From ce88b209f2f770e044a8cf794071837539679c62 Mon Sep 17 00:00:00 2001
From: Jan BELLON <jan@intra.e59.fr>
Date: Thu, 7 Mar 2024 20:39:41 +0000
Subject: [PATCH] Update 2 files

- /html/editpage.php
- /html/journal.php
---
 html/editpage.php | 3 ++-
 html/journal.php  | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/html/editpage.php b/html/editpage.php
index 74b6831a..20f16056 100644
--- a/html/editpage.php
+++ b/html/editpage.php
@@ -119,7 +119,8 @@ if(isset($fichier)) {
                                 echo "</div></div><div>";
                                 echo "<div><h2>Articles</h2></div>";
                                 $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
-                                $req = $bdd->prepare("SELECT ID, titre, auteur, date FROM articles ORDER BY date DESC LIMIT 10");
+                                $req = $bdd->prepare("SELECT ID, titre, auteur, date FROM articles WHERE role <= :role ORDER BY date DESC LIMIT 10");
+                                $req->bindParam(":role", $_SESSION['role']);
                                 $req->execute();
                                 $resultat = $req->fetchAll(PDO::FETCH_ASSOC);
 
diff --git a/html/journal.php b/html/journal.php
index 94dc76f4..680a05e7 100644
--- a/html/journal.php
+++ b/html/journal.php
@@ -56,7 +56,7 @@ if (filter_var($_GET['article'], FILTER_VALIDATE_INT)) {
                         } else {
                             $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
                             $req = $bdd->prepare("SELECT ID, titre, date, auteur FROM articles WHERE role <= :role ORDER BY date DESC");
-                        $req->bindParam(":role", $_SESSION['role'])
+                        $req->bindParam(":role", $_SESSION['role']);
                             $req->execute();
                             $resultat = $req->fetchAll(PDO::FETCH_ASSOC);