image téléchargée } else{ - http_response_code(500); - echo json_encode(['message' => 'Erreur image non valide']); + return new JsonResponse(['message' => 'Erreur image non valide'], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); // code 500 } - die; } // collage de HTML => recherche de balises , téléchargement côté serveur et renvoi de l'adresse sur le serveur - static public function uploadImageHtml(): void + static public function uploadImageHtml(): JsonResponse { $json = json_decode(file_get_contents('php://input'), true); if(!isset($json['image_url'])){ - http_response_code(400); - echo json_encode(['message' => "Erreur 400: Bad Request"]); - die; + return new JsonResponse(['message' => "Erreur 400: Bad Request"], JsonResponse::HTTP_BAD_REQUEST); // code 400 } $image_data = self::curlDownloadImage($json['image_url']); // téléchargement de l’image par le serveur avec cURL au lieu de file_get_contents if(!$image_data){ - http_response_code(400); - echo json_encode(['message' => "Erreur, le serveur n'a pas réussi à télécharger l'image."]); - die; + return new JsonResponse(['message' => "Erreur, le serveur n'a pas réussi à télécharger l'image."], JsonResponse::HTTP_BAD_REQUEST); // code 400 } $dest = 'user_data/images/'; - if(!is_dir($dest)) { // Vérifier si le répertoire existe, sinon le créer + if(!is_dir($dest)){ // Vérifier si le répertoire existe, sinon le créer mkdir($dest, 0755, true); } @@ -154,17 +147,15 @@ class ImageUploadController $local_path = uniqid($dest . $name . '_') . '.' . $extension; if(self::imagickCleanAndWriteImage($image_data, $local_path)){ // recréer l’image pour la nettoyer - echo json_encode(['location' => $local_path]); // nouvelle adresse + return new JsonResponse(['location' => $local_path]); // nouvelle adresse } else{ - http_response_code(500); - echo json_encode(['message' => 'Erreur image non valide', 'format' => $extension]); + return new JsonResponse(['message' => 'Erreur image non valide', 'format' => $extension], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); // code 500 } - die; } // collage simple d'une image (base64 dans le presse-papier) non encapsulée dans du HTML - static public function uploadImageBase64(): void + static public function uploadImageBase64(): JsonResponse { $json = json_decode(file_get_contents('php://input'), true); $dest = 'user_data/images/'; @@ -175,9 +166,7 @@ class ImageUploadController // détection de data:image/ et de ;base64, et capture du format dans $type if(!isset($json['image_base64']) || !preg_match('/^data:image\/(\w+);base64,/', $json['image_base64'], $type)){ - http_response_code(400); - echo json_encode(['message' => 'Données image base64 manquantes ou invalides']); - die; + return new JsonResponse(['message' => 'Données image base64 manquantes ou invalides'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } $extension = strtolower($type[1]); // dans (\w+) @@ -188,19 +177,15 @@ class ImageUploadController $name = 'pasted_image'; $image_data = base64_decode(substr($json['image_base64'], strpos($json['image_base64'], ',') + 1)); // découpe la chaine à la virgule puis convertit en binaire if($image_data === false){ - http_response_code(400); - echo json_encode(['message' => 'Décodage base64 invalide']); - die; + return new JsonResponse(['message' => 'Décodage base64 invalide'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } $local_path = uniqid($dest . $name . '_') . '.' . $extension; if(self::imagickCleanAndWriteImage($image_data, $local_path)){ - echo json_encode(['location' => $local_path]); + return new JsonResponse(['location' => $local_path]); } else{ - http_response_code(500); - echo json_encode(['message' => 'Erreur image non valide', 'format' => $extension]); + return new JsonResponse(['message' => 'Erreur image non valide', 'format' => $extension], JsonResponse::HTTP_INTERNAL_SERVER_ERROR); // code 500 } - die; } } \ No newline at end of file diff --git a/src/controller/MaintenanceController.php b/src/controller/MaintenanceController.php index 98f2e60..1f8fadd 100644 --- a/src/controller/MaintenanceController.php +++ b/src/controller/MaintenanceController.php @@ -6,17 +6,18 @@ declare(strict_types=1); use Doctrine\ORM\EntityManager; use App\Entity\log; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\BinaryFileResponse; use Symfony\Component\HttpFoundation\ResponseHeaderBag; use Symfony\Component\HttpFoundation\RedirectResponse; class MaintenanceController { - static public function getLogs(EntityManager $entityManager): void + static public function getLogs(EntityManager $entityManager): JsonResponse { $data = $entityManager->getRepository(Log::class)->findAll(); if(empty($data)){ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } else{ $view = '

Table ' . TABLE_PREFIX . 'log de la base de données

@@ -35,24 +36,22 @@ class MaintenanceController '; } $view .= ''; - echo json_encode(['success' => true, 'view' => $view]); + return new JsonResponse(['success' => true, 'view' => $view]); } - die; } - static public function eraseLogs(EntityManager $entityManager): void + static public function eraseLogs(EntityManager $entityManager): JsonResponse { try{ $table = $entityManager->getClassMetadata(Log::class)->getTableName(); $entityManager->getConnection()->executeStatement("TRUNCATE TABLE {$table}"); // SQL donné à DBAL - echo json_encode(['success' => true]); + return new JsonResponse(['success' => true]); } catch(Exception $e){ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false, 'error' => $e->getMessage()]); } - die; } - static public function getLastDump(EntityManager $entityManager): void + static public function getLastDump(EntityManager $entityManager): BinaryFileResponse|RedirectResponse { try{ $backup_list = Backup::getBackupList(); @@ -75,10 +74,9 @@ class MaintenanceController $_SESSION['flash_message'] = $e->getMessage(); $response = new RedirectResponse((string) new URL(['page' => 'maintenance'])); } - $response->send(); - die; + return $response; } - static public function getAllMedia(): void + static public function getAllMedia(): BinaryFileResponse|RedirectResponse { try{ $file_path = '../var/' . UserDataService::createZip('all_media.zip', ['user_data/assets', 'user_data/images', 'user_data/media']); @@ -89,12 +87,11 @@ class MaintenanceController $_SESSION['flash_message'] = $e->getMessage(); $response = new RedirectResponse((string) new URL(['page' => 'maintenance'])); } - $response->send(); - die; + return $response; } // parce qu'il faut un contrôleur - static public function handleBackupSelection(EntityManager $entityManager, Request $request): void + static public function handleBackupSelection(EntityManager $entityManager, Request $request): RedirectResponse { $selected_file = $request->request->get('selected_sql'); $url = new URL; @@ -114,12 +111,10 @@ class MaintenanceController $_SESSION['flash_message'] = "Une erreur s'est produite: " . $e->getMessage(); } - $response = new RedirectResponse((string)$url); - $response->send(); - die; + return new RedirectResponse((string)$url); } - static public function downloadSQL(EntityManager $entityManager, Request $request): void + static public function downloadSQL(EntityManager $entityManager, Request $request): RedirectResponse { $uploaded_file = $request->files->get('uploaded_sql'); $date = new DateTime; @@ -147,8 +142,6 @@ class MaintenanceController $_SESSION['flash_message'] = "Une erreur s'est produite: " . $e->getMessage(); } - $response = new RedirectResponse((string)$url); - $response->send(); - die; + return new RedirectResponse((string)$url); } } \ No newline at end of file diff --git a/src/controller/MenuAndPathsController.php b/src/controller/MenuAndPathsController.php index 799f14b..9bd6ad1 100644 --- a/src/controller/MenuAndPathsController.php +++ b/src/controller/MenuAndPathsController.php @@ -5,10 +5,12 @@ declare(strict_types=1); use App\Entity\Page; use Doctrine\ORM\EntityManager; +use Symfony\Component\HttpFoundation\JsonResponse; +use Symfony\Component\HttpFoundation\RedirectResponse; class MenuAndPathsController { - static public function newUrlMenuEntry(EntityManager $entityManager): void + static public function newUrlMenuEntry(EntityManager $entityManager): RedirectResponse { Model::$menu = new Menu($entityManager); $previous_page = Model::$menu->findPageById((int)$_POST["location"]); // (int) à cause de declare(strict_types=1); @@ -16,8 +18,8 @@ class MenuAndPathsController $url_input = trim($_POST["url_input"]); // faire htmlspecialchars à l'affichage if(!filter_var($url_input, FILTER_VALIDATE_URL) || !str_starts_with($url_input, 'http')){ - header("Location: " . new URL(['page' => $_GET['from'], 'error' => 'invalide_url'])); - die; + // utiliser une flash error + return new RedirectResponse((string)new URL(['page' => $_GET['from'], 'error' => 'invalide_url'])); } $page = new Page( @@ -38,24 +40,23 @@ class MenuAndPathsController $entityManager->persist($page); $entityManager->flush(); - header("Location: " . new URL(['page' => $_GET['from']])); - die; + return new RedirectResponse((string)new URL(['page' => $_GET['from']])); } // on pourrait utiliser FormValidation ici - static public function editUrl(EntityManager $entityManager, array $json): void + static public function editUrl(EntityManager $entityManager, array $json): JsonResponse { $url_data = trim($json['input_data']); // garder htmlspecialchars pour l'affichage $page = $entityManager->find('App\Entity\Page', $json['id']); if(!$page){ - echo json_encode(['success' => false, 'message' => "id invalide"]); + return new JsonResponse(['success' => false, 'message' => "id invalide"]); } elseif(!in_array($json['field'], ['url_name', 'url_content'])){ - echo json_encode(['success' => false, 'message' => "champ invalide"]); + return new JsonResponse(['success' => false, 'message' => "champ invalide"]); } elseif($json['field'] === 'url_content' && (!filter_var($url_data, FILTER_VALIDATE_URL) || !str_starts_with($url_data, 'http'))){ - echo json_encode(['success' => false, 'message' => "la chaîne envoyée n'est pas une URL valide"]); + return new JsonResponse(['success' => false, 'message' => "la chaîne envoyée n'est pas une URL valide"]); } else{ if($json['field'] === 'url_name'){ @@ -65,12 +66,11 @@ class MenuAndPathsController $page->setEndOfPath($url_data); } $entityManager->flush(); - echo json_encode(['success' => true, 'url_data' => $url_data]); + return new JsonResponse(['success' => true, 'url_data' => $url_data]); } - die; } - static public function deleteUrlMenuEntry(EntityManager $entityManager): void + static public function deleteUrlMenuEntry(EntityManager $entityManager): RedirectResponse { Model::$menu = new Menu($entityManager); $page = Model::$menu->findPageById((int)$_POST["delete"]); @@ -84,11 +84,10 @@ class MenuAndPathsController $entityManager->remove($page); // suppression en BDD $entityManager->flush(); - header("Location: " . new URL(['page' => $_GET['from']])); - die; + return new RedirectResponse((string)new URL(['page' => $_GET['from']])); } - static public function MoveOneLevelUp(EntityManager $entityManager, array $json): void + static public function MoveOneLevelUp(EntityManager $entityManager, array $json): JsonResponse { $id = $json['id']; $page = Model::$menu->findPageById((int)$id); @@ -96,8 +95,7 @@ class MenuAndPathsController $parent = $page->getParent(); // peut être null if($parent === null){ // 1er niveau: ne rien faire - echo json_encode(['success' => false]); - die; + return new JsonResponse(['success' => false, 'message' => 'nothing to do']); } // BDD else{ @@ -130,12 +128,11 @@ class MenuAndPathsController $parent->removeChild($page); $nav_builder = new NavBuilder(); $menu_builder = new MenuBuilder(null, false); - echo json_encode(['success' => true, 'nav' => $nav_builder->render(), 'menu_buttons' => $menu_builder->render()]); - die; + return new JsonResponse(['success' => true, 'nav' => $nav_builder->render(), 'menu_buttons' => $menu_builder->render()]); } } - static public function MoveOneLevelDown(EntityManager $entityManager, array $json): void + static public function MoveOneLevelDown(EntityManager $entityManager, array $json): JsonResponse { $id = $json['id']; $page = Model::$menu->findPageById((int)$id); @@ -152,8 +149,7 @@ class MenuAndPathsController if($child->getPosition() === $page->getPosition() - 1){ // refus si $parent est une adresse, ça va casser le lien, exemple: index.php?page=chemin/http://un_site_web.fr/vers/ici if(str_starts_with($child->getEndOfPath(), 'http')){ - echo json_encode(['success' => false, 'error' => 'new_parent_is_a_link']); - die; + return new JsonResponse(['success' => false, 'error' => 'new_parent_is_a_link']); } $page->setParent($child); @@ -171,11 +167,10 @@ class MenuAndPathsController $nav_builder = new NavBuilder(); $menu_builder = new MenuBuilder(null, false); - echo json_encode(['success' => true, 'nav' => $nav_builder->render(), 'menu_buttons' => $menu_builder->render()]); - die; + return new JsonResponse(['success' => true, 'nav' => $nav_builder->render(), 'menu_buttons' => $menu_builder->render()]); } - static public function SwitchPositions(EntityManager $entityManager, array $json): void + static public function SwitchPositions(EntityManager $entityManager, array $json): JsonResponse { $id1 = $json['id1']; $id2 = $json['id2']; @@ -196,15 +191,14 @@ class MenuAndPathsController // nouveau menu $nav_builder = new NavBuilder(); - echo json_encode(['success' => true, 'nav' => $nav_builder->render()]); + return new JsonResponse(['success' => true, 'nav' => $nav_builder->render()]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } - static public function displayInMenu(EntityManager $entityManager, array $json): void + static public function displayInMenu(EntityManager $entityManager, array $json): JsonResponse { $id = $json['id']; $checked = $json['checked']; @@ -216,11 +210,10 @@ class MenuAndPathsController // nouveau menu $nav_builder = new NavBuilder(); - echo json_encode(['success' => true, 'nav' => $nav_builder->render()]); + return new JsonResponse(['success' => true, 'nav' => $nav_builder->render()]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } } \ No newline at end of file diff --git a/src/controller/PageManagementController.php b/src/controller/PageManagementController.php index 8c4092f..a43f36c 100644 --- a/src/controller/PageManagementController.php +++ b/src/controller/PageManagementController.php @@ -8,25 +8,28 @@ use App\Entity\Node; use App\Entity\NodeData; //use App\Entity\Image; use Doctrine\ORM\EntityManager; +use Symfony\Component\HttpFoundation\InputBag; +use Symfony\Component\HttpFoundation\JsonResponse; +use Symfony\Component\HttpFoundation\RedirectResponse; +use Symfony\Component\HttpFoundation\Request; class PageManagementController { /* -- partie page -- */ - static public function setPageTitle(EntityManager $entityManager, array $json): void + static public function setPageTitle(EntityManager $entityManager, array $json): JsonResponse { $page = $entityManager->find('App\Entity\Page', $json['page_id']); $page->setPageName(htmlspecialchars($json['title'])); $entityManager->flush(); - echo json_encode(['success' => true, 'title' => $page->getPageName()]); - die; + return new JsonResponse(['success' => true, 'title' => $page->getPageName()]); } - static public function updatePageMenuPath(EntityManager $entityManager): void + static public function updatePageMenuPath(EntityManager $entityManager, string $page_menu_path): RedirectResponse { Model::$menu = new Menu($entityManager); Model::$page_path = new Path(); $page = Model::$page_path->getLast(); - $path = htmlspecialchars($_POST['page_menu_path']); + $path = htmlspecialchars($page_menu_path); // mise en snake_case: filtre caractères non-alphanumériques, minuscule, doublons d'underscore, trim des underscores $path = trim(preg_replace('/_+/', '_', strtolower(preg_replace('/[^a-zA-Z0-9]/', '_', $path))), '_'); @@ -37,30 +40,28 @@ class PageManagementController } } $entityManager->flush(); - header("Location: " . new URL(['page' => $page->getPagePath(), 'mode' => 'page_modif'])); - die; + return new RedirectResponse((string)new URL(['page' => $page->getPagePath(), 'mode' => 'page_modif'])); } - static public function setPageDescription(EntityManager $entityManager, array $json): void + static public function setPageDescription(EntityManager $entityManager, array $json): JsonResponse { $page = $entityManager->find('App\Entity\Page', $json['page_id']); $page->setDescription(htmlspecialchars($json['description'])); $entityManager->flush(); - echo json_encode(['success' => true, 'description' => $page->getDescription()]); - die; + return new JsonResponse(['success' => true, 'description' => $page->getDescription()]); } - static public function newPage(EntityManager $entityManager, array $post): void + static public function newPage(EntityManager $entityManager, InputBag $post): RedirectResponse { // titre et chemin Model::$menu = new Menu($entityManager); - $previous_page = Model::$menu->findPageById((int)$post["page_location"]); // (int) à cause de declare(strict_types=1); + $previous_page = Model::$menu->findPageById((int)$post->get("page_location")); // (int) à cause de declare(strict_types=1); $parent = $previous_page->getParent(); $page = new Page( - trim(htmlspecialchars($post["page_name"])), - trim(htmlspecialchars($post["page_name_path"])), - trim(htmlspecialchars($post["page_description"])), + trim(htmlspecialchars($post->get("page_name"))), + trim(htmlspecialchars($post->get("page_name_path"))), + trim(htmlspecialchars($post->get("page_description"))), true, true, false, $previous_page->getPosition(), $parent); // peut et DOIT être null si on est au 1er niveau @@ -80,14 +81,13 @@ class PageManagementController $entityManager->flush(); // page créée, direction la page en mode modification pour ajouter des blocs - header("Location: " . new URL(['page' => $page->getPagePath(), 'mode' => 'page_modif'])); - die; + return new RedirectResponse((string)new URL(['page' => $page->getPagePath(), 'mode' => 'page_modif'])); } - static public function deletePage(EntityManager $entityManager): void + static public function deletePage(EntityManager $entityManager, string $page_id): RedirectResponse { $menu = new Menu($entityManager); - $page = $menu->findPageById((int)$_POST['page_id']); + $page = $menu->findPageById((int)$page_id); $url = new URL; // test dernière page @@ -115,13 +115,12 @@ class PageManagementController $next_page = $menu->getChildren()->isEmpty() ? $next_page = $page->getChildren()[0] : $menu->getChildren()[0]; $url->addParams(['page' => $next_page->getEndOfPath()]); } - - header("Location: " . $url); - die; + + return new RedirectResponse((string)$url); } /* partie "blocs" */ - static public function addBloc(EntityManager $entityManager): void + static public function addBloc(EntityManager $entityManager, Request $request): RedirectResponse { $model = new Model($entityManager); $model->makeMenuAndPaths(); // on a besoin de page_path qui dépend de menu @@ -131,31 +130,30 @@ class PageManagementController $main = $model->getNode(); $position = count($main->getChildren()) + 1; // position dans la fraterie - if(!in_array($_POST["bloc_select"], array_keys(Blocks::$blocks), true)) // 3è param: contrôle du type - { - header("Location: " . new URL(['page' => $_GET['page'], 'error' => 'bad_bloc_type'])); - die; + if(!in_array($request->request->get("bloc_select"), array_keys(Blocks::$blocks), true)){ // 3è param: contrôle du type + // utiliser une flash error + return new RedirectResponse((string)new URL(['page' => $request->query->get('page'), 'error' => 'bad_bloc_type'])); } - if(in_array($_POST["bloc_select"], ['calendar', 'form'])){ - $page->addCSS($_POST["bloc_select"]); - if($_POST["bloc_select"] === 'form'){ - $page->addJS($_POST["bloc_select"]); + if(in_array($request->request->get("bloc_select"), ['calendar', 'form'])){ + $page->addCSS($request->request->get("bloc_select")); + if($request->request->get("bloc_select") === 'form'){ + $page->addJS($request->request->get("bloc_select")); } $entityManager->persist($page); } - $block = new Node($_POST["bloc_select"], $position, $main, $page); - $data = new NodeData(['title' => trim(htmlspecialchars($_POST["bloc_title"]))], $block); + $block = new Node($request->request->get("bloc_select"), $position, $main, $page); + $data = new NodeData(['title' => trim(htmlspecialchars($request->request->get("bloc_title")))], $block); // valeurs par défaut - if($_POST["bloc_select"] === 'post_block'){ + if($request->request->get("bloc_select") === 'post_block'){ $data->setPresentation('fullwidth'); } - elseif($_POST["bloc_select"] === 'news_block'){ + elseif($request->request->get("bloc_select") === 'news_block'){ $data->setPresentation('grid'); } - elseif($_POST["bloc_select"] === 'galery'){ + elseif($request->request->get("bloc_select") === 'galery'){ $data->setPresentation('mosaic'); // un jour on mettra carousel } // else = null par défaut @@ -163,11 +161,10 @@ class PageManagementController $entityManager->persist($block); $entityManager->persist($data); $entityManager->flush(); - header("Location: " . new URL(['page' => $_GET['page'], 'mode' => 'page_modif'])); - die; + return new RedirectResponse((string)new URL(['page' => $request->query->get('page'), 'mode' => 'page_modif'])); } - static public function deleteBloc(EntityManager $entityManager): void + static public function deleteBloc(EntityManager $entityManager, Request $request): RedirectResponse { $model = new Model($entityManager); $model->makeMenuAndPaths(); @@ -179,7 +176,7 @@ class PageManagementController $type = ''; $nb_same_type = 0; foreach($main->getChildren() as $child){ - if($child->getId() === (int)$_POST['delete_bloc_id']){ + if($child->getId() === (int)$request->request->get('delete_bloc_id')){ $block = $child; $type = $block->getName(); } @@ -207,11 +204,10 @@ class PageManagementController $entityManager->flush(); } - header("Location: " . new URL(['page' => $_GET['page'], 'mode' => 'page_modif'])); - die; + return new RedirectResponse((string)new URL(['page' => $request->query->get('page'), 'mode' => 'page_modif'])); } - static public function renameBloc(EntityManager $entityManager, array $json): void + static public function renameBloc(EntityManager $entityManager, array $json): JsonResponse { if(isset($json['bloc_title']) && $json['bloc_title'] !