Redirige les requêtes invalides vers la vue d'erreur
This commit is contained in:
@@ -10,15 +10,18 @@ use Silex\Router\Route;
|
||||
|
||||
class FrontController
|
||||
{
|
||||
private Route $route;
|
||||
private ?Route $route;
|
||||
|
||||
public function __construct(Route $route)
|
||||
public function __construct(?Route $route)
|
||||
{
|
||||
$this->route = $route;
|
||||
}
|
||||
|
||||
public function run(DI $di): HttpResponse
|
||||
{
|
||||
if ($this->route === null) {
|
||||
return new HttpResponse(404, 'errors', ['errors' => ['Route not found']]);
|
||||
}
|
||||
if ($this->route->getController() instanceof AdminController
|
||||
&& ($di->getSecurity()->getCurrentUser() === null || !$di->getSecurity()->getCurrentUser()->isAdmin())) {
|
||||
HttpResponse::redirect($di->getRouter()->url('login'));
|
||||
|
@@ -9,6 +9,7 @@ use Silex\DI\DI;
|
||||
use Silex\Http\HttpResponse;
|
||||
use Silex\Model\Comment;
|
||||
use Silex\Util\Pagination;
|
||||
use Silex\Validation\CommentValidation;
|
||||
|
||||
class VisitorController {
|
||||
|
||||
@@ -37,6 +38,9 @@ class VisitorController {
|
||||
{
|
||||
$newsId = intval($params['id']);
|
||||
$news = $di->getNewsGateway()->getById($newsId);
|
||||
if ($news === null) {
|
||||
return new HttpResponse(404, 'errors', ['errors' => ['Unknown news']]);
|
||||
}
|
||||
if ($news->getSlug() !== $params['slug']) {
|
||||
HttpResponse::redirect($di->getRouter()->url($news->getSlugRedirect()));
|
||||
}
|
||||
@@ -44,12 +48,19 @@ class VisitorController {
|
||||
return new HttpResponse(200, 'newsView', ['news' => $news, 'comments' => $comments]);
|
||||
}
|
||||
|
||||
public function comment(DI $di, array $params): void
|
||||
public function comment(DI $di, array $params): HttpResponse
|
||||
{
|
||||
$newsId = intval($params['id']);
|
||||
$news = $di->getNewsGateway()->getById($newsId);
|
||||
$comment = new Comment(-1, $newsId, new DateTime(), $_POST['content']);
|
||||
if ($news === null) {
|
||||
return new HttpResponse(404, 'errors', ['errors' => ['Unknown news']]);
|
||||
}
|
||||
$author = $di->getSecurity()->getCurrentUser();
|
||||
$errors = [];
|
||||
if (!CommentValidation::isValidComment($_POST, $author === null, $errors)) {
|
||||
return new HttpResponse(400, 'errors', ['errors' => $errors]);
|
||||
}
|
||||
$comment = new Comment(-1, $newsId, new DateTime(), $_POST['content']);
|
||||
if ($author !== null) {
|
||||
$comment->setAuthor($author);
|
||||
} else {
|
||||
@@ -58,5 +69,6 @@ class VisitorController {
|
||||
}
|
||||
$di->getCommentGateway()->insert($comment);
|
||||
HttpResponse::redirect($di->getRouter()->url($news->getSlugRedirect()));
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
@@ -65,7 +65,7 @@ class NewsGateway
|
||||
return intval($req->fetch()['nb']);
|
||||
}
|
||||
|
||||
public function getById(int $id): News
|
||||
public function getById(int $id): ?News
|
||||
{
|
||||
$req = $this->pdo->prepare('SELECT * FROM news WHERE id_news=:id;');
|
||||
$req->bindValue(':id', $id, PDO::PARAM_INT);
|
||||
@@ -73,8 +73,7 @@ class NewsGateway
|
||||
return null;
|
||||
}
|
||||
$data = $req->fetch();
|
||||
$news = $this->createNews($data);
|
||||
return $news;
|
||||
return $data === false ? null : $this->createNews($data);
|
||||
}
|
||||
|
||||
|
||||
|
@@ -35,6 +35,7 @@ class HttpResponse
|
||||
|
||||
public function render(DI $di, string $viewBasePath)
|
||||
{
|
||||
http_response_code($this->status);
|
||||
$router = $di->getRouter();
|
||||
$security = $di->getSecurity();
|
||||
$params = $this->viewParams;
|
||||
|
@@ -1,20 +0,0 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Silex\Router;
|
||||
|
||||
use Exception;
|
||||
use Throwable;
|
||||
|
||||
/**
|
||||
* Lorsqu'aucune route ne correspond à l'url demandée.
