From 2a594a8d449be33d2ccaeda412445a8880343852 Mon Sep 17 00:00:00 2001 From: Olivier PARPAILLON Date: Thu, 21 Nov 2024 13:47:47 +0100 Subject: [PATCH] better form & mime type check --- .idea/sortir.iml | 1 - public/img/accept-user.svg | 13 +++++++ public/img/deny-user.svg | 13 +++++++ public/img/user-able.svg | 7 ++++ public/img/user-delete.svg | 7 ++++ public/img/user-disable.svg | 7 ++++ .../image/profile/avatar-673f122734b9c.jpg | Bin 0 -> 8744 bytes src/Controller/ProfileController.php | 21 +++++++++++ src/Form/ProfileFormType.php | 10 ------ src/Form/RegistrationFormType.php | 33 ------------------ templates/admin/user.html.twig | 22 +++++++----- templates/main/base.html.twig | 6 ++-- 12 files changed, 85 insertions(+), 55 deletions(-) create mode 100644 public/img/accept-user.svg create mode 100644 public/img/deny-user.svg create mode 100644 public/img/user-able.svg create mode 100644 public/img/user-delete.svg create mode 100644 public/img/user-disable.svg create mode 100644 public/upload/image/profile/avatar-673f122734b9c.jpg diff --git a/.idea/sortir.iml b/.idea/sortir.iml index cf93744..0fa7baa 100644 --- a/.idea/sortir.iml +++ b/.idea/sortir.iml @@ -3,7 +3,6 @@ - diff --git a/public/img/accept-user.svg b/public/img/accept-user.svg new file mode 100644 index 0000000..108900a --- /dev/null +++ b/public/img/accept-user.svg @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/public/img/deny-user.svg b/public/img/deny-user.svg new file mode 100644 index 0000000..2f27eb0 --- /dev/null +++ b/public/img/deny-user.svg @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/public/img/user-able.svg b/public/img/user-able.svg new file mode 100644 index 0000000..3170fc0 --- /dev/null +++ b/public/img/user-able.svg @@ -0,0 +1,7 @@ + + + + + + plus-circle Created with Sketch Beta. + \ No newline at end of file diff --git a/public/img/user-delete.svg b/public/img/user-delete.svg new file mode 100644 index 0000000..f94dd75 --- /dev/null +++ b/public/img/user-delete.svg @@ -0,0 +1,7 @@ + + + + + + + \ No newline at end of file diff --git a/public/img/user-disable.svg b/public/img/user-disable.svg new file mode 100644 index 0000000..4c6dbfe --- /dev/null +++ b/public/img/user-disable.svg @@ -0,0 +1,7 @@ + + + + + + minus-circle Created with Sketch Beta. + \ No newline at end of file diff --git a/public/upload/image/profile/avatar-673f122734b9c.jpg b/public/upload/image/profile/avatar-673f122734b9c.jpg new file mode 100644 index 0000000000000000000000000000000000000000..d3f5e229d8d395aa52e4359eaf560af5b59a85eb GIT binary patch literal 8744 zcmcgRc|6oz_jksOooq>#8e`8o$d+a75wb5)nP$e4VTKudibA%c4N2A>DG`-Y$gVs^ z(JFh3D2iwk`P~`neV*s{{{DJ@pZCt^d(XM&o_n@??)fgW{Cs&72-sTLSOElVDhL$- zmd8MzWmKRa05&$804D%|4e%q7z!74a@DfL$0RqB<@RC@?