== null && isset($json['bloc_id']) && is_int($json['bloc_id'])){ $model = new Model($entityManager); @@ -223,17 +219,16 @@ class PageManagementController $model->getNode()->getNodeData()->updateData('title', htmlspecialchars($json['bloc_title'])); $entityManager->flush(); - echo json_encode(['success' => true, 'title' => $data['title']]); + return new JsonResponse(['success' => true, 'title' => $data['title']]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } - static public function SwitchBlocsPositions(EntityManager $entityManager, array $json): void + static public function SwitchBlocsPositions(EntityManager $entityManager, array $json, string $page): JsonResponse { - if(isset($json['id1']) && is_int($json['id1']) && isset($json['id2']) && is_int($json['id2']) && isset($_GET['page'])){ + if(isset($json['id1']) && is_int($json['id1']) && isset($json['id2']) && is_int($json['id2']) && isset($page)){ $model = new Model($entityManager); $model->makeMenuAndPaths(); // true pour $model->findItsChildren(); $model->findUniqueNodeByName('main'); @@ -262,15 +257,14 @@ class PageManagementController $bloc2->setPosition($tmp); $entityManager->flush(); - echo json_encode(['success' => true]); + return new JsonResponse(['success' => true]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } - static public function changeArticlesOrder(EntityManager $entityManager, array $json): void + static public function changeArticlesOrder(EntityManager $entityManager, array $json): JsonResponse { if(isset($json['id']) && isset($json['chrono_order'])){ $model = new Model($entityManager); @@ -289,15 +283,14 @@ class PageManagementController $model->getNode()->getNodeData()->setChronoOrder($chrono_order); $entityManager->flush(); - echo json_encode(['success' => true, 'chrono_order' => $json['chrono_order']]); + return new JsonResponse(['success' => true, 'chrono_order' => $json['chrono_order']]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } - static public function changePresentation(EntityManager $entityManager, array $json): void + static public function changePresentation(EntityManager $entityManager, array $json): JsonResponse { if(isset($json['id']) && isset($json['presentation'])){ $model = new Model($entityManager); @@ -311,18 +304,17 @@ class PageManagementController if($json['presentation'] === 'grid'){ $response_data['cols_min_width'] = $model->getNode()->getNodeData()->getColsMinWidth(); } - echo json_encode($response_data); + return new JsonResponse($response_data); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } - static public function changeColsMinWidth(EntityManager $entityManager, array $json): void + static public function changeColsMinWidth(EntityManager $entityManager, array $json): JsonResponse { if(isset($json['id']) && isset($json['cols_min_width'])){ $model = new Model($entityManager); @@ -330,14 +322,13 @@ class PageManagementController $model->getNode()->getNodeData()->setColsMinWidth((int)$json['cols_min_width']); // attention conversion? $entityManager->flush(); - echo json_encode(['success' => true, 'cols_min_width' => $json['cols_min_width']]); + return new JsonResponse(['success' => true, 'cols_min_width' => $json['cols_min_width']]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } - static public function changePaginationLimit(EntityManager $entityManager, array $json): void + static public function changePaginationLimit(EntityManager $entityManager, array $json): JsonResponse { if(isset($json['id']) && isset($json['pagination_limit'])){ $model = new Model($entityManager); @@ -347,11 +338,10 @@ class PageManagementController $entityManager->flush(); - echo json_encode(['success' => true, 'old_limit' => $old_limit, 'new_limit' => $json['pagination_limit']]); + return new JsonResponse(['success' => true, 'old_limit' => $old_limit, 'new_limit' => $json['pagination_limit']]); } else{ - echo json_encode(['success' => false]); + return new JsonResponse(['success' => false]); } - die; } } \ No newline at end of file diff --git a/src/controller/UserController.php b/src/controller/UserController.php index 9de2fb8..ddba33a 100644 --- a/src/controller/UserController.php +++ b/src/controller/UserController.php @@ -16,27 +16,12 @@ declare(strict_types=1); use Doctrine\ORM\EntityManager; use App\Entity\User; use App\Entity\Log; +use Symfony\Component\HttpFoundation\RedirectResponse; class UserController { // account - static public function existUsers(EntityManager $entityManager): bool - { - if(!$entityManager // table vide - ->createQuery("SELECT u FROM App\Entity\User u") - ->setMaxResults(1) - ->getOneOrNullResult()) - { - unset($_SESSION['user']); - return false; - } - else{ - return true; - } - } - - // account - static public function createAdminUser(EntityManager $entityManager) + static public function createAdminUser(EntityManager $entityManager): RedirectResponse { unset($_SESSION['user']); @@ -58,20 +43,18 @@ class UserController $url->addParams(['error' => $error]); } - header('Location: ' . $url); - die; + return new RedirectResponse((string)$url); } // account //static public function createUser(EntityManager $entityManager){} // auth - static public function connect(EntityManager $entityManager): void + static public function connect(EntityManager $entityManager): RedirectResponse { - if(IS_ADMIN) // déjà connecté? - { - header('Location: ' . new URL); - die; + $url = new URL; + if(IS_ADMIN){ // déjà connecté? + return new RedirectResponse((string)$url); } unset($_SESSION['user']); @@ -101,7 +84,7 @@ class UserController echo ''; } - $url = new URL(isset($_GET['from']) ? ['page' => $_GET['from']] : []); + $url->addParams(isset($_GET['from']) ? ['page' => $_GET['from']] : []); isset($_GET['id']) ? $url->addParams(['id' => $_GET['id']]) : ''; } else @@ -118,18 +101,17 @@ class UserController if(!empty($error)){ sleep(1); // défense basique à la force brute - $url = new URL(['page' => 'connection']); + $url->addParams(['page' => 'connection']); isset($_GET['from']) ? $url->addParams(['from' => $_GET['from']]) : null; isset($_GET['id']) ? $url->addParams(['id' => $_GET['id']]) : null; $url->addParams(['error' => $error]); } - header('Location: ' . $url); - die; + return new RedirectResponse((string)$url); } // auth - static public function disconnect(): void + static public function disconnect(): RedirectResponse { // nettoyage complet unset($_SESSION['user']); // mémoire vive @@ -140,15 +122,14 @@ class UserController $url = new URL; isset($_GET['from']) ? $url->addParams(['page' => $_GET['from']]) : ''; isset($_GET['id']) ? $url->addParams(['id' => $_GET['id']]) : ''; - header('Location: ' . $url); - die; + return new RedirectResponse('Location: ' . $url); } // user - static public function updateUsername(EntityManager $entityManager): void + static public function updateUsername(EntityManager $entityManager): RedirectResponse { if(!IS_ADMIN){ // superflux, fait dans le routeur - self::disconnect(); + return self::disconnect(); } $url = new URL(['page' => 'user_edit']); @@ -180,15 +161,14 @@ class UserController sleep(1); $url->addParams(['error_username' => $error]); } - header('Location: ' . $url); - die; + return new RedirectResponse('Location: ' . $url); } // user - static public function updatePassword(EntityManager $entityManager): void + static public function updatePassword(EntityManager $entityManager): RedirectResponse { if(!IS_ADMIN){ // superflux, fait dans le routeur - self::disconnect(); + return self::disconnect(); } $url = new URL(['page' => 'user_edit']); @@ -220,8 +200,7 @@ class UserController sleep(1); $url->addParams(['error_password' => $error]); } - header('Location: ' . $url); - die; + return new RedirectResponse('Location: ' . $url); } // dans une classe mère ou un trait après découpage de UserController? diff --git a/src/controller/ViewDirector.php b/src/controller/ViewDirector.php index 2d37598..eda49e7 100644 --- a/src/controller/ViewDirector.php +++ b/src/controller/ViewDirector.php @@ -9,6 +9,7 @@ use App\Entity\Node; use Doctrine\ORM\EntityManager; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpFoundation\RedirectResponse; class ViewDirector extends AbstractBuilder // ViewDirector est aussi le premier Builder { @@ -31,7 +32,7 @@ class ViewDirector extends AbstractBuilder // ViewDirector est aussi le premier if(CURRENT_PAGE === 'article'){ if(IS_ADMIN){ if(!