PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-07 03:29:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

add structured logging for admin/partage form submissions + migration system

Browse Source 
- AppLogger: JSON-line logger in storage/logs/form-submissions.log
- Logs submissions (admin + partage) with IP, UA, thesis ID, author
- Logs errors with context (post keys, share slug)
- Migration runner (app/migrations/run.php) handles schema drift
- 001_add_objet_column.sql fixes production DB missing 'objet' column
- ThesisCreateController::getIdentifier() helper for logging
This commit is contained in:
Pontoporeia
2026-04-24 16:55:11 +02:00
parent decb9e2907
commit 4986fa74f4
9 changed files with 344 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

141
app/src/Controllers/ThesisCreateController.php
View File

@@ -51,6 +51,16 @@ class ThesisCreateController
return new self(new Database());
}
// ── Helpers ───────────────────────────────────────────────────────────────
/**
* Get the identifier string for a thesis (caller supplies ID).
*/
public function getIdentifier(int $thesisId): string
{
return $this->db->getThesisIdentifier($thesisId);
}
// ── Read / view data ─────────────────────────────────────────────────────
/**
@@ -149,7 +159,7 @@ class ThesisCreateController
// ── 5. File uploads (outside transaction — filesystem ops) ────────────
$this->handleCoverUpload($thesisId, $files['couverture'] ?? null);
$this->db->handleBannerUpload($thesisId, $files['banner'] ?? null);
$this->handleThesisFiles($thesisId, $data['annee'], $identifier, $files['files'] ?? null);
$this->handleThesisFiles($thesisId, $data['annee'], $identifier, $files['files'] ?? null, $data['auteurName']);
return $thesisId;
}
@@ -358,14 +368,19 @@ class ThesisCreateController
* @param int $year Used for the storage sub-directory path.
* @param string $identifier Thesis identifier slug (e.g. "2024-003").
* @param array|null $uploads Multi-file $_FILES entry (may be null).
* @param string $authorName Author name for folder and file naming.
*/
private function handleThesisFiles(int $thesisId, int $year, string $identifier, ?array $uploads): void
private function handleThesisFiles(int $thesisId, int $year, string $identifier, ?array $uploads, string $authorName): void
{
if (!$uploads || !is_array($uploads['name'] ?? null)) {
return;
}
$uploadDir = STORAGE_ROOT . "/theses/{$year}/{$identifier}/";
// Generate author slug and unique folder name
$authorSlug = $this->generateAuthorSlug($authorName);
$folderName = $this->ensureUniqueFolder($year, $authorSlug);
$uploadDir = STORAGE_ROOT . "/theses/{$year}/{$folderName}/";
if (!is_dir($uploadDir)) {
mkdir($uploadDir, 0755, true);
}
@@ -401,11 +416,22 @@ class ThesisCreateController
continue;
}
$safeName = bin2hex(random_bytes(16)) . '.' . $ext;
$targetPath = $uploadDir . $safeName;
// Sanitize original filename and prepend author slug
$originalName = $uploads['name'][$i];
$sanitized = $this->sanitizeFilename($originalName);
$prefix = $authorSlug . '_' . $sanitized;
// Ensure unique filename in the folder
$candidate = $prefix;
$suffix = 1;
while (file_exists($uploadDir . $candidate)) {
$candidate = $authorSlug . '_' . pathinfo($sanitized, PATHINFO_FILENAME) . '_' . $suffix . '.' . $ext;
$suffix++;
}
$targetName = $candidate;
$targetPath = $uploadDir . $targetName;
if (!move_uploaded_file($uploads['tmp_name'][$i], $targetPath)) {
error_log("ThesisCreateController: failed to move file {$uploads['name'][$i]}");
error_log("ThesisCreateController: failed to move file {$originalName}");
continue;