(;&`l7Gys{IE8^RjUX@x zVHn3Ss$U?5jIkk7Lon`SB7+*HhH;@10|^w2J((0pz_`)LVHlfWfuWzp@h>J zVFX4XHADp}V(R(@m&ed|0vHUMfx3DKU5!AZ?jfrYsln<|1e!WdO+y_RnnckE#2_*Q zvxn>-7-EF|Sl@)j1d@!f9-Hko>}lrYfWWOWVPuyW2UlWD5K*6mH8JKkj53G{rUjE3 z1WZ&gC4_DeWrSr3H-I>ktd2G2<}wT;`58D{SgrEFkr8&)n8?UTwMZ>BYM8$|PG4VN zT|-k{Q&SaksM4cD7=$R*5V{Og#EJ|HGMyL}NMkyPVag=zp@uVzu-H|>v;ZoDN)MpY zevAK`ufL~R9{*ZoLt_xNp%doRF!JwpPzRA^6rDj*|0@S;Da%!LEC#cx*P6^=M6>pS zZf#@b`dbQ=s^-s}3uNvSofUBZKtIOc^pl9c`Dx){6qZ&JQJqX72a`h>bjXW?s#c;) zgB$#t8~PSbCo@T`H58JcI#jqSdvyWR56dVRqSbK!TfZQKx~7JPo~nkXs;2&LWl)%N zpnm}4ZyNu1=7h0$;Hux@H82l@DGHUc;F;+>K67ks*cXvx7wK5xLR7MT6&sWI=Z@8nmU_rwREty zaj>*;u(0&Baj?c>;OQX|4Txc60zBQutTW<54qZVgfyVZPFnG*e0tmD~3N?aYsLo7y zNMAu%oa%pF4{_4Jj>n1^QwrmkJZ3@|PzX#PqEtyM)dp+)|6O+eVI@mH)5^bE#%;)o zsvT>;{*C9XlT9Op(aEmSG_sL`GkImV6pa7A(9PM-n3>l9S6Z+VN}P8PcnD=n|At1hpktt5@rFvV%>Z!tDDmQ%B^F*n?* zYh=7-xfSqmB1uRR0wD;N+krT|hauUR_p#p%g+?IR*q2`bP6U&V_~QF}>c4^9;arTS zcWN~`488uas&8`=w|o&|nDSwCg%DbqP!16Coe_A}Sn^#(GXN2_XR=tsJ+~_0^8nKA zfiH82=*h-FpmU>|IRaLto^7uKqa_V4ZxKKyLUo6C5!wX9D4>E3ijA zct8hWTK#(Toz!^1&YB8lMNqxQ9^Pb|1jj2L}ap zfOo+m9zNN8uf&7tiDqDW4j_U8APe#&K-G@|L5N4pdqILVCqPxqun0!$XaL~G!vW%1 z9{`uj0Jwe?hQy=*fEb4&;M@$rnJ8#(oCZMlJqF^@jd)~1^ZrC!HG(?>64XWkC`yAN+Bpvr?BVPIMF2MJ*8qSTWa69Y!3n@Rs0i`46wX~M z=@q-{;ZbV_?VGAFV8e-W0F*c3 z!N+h6K&1Uy1a#*60YDjGR(4CeZ!ZvvgCfPFvp`O4*2?aAGUGef0Aqic1_1Yqcto@| zbkoff5vu{sO5<$iT?mc`fHqge8cE&@F zs&WphB^1wY_)$P^1hT+2JQqeGFab4MkqOw9H^oB`*)YW%0gE!G38Fd!tPy*y8#ARphO$@z+Yuj0062ndUha??*M?;@q#ntN$urRA@^I5Obmp!Vs}QyPPZXT$E-a6}wy;MLu-&+bu5 zf?VdIgLEmj@|mmM?Od|oJQZGH-Wf{vrJOu|r)}Ut^*04t+6NM4ZR&8+8IRH(^MO`9 zc~31%I9qGawD@eh`&_WK&oyGA;EQFb+#maVThy`sL)(g)501nkiYBwsCpAxod>iZ> zOebgkM$6_fq z<*~uk{vS5l`|58zsTPblANTU-(&&WKjWU}p=2G1woKJmtYA$(-Qcp#^uuKU4I_eWA zCaBXD7IMamrh0pkr?8Y=bVL+#CI}9wq5FS&>I5&m>WOGelAvbZo~}K?{&-TyXzXW{ zd**O=t>*`dSWiFhWHT=$d`DRJUDXEf&`Z}ixkjT~3H4^UE{QHDZ`k3BI{vwv)G^qyOvWO~Qc zjr1d$Z!?cN6m8z5Q)SV0TdgAMYuD+}4c`_jT^KiA%DQ5LT_|2x>Du(rnROZ;H?T%iXv@8iL>d+D$RtOaV zSQ1cZ6ao#u3$Usa0th0dHSroaN2g;#SW`j*n=mG{ILmj>YMEd+VU~%vV$P@w_=ZhQ zX|+2l{Y1vNX)67;nDG8==MT=uPb-K!sZB&Vr+a=-uGTyqYd09XbLhNlR9b+nTC8nA zy+g@EyASy}4V2btgP?X7GT)DbT_wl*mZl0+dCClL^m)4GPh}Vm+%)(&XT7Bq}a61X1cnT ziFr#slHf1O-z}C#A8#w~!