Properly separate the HTTP GET requests from the POST requests

[Project_webapp.git] / index.php

diff --git a/index.php b/index.php
index 2829b2676d9a720de486008b50984ba1f355fb97..125f62049964198da07139d78e5286c4990abb5b 100644 (file)
--- a/index.php
+++ b/index.php
@@ -1,7 +1,7 @@
 <?php
 require('header.php');
 
-include('libs/db.php');
+include('lib/db.php');
 /**
  * Let's use an array as the list of tunables.
  * Put in a variable the inclusion of this file:
@@ -14,25 +14,32 @@ $configs = include('config.php');
  */
 session_start();
 
-//$page = filter_input(INPUT_GET, $_GET['page'], FILTER_SANITIZE_URL);
-$page = $_GET['page'];
-
+$page = filter_input(INPUT_GET, 'page', FILTER_SANITIZE_URL);
+$isPage = true;
 if (!isset($page)) {
+    $isPage = false;
     $page = "";
 }
 
+$form = filter_input(INPUT_POST, 'form', FILTER_SANITIZE_URL);
+$isForm = true;
+if (!isset($form)) {
+    $isForm = false;
+    $form = "";
+}
+
 /**
- * [valid_page validate if the current page is a valid site actions]
+ * [validate_url_action validate if the current page is a valid site actions]
  * @param  [string] $page [the viewed page name]
  * @return [string]       [the valid matching action or the default action
  *                         if the action name do not exist ]
  */
-function valid_page($page_name)
+function validate_url_action($action_name)
 {
     global $configs;
 
     foreach ($configs['actions'] as $action) {
-        if (strcmp($page_name, $action) === 0) {
+        if (strcmp($action_name, $action) === 0) {
             // The actions list can't have duplicated entries
             return $action;
         }
@@ -41,14 +48,34 @@ function valid_page($page_name)
     return $configs['actions'][0];
 }
 
+function get_action_type() {
+    global $page, $form, $isPage, $isForm;
+
+    if ($isPage && !$isForm) {
+        return "page";
+    } elseif ($isForm && !$isPage) {
+        return "form";
+    } elseif (!$isPage && !$isForm){
+        return "empty";
+    } else {
+        return "unknown";
+    }
+}
+
 function display_action($action_name)
 {
-    global $configs;
+    global $configs, $isPage, $isForm;
 
     $found_action = false;
     foreach ($configs['actions'] as $action) {
         if (strcmp($action_name, $action) === 0) {
-            include("$action.php");
+            if (get_action_type() === "page" || get_action_type() === "empty") {
+                include($action . ".php");
+            } elseif (get_action_type() === "form") {
+                include("form" . $action . ".php");
+            } else {
+                echo "Impossible error";
+            }
             $found_action = true;
             break;
         }
@@ -58,7 +85,22 @@ function display_action($action_name)
     }
 }
 
-$action = valid_page($page);
+function get_url_action() {
+    global $page, $form, $isPage, $isForm;
+
+    if (get_action_type() === "page") {
+        return $page;
+    } elseif (get_action_type() === "form") {
+        return $form;
+    } elseif (get_action_type() === "empty") {
+        return "";
+    } elseif (get_action_type() === "unknown") {
+        die('Cannot get a valid action from URL parameters');
+    }
+}
+
+$url_action = get_url_action();
+$action = validate_url_action($url_action);
 display_action($action);
 
 session_destroy();