Example #1
0
 public function setValuesFromArray($post)
 {
     $i = 0;
     foreach ($post as $key => $value) {
         if (in_array($key, $this->_fields)) {
             $this->_data[$key] = Template::makeTextSafe($value);
             $this->_values[$i] = Template::makeTextSafe($value);
             $i++;
         }
     }
     if (count($this->_values) != count($this->_fields)) {
         return false;
     }
     return true;
 }
Example #2
0
<?php

//Convertit les données BLOB transmise en fichier dont le type MIME est précisé par le paramètre type
$converter = function ($parameters) {
    global $_system_registry;
    //on arrete tout si les données requises ne sont pas transmises
    if (!isset($parameters["type"]) || $parameters["type"] == "" || !isset($parameters["table"]) || $parameters["table"] == "" || !isset($parameters["id"]) || $parameters["id"] == "") {
        header("Location: " . $parameters["_url"] . "/index");
        return;
    }
    //on rends les paramètres innofensifs
    $parameters["type"] = Template::makeTextSafe($parameters["type"]);
    $parameters["table"] = Template::makeTextSafe($parameters["table"]);
    $parameters["id"] = Template::makeTextSafe($parameters["id"]);
    //On ne touche pas a blob pour ne pas risquer d'altérer les données
    switch ($parameters["type"]) {
        case "picture":
            //on traite le cas de la photo
            $sql = "";
            if ($parameters['table'] == "artist") {
                $sql = "SELECT Photo as picture FROM Musicien WHERE Musicien.Code_Musicien = '" . $parameters["id"] . "'";
            } else {
                if ($parameters["table"] == "album") {
                    $sql = "SELECT Pochette as picture FROM Album WHERE Album.Code_Album = '" . $parameters["id"] . "'";
                }
            }
            $result = $_system_registry->getModel()->query($sql)->fetch();
            header('Content-Type: image/jpeg');
            $image = pack("H*", $result["picture"]);
            echo $image;
            return;
Example #3
0
<?php

//PAGE DE LOGIN
$login = function ($parameters) {
    template("views/login/login.tpl", $parameters, "views/base.tpl");
};
$_system_registry->registerPage("login", "", $login);
$auth = function ($parameters) {
    global $_system_registry;
    if (!isset($_POST["hash"])) {
        header("Location:/index");
        return;
    }
    $parameters["login"] = false;
    $_POST["hash"] = Template::makeTextSafe($_POST["hash"]);
    if (Session::checkCredentials($_POST["hash"])) {
        $parameters["login"] = true;
        Session::saveCredentialsHash($_POST["hash"]);
        //Création des variables des paniers
        $basket = array();
        Session::addEntry("basket", $basket);
    }
    template("views/login/auth.tpl", $parameters, "views/base.tpl");
};
$_system_registry->registerPage("auth", "", $auth);