PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: FilePond production hardening — extension-based validation, server-side size limits (2GB), annexe validation, drop accept attributes, FilePond file styling

Browse Source
This commit is contained in:
Pontoporeia
2026-05-10 20:41:37 +02:00
parent 7b5f3efe40
commit 8db7b6e9eb
23 changed files with 4770 additions and 216 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
TODO.md
View File

@@ -26,3 +26,36 @@
- [x] Add FilePond pools for couverture + note_intention (extracted from file-field.php inner <form>) - [x] Add FilePond pools for couverture + note_intention (extracted from file-field.php inner <form>)
- [x] Fix video/audio pools: allowMultiple: true, not single-file - [x] Fix video/audio pools: allowMultiple: true, not single-file
- [x] Add QUEUE_CONFIG for cover (20MB single) and note_intention (100MB PDF single) - [x] Add QUEUE_CONFIG for cover (20MB single) and note_intention (100MB PDF single)
- [x] Disable dedicated video/audio upload slots — video/audio files now go through TFE FilePond input
- [x] Comment out slot-video and slot-audio in fichiers-fragment.php (keep code, render always-hidden)
- [x] Remove HTMX swap triggers from Vidéo/Audio checkboxes
- [x] Clean up slot-video/slot-audio from file-upload-filepond.js beforeSwap handler
- [x] Fix missing endif after removing elseif chain (parse error)
- [x] Fix annexe validation error + FilePond type validation + styling
- [x] Make annexe pool always visible (remove checkbox+HTMX swap, always on, optional)
- [x] Remove mandatory annexe file validation from ThesisCreateController
- [x] Add extension-based file type validation in beforeAddFile (needed because storeAsFile: true skips FilePond MIME detection)
- [x] Fix FilePond dark theme: override item/file colors, buttons, progress indicator to match site theme
- [x] Add drag-over highlight style for drop area
- [x] FilePond production hardening
- [x] Fix beforeAddFile return format: return true/false, not {status, main, sub} (FilePond API contract)
- [x] Replace manual validation with FilePond plugins: FileValidateType, FileValidateSize
- [x] Download FilePond plugin assets: file-validate-type, file-validate-size, image-preview, image-exif-orientation
- [x] Add order serialization: hidden inputs (queue_order[type]) synced from pond.getFiles()
- [x] Fix HTMX cleanup: generic destroyFilePondsIn(target) for all beforeSwap events, not just known IDs
- [x] Fix duplicate initialization: use FilePond.find(input) instead of dataset checks
- [x] Centralize validation config in QUEUE_CONFIG (acceptedFileTypes, maxFileSize per type)
- [x] Add per-extension size limits for TFE queue (PDF=100MB, video/audio=2GB, default 500MB)
- [x] Add comprehensive French labels (labelFileProcessing, labelTapToCancel, etc.)
- [x] Register plugins on all entrypoints (admin/add, admin/edit, partage/index)
- [x] Remove duplicate init scripts from fichiers-fragment.php
- [x] Server-side MIME verification already in place (finfo-based validation in ThesisFileHandler)
- [x] Fix undefined $isExternalUrl and disable PeerTube in tfe.php
- [x] Fix migration 028: drop banner_path from theses (handle dependent view)
- [x] Create ensure-db.php to init fresh DB from schema.sql when missing
- [x] Remove broken 027_drop_banner_path.sql, move 025 to applied
- [x] Move stray 021_peertube_settings.sql to applied/
- [x] Update deploy justfile to run ensure-db.php before migrations
- [x] Fix promoteurice array repopulation in partage form
- [x] Fix old() to return raw arrays (not json_encode) for repopulation
- [x] Handle jury_promoteur[] and jury_promoteur_ulb_name[] as arrays in partage/index.php

21
app/migrations/021_peertube_settings.sql
View File

@@ -1,21 +0,0 @@
-- Migration 021: PeerTube integration
-- Creates the peertube_settings singleton table and the peertube_upload_enabled feature flag.
-- The upload flag defaults to 0 (disabled) so existing deployments are unaffected.
CREATE TABLE IF NOT EXISTS peertube_settings (
id INTEGER PRIMARY KEY CHECK (id = 1), -- singleton row
instance_url TEXT NOT NULL DEFAULT '',
username TEXT NOT NULL DEFAULT '',
password TEXT NOT NULL DEFAULT '', -- AES-256-GCM encrypted via Crypto.php
channel_id INTEGER NOT NULL DEFAULT 1,
privacy INTEGER NOT NULL DEFAULT 1, -- 1=Public 2=Unlisted 3=Private
updated_at TEXT NOT NULL DEFAULT CURRENT_TIMESTAMP
);
-- Insert the singleton placeholder row so UPDATE always finds it
INSERT OR IGNORE INTO peertube_settings (id) VALUES (1);
-- Feature flag: disabled by default (waiting for upload quota)
INSERT INTO site_settings (key, value, updated_at)
VALUES ('peertube_upload_enabled', '0', CURRENT_TIMESTAMP)
ON CONFLICT(key) DO NOTHING;

0
app/migrations/pending/025_fix_oui_non_artefacts.sql → app/migrations/applied/025_fix_oui_non_artefacts.sql
View File

10
app/migrations/pending/027_drop_banner_path.sql
View File

@@ -1,10 +0,0 @@
-- Migration 027: drop banner_path column from theses table.
-- Banners were merged into covers in migration 016; the column has been
-- vestigial since. This is safe to run even if the column is already absent.
-- Safe to re-run: IF EXISTS makes it idempotent.
-- SQLite does not support DROP COLUMN directly in older versions;
-- we use the ALTER TABLE … DROP COLUMN syntax (supported since SQLite 3.35.0).
-- If this fails on an older SQLite, the column stays as-is (harmless).
ALTER TABLE theses DROP COLUMN banner_path;

81
app/migrations/pending/028_drop_banner_path.sql Normal file
View File

@@ -0,0 +1,81 @@
-- Migration 028: drop banner_path from theses and v_theses_full.
--
-- 027_drop_banner_path failed because v_theses_full references banner_path.
-- This migration:
-- 1. Drops dependent views
-- 2. Drops the column
-- 3. Recreates the view without banner_path
-- Safe to re-run (views are re-created fresh each time, column drop is idempotent via error skip).
-- Drop dependent views first (v_theses_public depends on v_theses_full)
DROP VIEW IF EXISTS v_theses_public;
DROP VIEW IF EXISTS v_theses_full;
-- Drop column (may fail if already absent → run.php skips that error)
ALTER TABLE theses DROP COLUMN banner_path;
-- Recreate v_theses_full without banner_path
CREATE VIEW v_theses_full AS
SELECT
t.id,
t.identifier,
t.title,
t.subtitle,
t.year,
t.is_doctoral,
t.objet,
o.name as orientation,
ap.name as ap_program,
ft.name as finality_type,
t.synopsis,
t.context_note,
at.name as access_type,
lt.name as license_type,
t.license_id,
t.license_custom,
t.access_type_id,
t.jury_points,
t.submitted_at,
t.defense_date,
t.published_at,
t.is_published,
t.baiu_link,
t.exemplaire_baiu,
t.exemplaire_erg,
t.cc2r,
t.remarks,
t.jury_note_added,
GROUP_CONCAT(DISTINCT a.name ORDER BY a.name ASC) as authors,
GROUP_CONCAT(DISTINCT s.name) as supervisors,
GROUP_CONCAT(DISTINCT CASE WHEN ts.role = 'president' THEN s.name END) as jury_president,
GROUP_CONCAT(DISTINCT CASE WHEN ts.role = 'promoteur' AND ts.is_ulb = 0 THEN s.name END) as jury_promoteurs,
GROUP_CONCAT(DISTINCT CASE WHEN ts.role = 'promoteur' AND ts.is_ulb = 1 THEN s.name END) as jury_promoteurs_ulb,
GROUP_CONCAT(DISTINCT CASE WHEN ts.role = 'lecteur' AND ts.is_external = 0 THEN s.name END) as jury_lecteurs_internes,
GROUP_CONCAT(DISTINCT CASE WHEN ts.role = 'lecteur' AND ts.is_external = 1 THEN s.name END) as jury_lecteurs_externes,
GROUP_CONCAT(DISTINCT UPPER(SUBSTR(l.name,1,1)) || SUBSTR(l.name,2)) as languages,
GROUP_CONCAT(DISTINCT fmt.name) as formats,
GROUP_CONCAT(DISTINCT tg.name) as keywords,
(SELECT a2.email FROM authors a2 JOIN thesis_authors ta2 ON a2.id = ta2.author_id WHERE ta2.thesis_id = t.id ORDER BY ta2.author_order LIMIT 1) as contact_interne,
(SELECT a2.show_contact FROM authors a2 JOIN thesis_authors ta2 ON a2.id = ta2.author_id WHERE ta2.thesis_id = t.id ORDER BY ta2.author_order LIMIT 1) as contact_public
FROM theses t
LEFT JOIN orientations o ON t.orientation_id = o.id
LEFT JOIN ap_programs ap ON t.ap_program_id = ap.id
LEFT JOIN finality_types ft ON t.finality_id = ft.id
LEFT JOIN access_types at ON t.access_type_id = at.id
LEFT JOIN license_types lt ON t.license_id = lt.id
LEFT JOIN thesis_authors ta ON t.id = ta.thesis_id
LEFT JOIN authors a ON ta.author_id = a.id
LEFT JOIN thesis_supervisors ts ON t.id = ts.thesis_id
LEFT JOIN supervisors s ON ts.supervisor_id = s.id
LEFT JOIN thesis_languages tl ON t.id = tl.thesis_id
LEFT JOIN languages l ON tl.language_id = l.id
LEFT JOIN thesis_formats tf ON t.id = tf.thesis_id
LEFT JOIN format_types fmt ON tf.format_id = fmt.id
LEFT JOIN thesis_tags tt ON t.id = tt.thesis_id
LEFT JOIN tags tg ON tt.tag_id = tg.id
GROUP BY t.id;
-- Recreate v_theses_public (depends on v_theses_full)
CREATE VIEW v_theses_public AS
SELECT * FROM v_theses_full
WHERE is_published = 1;

4
app/public/admin/add.php
View File

@@ -54,8 +54,8 @@ function wasSelected($key, $value) {
$isAdmin = true; $isAdmin = true;
$bodyClass = 'admin-body'; $bodyClass = 'admin-body';
$extraCss = ['/assets/css/form.css', '/assets/css/filepond.min.css']; $extraCss = ['/assets/css/form.css', '/assets/css/filepond.min.css', '/assets/css/filepond-plugin-image-preview.min.css'];
$extraJs = ['/assets/js/filepond.min.js', '/assets/js/file-upload-filepond.js', '/assets/js/beforeunload-guard.js']; $extraJs = ['/assets/js/filepond.min.js', '/assets/js/filepond-plugin-file-validate-type.min.js', '/assets/js/filepond-plugin-file-validate-size.min.js', '/assets/js/filepond-plugin-image-preview.min.js', '/assets/js/filepond-plugin-image-exif-orientation.min.js', '/assets/js/file-upload-filepond.js', '/assets/js/beforeunload-guard.js'];
require_once APP_ROOT . '/templates/head.php'; require_once APP_ROOT . '/templates/head.php';
include APP_ROOT . '/templates/header.php'; include APP_ROOT . '/templates/header.php';
include APP_ROOT . '/templates/admin/add.php'; include APP_ROOT . '/templates/admin/add.php';

