maintenance: allow /partage through gate, fix fragment routing, add visibility table in admin

Extract shared filepond logic into src/FilepondHandler.php class.
Admin filepond endpoints delegate to the handler after AdminAuth check.
New partage filepond endpoints at /partage/actions/filepond/ verify
share_active session flag + CSRF token, no admin auth required.

JS reads filepond-base meta tag to determine endpoint path:
- Admin pages: /admin/actions/filepond (via head.php isAdmin check)
- Partage form: /partage/actions/filepond (explicit meta)

partage/index.php sets share_active = true on form render, cleans up on
successful submit. Partage process endpoint rate-limited to 30/5min per
session. No nginx changes needed — /partage/ location already handles
PHP without auth_basic.

app/templates/admin/parametres.php

@@ -10,11 +10,42 @@
     <section aria-labelledby="settings-maintenance-title">
         <h2 id="settings-maintenance-title">Maintenance</h2>
 
+        <table class="param-access-table">
+            <caption>Visibilité des pages selon le mode</caption>
+            <thead>
+                <tr>
+                    <th scope="col">Page</th>
+                    <th scope="col">Normal</th>
+                    <th scope="col">Maintenance</th>
+                </tr>
+            </thead>
+            <tbody>
+                <tr>
+                    <td>Accueil, recherche, répertoire, TFE, à propos, licence</td>
+                    <td class="param-access-yes">✓ Visible</td>
+                    <td class="param-access-no">✗ 503</td>
+                </tr>
+                <tr>
+                    <td>Formulaire étudiant (partage)</td>
+                    <td class="param-access-yes">✓ Visible</td>
+                    <td class="param-access-yes">✓ Visible</td>
+                </tr>
+                <tr>
+                    <td>Administration</td>
+                    <td class="param-access-yes">✓ Visible</td>
+                    <td class="param-access-yes">✓ Visible</td>
+                </tr>
+            </tbody>
+        </table>
+
         <div class="param-maintenance-row">
             <?php if ($maintenanceOn): ?>
                 <p>
                     <strong>⚠ Mode maintenance activé</strong> — le site public est inaccessible.
                 </p>
+                <p class="param-note">
+                    Le formulaire étudiant (partage) et l'administration restent accessibles.
+                </p>
                 <form method="post" action="actions/maintenance.php">
                     <input type="hidden" name="csrf_token" value="<?= htmlspecialchars($_SESSION['csrf_token']) ?>">
                     <input type="hidden" name="action" value="disable_maintenance">