From 5356293d141f8232c5d49eca48d4d70eb384c1e9 Mon Sep 17 00:00:00 2001 From: KANE LAZENI Date: Mon, 20 Apr 2026 13:15:10 +0000 Subject: [PATCH] a --- Controleur/ControleurAjaxcomposantetarif.php | 12 +++++++++++- Js/fonctions.js | 4 ++-- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/Controleur/ControleurAjaxcomposantetarif.php b/Controleur/ControleurAjaxcomposantetarif.php index 960057ca..68c48c16 100755 --- a/Controleur/ControleurAjaxcomposantetarif.php +++ b/Controleur/ControleurAjaxcomposantetarif.php @@ -55,10 +55,12 @@ class ControleurAjaxcomposantetarif extends Controleur public function majprix() { - $csrf_token = $this->requete->getParametreFormulaire("csrf_token"); + $csrf_token = trim($this->requete->getParametreFormulaire("csrf_token")); + $idActe = $this->requete->getParametreFormulaire("idActe"); $prix = $this->requete->getParametreFormulaire("prix", "numerique"); + /* var_dump( array( "csrf_token" => $csrf_token, @@ -67,7 +69,15 @@ class ControleurAjaxcomposantetarif extends Controleur ) ); exit; + */ + if (!Csrf::validateToken($csrf_token)) { + $_SESSION['flash_error'] = 'Votre session a expiré. Veuillez réessayer.'; + + header('Location: ' . $_SERVER['HTTP_REFERER']); + exit; + } + $this->detailtarifacte->majPrix($idActe, $prix); } diff --git a/Js/fonctions.js b/Js/fonctions.js index 8e601bbe..c3b2e6ce 100755 --- a/Js/fonctions.js +++ b/Js/fonctions.js @@ -92592,8 +92592,8 @@ function maj_composante_tarif_acte(idActe, prix, ligne) data: donnees, success: function(data) { - alert(data); - $('#div_test_gabarit').html(data); + // alert(data); + // $('#div_test_gabarit').html(data); }, complete: function(data) {