Update 5 files

- /include/variables.php
- /html/upload.php
- /html/journal.php
- /html/editpage.php
- /html/admin.php

html/admin.php

@@ -2,7 +2,7 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
-if(isset($_SESSION['role']) == false || $_SESSION['role'] < 4) {
+if($role < 4) {
     header("Location: login.php");
     http_response_code(404);
     die();

html/editpage.php

@@ -2,7 +2,7 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
-if(isset($_SESSION['role']) == false || $_SESSION['role'] < 3) {
+if($role < 3) {
     header("Location: login.php");
     http_response_code(404);
     die();

html/journal.php

@@ -56,7 +56,7 @@ if (filter_var($_GET['article'], FILTER_VALIDATE_INT)) {
                         } else {
                             $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
                             $req = $bdd->prepare("SELECT ID, titre, date, auteur FROM articles WHERE classification <= :role ORDER BY date DESC");
-                        $req->bindParam(":role", $_SESSION['role']);
+                        $req->bindParam(":role", $role);
                             $req->execute();
                             $resultat = $req->fetchAll(PDO::FETCH_ASSOC);
 

html/upload.php

@@ -4,7 +4,7 @@ require "../include/functions.php";
 
 $repertoire = "/var/www/e59/";
 
-if(isset($_SESSION['role']) == false || $_SESSION['role'] < 3) {
+if($role < 3) {
     header("Location: login.php");
     http_response_code(404);
     die();

include/variables.php

@@ -15,4 +15,6 @@ $navadmin = $nav;
 $status = "";
 $classifications = $config['classifications'];
 
+$role = isset($_SESSION['role']) ? $_SESSION['role'] : 0;
+
 ?>