ynerant
/
plateforme-tfjm2
mirror of https://gitlab.com/animath/si/plateforme.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Sécurité

This commit is contained in:
Yohann D'ANELLO 2020-01-22 22:18:55 +01:00
parent c64ef0646e
commit 2ee1c75d0c
3 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server_files/controllers/informations.php
View File

@ -88,7 +88,7 @@ class AttributeTeam
public function __construct($data)
{
$this->team_id = $data["team"];
$this->team_id = htmlspecialchars($data["team"]);
$this->team = Team::fromId($this->team_id);
}
@ -148,7 +148,7 @@ class ValidatePayment
global $user;
foreach ($data as $key => $value)
$this->$key = $value;
$this->$key = htmlspecialchars($value);
$this->payment = $user->getPayment();
}

2
server_files/controllers/paiement.php
View File

@ -36,7 +36,7 @@ class Pay {
public function __construct($data)
{
foreach ($data as $key => $value)
$this->$key = $value;
$this->$key = htmlspecialchars($value);
$this->method = PaymentMethod::fromName(strtoupper($this->method));

2
server_files/views/inscription.php
View File

@ -22,12 +22,14 @@ if (isset($user) && !$has_error) {
<form method="POST">
<div class="form-group row">
<div class="form-group col-md-12">
<label for="role">Rôle :</label>
<select id="role" name="role" onchange="selectRole()" class="custom-select">
<option value="participant"><?= Role::getTranslatedName(Role::PARTICIPANT) ?></option>
<option value="encadrant"><?= Role::getTranslatedName(Role::ENCADRANT) ?></option>
</select>
</div>
</div>
<div class="form-row">
<div class="form-group col-md-6">