a

2026-04-23 15:00:00 +00:00 · 2026-04-23 15:00:00 +00:00 · 56e284ccba
commit 56e284ccba
parent f05eb43d41
2 changed files with 19 additions and 1 deletions
--- a/Contestation/Contesterdossier.php
+++ b/Contestation/Contesterdossier.php
@ -308,7 +308,7 @@
 				<!-- Contestation Form -->
 				<form action="<?= $action ?>" method="post">
 					<!-- <input type="hidden" id="csrf_token" name="csrf_token" value="<?= htmlspecialchars($token) ?>"> -->
-					<input type="text" id="csrf_token" name="csrf_token" value="<?= htmlspecialchars($token) ?>">
+					<input class="form-control" type="text" id="csrf_token" name="csrf_token" value="<?= htmlspecialchars($token) ?>">
 					
 					<div class="mb-4">
 						<label for="motifContestation" class="form-label required">
--- a/Contestation/Validercontestation.php
+++ b/Contestation/Validercontestation.php
@ -57,6 +57,24 @@ function afficherMessage($message, $estErreur = true) {
    exit();
 }

+
+var_dump($_POST);
+
+if (!isset($_POST['csrf_token'])) {
+    afficherMessage("<strong>Mauvaise session!</strong>");
+}
+
+$csrf_token = trim($_POST['csrf_token']);
+
+if (!Csrf::validateToken($csrf_token)) {
+	afficherMessage("<strong>Mauvaise session!</strong>");
+	// exit;
+}
+
+echo "On peut maintenant contester";
+exit;
+
+
 // Configuration de la langue
 if (!isset($_SESSION['codeLangue'])) {
    afficherMessage("<strong>Paramètre langue absent de la requête!</strong>");