From e3d85f794682635928f05189f516bec2cd9a5c72 Mon Sep 17 00:00:00 2001 From: Yass Date: Mon, 2 Mar 2026 09:13:53 +0100 Subject: [PATCH] Correction envoie mail --- models/CategoryModel.php | 12 ++++++++++-- models/ImageModel.php | 13 ++++++++++--- models/UserModel.php | 14 ++++++++++---- views/project_display.tpl | 4 ++-- 4 files changed, 32 insertions(+), 11 deletions(-) diff --git a/models/CategoryModel.php b/models/CategoryModel.php index 2511e11..3ce1dc4 100644 --- a/models/CategoryModel.php +++ b/models/CategoryModel.php @@ -22,10 +22,18 @@ FROM category"; if ($intLimit > 0){ - $strRq .= " LIMIT ".$intLimit; + $strRq .= " LIMIT :limit"; } - return $this->_db->query($strRq)->fetchAll(); + $rqPrep = $this->_db->prepare($strRq); + + if ($intLimit > 0){ + $rqPrep->bindValue(":limit", $intLimit, PDO::PARAM_INT); + } + + $rqPrep->execute(); + + return $rqPrep->fetchAll(); } /** diff --git a/models/ImageModel.php b/models/ImageModel.php index c471da4..c3cc95d 100644 --- a/models/ImageModel.php +++ b/models/ImageModel.php @@ -22,11 +22,18 @@ $strRq = "SELECT image.* FROM image"; - if ($intLimit > 0){ - $strRq .= " LIMIT ".$intLimit; + $strRq .= " LIMIT :limit"; } - return $this->_db->query($strRq)->fetchAll(); + $rqPrep = $this->_db->prepare($strRq); + + if ($intLimit > 0){ + $rqPrep->bindValue(":limit", $intLimit, PDO::PARAM_INT); + } + + $rqPrep->execute(); + + return $rqPrep->fetchAll(); } } \ No newline at end of file diff --git a/models/UserModel.php b/models/UserModel.php index 3563238..5663504 100644 --- a/models/UserModel.php +++ b/models/UserModel.php @@ -37,9 +37,15 @@ $strRq = "SELECT user_id, user_name, user_firstname, user_password, user_image, user_status, authorisation_name, user_pseudo FROM users INNER JOIN authorisation ON authorisation.authorisation_id = users.user_status - WHERE user_mail = '".$strMail."'"; + WHERE user_mail = :mail"; + + $rqPrep = $this->_db->prepare($strRq); + $rqPrep->bindValue(":mail", $strMail, PDO::PARAM_STR); + $rqPrep->execute(); + + - $arrUser = $this->_db->query($strRq)->fetch(); + $arrUser = $rqPrep->fetch(); if (password_verify($strPwd, $arrUser['user_password'])){ unset($arrUser['user_password']); return $arrUser; @@ -236,7 +242,7 @@ /** * Verifie sur le pseudo entré n'est pas déjà utilisé * @param string $pseudo Pseudo a verifié - * @return array Tableau associatif (ou false si pas trouvé) + * @return bool Le pseudo existe ou pas */ public function pseudoExists(string $pseudo): bool{ @@ -244,6 +250,6 @@ $rq->bindValue(":pseudo", $pseudo, PDO::PARAM_STR); $rq->execute(); - return $rq->fetchColumn(); + return (bool)$rq->fetchColumn(); } } diff --git a/views/project_display.tpl b/views/project_display.tpl index 843512c..506cd5c 100644 --- a/views/project_display.tpl +++ b/views/project_display.tpl @@ -75,9 +75,9 @@ - +
-
+