$request->query->has('id')){ - return new Response($this->html, 302); + return new RedirectResponse((string)new URL(['page' => $_GET['from'] ?? ''])); } else{ // mode création d'article @@ -42,10 +43,10 @@ class ViewDirector extends AbstractBuilder // ViewDirector est aussi le premier } } elseif($request->query->get('id')[0] === 'n'){ // accès page nouvelle article interdit sans être admin - return new Response($this->html, 302); + return new RedirectResponse((string)new URL(['page' => $_GET['from'] ?? ''])); } } - //else // l'id dans l'URL n'a pas d'effet ailleurs + // pas de else, l'id dans l'URL n'a pas d'effet ailleurs /* 2/ accès au modèle */ @@ -59,7 +60,7 @@ class ViewDirector extends AbstractBuilder // ViewDirector est aussi le premier // article non trouvé en BDD if(CURRENT_PAGE === 'article' && !IS_ADMIN && self::$root_node->getNodeByName('main')->getAdoptedChild() === null){ - return new Response($this->html, 302); + return new RedirectResponse((string)new URL(['page' => $_GET['from'] ?? ''])); } @@ -71,6 +72,6 @@ class ViewDirector extends AbstractBuilder // ViewDirector est aussi le premier unset($_SESSION['flash_message']); } - return new Response($this->html, 200); + return new Response($this->html); } } \ No newline at end of file diff --git a/src/service/Router.php b/src/service/Router.php index ee6d25d..110512e 100644 --- a/src/service/Router.php +++ b/src/service/Router.php @@ -3,442 +3,375 @@ // /* fonctionnement: => 1er test, méthode http GET? POST? -=> 2ème test, type de contenu (méthode POST uniquement): +=> 2ème test, type de contenu: "application/x-www-form-urlencoded" = formulaire "application/json" = requête AJAX avec fetch() "multipart/form-data" = upload d'image par tinymce $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' requête AJAX xhs, non utilisée -=> 3ème test, comme le 2ème test mais uniquement si IS_ADMIN est vrai -*/ +=> 3ème test, comme le 2ème test mais uniquement si IS_ADMIN est vrai */ + +/* classes de réponses pour les contrôleurs +Response($html, Response::HTTP_OK) page html +JsonResponse(['success' => true, 'data' => $data]) ajax +RedirectResponse('index.php?page=login') redirection +BinaryFileResponse($filePath) téléchargement +StreamedResponse(function () {echo "ligne 1\n";echo "ligne 2\n";}) gros fichier */ + +// relire ça à l'occaz: +// https://symfony.com/doc/current/introduction/from_flat_php_to_symfony.html declare(strict_types=1); use Symfony\Component\HttpFoundation\Request; use Doctrine\ORM\EntityManager; +use Symfony\Component\HttpFoundation\JsonResponse; +use Symfony\Component\HttpFoundation\RedirectResponse; +use Symfony\Component\HttpFoundation\Response; class Router{ - // boulot = faire que TOUS les contrôleurs retournent une Response (et faire retourner une réponse par dispatch) + private Request $request; + private EntityManager $entityManager; + private string $route = ''; // défaut page d'accueil - // exemple de méthode dispatch - /*public static function dispatch(Request $request): Response - { - if ($request->getMethod() === 'GET') { - return PageController::home($request); - } + public function __construct(Request $request, EntityManager $entityManager){ + $this->request = $request; + $this->entityManager = $entityManager; - if ($request->getMethod() === 'POST') { - return UserController::login($request); + if(!User::existUsers($entityManager)){ // table "user" vide + $this->route = 'no_user'; } + } - return new RedirectResponse('/'); - }*/ - - /* classes de réponses pour les contrôleurs - Response($html, Response::HTTP_OK) page html - JsonResponse(['success' => true, 'data' => $data]) ajax - RedirectResponse('index.php?page=login') redirection - BinaryFileResponse($filePath) téléchargement - StreamedResponse(function () {echo "ligne 1\n";echo "ligne 2\n";}) gros fichier - */ - - static public function dispatch(Request $request, EntityManager $entityManager){ - if($request->getMethod() === 'GET'){ + public function dispatch(): Response + { + if($this->request->getMethod() === 'GET'){ // table "user" vide - if(!UserController::existUsers($entityManager)){ + if($this->route === 'no_user'){ + ob_start(); require AbstractBuilder::VIEWS_PATH . 'user_create.php'; - die; + return new Response(ob_get_clean()); } // bouton déconnexion (méthode GET parce que l'utilisateur ne modifie plus de données à partir de là) - if($request->query->has('action') && $request->query->get('action') === 'deconnection'){ - UserController::disconnect($entityManager); + if($this->request->query->get('action') === 'deconnection'){ + return UserController::disconnect(); // retourne un RedirectResponse } // articles suivants - if($request->query->has('fetch') && $request->query->get('fetch') === 'next_articles'){ - ArticleController::fetch($entityManager, $request); + if($this->request->query->get('fetch') === 'next_articles'){ + return ArticleController::fetch($this->entityManager, $this->request); // retourne un JsonResponse } // données du calendrier - // création du calendrier et changement de dates affichées (boutons flèches mais pas changement de vue) - if($request->query->has('action') && $request->query->get('action') === 'get_events' - && $request->query->has('start') && $request->query->has('end') && empty($request->getPayload()->all())) // getPayload ne récupère pas que des POST - { - CalendarController::getData($entityManager); + // création du calendrier ou changement de dates affichées (boutons flèches mais pas changement de vue) + if($this->request->query->get('action') === 'get_events' + && $this->request->query->has('start') && $this->request->query->has('end') && empty($this->request->getPayload()->all())){ // getPayload ne récupère pas que des POST + return CalendarController::getData($this->entityManager); } // pages interdites if(!IS_ADMIN && in_array(CURRENT_PAGE, ['menu_paths', 'new_page', 'user_edit', 'emails', 'maintenance'])){ - header('Location: ' . new URL); - die; + return new RedirectResponse((string)new URL); } if(IS_ADMIN){ - if($request->query->has('action') && $request->query->get('action') === 'get_mysqldump'){ - MaintenanceController::getLastDump($entityManager); - die; + if($this->request->query->get('action') === 'get_mysqldump'){ + return MaintenanceController::getLastDump($this->entityManager); } - if($request->query->has('action') && $request->query->get('action') === 'get_all_media'){ - MaintenanceController::getAllMedia(); - die; + if($this->request->query->get('action') === 'get_all_media'){ + return MaintenanceController::getAllMedia(); } } // construction d'une page - $response = (new ViewDirector)->buildView($entityManager, $request); // utilise Model + return (new ViewDirector)->buildView($this->entityManager, $this->request); // utilise Model // parenthèses nécéssaires autour de l'instanciation pour PHP < 8.4 } - elseif($request->getMethod() === 'POST'){ - /* -- contrôleurs appellables par tout le monde -- */ + elseif($this->request->getMethod() === 'POST'){ + /* -- contrôleurs appelables par tout le monde -- */ // table "user" vide - if(!UserController::existUsers($entityManager)){ - UserController::createAdminUser($entityManager); + if($this->route === 'no_user'){ + return UserController::createAdminUser($this->entityManager); } - // requêtes JSON avec fetch() - if($request->headers->get('Content-Type') === 'application/json') + // requête JSON avec fetch() + if($this->request->headers->get('Content-Type') === 'application/json') { - $json = json_decode($request->getContent(), true); // = json_decode(file_get_contents('php://input'), true); + $json = json_decode($this->request->getContent(), true); // = json_decode(file_get_contents('php://input'), true); - if(isset($_GET['action'])) - { - // formulaire de contact - if($_GET['action'] === 'send_email'){ - ContactFormController::sendVisitorEmail($entityManager, $json); - } + // formulaire de contact + if($this->request->query->get('action') === 'send_email'){ + return ContactFormController::sendVisitorEmail($this->entityManager, $json); } + /*else{ + return new JsonResponse(['success' => false, 'error' => 'tu fais quoi là mec?']); + }*/ } // envoi formulaire HTML - elseif($request->headers->get('Content-Type') === 'application/x-www-form-urlencoded'){ + elseif($this->request->headers->get('Content-Type') === 'application/x-www-form-urlencoded'){ // tentative de connexion - if($request->query->has('action') && $request->query->get('action') === 'connection'){ - //$response = - UserController::connect($entityManager); + if($this->request->query->get('action') === 'connection'){ + return UserController::connect($this->entityManager); } + /*else{ + return new RedirectResponse((string)new URL(['error' => 'tu fais quoi là mec?'])); + }*/ } - if(IS_ADMIN) - { + if(IS_ADMIN){ /* -- requêtes AJAX -- */ // requêtes JSON avec fetch() - if($request->headers->get('Content-Type') === 'application/json') - { - $json = json_decode($request->getContent(), true); // = json_decode(file_get_contents('php://input'), true); + if($this->request->headers->get('Content-Type') === 'application/json'){ + $json = json_decode($this->request->getContent(), true); // = json_decode(file_get_contents('php://input'), true); - if($request->query->has('action')) - { + if($this->request->query->has('action')){ /* -- manipulation des articles -- */ - if($_GET['action'] === 'editor_submit' && isset($json['id']) && isset($json['content'])){ - ArticleController::editorSubmit($entityManager, $json); - } - elseif($_GET['action'] === 'delete_article' && isset($json['id'])){ - $response = ArticleController::deleteArticle($entityManager, $json); // version AJAX - } - elseif($_GET['action'] === 'switch_positions' && isset($json['id1']) && isset($json['id2'])){ - ArticleController::switchPositions($entityManager, $json); - } - elseif($_GET['action'] === 'date_submit' && isset($json['id']) && isset($json['date'])){ - ArticleController::dateSubmit($entityManager, $json); - } - - /* -- bloc Formulaire -- */ - elseif($_GET['action'] === 'keep_emails'){ - ContactFormController::keepEmails($entityManager, $json); - } - elseif($_GET['action'] === 'set_retention_period'){ - ContactFormController::setEmailsRetentionPeriod($entityManager, $json); - } - elseif($_GET['action'] === 'set_email_param'){ - ContactFormController::setEmailParam($entityManager, $json); - } - elseif($_GET['action'] === 'test_email'){ - ContactFormController::sendTestEmail($entityManager, $json); - } - - /* -- page emails -- */ - elseif($_GET['action'] === 'delete_email'){ - ContactFormController::deleteEmail($entityManager, $json); - } - elseif($_GET['action'] === 'toggle_sensitive_email'){ - ContactFormController::toggleSensitiveEmail($entityManager, $json); - } - - /* -- upload d'image dans tinymce par copier-coller -- */ - // collage de HTML contenant une ou plusieurs balises - elseif($request->query->get('action') === 'upload_image_url'){ - ImageUploadController::uploadImageHtml(); - } - // collage d'une image (code base64 dans le presse-papier) non encapsulée dans du HTML - elseif($request->query->get('action') === 'upload_image_base64'){ - ImageUploadController::uploadImageBase64(); + if($this->request->query->get('action') === 'editor_submit' && isset($json['id']) && isset($json['content'])){ + return ArticleController::editorSubmit($this->entityManager, $json); } - - - /* -- requêtes spécifiques au calendrier -- */ - elseif($request->query->get('action') === 'new_event'){ - CalendarController::newEvent($json, $entityManager); + elseif($this->request->query->get('action') === 'delete_article' && isset($json['id'])){ + return ArticleController::deleteArticle($this->entityManager, $this->request); // version AJAX } - elseif($request->query->get('action') === 'update_event'){ - CalendarController::updateEvent($json, $entityManager); + elseif($this->request->query->get('action') === 'switch_positions' && isset($json['id1']) && isset($json['id2'])){ + return ArticleController::switchPositions($this->entityManager, $json); } - elseif($request->query->get('action') === 'remove_event'){ - CalendarController::removeEvent($json, $entityManager); + elseif($this->request->query->get('action') === 'date_submit' && isset($json['id']) && isset($json['date'])){ + return ArticleController::dateSubmit($this->entityManager, $json); } - /* -- mode maintenance -- */ - elseif($request->query->get('action') === 'get_logs'){ - MaintenanceController::getLogs($entityManager); - die; - } - elseif($request->query->get('action') === 'erase_logs'){ - MaintenanceController::eraseLogs($entityManager); - die; - } - else{ - echo json_encode(['success' => false]); - die; + switch($this->request->query->get('action')){ + /* -- bloc Formulaire -- */ + case 'keep_emails': + return ContactFormController::keepEmails($this->entityManager, $json); + case 'set_retention_period': + return ContactFormController::setEmailsRetentionPeriod($this->entityManager, $json); + case 'set_email_param': + return ContactFormController::setEmailParam($this->entityManager, $json); + case 'test_email': + return ContactFormController::sendTestEmail($this->entityManager, $json); + + /* -- page emails -- */ + case 'delete_email': + return ContactFormController::deleteEmail($this->entityManager, $json); + case 'toggle_sensitive_email': + return ContactFormController::toggleSensitiveEmail($this->entityManager, $json); + + /* -- upload d'image dans tinymce par copier-coller -- */ + // collage de HTML contenant une ou plusieurs balises + case 'upload_image_url': + return ImageUploadController::uploadImageHtml(); + // collage d'une image (code base64 dans le presse-papier) non encapsulée dans du HTML + case 'upload_image_base64': + return ImageUploadController::uploadImageBase64(); + + /* -- requêtes spécifiques au calendrier -- */ + case 'new_event': + return CalendarController::newEvent($json, $this->entityManager); + case 'update_event': + return CalendarController::updateEvent($json, $this->entityManager); + case 'remove_event': + return CalendarController::removeEvent($json, $this->entityManager); + + /* -- mode maintenance -- */ + case 'get_logs': + return MaintenanceController::getLogs($this->entityManager); + case 'erase_logs': + return MaintenanceController::eraseLogs($this->entityManager); + + default: + return new JsonResponse(['success' => false]); } } /* -- site entier (header, footer, favicon) -- */ - elseif($request->query->has('head_foot_text')){ - HeadFootController::setTextData($entityManager, $request->query->get('head_foot_text'), $json); + elseif($this->request->query->has('head_foot_text')){ + return HeadFootController::setTextData($this->entityManager, $this->request->query->get('head_foot_text'), $json); } - elseif($request->query->has('head_foot_social_check')){ - HeadFootController::displaySocialNetwork($entityManager, $request->query->get('head_foot_social_check'), $json); + elseif($this->request->query->has('head_foot_social_check')){ + return HeadFootController::displaySocialNetwork($this->entityManager, $this->request->query->get('head_foot_social_check'), $json); } /* -- page Menu et chemins -- */ - elseif(isset($_GET['menu_edit'])) - { + elseif($this->request->query->has('menu_edit')){ // ne suit pas la règle, faire ça dans un contrôleur? - Model::$menu = new Menu($entityManager); // récupération des données + Model::$menu = new Menu($this->entityManager); // récupération des données // flèche gauche <=: position = position du parent + 1, parent = grand-parent, recalculer les positions - if($_GET['menu_edit'] === 'move_one_level_up' && isset($json['id'])){ - MenuAndPathsController::MoveOneLevelUp($entityManager, $json); + if($this->request->query->get('menu_edit') === 'move_one_level_up' && isset($json['id'])){ + return MenuAndPathsController::MoveOneLevelUp($this->entityManager, $json); + } + // flèche droite =>: position (léments de a fraterie + 1, l'élément précédent devient le parent + elseif($this->request->query->get('menu_edit') === 'move_one_level_down' && isset($json['id'])){ + return