PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 19:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add comprehensive thesis management system with database migration

Browse Source 
This commit introduces a complete thesis management interface and migrates
the system from YAML-based storage to SQLite:

Core Changes:
- Add Database.php helper class with PDO connection and entity management
- Add list.php for viewing all theses with filtering and sorting
- Add edit.php for modifying existing thesis records
- Add import.php for migrating legacy YAML data to SQLite
- Add justfile with development tasks (serve, init-test-db, etc.)

Documentation:
- Add MIGRATION.md with complete migration guide and architecture docs
- Update README.md with database setup and Just recipe instructions
- Update .gitignore to exclude test databases and error logs

Modified Forms:
- Enhanced formulaire.php with transaction-based SQLite processing
- Updated index.php with database-driven form options
- Improved thanks.php to read from database views

The new architecture provides:
- Normalized database schema (19 tables, 2 views)
- Transaction safety and referential integrity
- CRUD operations for thesis management
- Filtering by year, orientation, AP program, publication status
- Secure file handling with metadata tracking

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Théophile Gervreau-Mercier
2026-01-27 15:43:01 +01:00
parent 99ccd60f90
commit 95f52d549e
22 changed files with 3263 additions and 725 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
formulaire/.gitignore vendored Normal file
View File

@@ -0,0 +1,31 @@
# Test database
test.db
# Error logs
error.log
# Uploaded files (for testing)
data/theses/
data/covers/
# Keep the data directories but ignore contents
!data/theses/.gitkeep
!data/covers/.gitkeep
# PHP session files
sessions/
# Composer
vendor/
composer.lock
# OS files
.DS_Store
Thumbs.db
# IDE
.vscode/
.idea/
*.swp
*.swo
*~

277
formulaire/Database.php Normal file
View File

@@ -0,0 +1,277 @@
<?php
/**
* Database connection and helper class for Post-ERG thesis database
*/
class Database {
private $pdo;
private $dbPath;
/**
* Constructor - establishes database connection
* @param string $dbPath Path to SQLite database file
*/
public function __construct($dbPath = null) {
if ($dbPath === null) {
// Check for test database first (for local development)
$testDb = __DIR__ . '/test.db';
if (file_exists($testDb)) {
$this->dbPath = $testDb;
} else {
// Default to parent directory's db folder (production)
$this->dbPath = __DIR__ . '/../db/posterg.db';
}
} else {
$this->dbPath = $dbPath;
}
try {
$this->pdo = new PDO('sqlite:' . $this->dbPath);
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$this->pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
// Enable foreign key constraints
$this->pdo->exec('PRAGMA foreign_keys = ON');
} catch (PDOException $e) {
error_log("Database connection failed: " . $e->getMessage());
throw new Exception("Impossible de se connecter à la base de données.");
}
}
/**
* Get PDO instance for direct queries if needed
* @return PDO
*/
public function getPDO() {
return $this->pdo;
}
/**
* Begin a transaction
*/
public function beginTransaction() {
return $this->pdo->beginTransaction();
}
/**
* Commit a transaction
*/
public function commit() {
return $this->pdo->commit();
}
/**
* Rollback a transaction
*/
public function rollback() {
return $this->pdo->rollback();
}
/**
* Find or create an author
* @param string $name Author name
* @param string $email Author email (optional)
* @return int Author ID
*/
public function findOrCreateAuthor($name, $email = null) {
// Try to find existing author by name
$stmt = $this->pdo->prepare("SELECT id FROM authors WHERE name = ?");
$stmt->execute([$name]);
$author = $stmt->fetch();
if ($author) {
// Update email if provided and different
if ($email && $email !== '') {
$updateStmt = $this->pdo->prepare("UPDATE authors SET email = ? WHERE id = ?");
$updateStmt->execute([$email, $author['id']]);
}
return $author['id'];
}
// Create new author
$stmt = $this->pdo->prepare("INSERT INTO authors (name, email) VALUES (?, ?)");
$stmt->execute([$name, $email]);
return $this->pdo->lastInsertId();
}
/**
* Find or create a supervisor
* @param string $name Supervisor name
* @return int Supervisor ID
*/
public function findOrCreateSupervisor($name) {
// Try to find existing supervisor
$stmt = $this->pdo->prepare("SELECT id FROM supervisors WHERE name = ?");
$stmt->execute([$name]);
$supervisor = $stmt->fetch();
if ($supervisor) {
return $supervisor['id'];
}
// Create new supervisor
$stmt = $this->pdo->prepare("INSERT INTO supervisors (name) VALUES (?)");
$stmt->execute([$name]);
return $this->pdo->lastInsertId();
}
/**
* Find or create a keyword
* @param string $keyword Keyword text
* @return int Keyword ID
*/
public function findOrCreateKeyword($keyword) {
$keyword = trim($keyword);
if (empty($keyword)) {
return null;
}
// Try to find existing keyword
$stmt = $this->pdo->prepare("SELECT id FROM keywords WHERE keyword = ?");
$stmt->execute([$keyword]);
$kw = $stmt->fetch();
if ($kw) {
return $kw['id'];
}
// Create new keyword
$stmt = $this->pdo->prepare("INSERT INTO keywords (keyword) VALUES (?)");
$stmt->execute([$keyword]);
return $this->pdo->lastInsertId();
}
/**
* Get orientation ID by name
* @param string $name Orientation name
* @return int|null Orientation ID or null if not found
*/
public function getOrientationId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM orientations WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get AP program ID by name
* @param string $name AP program name
* @return int|null AP program ID or null if not found
*/
public function getAPProgramId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM ap_programs WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get finality type ID by name
* @param string $name Finality type name
* @return int|null Finality type ID or null if not found
*/
public function getFinalityId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM finality_types WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get language ID by name
* @param string $name Language name
* @return int|null Language ID or null if not found
*/
public function getLanguageId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM languages WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get format type ID by name
* @param string $name Format type name
* @return int|null Format type ID or null if not found
*/
public function getFormatId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM format_types WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get all orientations
* @return array Array of orientations
*/
public function getAllOrientations() {
$stmt = $this->pdo->query("SELECT id, name FROM orientations ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get all AP programs
* @return array Array of AP programs
*/
public function getAllAPPrograms() {
$stmt = $this->pdo->query("SELECT id, name, code FROM ap_programs ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get all finality types
* @return array Array of finality types
*/
public function getAllFinalityTypes() {
$stmt = $this->pdo->query("SELECT id, name FROM finality_types ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get all languages
* @return array Array of languages
*/
public function getAllLanguages() {
$stmt = $this->pdo->query("SELECT id, name FROM languages ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get all format types
* @return array Array of format types
*/
public function getAllFormatTypes() {
$stmt = $this->pdo->query("SELECT id, name FROM format_types ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get thesis by ID
* @param int $id Thesis ID
* @return array|null Thesis data or null if not found
*/
public function getThesis($id) {
$stmt = $this->pdo->prepare("SELECT * FROM v_theses_full WHERE id = ?");
$stmt->execute([$id]);
return $stmt->fetch();
}
/**
* Insert a thesis file record
* @param int $thesisId Thesis ID
* @param string $fileType File type ('main', 'annex', 'written_part', 'other')
* @param string $filePath Server path to file
* @param string $fileName Original filename
* @param int $fileSize File size in bytes
* @param string $mimeType MIME type
* @return int File ID
*/
public function insertThesisFile($thesisId, $fileType, $filePath, $fileName, $fileSize, $mimeType) {
$stmt = $this->pdo->prepare("
INSERT INTO thesis_files (thesis_id, file_type, file_path, file_name, file_size, mime_type)
VALUES (?, ?, ?, ?, ?, ?)
");
$stmt->execute([$thesisId, $fileType, $filePath, $fileName, $fileSize, $mimeType]);
return $this->pdo->lastInsertId();
}
}