|
||||
*/
|
||||
class RouteNotFoundException extends Exception
|
||||
{
|
||||
|
||||
public function __construct(string $message, int $code = 0, ?Throwable $previous = null)
|
||||
{
|
||||
parent::__construct($message, $code, $previous);
|
||||
}
|
||||
}
|
@@ -67,14 +67,14 @@ class Router
|
||||
public function run(DI $di): HttpResponse
|
||||
{
|
||||
if (!isset($this->routes[$_SERVER['REQUEST_METHOD']])) {
|
||||
throw new RouteNotFoundException('Unknown HTTP method');
|
||||
return (new FrontController(null))->run($di);
|
||||
}
|
||||
$url = $this->url;
|
||||
if ($this->basePath !== '') {
|
||||
if (PathHelper::startsWith($url, $this->basePath)) {
|
||||
$url = trim(substr($url, strlen($this->basePath)), '/');
|
||||
} else {
|
||||
throw new RouteNotFoundException('No matching routes');
|
||||
return (new FrontController(null))->run($di);
|
||||
}
|
||||
}
|
||||
foreach ($this->routes[$_SERVER['REQUEST_METHOD']] as $route) {
|
||||
@@ -82,6 +82,6 @@ class Router
|
||||
return (new FrontController($route))->run($di);
|
||||
}
|
||||
}
|
||||
throw new RouteNotFoundException('No matching routes');
|
||||
return (new FrontController(null))->run($di);
|
||||
}
|
||||
}
|
||||
|
17
src/Silex/Validation/CommentValidation.php
Normal file
17
src/Silex/Validation/CommentValidation.php
Normal file
@@ -0,0 +1,17 @@
|
||||
<?php
|
||||
|
||||
namespace Silex\Validation;
|
||||
|
||||
final class CommentValidation
|
||||
{
|
||||
public static function isValidComment(array $post, bool $requiresName, array &$errors): bool
|
||||
{
|
||||
if ($requiresName) {
|
||||
UserValidation::isValidName($post, $errors, 'name');
|
||||
}
|
||||
if (empty($post['content'])) {
|
||||
$errors[] = 'Empty message';
|
||||
}
|
||||
return empty($errors);
|
||||
}
|
||||
}
|
@@ -6,24 +6,18 @@ namespace Silex\Validation;
|
||||
|
||||
final class UserValidation
|
||||
{
|
||||
public static function isValidLogin(array &$post, array &$errors): bool
|
||||
public static function isValidLogin(array $post, array &$errors): bool
|
||||
{
|
||||
if(empty($post['login'])) {
|
||||
$errors[] = 'Login error';
|
||||
}
|
||||
|
||||
self::isValidName($post, $errors);
|
||||
if(empty($post['password'])) {
|
||||
$errors[] = 'Password error';
|
||||
}
|
||||
return empty($errors);
|
||||
}
|
||||
|
||||
public static function isValidUser(array &$post, array &$errors): bool
|
||||
public static function isValidUser(array $post, array &$errors): bool
|
||||
{
|
||||
if(empty($post['login'])) {
|
||||
$errors[] = 'Login empty error';
|
||||
}
|
||||
|
||||
self::isValidName($post, $errors);
|
||||
if(empty($post['password'])) {
|
||||
$errors[] = 'Password empty error';
|
||||
}
|
||||
@@ -38,4 +32,14 @@ final class UserValidation
|
||||
|
||||
return empty($errors);
|
||||
}
|
||||
|
||||
public static function isValidName(array $post, array &$errors, string $key = 'login'): bool
|
||||
{
|
||||
if(empty($post[$key])) {
|
||||
$errors[] = 'Empty login';
|
||||
} else if(strlen($post[$key]) > 32) {
|
||||
$errors[] = 'Login too long';
|
||||
}
|
||||
return empty($errors);
|
||||
}
|
||||
}
|
||||
|
@@ -1,11 +1,12 @@
|
||||
<?php if ($params['errors']) :
|
||||
foreach ($params['errors'] as $error) { ?>
|
||||
<article class="message is-danger">
|
||||
<div class="message-header">
|
||||
<p>Auth failed</p>
|
||||
</div>
|
||||
<div class="message-body">
|
||||
<?= $error?>
|
||||
</div>
|
||||
</article>
|
||||
<?php } endif ?>
|
||||
<?php if ($params['errors']):
|
||||
foreach ($params['errors'] as $error): ?>
|
||||
<article class="message is-danger">
|
||||
<div class="message-header">
|
||||
<p>Error</p>
|
||||
</div>
|
||||
<div class="message-body">
|
||||
<?= $error ?>
|
||||
</div>
|
||||
</article>
|
||||
<?php endforeach;
|
||||
endif; ?>
|
||||
|
Reference in New Issue
Block a user