^M5GqZs#pyFIa<2f=BFyFL27nt^S=dFFn-vnOMVCxaS= zdC_iO8=oG_VWwOXVeyf``E}0^31N=zN7OwkdurGxuh)p;yv#yuhC78nbllK!G7nvw zo7Q$dNPc*fulw|&47%V!jkuyonza% zS_Axr=s|o9?hm+jesWg-ZdWE%GU(kAioK`1bkVFx35dMZ#SW`_dY`d7^QFFIjPx$P zTym52n9~~Wlqgs8){+ft5zgnf?mV}4P`poq7UyLcwzH(|#z|H@Z*PH(Y zDeO2%DA7A_?c4OZq{cz1*HdA0z?6rp_5=kvtg2iwIa_p3^%0*I@m4_6+#TsFg!4F< z5;Nz+rB$E4joVhI)^%ZEt3rC+yP=k6gf|Wn>p5Jey$fRo$9C2z;an0&?{4y7;FY?! z>MruO7Hx9h{UqnJ%aSWv(R$(<$ z9o0nor*~@LWgl#kC5hiwA#20kLjI0h3#zTuc~0)PB-Ed`4x=5mW$nW9-@>&^lzZO` zRHj5&8`s4=(#{a8hTFft_m5=1`oNmRVLSR^~*U*olKP@kl)bnKFN@{+1KxtjZe#NMUA1 z%RpRd-pc7VR&m$#n(rppxh=p43r|ixZHF5DrE7}DZ85^M+V+yy)Qx9A@0slDb(+a`qtAAj3W{rU27MK|m2sN)ZZeyo z0lOr=^QM&MoM|))rNegV6=xa(pi|7bqUSt$Q8z7)%ie#eV>c>A6E{7m&r>d$<~-;5 z+*YO=q>?(k@ORyDMHnQ3m)zm_=Upk0`(2+E(l8Q9t`b_s8`Uog9+-@g^qajn@ba+P1; z6P#YO_a->V3exZF&}eqn%`(!j*AO|JzTN_5&Awz>-!W!)^PIvKrS2~SPm~4PbDi>~ z6f&=)%mup|m6~FQOitKy9V`NisnSO=18)vEploN~8yvtq`o5VXzoW)|1i7xKY0xr8 zj_~}{_N>6M>6j;t%YgB6Al|8G+eSas##R^PYe$azpOtJ~7Q;zj6qmtW_2x~gqFJhK z4xMhCNISMu!V(GEqMXA^VF1T3;$MASIf%=N0$gUpEYb0GS#`T!o?Q>b4x_ib9^?_Y zbGZ?HQL5j>=Th~jWMuP>Tq^BPeF?#kt6R|TbnJ$RbIB6`G`pgoBdrw=n(fQsKc5%|3eN02>;aNdTd1K=>{3+6$W&(+S?~>VH7hQO!|L`sfm!kOS%4}&W zqU(yt){{MHY>1XCxd&%Uk{}`X;OWkzNJvnAxe!3Soa)eZ!oa16|A2@o`e^)f_M77H z8*&*Rqn;)qKAst+=!-!R&g%$Bh?oj?ZcS`972Rw>CLK@zx+7~mGPeA*?m7#3BtM^y zR@d*gI5I9GeY?7M(vw`9k*e7S9fAsK^)XeHcz z!ClBr4hlETa!sq3L37ukyH-JyB?ks8Uxc{)NJU`r%OFSh_g4l1)_wfH)v;yAud1Sf z<`oRSA7NIocmRA^80-;nu+oq$;JZ3n0UAtzVRrHGLNO6GW`}`q$xH}Ih?W&;7{IwA zfhiNU!pr&t13J!B0x#He0^ZdrJix>Cu(71VoMuX04HDE552xXXNmvmZ4>1h9m<`YB zVaLYQ5DyUW)$teU7Zc>+X3QewWbv+ufC~`#6>>ZXSV7RNz_akfE0q6Me*oT+l?4#+4=pq&{Ob1W=~WQ? zx+NzZEAE}uXu;Hs&HU>f*F<0$R5r^2zgk0S&9G_rH7dx$;hc_$gag4o9EV!AMQu=i zRG`?iLG`o8Gok$zS9uE=KhIIquB;tda-z3#gj8a>O zi&Lk(l-TUa{c7_=rDUIyfsV}j`?eMOLpg?O_fC0b+gE)xJ7q&!$H$kXm!lNaaRHy0 znDTro9U~Fi@Mw%tQG>cT-T$#b@qL~tz2=gyiS+r9N%vTBYQ?oD7fj=w<+^I*J*(f{ znmPaJy9Wug)q9;unxHHxLO2i+5mapVrn1xA94*?=O?Xmj9f6K>x_1DS@vJ$YrZ=?= zVwCJc4Ybd_n>mcm#m+6hsdhzs@;uGn@sz)krYj|d7*E7}kC5c9|1<{H(MsK=f}*wG z+)dnShZMqU%Dam8O}uaNB{`lXmlm*NhQTt>7O)2xV|f8o^%jFi=Re%Yxr}}e_U~==&W5q zE|=CqTaPCB`J6|@(kK#~@-4Z?^}rD2d^LaLo$Cm}B*9)~pFnN8!OOf{vr)Gtg0F1r zR(0k5)i{l78?MKV`rCfw`J9#nuR`(p%`>|%ty$kz z&(`iZ)ncde8F?R%_2mj2X^hF|?Q9lqeajXcaoB7`Ov&w*;YQDNkEHaog;C0rIe3)KG#6R@XHV2vQSW2FlyfeHDW$ckq#f!I{ERKE3a~^!8$h zxSW1-Z!PEj=Ea#mG~Zh4l-WL8$A3QZhop(`lGu^S8g5O258~2&B4u0H(o2a^T(Q?