From ccc9a05b758f1dc0313b96807edfc447a9e8d278 Mon Sep 17 00:00:00 2001
From: polo <ordipolo@gmx.fr>
Date: Thu, 8 Feb 2024 04:31:14 +0100
Subject: RGPD cookie uniquement en mode admin et avertissement, logo journal

---
 controller/ajax.php | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

(limited to 'controller/ajax.php')

diff --git a/controller/ajax.php b/controller/ajax.php
index 1a4909e..96df9cb 100644
--- a/controller/ajax.php
+++ b/controller/ajax.php
@@ -4,12 +4,12 @@
 // traitement des requêtes AJAX
 
 
-// -> insertion d'une image dans l'éditeur
+// éditeur
+// -> insertion d'une image
 if(isset($_GET['action']) && isset($_GET['page']) && $_GET['action'] == 'upload_image')
 {
     // sécurité !!
-    if(!isset($_SESSION['admin']) || $_SESSION['admin'] != 1
-        || !isset($_FILES['upload']) || empty($_FILES['upload']))
+    if(!isset($_SESSION) || !isset($_FILES['upload']) || empty($_FILES['upload']))
     {
         // sans effet?
         header('Location: index.php?erreur=image_ajax');
@@ -48,7 +48,7 @@ if(isset($_GET['action']) && isset($_GET['page']) && $_GET['action'] == 'upload_
 if(isset($_GET['action']) && $_GET['action'] == 'restauration'
     && isset($_GET['file_name']) && isset($_GET['file_size']))
 {
-    if(!isset($_SESSION['admin']) || $_SESSION['admin'] != 1)
+    if(!isset($_SESSION))
     {
         header('Location: index.php?erreur=file_infos_ajax');
     }
@@ -56,8 +56,6 @@ if(isset($_GET['action']) && $_GET['action'] == 'restauration'
     {
         $_SESSION['fileSize'] = $_GET['file_size'];
         $_SESSION['fileName'] = $_GET['file_name'];
-        //echo("file infos send");
-        //var_dump($_SESSION['fileName']);
         exit(); // stop !!
     }
 }
@@ -65,8 +63,7 @@ if(isset($_GET['action']) && $_GET['action'] == 'restauration'
 if(isset($_GET['action']) && $_GET['action'] == 'restauration'
     && isset($_GET['chunk_name']) && isset($_FILES['blob']))
 {
-
-    if(!isset($_SESSION['admin']) || $_SESSION['admin'] != 1)
+    if(!isset($_SESSION))
     {
         header('Location: index.php?erreur=upload_ajax');
     }
@@ -79,7 +76,7 @@ if(isset($_GET['action']) && $_GET['action'] == 'restauration'
     }
 }
 
-// nettoyage
+// nettoyage systématique
 if(!isset($_GET['action']) || $_GET['action'] != 'restauration')
 {
     if(isset($_SESSION['fileName']))
-- 
cgit v1.2.3