4
app/public/admin/edit.php
View File

@@ -39,8 +39,8 @@ try {
} }
$isAdmin = true; $bodyClass = 'admin-body'; $isAdmin = true; $bodyClass = 'admin-body';
$extraCss = ['/assets/css/form.css', '/assets/css/filepond.min.css']; $extraCss = ['/assets/css/form.css', '/assets/css/filepond.min.css', '/assets/css/filepond-plugin-image-preview.min.css'];
$extraJs = ['/assets/js/filepond.min.js', '/assets/js/file-upload-filepond.js', '/assets/js/beforeunload-guard.js']; $extraJs = ['/assets/js/filepond.min.js', '/assets/js/filepond-plugin-file-validate-type.min.js', '/assets/js/filepond-plugin-file-validate-size.min.js', '/assets/js/filepond-plugin-image-preview.min.js', '/assets/js/filepond-plugin-image-exif-orientation.min.js', '/assets/js/file-upload-filepond.js', '/assets/js/beforeunload-guard.js'];
require_once APP_ROOT . '/templates/head.php'; require_once APP_ROOT . '/templates/head.php';
include APP_ROOT . '/templates/header.php'; include APP_ROOT . '/templates/header.php';
include APP_ROOT . '/templates/admin/edit.php'; include APP_ROOT . '/templates/admin/edit.php';

8
app/public/assets/css/filepond-plugin-image-preview.min.css vendored Normal file
View File

@@ -0,0 +1,8 @@
/*!
* FilePondPluginImagePreview 4.6.12
* Licensed under MIT, https://opensource.org/licenses/MIT/
* Please visit https://pqina.nl/filepond/ for details.
*/
/* eslint-disable */
.filepond--image-preview-markup{position:absolute;left:0;top:0}.filepond--image-preview-wrapper{z-index:2}.filepond--image-preview-overlay{display:block;position:absolute;left:0;top:0;width:100%;min-height:5rem;max-height:7rem;margin:0;opacity:0;z-index:2;pointer-events:none;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none}.filepond--image-preview-overlay svg{width:100%;height:auto;color:inherit;max-height:inherit}.filepond--image-preview-overlay-idle{mix-blend-mode:multiply;color:rgba(40,40,40,.85)}.filepond--image-preview-overlay-success{mix-blend-mode:normal;color:#369763}.filepond--image-preview-overlay-failure{mix-blend-mode:normal;color:#c44e47}@supports (-webkit-marquee-repetition:infinite) and ((-o-object-fit:fill) or (object-fit:fill)){.filepond--image-preview-overlay-idle{mix-blend-mode:normal}}.filepond--image-preview-wrapper{-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;position:absolute;left:0;top:0;right:0;height:100%;margin:0;border-radius:.45em;overflow:hidden;background:rgba(0,0,0,.01)}.filepond--image-preview{position:absolute;left:0;top:0;z-index:1;display:flex;align-items:center;height:100%;width:100%;pointer-events:none;background:#222;will-change:transform,opacity}.filepond--image-clip{position:relative;overflow:hidden;margin:0 auto}.filepond--image-clip[data-transparency-indicator=grid] canvas,.filepond--image-clip[data-transparency-indicator=grid] img{background-color:#fff;background-image:url("data:image/svg+xml;charset=utf-8,%3Csvg viewBox='0 0 100 100' xmlns='http://www.w3.org/2000/svg' fill='%23eee'%3E%3Cpath d='M0 0h50v50H0M50 50h50v50H50'/%3E%3C/svg%3E");background-size:1.25em 1.25em}.filepond--image-bitmap,.filepond--image-vector{position:absolute;left:0;top:0;will-change:transform}.filepond--root[data-style-panel-layout~=integrated] .filepond--image-preview-wrapper{border-radius:0}.filepond--root[data-style-panel-layout~=integrated] .filepond--image-preview{height:100%;display:flex;justify-content:center;align-items:center}.filepond--root[data-style-panel-layout~=circle] .filepond--image-preview-wrapper{border-radius:99999rem}.filepond--root[data-style-panel-layout~=circle] .filepond--image-preview-overlay{top:auto;bottom:0;-webkit-transform:scaleY(-1);transform:scaleY(-1)}.filepond--root[data-style-panel-layout~=circle] .filepond--file .filepond--file-action-button[data-align*=bottom]:not([data-align*=center]){margin-bottom:.325em}.filepond--root[data-style-panel-layout~=circle] .filepond--file [data-align*=left]{left:calc(50% - 3em)}.filepond--root[data-style-panel-layout~=circle] .filepond--file [data-align*=right]{right:calc(50% - 3em)}.filepond--root[data-style-panel-layout~=circle] .filepond--progress-indicator[data-align*=bottom][data-align*=left],.filepond--root[data-style-panel-layout~=circle] .filepond--progress-indicator[data-align*=bottom][data-align*=right]{margin-bottom:.5125em}.filepond--root[data-style-panel-layout~=circle] .filepond--progress-indicator[data-align*=bottom][data-align*=center]{margin-top:0;margin-bottom:.1875em;margin-left:.1875em}

60
app/public/assets/css/form.css
View File

@@ -546,24 +546,41 @@
margin-bottom: 0; margin-bottom: 0;
} }
/* Drop area panel */
.filepond--panel-root { .filepond--panel-root {
background: var(--bg-secondary); background: var(--bg-secondary);
border: 1px dashed var(--border-primary); border: 2px dashed var(--border-primary);
border-radius: var(--radius);
} }
/* Drop label text */
.filepond--drop-label { .filepond--drop-label {
color: var(--text-secondary); color: var(--text-secondary);
font-size: var(--step--1); font-size: var(--step--1);
} }
/* "Browse" link */
.filepond--label-action { .filepond--label-action {
color: var(--accent-primary); color: var(--accent-primary);
text-decoration: underline; text-decoration-color: var(--accent-primary);
} }
/* File item — keep white for contrast against drop area */
.filepond--item-panel { .filepond--item-panel {
background: var(--bg-secondary); background-color: var(--bg-primary);
border: 1px solid var(--border-primary); border: 1px solid var(--border-primary);
border-radius: var(--radius);
}
/* File item text — dark on white */
.filepond--file {
color: var(--text-primary);
background-color: var(--bg-tertiary);
border: 1px solid var(--accent-primary);
}
.filepond--file .filepond--file-status {
color: var(--text-secondary);
} }
.filepond--file-info-main { .filepond--file-info-main {
@@ -574,12 +591,41 @@
color: var(--text-tertiary); color: var(--text-tertiary);
} }
/* Action buttons — dark background, white icons */
.filepond--file-action-button { .filepond--file-action-button {
color: var(--text-secondary); cursor: pointer;
color: #ffffff;
background-color: rgba(0, 0, 0, 0.45);
} }
.filepond--file-action-button:hover { .filepond--file-action-button:hover,
color: var(--error); .filepond--file-action-button:focus {
color: #ffffff;
background-color: rgba(0, 0, 0, 0.65);
box-shadow: 0 0 0 0.125em rgba(0, 0, 0, 0.2);
}
/* Progress indicator */
.filepond--progress-indicator {
color: #ffffff;
}
/* Drag-over highlight */
.filepond--hopper[data-hopper-state="drag-over"] .filepond--panel-root {
border-color: var(--accent-primary);
background: var(--accent-muted);
}
/* Error state */
[data-filepond-item-state*="error"] .filepond--item-panel,
[data-filepond-item-state*="invalid"] .filepond--item-panel {
background-color: var(--error-muted-bg);
border-color: var(--error);
}
/* Processing complete */
[data-filepond-item-state="processing-complete"] .filepond--item-panel {
background-color: var(--bg-primary);
} }
/* ── Existing-files list (edit form) ─────────────────────────────────────── */ /* ── Existing-files list (edit form) ─────────────────────────────────────── */
@@ -1075,7 +1121,7 @@ a.recap-file-name:hover {
background: var(--bg-primary); background: var(--bg-primary);
border: 1px solid var(--border-primary); border: 1px solid var(--border-primary);
border-radius: var(--radius); border-radius: var(--radius);
box-shadow: 0 4px 16px rgba(0,0,0,0.12); box-shadow: 0 4px 16px rgba(0, 0, 0, 0.12);
max-height: 220px; max-height: 220px;
overflow-y: auto; overflow-y: auto;
display: none; display: none;