153
formulaire/IMPORT.md Normal file
View File

@@ -0,0 +1,153 @@
# CSV Import Format Specification
## File Format
- **Encoding**: UTF-8
- **Delimiter**: Comma (`,`)
- **Header Rows**: First 4 rows are skipped during import
- Row 1: Empty
- Row 2: Headers (French labels)
- Row 3: Description row
- Row 4: Column names
- **Data Rows**: Start from row 5 onwards
## Column Structure
The CSV must contain exactly 21 columns in this order:
| Index | Field Name | Required | Type | Description |
|-------|------------|----------|------|-------------|
| 0 | identifier | No | String | Unique identifier for the thesis |
| 1 | title | **Yes** | String | Thesis title |
| 2 | subtitle | No | String | Thesis subtitle |
| 3 | authors | No | String | Author(s), comma-separated for multiple |
| 4 | contact | No | String | Contact email (associated with first author) |
| 5 | supervisors | No | String | Supervisor(s), comma-separated for multiple |
| 6 | formats | No | String | Format(s), comma-separated for multiple |
| 7 | year | **Yes** | Integer | Year of thesis (e.g., 2024) |
| 8 | ap | No | String | AP program code (see AP Codes section) |
| 9 | orientation | No | String | Orientation code (see Orientation Codes section) |
| 10 | finality | No | String | Finality name |
| 11 | keywords | No | String | Keywords, comma-separated (max 10) |
| 12 | synopsis | No | Text | Synopsis/abstract of the thesis |
| 13 | context | No | Text | Context note |
| 14 | remarks | No | Text | Additional remarks |
| 15 | language | No | String | Language (e.g., Français, English, Nederlands) |
| 16 | access | No | String | Access authorization |
| 17 | license | No | String | License information |
| 18 | size_info | No | String | File size information |
| 19 | jury_points | No | Float | Jury score (out of 20) |
| 20 | baiu_link | No | String | Link to BAIU (institutional archive) |
## Field Details
### Required Fields
- **title**: Must not be empty
- **year**: Must not be empty and must be a valid integer
### Multi-Value Fields
These fields accept multiple values separated by commas:
- **authors**: e.g., `"John Doe, Jane Smith"`
- **supervisors**: e.g., `"Prof. A, Prof. B"`
- **keywords**: Maximum 10 keywords, e.g., `"art, design, digital"`
- **formats**: e.g., `"PDF, Video, Installation"`
### Orientation Codes
Valid orientation codes and their full names:
```
SC = Sculpture
VI = Vidéographie
CA = Cinéma d'animation
IP = Installation-Performance
PE = Peinture
PH = Photographie
DE = Dessin
AN = Arts Numériques
GR = Graphisme
TY = Typographie
DN = Design Numérique
IL = Illustration
BD = Bande-Dessinée
SE = Sérigraphie
GV = Gravure
```
### AP Codes
Valid AP program codes:
- `DPM`
- `LIENS`
- `APS`
(These codes must match exactly what exists in the `ap_programs` table)
### Language Values
Languages should be provided with capital first letter:
- `Français`
- `English`
- `Nederlands`
- etc.
### Format Values
Common format values (case-insensitive, will be normalized):
- `PDF`
- `Video`
- `Audio`
- `Installation`
- `Web`
- etc.
## Import Behavior
### Row Processing
1. Empty rows (no title and no identifier) are skipped
2. Each row is processed in a transaction
3. If a row fails, it is skipped and logged, but processing continues
### Data Validation
- If title or year is missing, the row is rejected
- Invalid orientation codes result in no orientation being set (null)
- Invalid AP codes result in no AP program being set (null)
- Keywords are limited to first 10 if more are provided
### Data Normalization
- All string fields are trimmed of whitespace
- Language and format values are normalized (first letter capitalized, rest lowercase)
- Empty strings are converted to NULL in the database
### Entity Creation
- Authors, supervisors, and keywords are automatically created if they don't exist
- Existing authors are matched by name
- Contact email is only associated with the first author
## Example CSV Structure
```csv
Identifiant,Titre,Sous-titre,Auteur·ice(s),Contact,Promoteur·ice(s),Format,Année,AP,Orientation,Finalité,Mots-clés,Synopsis,Contexte,Remarques,Langue,Autorisation,License,taille,Points sur 20,lien BAIU
TFE-2024-001,Mon projet artistique,Exploration du numérique,"Alice Dupont, Bob Martin",alice@example.com,Prof. Smith,PDF,2024,DPM,AN,Création,art numérique,digital art,interactive installation,Un projet explorant l'intersection de l'art et de la technologie,Réalisé dans le cadre du master,Très bon projet,Français,Public,CC-BY,250MB,16.5,https://baiu.example.org/12345
TFE-2024-002,Design graphique moderne,,Charlie Brown,charlie@example.com,"Prof. A, Prof. B","PDF, Print",2024,LIENS,GR,Design,typographie,graphisme,design,Une exploration de la typographie contemporaine,,,English,Restricted,All rights reserved,50MB,15,
```
## Troubleshooting
### Common Issues
1. **Encoding problems**: Ensure file is saved as UTF-8
2. **Missing columns**: All 21 columns must be present, even if empty
3. **Line breaks in fields**: Ensure fields containing newlines are properly quoted
4. **Quote escaping**: Use double quotes (`""`) to escape quotes within fields
### Import Results
After import, the system will display:
- Number of theses successfully imported
- Number of rows skipped due to errors
- Detailed line-by-line results with success (✓) or error (✗) indicators
## Notes
- The import process preserves the order of authors, supervisors, and keywords
- The first author gets the contact email if provided
- Duplicate detection is not performed - each import creates new entries
- Failed rows do not stop the import process
- All errors are logged to the server error log