MenuAndPathsController::MoveOneLevelDown($this->entityManager, $json); } - // flèche droite =>: position = nombre d'éléments de la fraterie + 1, l'élément précédent devient le parent - elseif($_GET['menu_edit'] === 'move_one_level_down' && isset($json['id'])){ - MenuAndPathsController::MoveOneLevelDown($entityManager, $json); + elseif($this->request->query->get('menu_edit') === 'switch_positions' && isset($json['id1']) && isset($json['id2'])){ + return MenuAndPathsController::switchPositions($this->entityManager, $json); } - elseif($_GET['menu_edit'] === 'switch_positions' && isset($json['id1']) && isset($json['id2'])){ - MenuAndPathsController::switchPositions($entityManager, $json); + elseif($this->request->query->get('menu_edit') === 'display_in_menu' && isset($json['id']) && isset($json['checked'])){ + return MenuAndPathsController::displayInMenu($this->entityManager, $json); } - elseif($_GET['menu_edit'] === 'display_in_menu' && isset($json['id']) && isset($json['checked'])){ - MenuAndPathsController::displayInMenu($entityManager, $json); + elseif($this->request->query->get('menu_edit') === 'url_edit' && isset($json['id']) && isset($json['field']) && isset($json['input_data'])){ + return MenuAndPathsController::editUrl($this->entityManager, $json); } - elseif($_GET['menu_edit'] === 'url_edit' && isset($json['id']) && isset($json['field']) && isset($json['input_data'])){ - MenuAndPathsController::editUrl($entityManager, $json); + else{ + return new JsonResponse(['success' => false, 'error' => 'bad parameters'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } } /* -- mode Modification d'une page -- */ // partie "page" - elseif(isset($_GET['page_edit'])) - { - // titre de la page - if($_GET['page_edit'] === 'page_title'){ - PageManagementController::setPageTitle($entityManager, $json); - } - // description dans les métadonnées - elseif($_GET['page_edit'] === 'page_description'){ - PageManagementController::setPageDescription($entityManager, $json); + elseif($this->request->query->has('page_edit')){ + switch($this->request->query->get('page_edit')){ + case 'page_title': + return PageManagementController::setPageTitle($this->entityManager, $json); + case 'page_description': + return PageManagementController::setPageDescription($this->entityManager, $json); + default: + return new JsonResponse(['success' => false, 'error' => 'bad parameters'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } } // partie "blocs" - elseif($request->query->has('bloc_edit')) - { - if($request->query->get('bloc_edit') === 'rename_page_bloc'){ - PageManagementController::renameBloc($entityManager, $json); - } - elseif($request->query->get('bloc_edit') === 'switch_blocs_positions'){ - PageManagementController::SwitchBlocsPositions($entityManager, $json); - } - elseif($request->query->get('bloc_edit') === 'change_articles_order'){ - PageManagementController::changeArticlesOrder($entityManager, $json); - } - elseif($request->query->get('bloc_edit') === 'change_presentation'){ - PageManagementController::changePresentation($entityManager, $json); - } - elseif($request->query->get('bloc_edit') === 'change_cols_min_width'){ - PageManagementController::changeColsMinWidth($entityManager, $json); - } - elseif($request->query->get('bloc_edit') === 'change_pagination_limit'){ - PageManagementController::changePaginationLimit($entityManager, $json); + elseif($this->request->query->has('bloc_edit')){ + switch($this->request->query->get('bloc_edit')){ + case 'rename_page_bloc': + return PageManagementController::renameBloc($this->entityManager, $json); + case 'switch_blocs_positions': + return PageManagementController::SwitchBlocsPositions($this->entityManager, $json, $this->request->query->get('page')); + case 'change_articles_order': + return PageManagementController::changeArticlesOrder($this->entityManager, $json); + case 'change_presentation': + return PageManagementController::changePresentation($this->entityManager, $json); + case 'change_cols_min_width': + return PageManagementController::changeColsMinWidth($this->entityManager, $json); + case 'change_pagination_limit': + return PageManagementController::changePaginationLimit($this->entityManager, $json); + default: + return new JsonResponse(['success' => false, 'error' => 'bad parameters'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } } + + else{ + return new JsonResponse(['success' => false, 'error' => 'bad parameters'], JsonResponse::HTTP_BAD_REQUEST); // code 400 + } } - /* -- upload avec FormData OU formulaire HTML AVEC fichier -- */ - elseif(str_starts_with($request->headers->get('Content-Type'), 'multipart/form-data')) // = $_SERVER['CONTENT_TYPE'] - { + /* -- upload avec FormData OU formulaire HTML avec fichier -- */ + elseif(str_starts_with($this->request->headers->get('Content-Type'), 'multipart/form-data')){ // = $_SERVER['CONTENT_TYPE'] // dans tinymce avec le plugin (bouton "insérer une image" de l'éditeur ou glisser-déposer) - if($request->query->has('action') && $request->query->get('action') === 'upload_image_tinymce'){ - ImageUploadController::imageUploadTinyMce(); + if($this->request->query->get('action') === 'upload_image_tinymce'){ + return ImageUploadController::imageUploadTinyMce(); } // dans tinymce, des quatre méthodes: bouton "link", drag & drop, html, base64 - elseif($request->query->has('action') && $request->query->get('action') === 'upload_file_tinymce'){ - FileUploadController::fileUploadTinyMce(); + elseif($this->request->query->get('action') === 'upload_file_tinymce'){ + return FileUploadController::fileUploadTinyMce(); } - elseif($request->query->has('head_foot_image')){ - HeadFootController::uploadAsset($entityManager, $request->query->get('head_foot_image')); + elseif($this->request->query->has('head_foot_image')){ + return HeadFootController::uploadAsset($this->entityManager, $this->request->query->get('head_foot_image')); } /* -- page Maintenance -- */ - elseif($request->query->has('action') && $request->query->get('action') === 'restore_database' - && $request->request->has('hidden') && $request->get('hidden') === '' - && $request->files->has('uploaded_sql')) - { - MaintenanceController::downloadSQL($entityManager, $request); + elseif($this->request->query->get('action') === 'restore_database' && $this->request->request->get('hidden') === '' + && $this->request->files->has('uploaded_sql')){ + return MaintenanceController::downloadSQL($entityManager, $request); + } + else{ + // choix ici entre répondre en JSON ou par une redirection, choix du JSON pour pouvoir passer un message + return new JsonResponse(['success' => false, 'error' => 'bad parameters'], JsonResponse::HTTP_BAD_REQUEST); // code 400 } } - // requêtes XMLHttpRequest - elseif(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') - { - echo json_encode(['success' => false]); // noyer le poisson en laissant penser que le site gère les requêtes XHR - die; - } - - /* -- formulaire HTML SANS fichier -- */ - elseif($request->headers->get('Content-Type') === 'application/x-www-form-urlencoded') - { - if($request->query->has('action') && $request->query->get('action') === 'delete_article' && isset($_GET['id'])){ - $response = ArticleController::deleteArticle($entityManager, $_GET); // version formulaire + /* -- formulaire HTML sans fichier -- */ + elseif($this->request->headers->get('Content-Type') === 'application/x-www-form-urlencoded'){ + if($this->request->query->get('action') === 'delete_article' && $this->request->query->has('id')){ + return ArticleController::deleteArticle($this->entityManager, $this->request); // version formulaire } /* -- nouvelle page -- */ - elseif(isset($_POST['page_name']) && $_POST['page_name'] !== null - && isset($_POST['page_name_path']) && $_POST['page_name_path'] !== null - && isset($_POST['page_location']) && $_POST['page_location'] !