271
app/public/assets/js/file-upload-filepond.js
View File

@@ -9,44 +9,87 @@
* 3. storeAsFile: true preserves native multipart form submission. * 3. storeAsFile: true preserves native multipart form submission.
* Server receives files via $_FILES indexed by each input's name attribute * Server receives files via $_FILES indexed by each input's name attribute
* (e.g. queue_file[tfe][], queue_file[video][], etc.). * (e.g. queue_file[tfe][], queue_file[video][], etc.).
* 4. Validation rules are derived from ALLOWED_BY_TYPE (same as before). * 4. Type + size validation: via native FilePond options + FileValidateType/Size plugins.
* beforeAddFile is used ONLY for hybrid validation (e.g. per-type size limits)
* and returns true/false per the FilePond API contract.
* 5. Order serialization: hidden inputs track file order from pond.getFiles().
* 6. HTMX cleanup: generic destroyFilePondsIn(target) for all swaps, not just known IDs.
*/ */
(function () { (function () {
"use strict"; "use strict";
// ── Per-queue-type configuration ──────────────────────────────────── // ── Per-queue-type configuration ────────────────────────────────────
// Single source of truth for validation. These specificatons are also
// reflected in the PHP-synthesised accept attributes on inputs.
var QUEUE_CONFIG = { var QUEUE_CONFIG = {
tfe: { tfe: {
exts: ["jpg","jpeg","png","gif","webp","pdf","mp4","webm","ogv","mov","mp3","ogg","oga","wav","flac","aac","m4a","vtt","zip","tar","gz","tgz"], acceptedFileTypes: [
maxSize: function (f) { return (/\.pdf$/i.test(f.name) ? 100 : 500) * 1024 * 1024; }, "image/jpeg", "image/png", "image/gif", "image/webp",
multiple: true, "application/pdf",
"video/mp4", "video/webm", "video/ogg", "video/quicktime",
"audio/mpeg", "audio/ogg", "audio/flac", "audio/x-wav", "audio/aac", "audio/mp4",
"text/vtt",
"application/zip", "application/x-tar", "application/gzip"
],
labelFileTypeNotAllowed: "Format non accepté",
fileValidateTypeLabelExpectedTypes: "PDF, Images, Vidéos, Audio, VTT, Archives",
maxFileSize: "500MB",
labelMaxFileSizeExceeded: "Fichier trop volumineux",
labelMaxFileSize: "Taille max: {filesize}",
allowMultiple: true,
// Per-extension size limits: certain types get higher caps.
perExtensionMaxSize: {
pdf: "100MB",
mp4: "2GB", webm: "2GB", ogv: "2GB", mov: "2GB",
mp3: "2GB", ogg: "2GB", oga: "2GB", wav: "2GB", flac: "2GB", aac: "2GB", m4a: "2GB"
}
}, },
video: { video: {
exts: ["mp4","webm","ogv","mov"], acceptedFileTypes: ["video/mp4", "video/webm", "video/ogg", "video/quicktime"],
maxSize: function () { return 500 * 1024 * 1024; }, labelFileTypeNotAllowed: "Format non accepté",
multiple: true, fileValidateTypeLabelExpectedTypes: "MP4, WebM, OGV, MOV",
maxFileSize: "500MB",
labelMaxFileSizeExceeded: "Fichier trop volumineux",
labelMaxFileSize: "Taille max: {filesize}",
allowMultiple: true
}, },
audio: { audio: {
exts: ["mp3","ogg","oga","wav","flac","aac","m4a"], acceptedFileTypes: ["audio/mpeg", "audio/ogg", "audio/flac", "audio/x-wav", "audio/aac", "audio/mp4"],
maxSize: function () { return 500 * 1024 * 1024; }, labelFileTypeNotAllowed: "Format non accepté",
multiple: true, fileValidateTypeLabelExpectedTypes: "MP3, OGG, FLAC, WAV, AAC, M4A",
maxFileSize: "500MB",
labelMaxFileSizeExceeded: "Fichier trop volumineux",
labelMaxFileSize: "Taille max: {filesize}",
allowMultiple: true
}, },
annexe: { annexe: {
exts: ["pdf","zip","tar","gz","tgz"], acceptedFileTypes: ["application/pdf", "application/zip", "application/x-tar", "application/gzip"],
maxSize: function () { return 500 * 1024 * 1024; }, labelFileTypeNotAllowed: "Format non accepté",
multiple: true, fileValidateTypeLabelExpectedTypes: "PDF, ZIP, TAR, GZ",
maxFileSize: "500MB",
labelMaxFileSizeExceeded: "Fichier trop volumineux",
labelMaxFileSize: "Taille max: {filesize}",
allowMultiple: true
}, },
cover: { cover: {
exts: ["jpg","jpeg","png","webp"], acceptedFileTypes: ["image/jpeg", "image/png", "image/webp"],
maxSize: function () { return 20 * 1024 * 1024; }, labelFileTypeNotAllowed: "Seulement JPG, PNG ou WEBP",
multiple: false, fileValidateTypeLabelExpectedTypes: "JPG, PNG, WEBP",
maxFileSize: "20MB",
labelMaxFileSizeExceeded: "Fichier trop volumineux",
labelMaxFileSize: "Taille max: {filesize}",
allowMultiple: false
}, },
note_intention: { note_intention: {
exts: ["pdf"], acceptedFileTypes: ["application/pdf"],
maxSize: function () { return 100 * 1024 * 1024; }, labelFileTypeNotAllowed: "Seulement PDF",
multiple: false, fileValidateTypeLabelExpectedTypes: "PDF",
maxFileSize: "100MB",
labelMaxFileSizeExceeded: "Fichier trop volumineux",
labelMaxFileSize: "Taille max: {filesize}",
allowMultiple: false
}, },
}; };
@@ -61,51 +104,119 @@
"note_intention": "note_intention", "note_intention": "note_intention",
}; };
function ext(fn) { // ── Helpers ───────────────────────────────────────────────────────────
var m = fn.match(/\.([^./]+)$/);
/**
* Parse a size string like "500MB" or "2GB" to bytes.
*/
function parseSize(str) {
var m = str.match(/^(\d+(?:\.\d+)?)\s*(B|KB|MB|GB|TB)$/i);
if (!m) return 0;
var val = parseFloat(m[1]);
var unit = m[2].toUpperCase();
var mult = {B: 1, KB: 1024, MB: 1024*1024, GB: 1024*1024*1024, TB: 1024*1024*1024*1024};
return Math.round(val * (mult[unit] || 1));
}
/**
* Get extension from filename (lowercase).
*/
function getExt(name) {
var m = name.match(/\.([^./]+)$/);
return m ? m[1].toLowerCase() : ""; return m ? m[1].toLowerCase() : "";
} }
// ── Order serialization ───────────────────────────────────────────────
/**
* Create/update a hidden input that serializes the file order for a queue.
* Name: queue_order[<queueType>]
* Value: pipe-separated list of file names.
*/
function syncOrderInput(queueType, pond) {
var form = pond.element ? pond.element.closest("form") : null;
if (!form) return;
var orderInput = form.querySelector("input[name='queue_order[" + queueType + "]']");
var files = pond.getFiles();
if (files.length === 0) {
if (orderInput) orderInput.remove();
return;
}
var names = [];
for (var i = 0; i < files.length; i++) {
names.push(files[i].filename || files[i].file.name);
}
if (!orderInput) {
orderInput = document.createElement("input");
orderInput.type = "hidden";
orderInput.name = "queue_order[" + queueType + "]";
form.appendChild(orderInput);
}
orderInput.value = names.join("|");
}
// ── FilePond configuration per queue type ───────────────────────────── // ── FilePond configuration per queue type ─────────────────────────────
function buildFilePondOptions(queueType, input) { function buildFilePondOptions(queueType, input) {
var cfg = QUEUE_CONFIG[queueType]; var cfg = QUEUE_CONFIG[queueType];
if (!cfg) return null; if (!cfg) return null;
var mimeMap = { // Per-type max size overrides (for TFE: PDF=100MB, video/audio=2GB)
jpg: "image/jpeg", jpeg: "image/jpeg", png: "image/png", var perExtMax = cfg.perExtensionMaxSize || {};
gif: "image/gif", webp: "image/webp",
pdf: "application/pdf",
mp4: "video/mp4", webm: "video/webm", ogv: "video/ogg", mov: "video/quicktime",
mp3: "audio/mpeg", ogg: "audio/ogg", oga: "audio/ogg", wav: "audio/wav",
flac: "audio/flac", aac: "audio/aac", m4a: "audio/mp4",
vtt: "text/vtt",
zip: "application/zip", tar: "application/x-tar", gz: "application/gzip", tgz: "application/gzip",
};
var accepted = cfg.exts.map(function(e) { return mimeMap[e] || ("." + e); });
return { return {
allowMultiple: cfg.multiple, allowMultiple: cfg.allowMultiple,
allowReorder: true, allowReorder: true,
allowProcess: false,
storeAsFile: true, storeAsFile: true,
// ── Native FilePond validation ──
acceptedFileTypes: cfg.acceptedFileTypes,
labelFileTypeNotAllowed: cfg.labelFileTypeNotAllowed,
fileValidateTypeLabelExpectedTypes: cfg.fileValidateTypeLabelExpectedTypes,
maxFileSize: cfg.maxFileSize,
labelMaxFileSizeExceeded: cfg.labelMaxFileSizeExceeded,
labelMaxFileSize: cfg.labelMaxFileSize,
// ── French labels ──
labelIdle: "Glissez-déposez vos fichiers ou <span class='filepond--label-action'>Parcourir</span>", labelIdle: "Glissez-déposez vos fichiers ou <span class='filepond--label-action'>Parcourir</span>",
acceptedFileTypes: accepted, labelFileProcessing: "Chargement en cours",
labelFileTypeNotAllowed: "Type de fichier non accepté", labelFileProcessingComplete: "Chargement terminé",
fileValidateTypeLabelExpectedTypes: "Types acceptés : " + cfg.exts.map(function(e) { return "." + e; }).join(", "), labelFileProcessingAborted: "Chargement annulé",
maxFileSize: function () { return "500MB"; }, labelFileProcessingError: "Erreur lors du chargement",
labelTapToCancel: "Appuyez pour annuler",
labelTapToRetry: "Appuyez pour réessayer",
labelTapToUndo: "Appuyez pour annuler",
labelButtonRemoveItem: "Supprimer",
labelButtonAbortItemLoad: "Annuler",
labelButtonRetryItemLoad: "Réessayer",
labelButtonProcessItem: "Charger",
// ── Per-extension size validation (hybrid: FilePond validates global maxFileSize,
// beforeAddFile enforces per-extension limits via false return) ──
beforeAddFile: function (item) { beforeAddFile: function (item) {
var f = item.file; var f = item.file;
var max = cfg.maxSize(f); var ext = getExt(f.name);
if (f.size > max) { if (ext && perExtMax[ext]) {
var maxMb = Math.round(max / 1024 / 1024); var limit = parseSize(perExtMax[ext]);
return { if (limit > 0 && f.size > limit) {
status: "error", // Return false per FilePond API contract — the FileValidateSize
main: "Fichier trop volumineux (" + (f.size / 1024 / 1024).toFixed(1) + " MB)", // plugin sets the error state via maxFileSize, but per-extension
sub: "Maximum : " + maxMb + " MB." // cap violations must be rejected here.
}; return false;
}
} }
return true; return true;
}, },
// ── Order serialization on add/remove/reorder ──
onaddfile: function () { syncOrderInput(queueType, this); },
onremovefile: function () { syncOrderInput(queueType, this); },
onreorderfiles: function () { syncOrderInput(queueType, this); },
onupdatefiles: function () { syncOrderInput(queueType, this); },
}; };
} }
@@ -121,15 +232,12 @@
*/ */
window.XamxamInitFilePonds = function () { window.XamxamInitFilePonds = function () {
document.querySelectorAll(".tfe-file-picker").forEach(function (input) { document.querySelectorAll(".tfe-file-picker").forEach(function (input) {
// Skip already upgraded inputs // Canonical duplicate check: FilePond.find() is the authoritative source
if (input.dataset.filepondUpgraded) return; if (FilePond.find(input)) return;
// Skip if input is inside an existing FilePond root
if (input.closest(".filepond--root")) return;
var id = input.id; var id = input.id;
var queueType = INPUT_ID_TO_TYPE[id]; var queueType = INPUT_ID_TO_TYPE[id];
if (!queueType) { if (!queueType) {
// Try data-queue-type on the input itself
queueType = input.dataset.queueType || null; queueType = input.dataset.queueType || null;
} }
if (!queueType) return; if (!queueType) return;
@@ -137,56 +245,77 @@
var options = buildFilePondOptions(queueType, input); var options = buildFilePondOptions(queueType, input);
if (!options) return; if (!options) return;
// Preserve the input's original name for form submission
options.name = input.getAttribute("name") || input.name || ""; options.name = input.getAttribute("name") || input.name || "";
var pond = FilePond.create(input, options); var pond = FilePond.create(input, options);
input.dataset.filepondUpgraded = "1";
// Track by id for cleanup
var key = id || queueType; var key = id || queueType;
_ponds[key] = pond; _ponds[key] = pond;
// Initial order serialization (for existing files in edit mode — none expected)
syncOrderInput(queueType, pond);
}); });
} };
/** /**
* Destroy FilePond instances inside a given container element. * Destroy FilePond instances inside a given container element.
* Used before HTMX swaps to avoid leaks. * Generic: handles ANY HTMX swap target, not just known IDs.
*/ */
function destroyFilePondsIn(el) { function destroyFilePondsIn(el) {
if (!el) return; if (!el) return;
// Find FilePond-upgraded inputs inside this element el.querySelectorAll(".tfe-file-picker").forEach(function (input) {
el.querySelectorAll(".tfe-file-picker[data-filepond-upgraded]").forEach(function (input) { var pond = FilePond.find(input);
// Destroy the FilePond instance if it exists
var id = input.id;
var pond = id ? _ponds[id] : null;
if (pond) { if (pond) {
try { pond.destroy(); } catch (_) {} try {
delete _ponds[id]; // Remove order input before destroying
var form = input.closest("form");
if (form) {
var id = input.id;
var queueType = INPUT_ID_TO_TYPE[id] || input.dataset.queueType || null;
if (queueType) {
var orderInput = form.querySelector("input[name='queue_order[" + queueType + "]']");
if (orderInput) orderInput.remove();
}
}
pond.destroy();
} catch (_) {}
}
// Clean up tracking
if (input.id && _ponds[input.id]) {
delete _ponds[input.id];
} }
delete input.dataset.filepondUpgraded;
}); });
} }
// ── HTMX integration ───────────────────────────────────────────────── // ── HTMX integration ─────────────────────────────────────────────────
/** /**
* Before HTMX swaps a slot element that may contain FilePond instances, * Generic beforeSwap handler: destroy FilePonds in ANY swapped target.
* destroy them to avoid leaks and file-state conflicts. * This prevents detached FilePond instances from leaking listeners.
*/ */
function onHtmxBeforeSwap(evt) { function onHtmxBeforeSwap(evt) {
var target = evt.detail.target; var target = evt.detail.target;
if (!target) return; if (target) {
var id = target.id || "";
// Only care about slot elements that may contain FilePond file inputs
if (id === "slot-video" || id === "slot-audio" || id === "annexes-input-block" || id === "format-extras-block") {
destroyFilePondsIn(target); destroyFilePondsIn(target);
} }
} }
// ── Bootstrap ───────────────────────────────────────────────────────── // ── Bootstrap ─────────────────────────────────────────────────────────
// Hook into HTMX events if htmx is loaded // Register FilePond plugins (idempotent)
if (typeof FilePondPluginFileValidateType !== "undefined") {
FilePond.registerPlugin(FilePondPluginFileValidateType);
}
if (typeof FilePondPluginFileValidateSize !== "undefined") {
FilePond.registerPlugin(FilePondPluginFileValidateSize);
}
if (typeof FilePondPluginImagePreview !== "undefined") {
FilePond.registerPlugin(FilePondPluginImagePreview);
}
if (typeof FilePondPluginImageExifOrientation !== "undefined") {
FilePond.registerPlugin(FilePondPluginImageExifOrientation);
}
if (window.htmx) { if (window.htmx) {
window.htmx.on("htmx:beforeSwap", onHtmxBeforeSwap); window.htmx.on("htmx:beforeSwap", onHtmxBeforeSwap);
window.htmx.on("htmx:afterSwap", function () { window.htmx.on("htmx:afterSwap", function () {
@@ -194,7 +323,6 @@
}); });
} }
// Initialise on DOM ready
if (document.readyState === "loading") { if (document.readyState === "loading") {
document.addEventListener("DOMContentLoaded", function () { document.addEventListener("DOMContentLoaded", function () {
window.XamxamInitFilePonds(); window.XamxamInitFilePonds();
@@ -208,7 +336,6 @@
window.__xamxamDirty = true; window.__xamxamDirty = true;
}); });
// Clean dirty flag on form submit (matches beforeunload-guard.js)
document.addEventListener("submit", function (e) { document.addEventListener("submit", function (e) {
var form = e.target; var form = e.target;
if (form && form.hasAttribute && form.hasAttribute("data-beforeunload-guard")) { if (form && form.hasAttribute && form.hasAttribute("data-beforeunload-guard")) {