357
formulaire/MIGRATION.md Normal file
View File

@@ -0,0 +1,357 @@
# Migration from YAML to SQLite
## Overview
The Post-ERG thesis submission form has been completely overhauled to use a SQLite database instead of flat YAML files. This provides better data integrity, querying capabilities, and prepares the system for a full-featured web application.
## What Changed
### Database Implementation
**Before:** Form data was saved as individual YAML files in `data/yaml/`, with file uploads scattered in `data/content/` and `data/cover/`.
**After:** All thesis data is now stored in a relational SQLite database (`../db/posterg.db`) with proper normalization and foreign key relationships.
### New Architecture
```
Form Submission Flow:
1. User fills out enhanced form (index.php)
2. Form validates input and begins database transaction
3. Creates/links: author, thesis, supervisors, keywords, languages, formats
4. Uploads files with random names for security
5. Records file metadata in database
6. Commits transaction (all-or-nothing)
7. Redirects to confirmation page showing database data
```
### Database Schema Highlights
- **19 tables** including junction tables and views
- **Normalized structure** (3rd Normal Form)
- **Automatic timestamps** via triggers
- **Cascade deletes** for referential integrity
- **Predefined lookup tables** for orientations, AP programs, finalities, etc.
- **Views** for simplified querying (v_theses_full, v_theses_public)
## New Files
### `Database.php`
Database helper class providing:
- PDO connection with error handling
- Transaction management
- Find-or-create methods for entities
- Prepared statement helpers
- Lookup methods for all reference data
**Key Methods:**
```php
$db = new Database();
$authorId = $db->findOrCreateAuthor($name, $email);
$keywordId = $db->findOrCreateKeyword($keyword);
$orientations = $db->getAllOrientations();
$thesis = $db->getThesis($id);
```
## Modified Files
### `index.php`
**Enhancements:**
- Dynamically loads form options from database
- Added required fields per schema:
- Subtitle (optional)
- Synopsis (~200 words, required)
- Finality (Approfondi/Enseignement/Spécialisé)
- Languages (multiple selection with checkboxes)
- Formats (multiple selection with checkboxes)
- Better form organization with sections
- Improved accessibility (proper labels, IDs)
**New Form Fields:**
| Field | Type | Required | Notes |
|-------|------|----------|-------|
| Subtitle | Text | No | New field |
| Synopsis | Textarea | Yes | ~200 words |
| Finality | Select | Yes | From finality_types table |
| Languages | Checkboxes | Yes | Multiple selection |
| Formats | Checkboxes | No | Multiple selection |
### `formulaire.php`
**Complete rewrite** with:
1. **Transaction-Based Processing:**
- `BEGIN TRANSACTION` at start
- All insertions in single transaction
- `COMMIT` on success or `ROLLBACK` on error
- Ensures data consistency
2. **Prepared Statements:**
- All SQL queries use PDO prepared statements
- Protection against SQL injection
- Parameter binding for all user input
3. **Entity Creation:**
- Finds or creates authors (by name)
- Finds or creates supervisors (by name)
- Finds or creates keywords (by text)
- Links all entities via junction tables
4. **Identifier Generation:**
- Format: `YYYY-NNN` (e.g., "2026-001")
- Automatically increments per year
- Unique constraint in database
5. **File Handling:**
- Random cryptographic filenames (32 hex chars)
- Organized by year and identifier: `data/theses/YYYY/YYYY-NNN/`
- Cover images separate: `data/covers/`
- Metadata stored in `thesis_files` table
6. **Validation:**
- Year range: 2000 to current year + 1
- Max 10 keywords enforced
- At least one language required
- URL format validation
- File type and size validation
### `thanks.php`
**Complete redesign:**
- Reads from database using thesis ID
- Displays data from `v_theses_full` view
- Shows all relationships: authors, supervisors, keywords, languages, formats
- Lists uploaded files with metadata (type, size, date)
- Responsive CSS grid layout
- Publication status indicator
**Security:**
- Validates thesis ID (integer only)
- Uses prepared statements
- No path traversal vulnerability
- Error messages don't expose system details
## Database Files
### `../db/posterg.db`
Initialized SQLite database with:
- 19 tables (11 core, 5 junction, 3 reference)
- 2 views (v_theses_full, v_theses_public)
- Predefined data:
- 15 orientations
- 4 AP programs
- 3 finality types
- 2 languages (French, English)
- 7 format types
- 3 access types
- 4 static pages
### Schema Documentation
See `../db/README.md` and `../db/SETUP.md` for complete documentation.
## Security Improvements Retained
All security improvements from the previous commit are preserved:
✅ CSRF protection with session tokens
✅ Input validation and sanitization
✅ Prepared statements (SQL injection protection)
✅ Random filenames for uploads
✅ File type and size validation
✅ MIME type checking
✅ Error logging without exposing paths
✅ Path traversal protection
## Data Mapping
### YAML to Database Mapping
| Old YAML Field | New Database Location | Notes |
