fix: escape apostrophe in FORM_HELP_LABELS string (Database.php:2005)

app/public/admin/contenus-edit.php

@@ -12,8 +12,9 @@ if (empty($_SESSION["csrf_token"])) {
 $allowedPageSlugs = ["about", "licenses", "charte"];
 $allowedApropos   = ["contacts", "credits"];
 
-$pageSlug   = $_GET["slug"] ?? "";
-$aproposKey = $_GET["apropos"] ?? "";
+$pageSlug    = $_GET["slug"]       ?? "";
+$aproposKey  = $_GET["apropos"]    ?? "";
+$formHelpKey = $_GET["form_block"] ?? "";
 
 if ($pageSlug && !in_array($pageSlug, $allowedPageSlugs)) {
     $pageSlug = "";
@@ -21,8 +22,11 @@ if ($pageSlug && !in_array($pageSlug, $allowedPageSlugs)) {
 if ($aproposKey && !in_array($aproposKey, $allowedApropos)) {
     $aproposKey = "";
 }
+if ($formHelpKey && !in_array($formHelpKey, Database::FORM_HELP_KEYS, true)) {
+    $formHelpKey = "";
+}
 
-if (!$pageSlug && !$aproposKey) {
+if (!$pageSlug && !$aproposKey && !$formHelpKey) {
     header("Location: /admin/contenus.php");
     exit();
 }
@@ -37,6 +41,10 @@ try {
         }
         $editTitle = $page["title"];
         $editType  = "page";
+    } elseif ($formHelpKey) {
+        $editType        = "form_help";
+        $formHelpContent = $db->getFormHelpBlock($formHelpKey);
+        $editTitle       = Database::FORM_HELP_LABELS[$formHelpKey] ?? $formHelpKey;
     } else {
         $editType  = "apropos";
         $value     = $db->getAproposContent($aproposKey);
@@ -65,6 +73,8 @@ JS;
 $initialContent = '';
 if ($editType === 'page') {
     $initialContent = $page["content"] ?? "";
+} elseif ($editType === 'form_help') {
+    $initialContent = $formHelpContent;
 }
 
 $isAdmin = true;