== null - && isset($_POST['page_description']) && $_POST['page_description'] !== null - && isset($_POST['new_page_hidden']) && $_POST['new_page_hidden'] === '') - { - PageManagementController::newPage($entityManager, $_POST); + elseif($this->request->request->get('page_name') !== null + && $this->request->request->get('page_name_path') !== null + && $this->request->request->get('page_location') !== null + && $this->request->request->get('page_description') !== null + && $this->request->request->get('new_page_hidden') === ''){ + return PageManagementController::newPage($this->entityManager, $this->request->request); } /* -- suppression d'une page -- */ - elseif(isset($_POST['page_id']) && $_POST['page_id'] !== null - && isset($_POST['submit_hidden']) && $_POST['submit_hidden'] === '') - { - PageManagementController::deletePage($entityManager); + elseif($this->request->request->get('page_id') !== null + && $this->request->request->get('submit_hidden') === ''){ + return PageManagementController::deletePage($this->entityManager, $this->request->request->get('page_id')); } /* -- mode Modification d'une page -- */ // modification du chemins en snake_case - elseif(isset($_POST['page_menu_path']) && $_POST['page_menu_path'] !== null - && isset($_POST['page_id']) && $_POST['page_id'] !== null - && isset($_POST['page_name_path_hidden']) && $_POST['page_name_path_hidden'] === '') - { - PageManagementController::updatePageMenuPath($entityManager); + elseif($this->request->request->get('page_menu_path') !== null + && $this->request->request->get('page_id') !== null + && $this->request->request->get('page_name_path_hidden') === ''){ + return PageManagementController::updatePageMenuPath($this->entityManager, $this->request->request->get('page_menu_path')); } // ajout d'un bloc dans une page - elseif(isset($_POST['bloc_title']) && $_POST['bloc_title'] !== null - && isset($_POST['bloc_select']) && $_POST['bloc_select'] !== null - && isset($_POST['bloc_title_hidden']) && $_POST['bloc_title_hidden'] === '') // contrôle anti-robot avec input hidden - { - PageManagementController::addBloc($entityManager); + elseif($this->request->request->get('bloc_title') !== null + && $this->request->request->get('bloc_select') !== null + && $this->request->request->get('bloc_title_hidden') === ''){ // contrôle anti-robot avec input hidden + return PageManagementController::addBloc($this->entityManager, $this->request); } // suppression d'un bloc de page - elseif(isset($_POST['delete_bloc_id']) && $_POST['delete_bloc_id'] !== null - && isset($_POST['delete_bloc_hidden']) && $_POST['delete_bloc_hidden'] === '') // contrôle anti-robot avec input hidden - { - PageManagementController::deleteBloc($entityManager); + elseif($this->request->request->get('delete_bloc_id') !== null + && $this->request->request->get('delete_bloc_hidden') === ''){ // contrôle anti-robot avec input hidden + return PageManagementController::deleteBloc($this->entityManager, $this->request); } /* -- page Menu et chemins -- */ // création d'une entrée de menu avec une URL - elseif(isset($_POST["label_input"]) && isset($_POST["url_input"]) && isset($_POST["location"])){ - MenuAndPathsController::newUrlMenuEntry($entityManager); + elseif($this->request->request->has("label_input") && $this->request->request->has("url_input") && $this->request->request->has("location")){ + return MenuAndPathsController::newUrlMenuEntry($this->entityManager); } // suppression d'une entrée de menu avec une URL - elseif(isset($_POST['delete']) && isset($_POST['x']) && isset($_POST['y'])){ // 2 params x et y sont là parce qu'on a cliqué sur une image - MenuAndPathsController::deleteUrlMenuEntry($entityManager); + elseif($this->request->request->has('delete') && $this->request->request->has('x') && $this->request->request->has('y')){ // 2 params x et y sont là parce qu'on a cliqué sur une image + return MenuAndPathsController::deleteUrlMenuEntry($this->entityManager); } /* -- page Mon compte -- */ - elseif($request->query->has('action') && $request->query->get('action') === 'update_username') - { - UserController::updateUsername($entityManager); + elseif($this->request->query->get('action') === 'update_username'){ + return UserController::updateUsername($this->entityManager); } - elseif($request->query->has('action') && $request->query->get('action') === 'update_password') - { - UserController::updatePassword($entityManager); + elseif($this->request->query->get('action') === 'update_password'){ + return UserController::updatePassword($this->entityManager); } /* -- page Maintenance -- */ - elseif($request->query->has('action') && $request->query->get('action') === 'restore_database' - && $request->request->has('hidden') && $request->get('hidden') === '' - && $request->request->has('selected_sql')) - { - MaintenanceController::handleBackupSelection($entityManager, $request); + elseif($this->request->query->get('action') === 'restore_database' && $this->request->get('hidden') === '' && $this->request->request->has('selected_sql')){ + return MaintenanceController::handleBackupSelection($this->entityManager, $this->request); } // redirection page d'accueil - else{ - header("Location: " . new URL(['error' => 'paramètres inconnus'])); - die; - } + return new RedirectResponse((string)new URL(['error' => 'paramètres inconnus'])); } - // POST admin ne matchant pas - else{ - echo json_encode(['success' => false]); - die; + // requêtes XMLHttpRequest + elseif($this->request->isXmlHttpRequest()){ + return new JsonResponse(['success' => false]); // noyer le poisson en laissant penser que le site gère les requêtes XHR } + + // POST admin ne matchant pas + return new Response('bad parameters', Response::HTTP_BAD_REQUEST); // code 400 } - // POST non admin ne matchant pas - else{ - echo json_encode(['success' => false]); - die; - } - } - // méthode inconnue - else{ - header("Location: " . new URL(['error' => 'tu fais quoi là mec?'])); - die; + // POST non-admin ne matchant pas + return new Response('bad parameters', Response::HTTP_BAD_REQUEST); // code 400 } - - - /* -- utilisation de la réponse -- */ - if(isset($response)){ - // cas gérés (d'autres sont à prévoir): mauvais id de la page article, accès page création d'article sans être admin - if($request->isMethod('GET') && $response->getStatusCode() == 302){ // 302 redirection temporaire - header('Location: ' . new URL(['page' => $_GET['from'] ?? ''])); - } - // redirection après traitement de formulaires HTTP - elseif($request->getMethod() === 'POST' && $request->headers->get('Content-Type') === 'application/x-www-form-urlencoded'){ - $response_data = json_decode(($response)->getContent(), true); - $url = new URL(['page' => $_GET['from'] ?? '']); - $url->addParams(['success' => $response_data['success'], 'message' => $response_data['message']]); - header('Location: ' . $url); - } - // affichage d'une page OU requête AJAX - else{ - $response->send(); - } - } - // pas utilisation de RESPONSE (cas destiné à disparaître) + // méthode HTTP inconnue else{ - if($request->getMethod() === 'POST' && $request->headers->get('Content-Type') === 'application/x-www-form-urlencoded'){ - header("Location: " . new URL(['error' => 'erreur côté serveur'])); - } - else{ - http_response_code(500); - echo "erreur côté serveur"; - } + return new RedirectResponse((string)new URL(['error' => 'tu fais quoi là mec?'])); } } } \ No newline at end of file diff --git a/src/service/User.php b/src/service/User.php new file mode 100644 index 0000000..bd17dce --- /dev/null +++ b/src/service/User.php @@ -0,0 +1,23 @@ +createQuery("SELECT u FROM App\Entity\User u") + ->setMaxResults(1) + ->getOneOrNullResult()) + { + unset($_SESSION['user']); + return false; + } + else{ + return true; + } + } +} \ No newline at end of file -- cgit v1.2.3