|----------------|----------------------|-------|
| `auteurice` | `authors.name` | Normalized, reusable |
| `email` | `authors.email` | Now in authors table |
| `année` | `theses.year` | Integer field |
| `titre` | `theses.title` | Required |
| - | `theses.subtitle` | New field |
| `description` | `theses.synopsis` | Renamed for clarity |
| `problématique` | (not yet used) | Can be added to schema |
| `orientation` | `theses.orientation_id` | Foreign key to orientations |
| `ap` | `theses.ap_program_id` | Foreign key to ap_programs |
| - | `theses.finality_id` | New field (required) |
| `promoteurice` | `supervisors.name` + `thesis_supervisors` | Many-to-many |
| `tag` | `keywords.keyword` + `thesis_keywords` | Many-to-many, max 10 |
| `lien` | `theses.baiu_link` | URL validation |
| `files` | `thesis_files` table | Full metadata |
| `couverture` | (stored as file, not in DB yet) | Could add cover_path column |
## Migration Path for Existing Data
If you have existing YAML files to import:
1. **Parse YAML files:**
```php
$yamlFiles = glob('data/yaml/*.yaml');
foreach ($yamlFiles as $file) {
$data = Yaml::parseFile($file);
// ...
}
```
2. **Insert into database:**
```php
$db->beginTransaction();
try {
$authorId = $db->findOrCreateAuthor($data['auteurice'], $data['email']);
// Insert thesis
// Link relationships
$db->commit();
} catch (Exception $e) {
$db->rollback();
}
```
3. **Verify data:**
```sql
SELECT COUNT(*) FROM theses;
SELECT * FROM v_theses_full LIMIT 5;
```
## Testing Checklist
Before production deployment:
- [ ] Form loads without errors
- [ ] All dropdown options populate from database
- [ ] Form submission creates thesis record
- [ ] Author is created or found correctly
- [ ] Supervisors linked properly
- [ ] Keywords created and linked (test max 10)
- [ ] Languages required (test validation)
- [ ] Formats optional (test multiple selection)
- [ ] Files upload successfully
- [ ] File metadata recorded in database
- [ ] Thanks page displays all data correctly
- [ ] Transaction rollback works on error
- [ ] CSRF token validated
- [ ] Invalid data rejected (year, URL, etc.)
## Known Limitations
1. **No cover_path column:** Cover images uploaded but path not stored in `theses` table (can be added)
2. **No problématique field:** Old field not yet in schema (can be added to `theses.remarks` or new column)
3. **File type detection:** Basic (by extension), could be enhanced
4. **No duplicate detection:** Same thesis can be submitted multiple times
5. **No edit capability:** Once submitted, no UI to edit (admin interface needed)
## Next Steps
1. **Initialize production database:**
```bash
cd /path/to/production/db
sqlite3 posterg.db < schema.sql
```
2. **Set permissions:**
```bash
chmod 644 posterg.db
chown www-data:www-data posterg.db
```
3. **Test form submission:**
- Submit test thesis
- Verify all fields saved
- Check file uploads
- Test thanks page
4. **Import existing data:**
- Create migration script
- Parse old YAML files
- Bulk insert into database
- Verify integrity
5. **Build admin interface:**
- CRUD operations for theses
- User management
- Approval workflow
- Bulk operations
6. **Build public website:**
- Search and filter theses
- Respect access controls
- Display thesis details
- Static pages management
## Compatibility Notes
### PHP Requirements
- PHP 7.4+ (tested on PHP 8.x)
- PDO extension with SQLite support
- Composer for Symfony YAML (still used for potential migration)
### Database
- SQLite 3.8.0+
- File-based database (no server needed)
- Single file: `db/posterg.db`
### Dependencies
```json
{
"require": {
"symfony/yaml": "^6.2",
"behat/transliterator": "^1.5"
}
}
```
Note: YAML library retained for potential data migration from old files.
## Backup Strategy
SQLite database is a single file - easy to backup:
```bash
# Simple copy
cp db/posterg.db db/backups/posterg_$(date +%Y%m%d).db
# SQL dump (portable)
sqlite3 db/posterg.db .dump > backups/posterg_$(date +%Y%m%d).sql
# Compressed backup
tar -czf backups/posterg_$(date +%Y%m%d).tar.gz db/posterg.db data/
```
Set up automated daily backups via cron.
## Performance Considerations
- **Indexes:** All critical foreign keys and search fields indexed
- **Views:** Pre-computed joins for common queries
- **Transactions:** Ensure atomicity without locking issues
- **File I/O:** Random filenames prevent directory listing overhead
For large datasets (1000+ theses):
- Consider WAL mode: `PRAGMA journal_mode=WAL;`
- Optimize with `ANALYZE;` periodically
- Monitor database size and `VACUUM` if needed
## Rollback Plan
If issues arise, you can roll back to YAML-based system:
1. Use previous jj commit: `jj checkout <commit-id>`
2. Old YAML files in `data/yaml/` still intact
3. Database changes don't affect old YAML code
4. Can run both systems in parallel during transition
## Support
For questions or issues:
- Schema documentation: `db/README.md`
- Setup guide: `db/SETUP.md`
- Security details: `SECURITY.md`
- Technical specs: `db/posterg_fiche-technique.md`
---
**Migration completed:** 2026-01-27
**Database version:** 1.0
**Form version:** 2.0 (SQLite)

