fix: search filter labels, 429 page styling, __wakeup PHP 8.x deprecation

- Replace three <span class='search-filter-label'> with proper <label for='...'> elements in
  search.php filter bar; add id attributes to the corresponding <select> elements so the
  label/control association is programmatic (WCAG 1.3.1, 3.3.2).

- Rewrite the rate-limit 429 early-exit in search.php from a bare one-liner echo to a full
  HTML document with lang='fr', viewport meta, and inline dark styles matching maintenance.php;
  inject the retry countdown into the user-facing message (Template audit F).

- Fix PHP 8.x __wakeup() deprecation in Database.php singleton guard: replace the throw
  statement with trigger_error(..., E_USER_ERROR) and add an explicit void return type
  (Refactor audit C).

TODO.md

@@ -445,9 +445,9 @@ Goal: rename the tables and column to the canonical M2M pattern (`tags`, `thesis
       to avoid filesystem churn. At minimum, move the cache dir to `/tmp` or a dedicated
       `storage/cache/` path that is excluded from deploy rsync.
 
-- [ ] **`__wakeup()` singleton guard throws from a public method** - PHP 8.x deprecates
-      throwing exceptions from `__wakeup`. Change to `trigger_error(..., E_USER_ERROR)` or implement
-      `__serialize()`/`__unserialize()` that always throw.
+- [x] **`__wakeup()` singleton guard throws from a public method** - changed to
+      `trigger_error('Cannot unserialize singleton ...', E_USER_ERROR)` with explicit `void` return
+      type; eliminates the PHP 8.x deprecation notice.
 
 ---
 
@@ -509,10 +509,9 @@ Goal: rename the tables and column to the canonical M2M pattern (`tags`, `thesis
 
 ### F - Template logic / PHP in templates
 
-- [ ] **Rate-limit 429 response in `search.php` emits unstyled bare HTML** - the early-exit block
-      outputs `<!DOCTYPE html><html><body><h1>Trop de requêtes</h1>...` with no stylesheet, no lang,
-      no viewport meta. Style it inline-minimally or redirect to a consistent `429.php` page (like
-      `maintenance.php`).
+- [x] **Rate-limit 429 response in `search.php` emits unstyled bare HTML** - replaced bare echo with
+      a properly structured HTML document (lang="fr", viewport meta, inline dark styles matching
+      `maintenance.php`); `$retrySeconds` injected into the user-facing message.
 
 - [ ] **`apropos.php` contacts and credits are hardcoded in the template** - names, roles, emails
       (Laurent Leprince, Xavier Gorgol, Brigitte Ledune) and credits text live in PHP/HTML and
@@ -957,11 +956,10 @@ Current state: **zero ARIA attributes, zero skip links, zero focus-visible style
       structure. There is no programmatic association between label and value. Replacing with
       `<dl>/<dt>/<dd>` (already flagged in the semantic audit) directly fixes this criterion.
 
-- [ ] **Search filter `<select>` elements have no associated `<label>`** - each select is
-      preceded by `<span class="search-filter-label">Année</span>` but this span is not a
-      `<label>` and has no `for` attribute. Screen readers cannot associate it with the control.
-      Fix: replace `<span>` with `<label for="filter-year">` and add `id="filter-year"` to
-      the select (or use the wrapping-label pattern).
+- [x] **Search filter `<select>` elements have no associated `<label>`** - replaced the three
+      `<span class="search-filter-label">` elements with `<label for="filter-year">`,
+      `<label for="filter-orientation">`, `<label for="filter-ap">`; added matching `id` attributes
+      to the `<select>` elements. Visual appearance unchanged (same CSS class).
 
 - [ ] **Admin form rows: `<label class="admin-label" for="X">` is correct** - the `for` attribute
       is present on all single-input rows in `add.php` and `edit.php`. Good. However, the