diff --git a/src/Silex/Controller/FrontController.php b/src/Silex/Controller/FrontController.php index 747c1ca..0443b56 100644 --- a/src/Silex/Controller/FrontController.php +++ b/src/Silex/Controller/FrontController.php @@ -10,15 +10,18 @@ use Silex\Router\Route; class FrontController { - private Route $route; + private ?Route $route; - public function __construct(Route $route) + public function __construct(?Route $route) { $this->route = $route; } public function run(DI $di): HttpResponse { + if ($this->route === null) { + return new HttpResponse(404, 'errors', ['errors' => ['Route not found']]); + } if ($this->route->getController() instanceof AdminController && ($di->getSecurity()->getCurrentUser() === null || !$di->getSecurity()->getCurrentUser()->isAdmin())) { HttpResponse::redirect($di->getRouter()->url('login')); diff --git a/src/Silex/Controller/VisitorController.php b/src/Silex/Controller/VisitorController.php index f9425c2..6f27520 100644 --- a/src/Silex/Controller/VisitorController.php +++ b/src/Silex/Controller/VisitorController.php @@ -9,6 +9,7 @@ use Silex\DI\DI; use Silex\Http\HttpResponse; use Silex\Model\Comment; use Silex\Util\Pagination; +use Silex\Validation\CommentValidation; class VisitorController { @@ -37,6 +38,9 @@ class VisitorController { { $newsId = intval($params['id']); $news = $di->getNewsGateway()->getById($newsId); + if ($news === null) { + return new HttpResponse(404, 'errors', ['errors' => ['Unknown news']]); + } if ($news->getSlug() !== $params['slug']) { HttpResponse::redirect($di->getRouter()->url($news->getSlugRedirect())); } @@ -44,12 +48,19 @@ class VisitorController { return new HttpResponse(200, 'newsView', ['news' => $news, 'comments' => $comments]); } - public function comment(DI $di, array $params): void + public function comment(DI $di, array $params): HttpResponse { $newsId = intval($params['id']); $news = $di->getNewsGateway()->getById($newsId); - $comment = new Comment(-1, $newsId, new DateTime(), $_POST['content']); + if ($news === null) { + return new HttpResponse(404, 'errors', ['errors' => ['Unknown news']]); + } $author = $di->getSecurity()->getCurrentUser(); + $errors = []; + if (!CommentValidation::isValidComment($_POST, $author === null, $errors)) { + return new HttpResponse(400, 'errors', ['errors' => $errors]); + } + $comment = new Comment(-1, $newsId, new DateTime(), $_POST['content']); if ($author !== null) { $comment->setAuthor($author); } else { @@ -58,5 +69,6 @@ class VisitorController { } $di->getCommentGateway()->insert($comment); HttpResponse::redirect($di->getRouter()->url($news->getSlugRedirect())); + exit(); } } diff --git a/src/Silex/Gateway/NewsGateway.php b/src/Silex/Gateway/NewsGateway.php index c7d28bf..e2ffda5 100644 --- a/src/Silex/Gateway/NewsGateway.php +++ b/src/Silex/Gateway/NewsGateway.php @@ -65,7 +65,7 @@ class NewsGateway return intval($req->fetch()['nb']); } - public function getById(int $id): News + public function getById(int $id): ?News { $req = $this->pdo->prepare('SELECT * FROM news WHERE id_news=:id;'); $req->bindValue(':id', $id, PDO::PARAM_INT); @@ -73,8 +73,7 @@ class NewsGateway return null; } $data = $req->fetch(); - $news = $this->createNews($data); - return $news; + return $data === false ? null : $this->createNews($data); } diff --git a/src/Silex/Http/HttpResponse.php b/src/Silex/Http/HttpResponse.php index 41433f6..bde266f 100644 --- a/src/Silex/Http/HttpResponse.php +++ b/src/Silex/Http/HttpResponse.php @@ -35,6 +35,7 @@ class HttpResponse public function render(DI $di, string $viewBasePath) { + http_response_code($this->status); $router = $di->getRouter(); $security = $di->getSecurity(); $params = $this->viewParams; diff --git a/src/Silex/Router/RouteNotFoundException.php b/src/Silex/Router/RouteNotFoundException.php deleted file mode 100644 index e6c8f9f..0000000 --- a/src/Silex/Router/RouteNotFoundException.php +++ /dev/null @@ -1,20 +0,0 @@ -routes[$_SERVER['REQUEST_METHOD']])) { - throw new RouteNotFoundException('Unknown HTTP method'); + return (new FrontController(null))->run($di); } $url = $this->url; if ($this->basePath !== '') { if (PathHelper::startsWith($url, $this->basePath)) { $url = trim(substr($url, strlen($this->basePath)), '/'); } else { - throw new RouteNotFoundException('No matching routes'); + return (new FrontController(null))->run($di); } } foreach ($this->routes[$_SERVER['REQUEST_METHOD']] as $route) { @@ -82,6 +82,6 @@ class Router return (new FrontController($route))->run($di); } } - throw new RouteNotFoundException('No matching routes'); + return (new FrontController(null))->run($di); } } diff --git a/src/Silex/Validation/CommentValidation.php b/src/Silex/Validation/CommentValidation.php new file mode 100644 index 0000000..b410175 --- /dev/null +++ b/src/Silex/Validation/CommentValidation.php @@ -0,0 +1,17 @@ + 32) { + $errors[] = 'Login too long'; + } + return empty($errors); + } } diff --git a/views/errors.php b/views/errors.php index ee44fac..a06afbb 100644 --- a/views/errors.php +++ b/views/errors.php @@ -1,11 +1,12 @@ - -
-
-

Auth failed

-
-
- -
-
- + +
+
+

Error

+
+
+ +
+
+