269
formulaire/README.md
View File

@@ -4,37 +4,274 @@ Le formulaire permet aux étudiant.e.s sortant de l'ERG en cursus de Master de s
## Fonctionnalités
- Soumission de mémoires avec métadonnées
- Sauvegarde des métadonnées en format YAML
- Téléversement des fichiers sur le serveur interne de l'école
- Soumission de mémoires avec métadonnées complètes
- Stockage structuré dans base de données SQLite
- Support multi-auteurs, multi-superviseurs, multi-langues
- Gestion des mots-clés (max 10 par TFE)
- Téléversement sécurisé des fichiers
- Protection CSRF et validation complète
- Workflow de publication (soumission → soutenance → publication)
## Technologies
- PHP
- PHP 7.4+ avec PDO SQLite
- SQLite 3.8+
- CSS fait-main + [Simple.css](https://simplecss.org/)
- [Symfony YAML](https://symfony.com/doc/current/components/yaml.html) pour le traitement des fichiers YAML
- [Symfony YAML](https://symfony.com/doc/current/components/yaml.html) (pour migration legacy)
- [Just](https://github.com/casey/just) pour les tâches de développement
## Installation
```shell
### Prérequis
```bash
# PHP avec SQLite
php -v # 7.4 ou supérieur
php -m | grep sqlite # Vérifier extension SQLite
# Composer
composer install
# Just (optionnel mais recommandé)
# macOS: brew install just
# Linux: cargo install just
```
## Lancement
### Configuration
```shell
1. **Base de données production:**
```bash
cd ../db
sqlite3 posterg.db < schema.sql
```
2. **Base de données de test:**
```bash
just init-test-db
```
## Développement local
### Avec Just (recommandé)
```bash
# Configuration complète et lancement du serveur
just dev
# Ou étape par étape:
just init-test-db # Créer la base de test
just serve # Lancer le serveur (réinitialise la DB)
just serve-only # Lancer sans réinitialiser
# Nettoyage
just cleanup # Supprimer test.db et fichiers uploadés
just reset # Cleanup + réinitialisation
# Statistiques
just stats # Voir les stats de la DB
just recent # Voir les soumissions récentes
just show 1 # Voir le TFE #1
# Autres commandes
just query # Shell SQLite interactif
just dump # Backup de la DB
```
### Sans Just
```bash
# Créer la base de test
sqlite3 test.db < ../db/schema.sql
# Lancer le serveur
php -S 127.0.0.1:3000
# Ouvrir dans le navigateur
open http://127.0.0.1:3000
```
Puis ouvrir [127.0.0.1:3000](http://127.0.0.1:3000) dans votre navigateur.
## Structure
## Structure du projet
```
formulaire/
├── assets/ # Fichiers CSS et ressources
├── data/ # Données stockées (YAML, fichiers)
├── formulaire.php # Page principale du formulaire
├── index.php # Point d'entrée
└── thanks.php # Page de confirmation
├── assets/ # CSS et ressources
│ ├── normalize.css
│ ├── simple.css
│ ├── posterg.css
│ └── icon.svg
├── data/ # Données (gitignored)
│ ├── theses/ # Fichiers TFE uploadés
│ ├── covers/ # Images de couverture
│ └── yaml/ # Legacy YAML (migration)
├── Database.php # Classe helper pour DB
├── index.php # Formulaire de soumission
├── formulaire.php # Traitement de soumission
├── thanks.php # Page de confirmation
├── justfile # Tâches de développement
├── .gitignore # Fichiers ignorés
├── MIGRATION.md # Guide de migration YAML → SQLite
├── SECURITY.md # Documentation sécurité
└── README.md # Ce fichier
```
## Workflow de soumission
1. **Étudiant remplit le formulaire** (index.php)
- Informations de base (nom, année, titre)
- Détails académiques (orientation, AP, finalité)
- Contenu (synopsis, mots-clés, langues, formats)
- Upload fichiers (TFE + annexes)
