add php input rules
This commit is contained in:
parent
ac113b3b13
commit
ec58273211
52
post.php
52
post.php
|
@ -9,31 +9,33 @@ try {
|
|||
}
|
||||
//UPDATE `projetphp` SET `security_level` = '6' WHERE `projetphp`.`login` = 'aaazzze';
|
||||
if(isset($_POST["updatePW"], $_POST["datene"], $_POST["email"], $_POST["pw"], $_POST["sl"], $_POST["login"]))
|
||||
if(htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "true")
|
||||
{
|
||||
$req = $bdd->prepare('UPDATE `projetphp` SET `date_naissance` = :datene, `e_mail` = :email, `mot_de_passe` = :pw, `security_level` = :sl WHERE `projetphp`.`login` = :login');
|
||||
$req->execute(array(
|
||||
'datene' => htmlspecialchars($_POST["datene"], ENT_QUOTES, 'UTF-8'),
|
||||
'email' => htmlspecialchars($_POST["email"], ENT_QUOTES, 'UTF-8'),
|
||||
'pw' => md5(htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8')),
|
||||
'sl' => htmlspecialchars($_POST["sl"], ENT_QUOTES, 'UTF-8'),
|
||||
'login' => htmlspecialchars($_POST["login"], ENT_QUOTES, 'UTF-8'),
|
||||
));
|
||||
$ret["return"] = true;
|
||||
$ret["pw"] = md5(htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8'));
|
||||
}
|
||||
else
|
||||
{
|
||||
$req = $bdd->prepare('UPDATE `projetphp` SET `date_naissance` = :datene, `e_mail` = :email, `security_level` = :sl WHERE `projetphp`.`login` = :login');
|
||||
$req->execute(array(
|
||||
'datene' => htmlspecialchars($_POST["datene"], ENT_QUOTES, 'UTF-8'),
|
||||
'email' => htmlspecialchars($_POST["email"], ENT_QUOTES, 'UTF-8'),
|
||||
'sl' => htmlspecialchars($_POST["sl"], ENT_QUOTES, 'UTF-8'),
|
||||
'login' => htmlspecialchars($_POST["login"], ENT_QUOTES, 'UTF-8'),
|
||||
));
|
||||
$ret["return"] = true;
|
||||
$ret["pw"] = htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8');
|
||||
}
|
||||
if(preg_match('/^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/', $_POST["email"]))
|
||||
if(htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "true" && preg_match('/^[a-z]{8,16}$/',$_POST["pw"]))
|
||||
{
|
||||
$req = $bdd->prepare('UPDATE `projetphp` SET `date_naissance` = :datene, `e_mail` = :email, `mot_de_passe` = :pw, `security_level` = :sl WHERE `projetphp`.`login` = :login');
|
||||
$req->execute(array(
|
||||
'datene' => htmlspecialchars($_POST["datene"], ENT_QUOTES, 'UTF-8'),
|
||||
'email' => htmlspecialchars($_POST["email"], ENT_QUOTES, 'UTF-8'),
|
||||
'pw' => md5(htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8')),
|
||||
'sl' => htmlspecialchars($_POST["sl"], ENT_QUOTES, 'UTF-8'),
|
||||
'login' => htmlspecialchars($_POST["login"], ENT_QUOTES, 'UTF-8'),
|
||||
));
|
||||
$ret["return"] = true;
|
||||
$ret["pw"] = md5(htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8'));
|
||||
}
|
||||
else if(htmlspecialchars($_POST["updatePW"], ENT_QUOTES, 'UTF-8') == "false")
|
||||
{
|
||||
$req = $bdd->prepare('UPDATE `projetphp` SET `date_naissance` = :datene, `e_mail` = :email, `security_level` = :sl WHERE `projetphp`.`login` = :login');
|
||||
$req->execute(array(
|
||||
'datene' => htmlspecialchars($_POST["datene"], ENT_QUOTES, 'UTF-8'),
|
||||
'email' => htmlspecialchars($_POST["email"], ENT_QUOTES, 'UTF-8'),
|
||||
'sl' => htmlspecialchars($_POST["sl"], ENT_QUOTES, 'UTF-8'),
|
||||
'login' => htmlspecialchars($_POST["login"], ENT_QUOTES, 'UTF-8'),
|
||||
));
|
||||
$ret["return"] = true;
|
||||
$ret["pw"] = htmlspecialchars($_POST["pw"], ENT_QUOTES, 'UTF-8');
|
||||
}
|
||||
else;
|
||||
else;
|
||||
|
||||
echo json_encode((object)$ret);
|
||||
|
|
Loading…
Reference in New Issue