9
app/public/assets/js/filepond-plugin-file-validate-size.min.js vendored Normal file
View File

@@ -0,0 +1,9 @@
/*!
* FilePondPluginFileValidateSize 2.2.8
* Licensed under MIT, https://opensource.org/licenses/MIT/
* Please visit https://pqina.nl/filepond/ for details.
*/
/* eslint-disable */
!function(e,i){"object"==typeof exports&&"undefined"!=typeof module?module.exports=i():"function"==typeof define&&define.amd?define(i):(e=e||self).FilePondPluginFileValidateSize=i()}(this,function(){"use strict";var e=function(e){var i=e.addFilter,E=e.utils,l=E.Type,_=E.replaceInString,n=E.toNaturalFileSize;return i("ALLOW_HOPPER_ITEM",function(e,i){var E=i.query;if(!E("GET_ALLOW_FILE_SIZE_VALIDATION"))return!0;var l=E("GET_MAX_FILE_SIZE");if(null!==l&&e.size>l)return!1;var _=E("GET_MIN_FILE_SIZE");return!(null!==_&&e.size<_)}),i("LOAD_FILE",function(e,i){var E=i.query;return new Promise(function(i,l){if(!E("GET_ALLOW_FILE_SIZE_VALIDATION"))return i(e);var I=E("GET_FILE_VALIDATE_SIZE_FILTER");if(I&&!I(e))return i(e);var t=E("GET_MAX_FILE_SIZE");if(null!==t&&e.size>t)l({status:{main:E("GET_LABEL_MAX_FILE_SIZE_EXCEEDED"),sub:_(E("GET_LABEL_MAX_FILE_SIZE"),{filesize:n(t,".",E("GET_FILE_SIZE_BASE"),E("GET_FILE_SIZE_LABELS",E))})}});else{var L=E("GET_MIN_FILE_SIZE");if(null!==L&&e.size<L)l({status:{main:E("GET_LABEL_MIN_FILE_SIZE_EXCEEDED"),sub:_(E("GET_LABEL_MIN_FILE_SIZE"),{filesize:n(L,".",E("GET_FILE_SIZE_BASE"),E("GET_FILE_SIZE_LABELS",E))})}});else{var a=E("GET_MAX_TOTAL_FILE_SIZE");if(null!==a)if(E("GET_ACTIVE_ITEMS").reduce(function(e,i){return e+i.fileSize},0)>a)return void l({status:{main:E("GET_LABEL_MAX_TOTAL_FILE_SIZE_EXCEEDED"),sub:_(E("GET_LABEL_MAX_TOTAL_FILE_SIZE"),{filesize:n(a,".",E("GET_FILE_SIZE_BASE"),E("GET_FILE_SIZE_LABELS",E))})}});i(e)}}})}),{options:{allowFileSizeValidation:[!0,l.BOOLEAN],maxFileSize:[null,l.INT],minFileSize:[null,l.INT],maxTotalFileSize:[null,l.INT],fileValidateSizeFilter:[null,l.FUNCTION],labelMinFileSizeExceeded:["File is too small",l.STRING],labelMinFileSize:["Minimum file size is {filesize}",l.STRING],labelMaxFileSizeExceeded:["File is too large",l.STRING],labelMaxFileSize:["Maximum file size is {filesize}",l.STRING],labelMaxTotalFileSizeExceeded:["Maximum total size exceeded",l.STRING],labelMaxTotalFileSize:["Maximum total file size is {filesize}",l.STRING]}}};return"undefined"!=typeof window&&void 0!==window.document&&document.dispatchEvent(new CustomEvent("FilePond:pluginloaded",{detail:e})),e});

9
app/public/assets/js/filepond-plugin-file-validate-type.min.js vendored Normal file
View File

@@ -0,0 +1,9 @@
/*!
* FilePondPluginFileValidateType 1.2.9
* Licensed under MIT, https://opensource.org/licenses/MIT/
* Please visit https://pqina.nl/filepond/ for details.
*/
/* eslint-disable */
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e=e||self).FilePondPluginFileValidateType=t()}(this,function(){"use strict";var e=function(e){var t=e.addFilter,n=e.utils,i=n.Type,T=n.isString,E=n.replaceInString,l=n.guesstimateMimeType,o=n.getExtensionFromFilename,r=n.getFilenameFromURL,u=function(e,t){return e.some(function(e){return/\*$/.test(e)?(n=e,(/^[^/]+/.exec(t)||[]).pop()===n.slice(0,-2)):e===t;var n})},a=function(e,t,n){if(0===t.length)return!0;var i=function(e){var t="";if(T(e)){var n=r(e),i=o(n);i&&(t=l(i))}else t=e.type;return t}(e);return n?new Promise(function(T,E){n(e,i).then(function(e){u(t,e)?T():E()}).catch(E)}):u(t,i)};return t("SET_ATTRIBUTE_TO_OPTION_MAP",function(e){return Object.assign(e,{accept:"acceptedFileTypes"})}),t("ALLOW_HOPPER_ITEM",function(e,t){var n=t.query;return!n("GET_ALLOW_FILE_TYPE_VALIDATION")||a(e,n("GET_ACCEPTED_FILE_TYPES"))}),t("LOAD_FILE",function(e,t){var n=t.query;return new Promise(function(t,i){if(n("GET_ALLOW_FILE_TYPE_VALIDATION")){var T=n("GET_ACCEPTED_FILE_TYPES"),l=n("GET_FILE_VALIDATE_TYPE_DETECT_TYPE"),o=a(e,T,l),r=function(){var e,t=T.map((e=n("GET_FILE_VALIDATE_TYPE_LABEL_EXPECTED_TYPES_MAP"),function(t){return null!==e[t]&&(e[t]||t)})).filter(function(e){return!1!==e}),l=t.filter(function(e,n){return t.indexOf(e)===n});i({status:{main:n("GET_LABEL_FILE_TYPE_NOT_ALLOWED"),sub:E(n("GET_FILE_VALIDATE_TYPE_LABEL_EXPECTED_TYPES"),{allTypes:l.join(", "),allButLastType:l.slice(0,-1).join(", "),lastType:l[l.length-1]})}})};if("boolean"==typeof o)return o?t(e):r();o.then(function(){t(e)}).catch(r)}else t(e)})}),{options:{allowFileTypeValidation:[!0,i.BOOLEAN],acceptedFileTypes:[[],i.ARRAY],labelFileTypeNotAllowed:["File is of invalid type",i.STRING],fileValidateTypeLabelExpectedTypes:["Expects {allButLastType} or {lastType}",i.STRING],fileValidateTypeLabelExpectedTypesMap:[{},i.OBJECT],fileValidateTypeDetectType:[null,i.FUNCTION]}}};return"undefined"!=typeof window&&void 0!==window.document&&document.dispatchEvent(new CustomEvent("FilePond:pluginloaded",{detail:e})),e});