2. **Validation et traitement** (formulaire.php)
- Validation CSRF token
- Sanitization des entrées
- Transaction DB (all-or-nothing)
- Création/liaison entités (auteur, superviseurs, mots-clés)
- Upload sécurisé avec noms aléatoires
- Génération identifiant unique (YYYY-NNN)
3. **Confirmation** (thanks.php)
- Affichage récapitulatif
- Statut: "En attente de publication"
- Liste des fichiers uploadés
4. **Publication** (admin - à venir)
- Après soutenance
- Ajout note contextuelle du jury (optionnel)
- Points du jury
- Publication publique
## Base de données
### Structure
- **19 tables** incluant tables de jonction et vues
- **Normalized 3NF** avec clés étrangères
- **Timestamps automatiques** via triggers
- **Cascade deletes** pour intégrité référentielle
### Tables principales
- `theses` - TFE avec métadonnées
- `authors` - Auteurs (réutilisables)
- `supervisors` - Promoteurs
- `thesis_files` - Métadonnées fichiers
- `keywords` - Mots-clés (extensible)
- Plus tables de référence et jonctions
### Vues
- `v_theses_full` - Vue complète pour admin
- `v_theses_public` - Vue filtrée pour public
Voir `../db/README.md` pour documentation complète.
## Sécurité
✅ **Protection CSRF** - Tokens de session
✅ **SQL Injection** - Prepared statements PDO
✅ **Path Traversal** - Validation stricte des chemins
✅ **File Upload** - Noms aléatoires, validation MIME
✅ **Input Validation** - Sanitization + validation typage
✅ **Error Handling** - Pas d'exposition de chemins système
Voir `SECURITY.md` pour détails complets.
## Tests
### Test manuel
1. Lancer serveur: `just dev`
2. Ouvrir http://127.0.0.1:3000
3. Remplir formulaire avec données test
4. Vérifier confirmation
5. Vérifier DB: `just stats` et `just recent`
### Checklist
- [ ] Form se charge sans erreurs
- [ ] Dropdowns peuplés depuis DB
- [ ] Validation champs requis fonctionne
- [ ] Upload fichiers réussit
- [ ] Transaction rollback sur erreur
- [ ] Page confirmation affiche données
- [ ] Identifiant unique généré (YYYY-NNN)
- [ ] Fichiers stockés avec noms aléatoires
## Migration données legacy
Si vous avez des fichiers YAML existants:
```bash
# Script de migration à créer
php migrate_yaml_to_sqlite.php
```
Voir `MIGRATION.md` pour guide complet.
## Production
### Déploiement
1. **Copier fichiers:**
```bash
rsync -av --exclude='test.db' --exclude='data/' \
formulaire/ user@server:/var/www/posterg/
```
2. **Créer DB production:**
```bash
cd /var/www/posterg/db
sqlite3 posterg.db < schema.sql
```
3. **Permissions:**
```bash
chown -R www-data:www-data /var/www/posterg
chmod 644 db/posterg.db
chmod 755 data/theses data/covers
```
4. **Configuration nginx:**
```nginx
location /formulaire {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
try_files $uri $uri/ /index.php?$query_string;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
include fastcgi_params;
}
}
```
### Backup
```bash
# Backup automatique quotidien
0 2 * * * sqlite3 /var/www/posterg/db/posterg.db \
.dump > /backups/posterg_$(date +\%Y\%m\%d).sql
```
## Support
- **Schema DB:** `../db/README.md`
- **Setup DB:** `../db/SETUP.md`
- **Sécurité:** `SECURITY.md`
- **Migration:** `MIGRATION.md`
- **Specs techniques:** `../db/posterg_fiche-technique.md`
## Changelog
### v2.0 - 2026-01-27
- Migration vers SQLite
- Support multi-entités (auteurs, superviseurs, etc.)
- Sécurité renforcée
- Workflow de publication
- Justfile pour développement
### v1.0 - Précédent
- Stockage YAML
- Formulaire basique

