Unify flash messages: replace all legacy session key writes with App::flash()

All admin action files (account, tag, page, edit, visibility, maintenance,
publish, formulaire) now call App::flash('error'|'success', ...) instead of
writing to raw per-page session keys ($_SESSION['error'], 'admin_error',
'edit_error', 'admin_success', 'edit_success', 'form_error').

All admin display pages (add, edit, account, tags, pages, index) now include
templates/partials/flash-messages.php instead of manually reading and
unsetting the legacy session keys and inlining their own alert HTML.

App::consumeFlash() already drained all legacy key variants as a safety net,
so the partial works correctly whether called from pages that were already
migrated or any remaining stragglers. No behaviour change for end users.

public/admin/account.php

@@ -8,9 +8,7 @@ $pageTitle = "Compte administrateur";
 $credentialsFile = APP_ROOT . '/config/admin_credentials.php';
 $hasPassword     = defined('ADMIN_PASSWORD_HASH');
 
-$success = $_SESSION['success'] ?? null;
-$error   = $_SESSION['error']   ?? null;
-unset($_SESSION['success'], $_SESSION['error']);
+// Flash messages are consumed by the flash-messages partial below.
 
 if (empty($_SESSION['csrf_token'])) {
     $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
@@ -22,12 +20,7 @@ if (empty($_SESSION['csrf_token'])) {
 <main id="main-content">
     <h1>Compte administrateur</h1>
 
-    <?php if ($error): ?>
-    <p role="alert" data-type="error">⚠ <?= htmlspecialchars($error) ?></p>
-    <?php endif; ?>
-    <?php if ($success): ?>
-    <p role="status" data-type="success">✓ <?= htmlspecialchars($success) ?></p>
-    <?php endif; ?>
+    <?php include APP_ROOT . '/templates/partials/flash-messages.php'; ?>
 
     <!-- Status info -->
     <div class="admin-account-status">