diff options
| author | polo <ordipolo@gmx.fr> | 2024-02-08 04:31:14 +0100 |
|---|---|---|
| committer | polo <ordipolo@gmx.fr> | 2024-02-08 04:31:14 +0100 |
| commit | ccc9a05b758f1dc0313b96807edfc447a9e8d278 (patch) | |
| tree | 114808e506b2bedabdc3ad09770edd7e5eb64e81 /controller/ckeditor.php | |
| parent | 1ad47a7ca38e679a50c8dfee004db88b1633d7cf (diff) | |
| download | melaine-ccc9a05b758f1dc0313b96807edfc447a9e8d278.zip | |
RGPD cookie uniquement en mode admin et avertissement, logo journal
Diffstat (limited to 'controller/ckeditor.php')
| -rw-r--r-- | controller/ckeditor.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/controller/ckeditor.php b/controller/ckeditor.php index 1707128..d0c5824 100644 --- a/controller/ckeditor.php +++ b/controller/ckeditor.php | |||
| @@ -18,8 +18,9 @@ function preparationCKeditor($html) | |||
| 18 | header('Location: index.php?erreur=empty_input'); | 18 | header('Location: index.php?erreur=empty_input'); |
| 19 | } | 19 | } |
| 20 | 20 | ||
| 21 | // supprimer espaces, tabulations et sauts de ligne en début et fin de chaine | 21 | // sécuriser le HTML |
| 22 | $html = trim($html); | 22 | require('controller/Security.php'); |
| 23 | $html = Security::secureString($html); | ||
| 23 | 24 | ||
| 24 | // supprimer les sauts de ligne | 25 | // supprimer les sauts de ligne |
| 25 | $sautsDeLigne = array("\n", "\r", "\r\n"); | 26 | $sautsDeLigne = array("\n", "\r", "\r\n"); |
| @@ -58,7 +59,7 @@ function getFileCodeFromHTTPReferrer(): string | |||
| 58 | function submitCKeditor() | 59 | function submitCKeditor() |
| 59 | { | 60 | { |
| 60 | // déjà fait mais on ne sait jamais | 61 | // déjà fait mais on ne sait jamais |
| 61 | if(!isset($_SESSION['admin']) || $_SESSION['admin'] != 1) | 62 | if(!isset($_SESSION)) |
| 62 | { | 63 | { |
| 63 | header('Location: index.php?page=' . $_GET['page'] . '&erreur=connexion'); | 64 | header('Location: index.php?page=' . $_GET['page'] . '&erreur=connexion'); |
| 64 | exit(); | 65 | exit(); |