From 98b910b54f3b8b0c2a4cc484b8e03f43c70e068f Mon Sep 17 00:00:00 2001
From: Jan BELLON <jan@intra.e59.fr>
Date: Tue, 12 Mar 2024 12:30:49 +0000
Subject: [PATCH] Update 2 files

- /html/admin.php
- /html/editpage.php
---
 html/admin.php    | 2 +-
 html/editpage.php | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/html/admin.php b/html/admin.php
index 92368cf2..56763e40 100644
--- a/html/admin.php
+++ b/html/admin.php
@@ -2,7 +2,7 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
-if($_SESSION['role'] < 3) {
+if($_SESSION['role'] < 1) {
     header("Location: index.php");
     http_response_code(404);
     die();
diff --git a/html/editpage.php b/html/editpage.php
index b1df690f..162e1b94 100644
--- a/html/editpage.php
+++ b/html/editpage.php
@@ -2,7 +2,7 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
-if($_SESSION['role'] < 2) {
+if($_SESSION['role'] < 1) {
     header("Location: index.php");
     http_response_code(404);
     die();
@@ -225,8 +225,8 @@ if(isset($fichier)) {
                                 $search = "%" . htmlspecialchars($_GET['search']) . "%";
                                 $condition =  "AND (titre LIKE '" . $search . "' OR ID LIKE '" . $search . "' OR auteur LIKE '" . $search . "') ";
                             }
-                            $req = $bdd->prepare("SELECT ID, titre, date, image, resume FROM articles WHERE classification <= :accreditation " . $condition . "ORDER BY date DESC LIMIT 10"); 
-                            $req->bindParam(":accreditation", $_SESSION['accreditation']);
+                            $req = $bdd->prepare("SELECT ID, titre, date, image, resume FROM articles WHERE auteur = :user_id AND IORDER BY date DESC LIMIT 10"); 
+                            $req->bindParam(":user_id", $_SESSION['userid']);
                             $req->execute();
                             $resultat = $req->fetchAll(PDO::FETCH_ASSOC);