fix: escape apostrophe in FORM_HELP_LABELS string (Database.php:2005)

2026-05-06 19:19:19 +02:00 · 2026-04-29 21:05:53 +02:00
parent d665cb502d
commit 0437ec8d15
8 changed files with 225 additions and 5 deletions
--- a/app/src/Database.php
+++ b/app/src/Database.php
@@ -1979,6 +1979,80 @@ class Database {
        return $stmt->fetchAll();
    }

+    // ========================================================================
+    // FORM HELP BLOCKS
+    // ========================================================================
+
+    /**
+     * Known form help block keys (mirrors the seeded rows in migration 004).
+     */
+    public const FORM_HELP_KEYS = [
+        'partage_intro',
+        'fieldset_tfe_info',
+        'fieldset_synopsis',
+        'fieldset_jury',
+        'fieldset_academic',
+        'fieldset_files',
+        'fieldset_access',
+        'fieldset_email',
+    ];
+
+    /**
+     * Human-readable labels for each block key (used in the admin UI).
+     */
+    public const FORM_HELP_LABELS = [
+        'partage_intro'     => 'Introduction du formulaire',
+        'fieldset_tfe_info' => 'Informations du TFE — note d\'introduction',
+        'fieldset_synopsis' => 'Synopsis — explication',
+        'fieldset_jury'     => 'Composition du jury — note',
+        'fieldset_academic' => 'Cadre académique — note',
+        'fieldset_files'    => 'Fichiers — note',
+        'fieldset_access'   => 'Visibilité / Accès — explication',
+        'fieldset_email'    => 'E-mail de confirmation — note',
+    ];
+
+    /**
+     * Get a single form help block by key. Returns '' when missing.
+     */
+    public function getFormHelpBlock(string $key): string {
+        $stmt = $this->pdo->prepare(
+            "SELECT content FROM form_help_blocks WHERE key = ? LIMIT 1"
+        );
+        $stmt->execute([$key]);
+        $val = $stmt->fetchColumn();
+        return ($val !== false) ? (string)$val : '';
+    }
+
+    /**
+     * Upsert a form help block.
+     */
+    public function setFormHelpBlock(string $key, string $content): void {
+        if (!in_array($key, self::FORM_HELP_KEYS, true)) {
+            throw new Exception("Unknown form help block key: $key");
+        }
+        $this->pdo->prepare(
+            "INSERT INTO form_help_blocks (key, content, updated_at)
+             VALUES (?, ?, CURRENT_TIMESTAMP)
+             ON CONFLICT(key) DO UPDATE SET content = excluded.content,
+                                            updated_at = CURRENT_TIMESTAMP"
+        )->execute([$key, $content]);
+    }
+
+    /**
+     * Return all form help blocks as [ key => ['content' => ..., 'updated_at' => ...] ].
+     */
+    public function getAllFormHelpBlocks(): array {
+        $stmt = $this->pdo->query(
+            "SELECT key, content, updated_at FROM form_help_blocks ORDER BY key"
+        );
+        $rows = $stmt->fetchAll();
+        $out  = [];
+        foreach ($rows as $r) {
+            $out[$r['key']] = ['content' => $r['content'], 'updated_at' => $r['updated_at']];
+        }
+        return $out;
+    }
+
    // ========================================================================
    // SINGLETON PATTERN ENFORCEMENT
    // ========================================================================