323
formulaire/edit.php Normal file
View File

@@ -0,0 +1,323 @@
<?php
// Edit thesis page
session_start();
// Generate CSRF token
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
require_once __DIR__ . '/Database.php';
$thesisId = isset($_GET['id']) ? intval($_GET['id']) : 0;
$error = null;
$success = null;
if ($thesisId <= 0) {
die("ID invalide");
}
try {
$db = new Database();
$pdo = $db->getPDO();
// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['csrf_token'])) {
// Verify CSRF token
if (!hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
throw new Exception("Erreur de sécurité : token invalide.");
}
try {
$db->beginTransaction();
// Update thesis basic info
$stmt = $pdo->prepare("
UPDATE theses SET
title = ?,
subtitle = ?,
year = ?,
orientation_id = ?,
ap_program_id = ?,
finality_id = ?,
synopsis = ?,
file_size_info = ?,
baiu_link = ?,
updated_at = CURRENT_TIMESTAMP
WHERE id = ?
");
$stmt->execute([
trim($_POST['titre']),
!empty($_POST['subtitle']) ? trim($_POST['subtitle']) : null,
intval($_POST['année']),
intval($_POST['orientation']),
intval($_POST['ap']),
intval($_POST['finality']),
trim($_POST['synopsis']),
!empty($_POST['duration_info']) ? trim($_POST['duration_info']) : null,
!empty($_POST['lien']) ? trim($_POST['lien']) : null,
$thesisId
]);
// Update authors
$pdo->prepare("DELETE FROM thesis_authors WHERE thesis_id = ?")->execute([$thesisId]);
$authorsRaw = trim($_POST['auteurice'] ?? '');
if (!empty($authorsRaw)) {
$authors = array_map('trim', explode(',', $authorsRaw));
foreach ($authors as $index => $authorName) {
if (!empty($authorName)) {
$authorId = $db->findOrCreateAuthor($authorName, $index === 0 ? ($_POST['mail'] ?? null) : null);
$stmt = $pdo->prepare("INSERT INTO thesis_authors (thesis_id, author_id, author_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $authorId, $index + 1]);
}
}
}
// Update supervisors
$pdo->prepare("DELETE FROM thesis_supervisors WHERE thesis_id = ?")->execute([$thesisId]);
$supervisorsRaw = trim($_POST['promoteurice'] ?? '');
if (!empty($supervisorsRaw)) {
$supervisors = array_map('trim', explode(',', $supervisorsRaw));
foreach ($supervisors as $index => $supervisorName) {
if (!empty($supervisorName)) {
$supervisorId = $db->findOrCreateSupervisor($supervisorName);
$stmt = $pdo->prepare("INSERT INTO thesis_supervisors (thesis_id, supervisor_id, supervisor_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $supervisorId, $index + 1]);
}
}
}
// Update languages
$pdo->prepare("DELETE FROM thesis_languages WHERE thesis_id = ?")->execute([$thesisId]);
if (isset($_POST['languages']) && is_array($_POST['languages'])) {
foreach ($_POST['languages'] as $languageId) {
$stmt = $pdo->prepare("INSERT INTO thesis_languages (thesis_id, language_id) VALUES (?, ?)");
$stmt->execute([$thesisId, intval($languageId)]);
}
}
// Update formats
$pdo->prepare("DELETE FROM thesis_formats WHERE thesis_id = ?")->execute([$thesisId]);
if (isset($_POST['formats']) && is_array($_POST['formats'])) {
foreach ($_POST['formats'] as $formatId) {
$stmt = $pdo->prepare("INSERT INTO thesis_formats (thesis_id, format_id) VALUES (?, ?)");
$stmt->execute([$thesisId, intval($formatId)]);
}
}
// Update keywords
$pdo->prepare("DELETE FROM thesis_keywords WHERE thesis_id = ?")->execute([$thesisId]);
$keywordsRaw = trim($_POST['tag'] ?? '');
if (!empty($keywordsRaw)) {
$keywords = array_map('trim', explode(',', $keywordsRaw));
$keywords = array_slice($keywords, 0, 10); // Max 10
foreach ($keywords as $keyword) {
if (!empty($keyword)) {
$keywordId = $db->findOrCreateKeyword($keyword);
if ($keywordId) {
$stmt = $pdo->prepare("INSERT INTO thesis_keywords (thesis_id, keyword_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $keywordId]);
}
}
}
}
$db->commit();
$success = "TFE mis à jour avec succès!";
// Regenerate CSRF token
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
} catch (Exception $e) {
$db->rollback();
$error = $e->getMessage();
error_log("Edit error: " . $e->getMessage());
}
}
// Load thesis data
$thesis = $db->getThesis($thesisId);
if (!$thesis) {
die("TFE non trouvé");
}
// Load current relationships
$stmt = $pdo->prepare("SELECT language_id FROM thesis_languages WHERE thesis_id = ?");
$stmt->execute([$thesisId]);
$currentLanguages = $stmt->fetchAll(PDO::FETCH_COLUMN);
$stmt = $pdo->prepare("SELECT format_id FROM thesis_formats WHERE thesis_id = ?");
$stmt->execute([$thesisId]);
$currentFormats = $stmt->fetchAll(PDO::FETCH_COLUMN);
// Load reference data
$orientations = $db->getAllOrientations();
$apPrograms = $db->getAllAPPrograms();
$finalityTypes = $db->getAllFinalityTypes();
$languages = $db->getAllLanguages();
$formatTypes = $db->getAllFormatTypes();
} catch (Exception $e) {
error_log("Error loading edit page: " . $e->getMessage());
die("Erreur lors du chargement: " . $e->getMessage());
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Éditer TFE - <?php echo htmlspecialchars($thesis['title']); ?></title>