9
app/public/assets/js/filepond-plugin-image-exif-orientation.min.js vendored Normal file
View File

@@ -0,0 +1,9 @@
/*!
* FilePondPluginImageExifOrientation 1.0.11
* Licensed under MIT, https://opensource.org/licenses/MIT/
* Please visit https://pqina.nl/filepond/ for details.
*/
/* eslint-disable */
!function(A,e){"object"==typeof exports&&"undefined"!=typeof module?module.exports=e():"function"==typeof define&&define.amd?define(e):(A=A||self).FilePondPluginImageExifOrientation=e()}(this,function(){"use strict";var A=65496,e=65505,n=1165519206,t=18761,i=274,r=65280,o=function(A,e){var n=arguments.length>2&&void 0!==arguments[2]&&arguments[2];return A.getUint16(e,n)},a=function(A,e){var n=arguments.length>2&&void 0!==arguments[2]&&arguments[2];return A.getUint32(e,n)},u="undefined"!=typeof window&&void 0!==window.document,d=void 0,f=u?new Image:{};f.onload=function(){return d=f.naturalWidth>f.naturalHeight},f.src="data:image/jpg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/4QA6RXhpZgAATU0AKgAAAAgAAwESAAMAAAABAAYAAAEoAAMAAAABAAIAAAITAAMAAAABAAEAAAAAAAD/2wBDAP//////////////////////////////////////////////////////////////////////////////////////wAALCAABAAIBASIA/8QAJgABAAAAAAAAAAAAAAAAAAAAAxABAAAAAAAAAAAAAAAAAAAAAP/aAAgBAQAAPwBH/9k=";var l=function(u){var f=u.addFilter,l=u.utils,c=l.Type,g=l.isFile;return f("DID_LOAD_ITEM",function(u,f){var l=f.query;return new Promise(function(f,c){var s=u.file;if(!(g(s)&&function(A){return/^image\/jpeg/.test(A.type)}(s)&&l("GET_ALLOW_IMAGE_EXIF_ORIENTATION")&&d))return f(u);(function(u){return new Promise(function(d,f){var l=new FileReader;l.onload=function(u){var f=new DataView(u.target.result);if(o(f,0)===A){for(var l=f.byteLength,c=2;c<l;){var g=o(f,c);if(c+=2,g===e){if(a(f,c+=2)!==n)break;var s=o(f,c+=6)===t;c+=a(f,c+4,s);var v=o(f,c,s);c+=2;for(var w=0;w<v;w++)if(o(f,c+12*w,s)===i)return void d(o(f,c+12*w+8,s))}else{if((g&r)!==r)break;c+=o(f,c)}}d(-1)}else d(-1)},l.readAsArrayBuffer(u.slice(0,65536))})})(s).then(function(A){u.setMetadata("exif",{orientation:A}),f(u)})})}),{options:{allowImageExifOrientation:[!0,c.BOOLEAN]}}};return"undefined"!=typeof window&&void 0!==window.document&&document.dispatchEvent(new CustomEvent("FilePond:pluginloaded",{detail:l})),l});

9
app/public/assets/js/filepond-plugin-image-preview.min.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

62
app/public/partage/fichiers-fragment.php
View File

@@ -98,20 +98,8 @@ $hasAnnexesChecked = !empty($_POST['has_annexes']);
hx-trigger="change" hx-trigger="change"
hx-include="[name='formats[]'], [name='website_url'], [name='admin_mode'], [name='edit_mode'], [name='_cover']" hx-include="[name='formats[]'], [name='website_url'], [name='admin_mode'], [name='edit_mode'], [name='_cover']"
hx-swap="outerHTML" hx-swap="outerHTML"
<?php elseif ((int)$opt['id'] === ($videoId ?? 0)): ?> <?php endif; ?>
hx-post="<?= htmlspecialchars($hxPost) ?>" >
hx-target="#slot-video"
hx-select="#slot-video"
hx-trigger="change"
hx-include="[name='formats[]'], [name='website_url'], [name='admin_mode'], [name='edit_mode'], [name='_cover']"
hx-swap="outerHTML"
<?php elseif ((int)$opt['id'] === ($audioId ?? 0)): ?>
hx-post="<?= htmlspecialchars($hxPost) ?>"
hx-target="#slot-audio"
hx-select="#slot-audio"
hx-trigger="change"
hx-include="[name='formats[]'], [name='website_url'], [name='admin_mode'], [name='edit_mode'], [name='_cover']"
<?php endif; ?>>
<?= htmlspecialchars($opt['name']) ?> <?= htmlspecialchars($opt['name']) ?>
</label> </label>
</li> </li>
@@ -206,7 +194,6 @@ $hasAnnexesChecked = !empty($_POST['has_annexes']);
<div class="admin-file-input"> <div class="admin-file-input">
<input type="file" id="couverture" <input type="file" id="couverture"
name="couverture" name="couverture"
accept="image/jpeg,image/png,image/webp"
class="tfe-file-picker tfe-file-picker--single" class="tfe-file-picker tfe-file-picker--single"
data-queue-type="cover"> data-queue-type="cover">
<small>JPG, PNG ou WEBP. Format 4:3 recommandé. Max 20 MB.</small> <small>JPG, PNG ou WEBP. Format 4:3 recommandé. Max 20 MB.</small>
@@ -220,7 +207,6 @@ $hasAnnexesChecked = !empty($_POST['has_annexes']);
<div class="admin-file-input"> <div class="admin-file-input">
<input type="file" id="note_intention" <input type="file" id="note_intention"
name="note_intention" name="note_intention"
accept=".pdf"
class="tfe-file-picker tfe-file-picker--single" class="tfe-file-picker tfe-file-picker--single"
data-queue-type="note_intention" data-queue-type="note_intention"
<?= !$adminMode ? 'required' : '' ?>> <?= !$adminMode ? 'required' : '' ?>>
@@ -235,47 +221,30 @@ $hasAnnexesChecked = !empty($_POST['has_annexes']);
<input type="file" id="tfe-files-input" <input type="file" id="tfe-files-input"
name="queue_file[tfe][]" name="queue_file[tfe][]"
multiple multiple
accept=".pdf,.jpg,.jpeg,.png,.gif,.webp,.mp4,.webm,.ogv,.mov,.mp3,.ogg,.oga,.wav,.flac,.aac,.m4a,.vtt,.zip,.tar,.gz,.tgz"
class="tfe-file-picker" class="tfe-file-picker"
<?= !$adminMode ? 'required' : '' ?>> <?= !$adminMode ? 'required' : '' ?>>
<small class="admin-file-hint"> <small class="admin-file-hint">
PDF (max 100 MB) · Images (JPG/PNG/GIF/WEBP) · Vidéo · Audio · VTT · Archives. PDF (max 100 MB) · Images (max 500 MB) · Vidéo & Audio (max 2 GB) · VTT · Archives (max 500 MB).
Glissez pour réordonner. Glissez pour réordonner.
PDFs trop lourds ? <a href="https://www.bentopdf.com" target="_blank" rel="noopener">https://bentopdf.com/</a> PDFs trop lourds ? <a href="https://www.bentopdf.com" target="_blank" rel="noopener">https://bentopdf.com/</a>
</small> </small>
</div> </div>
</div> </div>
<!-- ── 4. Annexes — multi-file upload (FilePond) ── --> <!-- ── 4. Annexes — multi-file upload (FilePond), always visible ── -->
<div id="annexes-input-block"> <div id="annexes-input-block">
<div class="admin-form-group"> <!-- has_annexes checkbox disabled — annexe pool always on -->
<label class="admin-checkbox-label"> <input type="hidden" name="has_annexes" value="0">
<input type="checkbox" name="has_annexes" value="1"
<?= $hasAnnexesChecked ? 'checked' : '' ?>
hx-post="<?= htmlspecialchars($hxPost) ?>"
hx-target="#annexes-input-block"
hx-select="#annexes-input-block"
hx-trigger="change"
hx-include="[name='formats[]'], [name='website_url'], [name='admin_mode'], [name='edit_mode'], [name='_cover'], [name='has_annexes']"
hx-swap="outerHTML">
Ce TFE comporte des annexes
</label>
</div>
<?php if ($hasAnnexesChecked): ?>
<div class="admin-form-group admin-files-fieldgroup"> <div class="admin-form-group admin-files-fieldgroup">
<label for="annexe-files-input">Annexes<?= !$adminMode ? ' <span class="asterisk">*</span>' : '' ?></label> <label for="annexe-files-input">Annexes (optionnel)</label>
<div class="admin-file-input"> <div class="admin-file-input">
<input type="file" id="annexe-files-input" <input type="file" id="annexe-files-input"
name="queue_file[annexe][]" name="queue_file[annexe][]"
multiple multiple
accept=".pdf,.zip,.tar,.gz" class="tfe-file-picker">
class="tfe-file-picker"
<?= !$adminMode ? 'required' : '' ?>>
<small class="admin-file-hint">PDF ou archives ZIP/TAR. Max 500 MB. Glissez pour réordonner.</small> <small class="admin-file-hint">PDF ou archives ZIP/TAR. Max 500 MB. Glissez pour réordonner.</small>
</div> </div>
</div> </div>
<script>if(window.XamxamInitFilePonds)window.XamxamInitFilePonds();</script>
<?php endif; ?>
</div> </div>
<!-- ── Format-specific extras (individual swappable slots) ── --> <!-- ── Format-specific extras (individual swappable slots) ── -->
@@ -296,7 +265,8 @@ $hasAnnexesChecked = !empty($_POST['has_annexes']);
<div id="slot-siteweb" hidden></div> <div id="slot-siteweb" hidden></div>
<?php endif; ?> <?php endif; ?>
<!-- Slot: Video --> <!-- Slot: Video (disabled — video files are now uploaded via the TFE input) -->
<!--
<?php if ($hasVideo): ?> <?php if ($hasVideo): ?>
<?php if ($peerTubeEnabled): ?> <?php if ($peerTubeEnabled): ?>
<div id="slot-video" class="admin-form-group"> <div id="slot-video" class="admin-form-group">
@@ -325,8 +295,11 @@ $hasAnnexesChecked = !empty($_POST['has_annexes']);
<?php else: ?> <?php else: ?>
<div id="slot-video" hidden></div> <div id="slot-video" hidden></div>
<?php endif; ?> <?php endif; ?>
-->
<div id="slot-video" hidden></div>
<!-- Slot: Audio --> <!-- Slot: Audio (disabled — audio files are now uploaded via the TFE input) -->
<!--
<?php if ($hasAudio): ?> <?php if ($hasAudio): ?>
<?php if ($peerTubeEnabled): ?> <?php if ($peerTubeEnabled): ?>
<div id="slot-audio" class="admin-form-group"> <div id="slot-audio" class="admin-form-group">
@@ -355,13 +328,10 @@ $hasAnnexesChecked = !empty($_POST['has_annexes']);
<?php else: ?> <?php else: ?>
<div id="slot-audio" hidden></div> <div id="slot-audio" hidden></div>
<?php endif; ?> <?php endif; ?>
-->
<div id="slot-audio" hidden></div>
<script>if(window.XamxamInitFilePonds)window.XamxamInitFilePonds();</script>
</div> </div>
</fieldset><!-- /Fichiers --> </fieldset><!-- /Fichiers -->
<script>
if(window.XamxamInitFilePonds)window.XamxamInitFilePonds();
</script>
</div><!-- #format-fichiers-block --> </div><!-- #format-fichiers-block -->