}
@@ -414,22 +440,22 @@ class ThesisCreateController
$fileType = 'other';
if ($ext === 'vtt') {
$fileType = 'caption';
} elseif (stripos($uploads['name'][$i], 'annex') !== false) {
} elseif (stripos($originalName, 'annex') !== false) {
$fileType = 'annex';
} elseif ($ext === 'pdf') {
$fileType = 'main';
}
$relPath = "theses/{$year}/{$identifier}/" . $safeName;
$relPath = "theses/{$year}/{$folderName}/" . $targetName;
$this->db->insertThesisFile(
$thesisId,
$fileType,
$relPath,
basename($uploads['name'][$i]),
basename($originalName),
$uploads['size'][$i],
$mimeType
);
error_log("ThesisCreateController: file uploaded → $safeName ($fileType)");
error_log("ThesisCreateController: file uploaded → $targetName ($fileType)");
}
}
@@ -457,4 +483,99 @@ class ThesisCreateController
return $value;
}
/**
* Generate a filesystem-safe author slug from the author name.
* Converts to uppercase, replaces spaces with underscores, removes accents.
*/
private function generateAuthorSlug(string $authorName): string
{
// Remove accents using iconv if available, otherwise simple mapping
$normalized = $authorName;
if (function_exists('iconv')) {
$normalized = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $normalized);
}
// Fallback accent removal for common French characters
$accents = [
'à' => 'a', 'â' => 'a', 'ä' => 'a',
'é' => 'e', 'è' => 'e', 'ê' => 'e', 'ë' => 'e',
'î' => 'i', 'ï' => 'i',
'ô' => 'o', 'ö' => 'o',
'ù' => 'u', 'û' => 'u', 'ü' => 'u',
'ç' => 'c',
'À' => 'A', 'Â' => 'A', 'Ä' => 'A',
'É' => 'E', 'È' => 'E', 'Ê' => 'E', 'Ë' => 'E',
'Î' => 'I', 'Ï' => 'I',
'Ô' => 'O', 'Ö' => 'O',
'Ù' => 'U', 'Û' => 'U', 'Ü' => 'U',
'Ç' => 'C',
];
$normalized = strtr($normalized, $accents);
// Replace spaces and punctuation with underscore, keep only alphanumeric and underscore
$slug = preg_replace('/[^A-Za-z0-9]+/', '_', $normalized);
$slug = trim($slug, '_');
// Convert to uppercase
$slug = strtoupper($slug);
// Ensure not empty
if ($slug === '') {
$slug = 'AUTHOR';
}
return $slug;
}
/**
* Sanitize a filename: remove accents, replace spaces with underscore, remove special chars.
* Keeps extension.
*/
private function sanitizeFilename(string $filename): string
{
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$name = pathinfo($filename, PATHINFO_FILENAME);
// Remove accents similarly
$normalized = $name;
if (function_exists('iconv')) {
$normalized = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $normalized);
}
$accents = [
'à' => 'a', 'â' => 'a', 'ä' => 'a',
'é' => 'e', 'è' => 'e', 'ê' => 'e', 'ë' => 'e',
'î' => 'i', 'ï' => 'i',
'ô' => 'o', 'ö' => 'o',
'ù' => 'u', 'û' => 'u', 'ü' => 'u',
'ç' => 'c',
];
$normalized = strtr($normalized, $accents);
// Replace non-alphanumeric with underscore
$normalized = preg_replace('/[^A-Za-z0-9]+/', '_', $normalized);
$normalized = trim($normalized, '_');
// If empty, use 'file'
if ($normalized === '') {
$normalized = 'file';
}
// Reattach extension if any
if ($ext !== '') {
return $normalized . '.' . strtolower($ext);
}
return $normalized;
}
/**
* Find a unique folder name inside theses/{year}/.
* Pattern: {year}_{authorSlug} or {year}_{authorSlug}_{suffix} if exists.
*/
private function ensureUniqueFolder(int $year, string $authorSlug): string
{
$baseDir = STORAGE_ROOT . '/theses/' . $year . '/';
if (!is_dir($baseDir)) {
// No conflict possible, return base name
return $year . '_' . $authorSlug;
}
$candidate = $year . '_' . $authorSlug;
$suffix = 1;
while (is_dir($baseDir . $candidate)) {
$candidate = $year . '_' . $authorSlug . '_' . $suffix;
$suffix++;
}
return $candidate;
}
}