function checkAvatar()
{
if (!isset($_POST['image']) || !preg_match('/^http[s]?:\\/\\/[-a-zA-Z0-9_.]*\\/[-a-zA-Z0-9\\/_.]*\\.(jp[e]?g|png|gif)$/', $_POST['image'])) {
return "Url invalide";
}
$img = get_headers($_POST['image'], 1);
if ($img['Content-Length'] > 256000) {
return "Image trop lourde...200ko max";
}
return "NoError";
}
if (isset($_POST['change'])) {
$error = checkAvatar();
if ($error == "NoError") {
$_SESSION['avatar'] = $_POST['image'];
changeUrl($_SESSION['iduser'], $_POST['image']);
header("Location : index.php?page=profil");
} else {
echo $error;
}
}
function checkDataUser($Model, $user)
{
if (!isset($_POST['pseudo']) || !preg_match('/^[a-zA-Z0-9-_ ]{4,25}$/', $_POST['pseudo'])) {
return "Pseudo invalide, il ne doit être composé que de lettres.";
}
if ($Model->isPseudoInDb($_POST['pseudo']) && $user->pseudo != $_POST['pseudo']) {
return "Pseudo déjà utilisé, merci d'en choisir un autre.";
}
if (!isset($_POST['nom']) || !preg_match('/^[a-zA-Z- ]{4,25}$/', $_POST['nom'])) {
return "Nom invalide, il ne doit être composé que de lettres.";
$message = "";
if (isset($savedUrls[$tg->getChatID()][$tg->getCommand()["args"][1]])) {
changeUrl($tg->getChatID(), $tg->getCommand()["args"][1], null);
$tg->sendMessage("Url removed.");
} else {
$tg->sendMessage("Error deleting url. Name unknown.");
}
} else {
if (count($tg->getCommand()["args"]) == 2) {
if (mb_strlen($tg->getCommand()["args"][0]) <= 0) {
$tg->sendMessage("Error adding url. Please provide a simple name.");
} else {
if (filter_var($tg->getCommand()["args"][1], FILTER_VALIDATE_URL) === false) {
$tg->sendMessage("Error adding url. Please provide a valid url.");
} else {
changeUrl($tg->getChatID(), $tg->getCommand()["args"][0], $tg->getCommand()["args"][1]);
$tg->sendMessage("Url added.\nUse /l " . $tg->getCommand()["args"][0] . " to access it.");
}
}
} else {
if (count($tg->getCommand()["args"]) == 1) {
if (isset($savedUrls[$tg->getChatID()][$tg->getCommand()["args"][0]])) {
$tg->sendMessage($savedUrls[$tg->getChatID()][$tg->getCommand()["args"][0]]);
} else {
$tg->sendMessage("Url not found. Use `/l " . $tg->getCommand()["args"][0] . " https://example.com` to add it.", null, true);
}
} else {
$tg->sendMessage("Command not found.\nPlease use the help at /help shorturl");
}
}
}
<?php
require_once "../Core/utils.php";
require_once "../Model/changeavatar.php";
isNoLog("login.php");
$maxsize = 1572864;
if ($_POST['change']) {
list($type1, $type2) = explode('/', $_FILES['avatar']['type']);
if ($type1 != "image") {
echo "<div class='error' ><p class='error-txt' >Type invalide</p></div>";
}
if ($_FILES['avatar']['size'] > $maxsize) {
echo "<div class='error' ><p class='error-txt' >Fichier trop volumineux !</p></div>";
}
if ($type2 != "jpeg" || $type2 != "png" || $type2 != "jpg" || $type2 != "gif") {
echo "<div class='error' ><p class='error-txt' >Format de l'image invalide !</p></div>";
}
$_FILES['avatar']['name'] = $_SESSION['id'] . '.' . $type2;
$nom = "avatar/{$_SESSION['id']}.{$type2}";
$res = move_uploaded_file($_FILES['avatar']['tmp_name'], "../webroot/img/{$nom}");
changeUrl($_SESSION['id'], $nom);
if ($res) {
$_SESSION['msg'] = "<div class='success' ><p class='success-txt' >Avatar changé ! Actualiser la page pour voir le changement !</p></div>";
header("Location : profil.php");
}
}
require_once "../View/changeavatar.php";
}
return true;
} else {
$app->abort(401, "password incorrect");
}
case "protectView":
$password = $app['request']->get('password');
protectView($url, $password, $pdo);
return true;
case "protectEdit":
$password = $app['request']->get('password');
protectEdit($url, $password, $pdo);
return true;
case "changeUrl":
$new_url = $app['request']->get('new_url');
changeUrl($url, $new_url, $pdo);
return true;
case "save":
if (!isEditProtected($url, $pdo)) {
$content = $app['request']->get('content');
updateNote($url, $content, $pdo);
return True;
} else {
if (isset($app['session']) and $app['session']->get('id') == $url and $app['session']->get('edit')) {
$content = $app['request']->get('content');
updateNote($url, $content, $pdo);
return True;
} else {
return False;
// sinon on arrete
}
increasePriority($_GET['incPrio']);
} else {
if ($_GET['decPrio']) {
decreasePriority($_GET['decPrio']);
} else {
if ($_POST) {
if ($_POST['add']) {
newPage($_POST['newname'], $_POST['newurl'], '_self');
} else {
if ($_POST['rename']) {
$id = array_search('rename', $_POST['rename']);
renamePage($id, $_POST['name'][$id]);
} else {
if ($_POST['change']) {
$id = array_search('change', $_POST['change']);
changeUrl($id, $_POST['url'][$id]);
} else {
if ($_POST['delete']) {
$id = array_search('delete', $_POST['delete']);
delPage($id);
} else {
if ($_POST['hide']) {
$id = array_search('hide', $_POST['hide']);
chgHideStatus($id, 1);
} else {
if ($_POST['show']) {
$id = array_search('show', $_POST['show']);
chgHideStatus($id, 0);
} else {
if ($_POST['reset']) {
$nav = new Navigation();