48
app/public/partage/index.php
View File

@@ -317,10 +317,29 @@ function renderShareLinkForm(string $slug, array $link): void
$synopsisExtra = ob_get_clean(); $synopsisExtra = ob_get_clean();
// Jury data from repopulation // Jury data from repopulation
$juryPromoteur = old($formData, 'jury_promoteur'); $juryPromoteur = null;
$juryPromoteurs = []; $juryPromoteurs = [];
$juryPromoteurUlb = old($formData, 'jury_promoteur_ulb_name'); $juryPromoteurUlb = null;
$juryPromoteursUlb = []; $juryPromoteursUlb = [];
// promoteurices may be submitted as arrays (multiple entries)
$promoteursRaw = old($formData, 'jury_promoteur');
if (is_array($promoteursRaw)) {
foreach ($promoteursRaw as $name) {
$name = trim($name ?? '');
if ($name !== '') $juryPromoteurs[] = ['name' => $name];
}
} elseif (is_string($promoteursRaw) && trim($promoteursRaw) !== '') {
$juryPromoteur = $promoteursRaw;
}
$promoteursUlbRaw = old($formData, 'jury_promoteur_ulb_name');
if (is_array($promoteursUlbRaw)) {
foreach ($promoteursUlbRaw as $name) {
$name = trim($name ?? '');
if ($name !== '') $juryPromoteursUlb[] = ['name' => $name];
}
} elseif (is_string($promoteursUlbRaw) && trim($promoteursUlbRaw) !== '') {
$juryPromoteurUlb = $promoteursUlbRaw;
}
$lecteursInternes = []; $lecteursInternes = [];
$lecteursExternes = []; $lecteursExternes = [];
for ($i = 0; $i < 10; $i++) { for ($i = 0; $i < 10; $i++) {
@@ -376,7 +395,12 @@ function renderShareLinkForm(string $slug, array $link): void
<link rel="stylesheet" href="<?= App::assetV('/assets/css/common.css') ?>"> <link rel="stylesheet" href="<?= App::assetV('/assets/css/common.css') ?>">
<link rel="stylesheet" href="<?= App::assetV('/assets/css/form.css') ?>"> <link rel="stylesheet" href="<?= App::assetV('/assets/css/form.css') ?>">
<link rel="stylesheet" href="<?= App::assetV('/assets/css/filepond.min.css') ?>"> <link rel="stylesheet" href="<?= App::assetV('/assets/css/filepond.min.css') ?>">
<link rel="stylesheet" href="<?= App::assetV('/assets/css/filepond-plugin-image-preview.min.css') ?>">
<script src="<?= App::assetV('/assets/js/filepond.min.js') ?>" defer></script> <script src="<?= App::assetV('/assets/js/filepond.min.js') ?>" defer></script>
<script src="<?= App::assetV('/assets/js/filepond-plugin-file-validate-type.min.js') ?>" defer></script>
<script src="<?= App::assetV('/assets/js/filepond-plugin-file-validate-size.min.js') ?>" defer></script>
<script src="<?= App::assetV('/assets/js/filepond-plugin-image-preview.min.js') ?>" defer></script>
<script src="<?= App::assetV('/assets/js/filepond-plugin-image-exif-orientation.min.js') ?>" defer></script>
<script src="<?= App::assetV('/assets/js/file-upload-filepond.js') ?>" defer></script> <script src="<?= App::assetV('/assets/js/file-upload-filepond.js') ?>" defer></script>
<script src="<?= App::assetV('/assets/js/beforeunload-guard.js') ?>" defer></script> <script src="<?= App::assetV('/assets/js/beforeunload-guard.js') ?>" defer></script>
<script src="<?= App::assetV('/assets/js/htmx.min.js') ?>" defer></script> <script src="<?= App::assetV('/assets/js/htmx.min.js') ?>" defer></script>
@@ -497,6 +521,12 @@ function handleShareLinkSubmission(string $slug): void
$ctrl = ThesisCreateController::make(); $ctrl = ThesisCreateController::make();
$thesisId = $ctrl->submit($_POST, $_FILES); $thesisId = $ctrl->submit($_POST, $_FILES);
// Collect file processing warnings (invalid types, too large, etc.)
$fileWarnings = $ctrl->getFileWarnings();
if ($fileWarnings) {
$_SESSION['_flash_warning'] = implode("\n", $fileWarnings);
}
$identifier = $ctrl->getIdentifier($thesisId); $identifier = $ctrl->getIdentifier($thesisId);
$logger->logSubmission('partage', $thesisId, $identifier, $authorName, [ $logger->logSubmission('partage', $thesisId, $identifier, $authorName, [
'share_slug' => $slug, 'share_slug' => $slug,
@@ -572,19 +602,23 @@ function handleShareLinkSubmission(string $slug): void
/** /**
* Helper to retrieve old form data (with support for array keys via : delimiter) * Helper to retrieve old form data (with support for array keys via : delimiter)
*/ */
function old(array $data, string $key, string $default = ''): string { /**
* Retrieve old form data for repopulation.
* Returns raw value (no escaping) — callers must htmlspecialchars() when rendering.
* For arrays, returns the array as-is so callers can iterate.
*/
function old(array $data, string $key, $default = '') {
// Support nested keys like "jury_lecteurs:0" // Support nested keys like "jury_lecteurs:0"
$parts = explode(':', $key); $parts = explode(':', $key);
$value = $data; $value = $data;
foreach ($parts as $part) { foreach ($parts as $part) {
if (is_array($value) && isset($value[$part])) { if (is_array($value) && array_key_exists($part, $value)) {
$value = $value[$part]; $value = $value[$part];
} else { } else {
$value = $default; return $default;
break;
} }
} }
return is_array($value) ? htmlspecialchars(json_encode($value)) : htmlspecialchars((string)$value); return $value;
} }
/** /**

9
app/src/Controllers/ThesisCreateController.php
View File

@@ -521,15 +521,8 @@ class ThesisCreateController
$exemplaireErg = !empty($post['exemplaire_erg']); $exemplaireErg = !empty($post['exemplaire_erg']);
$cc2r = !empty($post['cc2r']); $cc2r = !empty($post['cc2r']);
// Annexes validation: if has_annexes is checked, queue_file[annexe] must have at least one file // Annexes are optional — no validation required
$hasAnnexes = !empty($post['has_annexes']); $hasAnnexes = !empty($post['has_annexes']);
if (!$adminMode && $hasAnnexes) {
$queueAnnexes = $this->extractFilesSubArray($files['queue_file'] ?? [], 'annexe');
$hasAnnexeFiles = is_array($queueAnnexes['name'] ?? null) && count(array_filter($queueAnnexes['name'])) > 0;
if (!$hasAnnexeFiles) {
throw new Exception('Veuillez fournir au moins un fichier d\'annexe.');
}
}
return compact( return compact(
'authorNames', 'authorNames',