| zrAdT`?aQFJN^(y5YLM7)Mg1DZClQ&K#1xU0Elyoqbmwm;@zfW6c(VAS>9Jee1BI`< z{@7LX>u0;W_sMG?^ADE~yyVWs_tw5Fk?2>69+Sy?aItQ`kkPsx)cfPjTs!o}`=iR8 z^D2FQMk2ShAG`2j-lxHB;>rsZ(N{SX!-eLz?-6JX1GamP(dLe`hr)c#WRHmOOFaJB z;4H_+nO(SrEjnBqAVLo(@tEH>{z=m`Sp2$Od#ycaQ^0J~3^5LzxxIGI^Yig&;S^DN ztdgKbV$++1@~5={j-x09Z4b8E1aaOX#aiLbv2@ju;cKb|$-f-0zc9yj07{8~Zv=c3b_HEQdl-yS`(l`8kG$W`SVdEje$vc64Z z#p0rFJQ(lYf@FUsCB4nk;q6H4!^k%ecjEykPsR?-tVFs}uLk*D)i*gC%x-MYWaeSZ zbB2Y&GY{}LhfZA12>zxz^#J#E#-@n>^4!L{$$`-f`>|p?yf>^TQZH1sg_{`rnl!}N zi1=PRfN@8y-B!n>aQC%?v$YOVTrLH;Gs>TNzO9>b51C*O_iYQ&}?aGZQaF| ztA!&eo3`uQ2e$N_7;%)wS?MOl&zTDj<2&_9N~}iKBDeXE&Z?773TyG$0JqOh>M}dI2PH7@k@1U%_!3^>-DNYH h`YjjbyvBD2duBhm4G)r+o)Jy)D3nCg`<&(e{{huydrklV literal 0 HcmV?d00001 diff --git a/src/Controller/ProfileController.php b/src/Controller/ProfileController.php index 086d58a..5c3580c 100644 --- a/src/Controller/ProfileController.php +++ b/src/Controller/ProfileController.php @@ -9,6 +9,7 @@ use App\Form\RegistrationFormType; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\Mime\MimeTypes; use Symfony\Component\Routing\Attribute\Route; use App\Repository\ParticipantRepository; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; @@ -51,6 +52,26 @@ class ProfileController extends AbstractController $form->handleRequest($request); if ($form->isSubmitted() && $form->isValid()) { $imageFile = $form->get('image')->getData(); + if ($imageFile) { + if ($imageFile->getSize() > 1024 * 1024) { // 1MB + $this->addFlash('error', 'Votre image est trop lourde'); + return $this->render('profile/edit.html.twig', [ + 'profile' => $userConnect, + 'formProfile' => $form, + ]); + } + + $mimeTypes = new MimeTypes(); + $validMimeTypes = ['image/png', 'image/jpeg']; + $fileMimeType = $mimeTypes->guessMimeType($imageFile->getRealPath()); + if (!in_array($fileMimeType, $validMimeTypes, true)) { + $this->addFlash('error', "Veuillez insรฉrer un type d'image valide (.jpg ou .png)"); + return $this->render('profile/edit.html.twig', [ + 'profile' => $userConnect, + 'formProfile' => $form, + ]); + } + } if (($form->has('deleteImage') && $form['deleteImage']->getData()) || $imageFile) { $this->fileUploader->delete($profile->getFileName(), '/upload/image/profile'); if ($imageFile) { diff --git a/src/Form/ProfileFormType.php b/src/Form/ProfileFormType.php index 8442049..d808353 100644 --- a/src/Form/ProfileFormType.php +++ b/src/Form/ProfileFormType.php @@ -117,16 +117,6 @@ class ProfileFormType extends AbstractType 'class' => 'w-full mb-4 px-4 py-2 border border-gray-300 rounded-lg focus:outline-none focus:border-blue-500', ], 'label_attr' => ['class' => 'text-gray-700 font-bold'], - 'constraints' => [ - new File([ - 'maxSize' => '1024k', - 'mimeTypes' => [ - 'image/png', - 'image/jpeg', - ], - 'mimeTypesMessage' => 'Please upload a valid image', - ]) - ], ]) ->addEventListener(FormEvents::PRE_SET_DATA, function (FormEvent $event) { $profile = $event->getData(); diff --git a/src/Form/RegistrationFormType.php b/src/Form/RegistrationFormType.php index ad25c4b..7c41e12 100644 --- a/src/Form/RegistrationFormType.php +++ b/src/Form/RegistrationFormType.php @@ -90,39 +90,6 @@ class RegistrationFormType extends AbstractType ]), ], ]) - ->add('image', FileType::class, [ - 'label' => 'Image', - 'mapped' => false, - 'required' => false, - 'attr' => [ - 'class' => 'w-full mb-4 px-4 py-2 border border-gray-300 rounded-lg focus:outline-none focus:border-blue-500', - ], - 'label_attr' => ['class' => 'text-gray-700 font-bold'], - 'constraints' => [ - new File([ - 'maxSize' => '1024k', - 'mimeTypes' => [ - 'image/png', - 'image/jpeg', - ], - 'mimeTypesMessage' => 'Please upload a valid image', - ]) - ], - ]) - ->addEventListener(FormEvents::PRE_SET_DATA, function (FormEvent $event) { - $profile = $event->getData(); - if ($profile && $profile->getFileName()) { - $form = $event->getForm(); - $form->add('deleteImage', CheckboxType::class, [ - 'required' => false, - 'mapped' => false, - 'label' => 'Supprimer l\'image', - 'attr' => [ - 'class' => 'w-4 h-4 mb-4 border-gray-300 rounded mx-2', - ], 'label_attr' => ['class' => 'text-gray-700 font-bold px-4'] - ]); - } - }) ; } diff --git a/templates/admin/user.html.twig b/templates/admin/user.html.twig index 0e1e9b7..f54fb7d 100644 --- a/templates/admin/user.html.twig +++ b/templates/admin/user.html.twig @@ -77,11 +77,13 @@ {{ participant.roles|join(', ') }} - - - {{ participant.actif ? 'โœ”๏ธ' : 'โŒ' }} + + + Logo + + + Logo - ๐Ÿ—‘๏ธ {% endif %} @@ -132,10 +134,14 @@ - - ๐Ÿ‘Ž + + diff --git a/templates/main/base.html.twig b/templates/main/base.html.twig index 7c8285c..02e5ca9 100644 --- a/templates/main/base.html.twig +++ b/templates/main/base.html.twig @@ -19,21 +19,21 @@ {% if label == 'success' %} {% endif %} {% if label == 'error' %} {% endif %} {% if label == 'warning' %} {% endif %}