70
app/src/Controllers/ThesisFileHandler.php
View File

@@ -34,12 +34,18 @@
*/ */
trait ThesisFileHandler trait ThesisFileHandler
{ {
/** @var string[] Warnings collected during file processing (e.g. invalid type, too large). */
private array $fileWarnings = [];
/** Maximum allowed file size for thesis files (bytes). */ /** Maximum allowed file size for thesis files (bytes). */
private const MAX_FILE_SIZE = 500 * 1024 * 1024; // 500 MB private const MAX_FILE_SIZE = 500 * 1024 * 1024; // 500 MB
/** Maximum allowed file size for PDF files specifically (bytes). */ /** Maximum allowed file size for PDF files specifically (bytes). */
private const MAX_PDF_SIZE = 100 * 1024 * 1024; // 100 MB private const MAX_PDF_SIZE = 100 * 1024 * 1024; // 100 MB
/** Maximum allowed file size for video/audio files (bytes). */
private const MAX_AV_SIZE = 2 * 1024 * 1024 * 1024; // 2 GB
/** Cover image max size. */ /** Cover image max size. */
private const MAX_COVER_SIZE = 20 * 1024 * 1024; // 20 MB private const MAX_COVER_SIZE = 20 * 1024 * 1024; // 20 MB
@@ -68,6 +74,15 @@ trait ThesisFileHandler
// ── Public entry points (called by controllers) ────────────────────────── // ── Public entry points (called by controllers) ──────────────────────────
/**
* Get warnings collected during file processing (invalid types, too large, etc.).
* @return string[]
*/
public function getFileWarnings(): array
{
return $this->fileWarnings;
}
/** /**
* Process a cover image upload. * Process a cover image upload.
* *
@@ -92,6 +107,7 @@ trait ThesisFileHandler
if (!in_array($mimeType, $allowedMimes, true) if (!in_array($mimeType, $allowedMimes, true)
|| !in_array($ext, $allowedExts, true) || !in_array($ext, $allowedExts, true)
|| $upload['size'] > self::MAX_COVER_SIZE) { || $upload['size'] > self::MAX_COVER_SIZE) {
$this->fileWarnings[] = "Couverture « {$upload['name']} » ignorée : format ou taille non accepté.";
error_log("ThesisFileHandler: invalid cover MIME $mimeType / $ext / {$upload['size']} bytes, skipping"); error_log("ThesisFileHandler: invalid cover MIME $mimeType / $ext / {$upload['size']} bytes, skipping");
return; return;
} }
@@ -141,10 +157,12 @@ trait ThesisFileHandler
$ext = strtolower(pathinfo($upload['name'], PATHINFO_EXTENSION)); $ext = strtolower(pathinfo($upload['name'], PATHINFO_EXTENSION));
if ($mimeType !== 'application/pdf' || $ext !== 'pdf') { if ($mimeType !== 'application/pdf' || $ext !== 'pdf') {
$this->fileWarnings[] = "Note d'intention « {$upload['name']} » ignorée : seul le format PDF est accepté.";
error_log("ThesisFileHandler: invalid note d'intention MIME $mimeType, skipping"); error_log("ThesisFileHandler: invalid note d'intention MIME $mimeType, skipping");
return; return;
} }
if ($upload['size'] > self::MAX_PDF_SIZE) { if ($upload['size'] > self::MAX_PDF_SIZE) {
$this->fileWarnings[] = "Note d'intention « {$upload['name']} » ignorée : fichier trop volumineux (max 100 MB).";
error_log("ThesisFileHandler: note d'intention too large ({$upload['size']} bytes), skipping"); error_log("ThesisFileHandler: note d'intention too large ({$upload['size']} bytes), skipping");
return; return;
} }
@@ -223,19 +241,25 @@ trait ThesisFileHandler
$mimeType = 'text/vtt'; $mimeType = 'text/vtt';
} }
if ($mimeType === 'application/octet-stream' && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) { if ($mimeType === 'application/octet-stream' && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) {
$this->fileWarnings[] = "Fichier TFE « {$uploads['name'][$i]} » ignoré : format .$ext non accepté.";
error_log("ThesisFileHandler: TFE extension not allowed {$uploads['name'][$i]} ($ext), skipping"); error_log("ThesisFileHandler: TFE extension not allowed {$uploads['name'][$i]} ($ext), skipping");
continue; continue;
} }
if (!in_array($mimeType, self::ALLOWED_MIME_TYPES, true) if (!in_array($mimeType, self::ALLOWED_MIME_TYPES, true)
&& !in_array($ext, self::ALLOWED_EXTENSIONS, true)) { && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) {
$this->fileWarnings[] = "Fichier TFE « {$uploads['name'][$i]} » ignoré : type non accepté ($mimeType).";
error_log("ThesisFileHandler: invalid TFE type {$uploads['name'][$i]} ($mimeType / $ext), skipping"); error_log("ThesisFileHandler: invalid TFE type {$uploads['name'][$i]} ($mimeType / $ext), skipping");
continue; continue;
} }
$isPdf = ($mimeType === 'application/pdf' || $ext === 'pdf'); $isPdf = ($mimeType === 'application/pdf' || $ext === 'pdf');
$sizeLimit = $isPdf ? self::MAX_PDF_SIZE : self::MAX_FILE_SIZE; $isAv = preg_match('/^(video|audio)\//', $mimeType) || in_array($ext, ['mp4','webm','ogv','mov','mp3','ogg','oga','wav','flac','aac','m4a']);
$sizeLimit = $isPdf ? self::MAX_PDF_SIZE : ($isAv ? self::MAX_AV_SIZE : self::MAX_FILE_SIZE);
if ($uploads['size'][$i] > $sizeLimit) { if ($uploads['size'][$i] > $sizeLimit) {
error_log("ThesisFileHandler: TFE file too large {$uploads['name'][$i]} (" . round($uploads['size'][$i] / 1024 / 1024) . ' MB), skipping'); $limitMb = round($sizeLimit / 1024 / 1024);
$sizeMb = round($uploads['size'][$i] / 1024 / 1024);
$this->fileWarnings[] = "Fichier TFE « {$uploads['name'][$i]} » ignoré : trop volumineux ($sizeMb MB, max $limitMb MB).";
error_log("ThesisFileHandler: TFE file too large {$uploads['name'][$i]} (" . $sizeMb . ' MB), skipping');
continue; continue;
} }
@@ -364,19 +388,25 @@ trait ThesisFileHandler
$mimeType = 'text/vtt'; $mimeType = 'text/vtt';
} }
if ($mimeType === 'application/octet-stream' && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) { if ($mimeType === 'application/octet-stream' && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) {
$this->fileWarnings[] = "Fichier « {$uploads['name'][$i]} » ignoré : format .$ext non accepté.";
error_log("ThesisFileHandler: queue file extension not allowed {$uploads['name'][$i]} ($ext), skipping"); error_log("ThesisFileHandler: queue file extension not allowed {$uploads['name'][$i]} ($ext), skipping");
continue; continue;
} }
if (!in_array($mimeType, self::ALLOWED_MIME_TYPES, true) if (!in_array($mimeType, self::ALLOWED_MIME_TYPES, true)
&& !in_array($ext, self::ALLOWED_EXTENSIONS, true)) { && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) {
$this->fileWarnings[] = "Fichier « {$uploads['name'][$i]} » ignoré : type non accepté ($mimeType).";
error_log("ThesisFileHandler: invalid queue file type {$uploads['name'][$i]} ($mimeType / $ext), skipping"); error_log("ThesisFileHandler: invalid queue file type {$uploads['name'][$i]} ($mimeType / $ext), skipping");
continue; continue;
} }
$isPdf = ($mimeType === 'application/pdf' || $ext === 'pdf'); $isPdf = ($mimeType === 'application/pdf' || $ext === 'pdf');
$sizeLimit = $isPdf ? self::MAX_PDF_SIZE : self::MAX_FILE_SIZE; $isAv = preg_match('/^(video|audio)\//', $mimeType) || in_array($ext, ['mp4','webm','ogv','mov','mp3','ogg','oga','wav','flac','aac','m4a']);
$sizeLimit = $isPdf ? self::MAX_PDF_SIZE : ($isAv ? self::MAX_AV_SIZE : self::MAX_FILE_SIZE);
if ($uploads['size'][$i] > $sizeLimit) { if ($uploads['size'][$i] > $sizeLimit) {
error_log("ThesisFileHandler: queue file too large {$uploads['name'][$i]} (" . round($uploads['size'][$i] / 1024 / 1024) . ' MB), skipping'); $limitMb = round($sizeLimit / 1024 / 1024);
$sizeMb = round($uploads['size'][$i] / 1024 / 1024);
$this->fileWarnings[] = "Fichier « {$uploads['name'][$i]} » ignoré : trop volumineux ($sizeMb MB, max $limitMb MB).";
error_log("ThesisFileHandler: queue file too large {$uploads['name'][$i]} (" . $sizeMb . ' MB), skipping');
continue; continue;
} }
@@ -461,6 +491,28 @@ trait ThesisFileHandler
if ($mimeType === 'text/plain' && $ext === 'vtt') { if ($mimeType === 'text/plain' && $ext === 'vtt') {
$mimeType = 'text/vtt'; $mimeType = 'text/vtt';
} }
if ($mimeType === 'application/octet-stream' && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) {
$this->fileWarnings[] = "Annexe « {$uploads['name'][$i]} » ignorée : format .$ext non accepté.";
error_log("ThesisFileHandler: queue annexe extension not allowed {$uploads['name'][$i]} ($ext), skipping");
continue;
}
if (!in_array($mimeType, self::ALLOWED_MIME_TYPES, true)
&& !in_array($ext, self::ALLOWED_EXTENSIONS, true)) {
$this->fileWarnings[] = "Annexe « {$uploads['name'][$i]} » ignorée : type non accepté ($mimeType).";
error_log("ThesisFileHandler: invalid queue annexe type {$uploads['name'][$i]} ($mimeType / $ext), skipping");
continue;
}
// Annexes: PDF max 100 MB, everything else max 500 MB
$isPdf = ($mimeType === 'application/pdf' || $ext === 'pdf');
$sizeLimit = $isPdf ? self::MAX_PDF_SIZE : self::MAX_FILE_SIZE;
if ($uploads['size'][$i] > $sizeLimit) {
$limitMb = round($sizeLimit / 1024 / 1024);
$sizeMb = round($uploads['size'][$i] / 1024 / 1024);
$this->fileWarnings[] = "Annexe « {$uploads['name'][$i]} » ignorée : trop volumineuse ($sizeMb MB, max $limitMb MB).";
error_log("ThesisFileHandler: queue annexe too large {$uploads['name'][$i]} (" . $sizeMb . ' MB), skipping');
continue;
}
$padded = sprintf('%02d', $num); $padded = sprintf('%02d', $num);
$targetName = $filePrefix . '_ANNEXE_' . $padded . '.' . $ext; $targetName = $filePrefix . '_ANNEXE_' . $padded . '.' . $ext;
@@ -530,19 +582,25 @@ trait ThesisFileHandler
$mimeType = 'text/vtt'; $mimeType = 'text/vtt';
} }
if ($mimeType === 'application/octet-stream' && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) { if ($mimeType === 'application/octet-stream' && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) {
$this->fileWarnings[] = "Annexe « {$uploads['name'][$i]} » ignorée : format .$ext non accepté.";
error_log("ThesisFileHandler: annexe extension not allowed {$uploads['name'][$i]} ($ext), skipping"); error_log("ThesisFileHandler: annexe extension not allowed {$uploads['name'][$i]} ($ext), skipping");
continue; continue;
} }
if (!in_array($mimeType, self::ALLOWED_MIME_TYPES, true) if (!in_array($mimeType, self::ALLOWED_MIME_TYPES, true)
&& !in_array($ext, self::ALLOWED_EXTENSIONS, true)) { && !in_array($ext, self::ALLOWED_EXTENSIONS, true)) {
$this->fileWarnings[] = "Annexe « {$uploads['name'][$i]} » ignorée : type non accepté ($mimeType).";
error_log("ThesisFileHandler: invalid annexe type {$uploads['name'][$i]} ($mimeType / $ext), skipping"); error_log("ThesisFileHandler: invalid annexe type {$uploads['name'][$i]} ($mimeType / $ext), skipping");
continue; continue;
} }
$isPdf = ($mimeType === 'application/pdf' || $ext === 'pdf'); $isPdf = ($mimeType === 'application/pdf' || $ext === 'pdf');
$sizeLimit = $isPdf ? self::MAX_PDF_SIZE : self::MAX_FILE_SIZE; $isAv = preg_match('/^(video|audio)\//', $mimeType) || in_array($ext, ['mp4','webm','ogv','mov','mp3','ogg','oga','wav','flac','aac','m4a']);
$sizeLimit = $isPdf ? self::MAX_PDF_SIZE : ($isAv ? self::MAX_AV_SIZE : self::MAX_FILE_SIZE);
if ($uploads['size'][$i] > $sizeLimit) { if ($uploads['size'][$i] > $sizeLimit) {
error_log("ThesisFileHandler: annexe too large {$uploads['name'][$i]} (" . round($uploads['size'][$i] / 1024 / 1024) . " MB), skipping"); $limitMb = round($sizeLimit / 1024 / 1024);
$sizeMb = round($uploads['size'][$i] / 1024 / 1024);
$this->fileWarnings[] = "Annexe « {$uploads['name'][$i]} » ignorée : trop volumineuse ($sizeMb MB, max $limitMb MB).";
error_log("ThesisFileHandler: annexe too large {$uploads['name'][$i]} (" . $sizeMb . " MB), skipping");
continue; continue;
} }

91
app/templates/admin/acces.php
View File

@@ -376,6 +376,97 @@
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision) +%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: rptplqsr 5f9568bd "Add FilePond pools for couverture, note_intention, video, audio" (rebased revision) +\\\\\\\ to: rptplqsr 5f9568bd "Add FilePond pools for couverture, note_intention, video, audio" (rebased revision)
++ $linkName = $link['name'] ?? ''; ++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: rptplqsr 5f9568bd "Add FilePond pools for couverture, note_intention, video, audio" (rebased revision)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
- $linkName = $link['name'] ?? '';
- $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: somsyvxz 14a3cd10 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebase destination)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: wvkvvpmv 33919970 "fix annexe validation, FilePond type validation, and styling" (rebased revision)
$linkName = $link['name'] ?? '';
$linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
$linkLockedYear = $link['locked_year'] ?? null;
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: wvkvvpmv 5044078a "fix annexe validation, FilePond type validation, and styling" (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: wvkvvpmv 5044078a "fix annexe validation, FilePond type validation, and styling" (rebased revision)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
- $linkName = $link['name'] ?? '';
- $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: somsyvxz 14a3cd10 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebase destination)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: tqwpzqtq 83c9c5ff (rebased revision)
$linkName = $link['name'] ?? '';
$linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
$linkLockedYear = $link['locked_year'] ?? null;
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: tqwpzqtq b2fcb530 (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: tqwpzqtq b2fcb530 (rebased revision)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
- $linkName = $link['name'] ?? '';
- $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: somsyvxz 14a3cd10 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebase destination)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: stmuuwmv 679ece97 "add server-side video/audio size limits (2 GB) and fix missing annexe queue validation" (rebased revision)
$linkName = $link['name'] ?? '';
$linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
$linkLockedYear = $link['locked_year'] ?? null;
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: stmuuwmv 45c8d894 "add server-side video/audio size limits (2 GB) and fix missing annexe queue validation" (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: stmuuwmv 45c8d894 "add server-side video/audio size limits (2 GB) and fix missing annexe queue validation" (rebased revision)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
- $linkName = $link['name'] ?? '';
- $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: somsyvxz 14a3cd10 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebase destination)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: wmzntpxp b9fa7c04 "add filepond-plugin-file-validate-type + server-side file warnings" (rebased revision)
$linkName = $link['name'] ?? '';
$linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
$linkLockedYear = $link['locked_year'] ?? null;
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: wmzntpxp aa25c473 "add filepond-plugin-file-validate-type + server-side file warnings" (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: wmzntpxp aa25c473 "add filepond-plugin-file-validate-type + server-side file warnings" (rebased revision)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
- $linkName = $link['name'] ?? '';
- $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: somsyvxz 14a3cd10 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebase destination)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: rlqsxozn a2d3f72a "fix file validation: use extension-based check in beforeAddFile, drop plugin" (rebased revision)
$linkName = $link['name'] ?? '';
$linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
$linkLockedYear = $link['locked_year'] ?? null;
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: rlqsxozn e69b00bf "fix file validation: use extension-based check in beforeAddFile, drop plugin" (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: rlqsxozn e69b00bf "fix file validation: use extension-based check in beforeAddFile, drop plugin" (rebased revision)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
- $linkName = $link['name'] ?? '';
- $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: somsyvxz 14a3cd10 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebase destination)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: vqnonzxp 9b795ebc "remove accept attributes from FilePond inputs, rely on beforeAddFile validation" (rebased revision)
$linkName = $link['name'] ?? '';
$linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
$linkLockedYear = $link['locked_year'] ?? null;
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: vqnonzxp fc15ae85 "remove accept attributes from FilePond inputs, rely on beforeAddFile validation" (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: vqnonzxp fc15ae85 "remove accept attributes from FilePond inputs, rely on beforeAddFile validation" (rebased revision)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
- $linkName = $link['name'] ?? '';
- $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: somsyvxz 14a3cd10 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebase destination)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: xznsyswm ecbb6c5f "FilePond production hardening" (rebased revision)
$linkName = $link['name'] ?? '';
$linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
$linkLockedYear = $link['locked_year'] ?? null;
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: xznsyswm a408afdc "FilePond production hardening" (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : ''; ++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
?> ?>
<tr class="admin-table-row" onclick="event.stopPropagation(); window.open('/partage/<?= urlencode($link['slug']) ?>', '_blank')" style="cursor:pointer"> <tr class="admin-table-row" onclick="event.stopPropagation(); window.open('/partage/<?= urlencode($link['slug']) ?>', '_blank')" style="cursor:pointer">

34
app/templates/public/tfe.php
View File

@@ -434,7 +434,6 @@
$isAudio = in_array($ext, ['mp3','ogg','oga','wav','flac','aac','m4a'], true) || $fileType === 'audio'; $isAudio = in_array($ext, ['mp3','ogg','oga','wav','flac','aac','m4a'], true) || $fileType === 'audio';
$isPdf = ($ext === 'pdf') || $fileType === 'main'; $isPdf = ($ext === 'pdf') || $fileType === 'main';
$isWebsite = ($fileType === 'website'); $isWebsite = ($fileType === 'website');
$isPeerTube = ($isExternalUrl && str_contains($filePath, '/videos/watch/'));
$isOther = !($isImage || $isVideo || $isAudio || $isPdf || $isWebsite); $isOther = !($isImage || $isVideo || $isAudio || $isPdf || $isWebsite);
$_vttPath = null; $_vttPath = null;
@@ -477,22 +476,6 @@
<img src="<?= $mediaUrl ?>" <img src="<?= $mediaUrl ?>"
alt="<?= htmlspecialchars($caption !== '' ? $caption : $data['title'] . ' — ' . ($data['authors'] ?? '')) ?>"> alt="<?= htmlspecialchars($caption !== '' ? $caption : $data['title'] . ' — ' . ($data['authors'] ?? '')) ?>">
<?php elseif ($isVideo): ?> <?php elseif ($isVideo): ?>
<?php if ($isPeerTube): ?>
<iframe src="<?= $mediaUrl ?>embed"
width="100%" height="400px"
style="border:none"
title="<?= $fileName ?>"
sandbox="allow-same-origin allow-scripts"
allowfullscreen
loading="lazy">
</iframe>
<p class="tfe-pdf-fallback">
<a href="<?= $mediaUrl ?>" target="_blank" rel="noopener">
Ouvrir dans PeerTube
<span class="sr-only">(ouvre dans un nouvel onglet)</span>
</a>
</p>
<?php else: ?>
<video width="100%" controls> <video width="100%" controls>
<source src="<?= $mediaUrl ?>" type="video/<?= htmlspecialchars($ext === 'mov' ? 'mp4' : $ext) ?>"> <source src="<?= $mediaUrl ?>" type="video/<?= htmlspecialchars($ext === 'mov' ? 'mp4' : $ext) ?>">
<?php if ($_vttPath): ?> <?php if ($_vttPath): ?>
@@ -501,23 +484,7 @@
srclang="fr" label="Sous-titres" default> srclang="fr" label="Sous-titres" default>
<?php endif; ?> <?php endif; ?>
</video> </video>
<?php endif; ?>
<?php elseif ($isAudio): ?> <?php elseif ($isAudio): ?>
<?php if ($isPeerTube): ?>
<iframe src="<?= $mediaUrl ?>embed"
width="100%" height="170px"
style="border:none"
title="<?= $fileName ?>"
sandbox="allow-same-origin allow-scripts"
loading="lazy">
</iframe>
<p class="tfe-pdf-fallback">
<a href="<?= $mediaUrl ?>" target="_blank" rel="noopener">
Ouvrir dans PeerTube
<span class="sr-only">(ouvre dans un nouvel onglet)</span>
</a>
</p>
<?php else: ?>
<audio controls class="tfe-audio"> <audio controls class="tfe-audio">
<source src="<?= $mediaUrl ?>" type="audio/<?= htmlspecialchars(match($ext) { <source src="<?= $mediaUrl ?>" type="audio/<?= htmlspecialchars(match($ext) {
'mp3' => 'mpeg', 'mp3' => 'mpeg',
@@ -530,7 +497,6 @@
}) ?>"> }) ?>">
Votre navigateur ne supporte pas la lecture audio. Votre navigateur ne supporte pas la lecture audio.
</audio> </audio>
<?php endif; ?>
<?php else: /* other — download only */ ?> <?php else: /* other — download only */ ?>
<div class="tfe-download-file"> <div class="tfe-download-file">
<a href="<?= $mediaUrl ?>&download=1" class="tfe-download-link"> <a href="<?= $mediaUrl ?>&download=1" class="tfe-download-link">

2
justfile
View File

@@ -62,7 +62,7 @@ deploy:
--exclude 'var/logs/*' \ --exclude 'var/logs/*' \
app/ xamxam:/var/www/xamxam/ app/ xamxam:/var/www/xamxam/
ssh xamxam "mkdir -p /var/www/xamxam/var/{cache,logs,tmp}" ssh xamxam "mkdir -p /var/www/xamxam/var/{cache,logs,tmp}"
ssh xamxam "cd /var/www/xamxam && php migrations/run.php /var/www/xamxam/storage/xamxam.db" ssh xamxam "cd /var/www/xamxam && php scripts/ensure-db.php /var/www/xamxam/storage/xamxam.db && php migrations/run.php /var/www/xamxam/storage/xamxam.db"
# Sync .env separately (excluded above to avoid accidental overwrite on subsequent deploys) # Sync .env separately (excluded above to avoid accidental overwrite on subsequent deploys)
@just deploy-env @just deploy-env

4113
pi-session-2026-05-10T18-42-37-234Z_019e1332-ce31-70fa-87a1-aa3495b526a9.html Normal file
View File

File diff suppressed because one or more lines are too long

29
scripts/ensure-db.php Normal file
View File

@@ -0,0 +1,29 @@
#!/usr/bin/env php
<?php
/**
* ensure-db.php — Create database from schema.sql if it doesn't exist.
*
* Usage: php scripts/ensure-db.php [DB_PATH]
* Default: storage/xamxam.db
*/
$root = dirname(__DIR__);
$dbPath = $argv[1] ?? ($root . '/storage/xamxam.db');
$schemaPath = $root . '/storage/schema.sql';
if (file_exists($dbPath)) {
echo "Database already exists: $dbPath\n";
exit(0);
}
if (!file_exists($schemaPath)) {
die("Schema not found: $schemaPath\n");
}
$db = new PDO('sqlite:' . $dbPath);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = file_get_contents($schemaPath);
$db->exec($sql);
echo "Database created from schema: $dbPath\n";