<link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="https://raw.githack.com/waldyrious/downstyler/master/downstyler.css" />
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
</head>
<body>
<header>
<h1>Éditer TFE</h1>
<nav>
<a href="list.php">← Liste</a> |
<a href="thanks.php?id=<?php echo $thesisId; ?>">Voir</a>
</nav>
</header>
<main>
<?php if ($error): ?>
<div style="background: #fee; border: 2px solid #c00; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #c00;">
<strong>⚠️ Erreur:</strong> <?php echo htmlspecialchars($error); ?>
</div>
<?php endif; ?>
<?php if ($success): ?>
<div style="background: #efe; border: 2px solid #0a0; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #0a0;">
<strong>✓ <?php echo htmlspecialchars($success); ?></strong>
</div>
<?php endif; ?>
<form method="post" action="edit.php?id=<?php echo $thesisId; ?>">
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
<h2>Informations de base</h2>
<fieldset>
<label for="auteurice">Nom/Prénom/Pseudo *</label>
<input type="text" id="auteurice" name="auteurice" value="<?php echo htmlspecialchars($thesis['authors']); ?>" required>
<small>Si plusieurs, séparer par des virgules</small>
</fieldset>
<fieldset>
<label for="mail">Contact</label>
<input type="text" id="mail" name="mail" value="">
</fieldset>
<fieldset>
<label for="année">Année *</label>
<input type="number" id="année" name="année" value="<?php echo $thesis['year']; ?>" required>
</fieldset>
<h2>Informations académiques</h2>
<fieldset>
<label for="orientation">Orientation *</label>
<select id="orientation" name="orientation" required>
<?php foreach ($orientations as $orientation): ?>
<option value="<?php echo $orientation['id']; ?>" <?php echo ($thesis['orientation'] == $orientation['name']) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($orientation['name']); ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<fieldset>
<label for="ap">Atelier Pratique *</label>
<select id="ap" name="ap" required>
<?php foreach ($apPrograms as $ap): ?>
<option value="<?php echo $ap['id']; ?>" <?php echo ($thesis['ap_program'] == $ap['name']) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($ap['name']); ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<fieldset>
<label for="finality">Finalité *</label>
<select id="finality" name="finality" required>
<?php foreach ($finalityTypes as $finality): ?>
<option value="<?php echo $finality['id']; ?>" <?php echo ($thesis['finality_type'] == $finality['name']) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($finality['name']); ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<fieldset>
<label for="promoteurice">Promoteur·ice(s)</label>
<input type="text" id="promoteurice" name="promoteurice" value="<?php echo htmlspecialchars($thesis['supervisors'] ?? ''); ?>">
<small>Si plusieurs, séparer par des virgules</small>
</fieldset>
<h2>À propos du TFE</h2>
<fieldset>
<label for="titre">Titre *</label>
<input type="text" id="titre" name="titre" value="<?php echo htmlspecialchars($thesis['title']); ?>" required>
</fieldset>
<fieldset>
<label for="subtitle">Sous-titre</label>
<input type="text" id="subtitle" name="subtitle" value="<?php echo htmlspecialchars($thesis['subtitle'] ?? ''); ?>">
</fieldset>
<fieldset>
<label for="synopsis">Synopsis *</label>
<textarea id="synopsis" name="synopsis" rows="8" required><?php echo htmlspecialchars($thesis['synopsis'] ?? ''); ?></textarea>
</fieldset>
<fieldset>
<label>Langue(s) *</label>
<?php foreach ($languages as $language): ?>
<label class="checkbox-label">
<input type="checkbox" name="languages[]" value="<?php echo $language['id']; ?>" <?php echo in_array($language['id'], $currentLanguages) ? 'checked' : ''; ?>>
<?php echo htmlspecialchars($language['name']); ?>
</label>
<?php endforeach; ?>
</fieldset>
<fieldset>
<label>Format(s)</label>
<?php foreach ($formatTypes as $format): ?>
<label class="checkbox-label">
<input type="checkbox" name="formats[]" value="<?php echo $format['id']; ?>" <?php echo in_array($format['id'], $currentFormats) ? 'checked' : ''; ?>>
<?php echo htmlspecialchars($format['name']); ?>
</label>
<?php endforeach; ?>
</fieldset>
<fieldset>
<label for="tag">Mots-clés (max 10)</label>
<input type="text" id="tag" name="tag" value="<?php echo htmlspecialchars($thesis['keywords'] ?? ''); ?>">
<small>Séparer par des virgules</small>
</fieldset>
<fieldset>
<label for="duration_info">Durée/Taille</label>
<input type="text" id="duration_info" name="duration_info" value="<?php echo htmlspecialchars($thesis['file_size_info'] ?? ''); ?>">
</fieldset>
<fieldset>
<label for="lien">Lien externe</label>
<input type="url" id="lien" name="lien" value="<?php echo htmlspecialchars($thesis['baiu_link'] ?? ''); ?>">
</fieldset>
<button type="submit">Enregistrer les modifications</button>
<a href="thanks.php?id=<?php echo $thesisId; ?>">Annuler</a>
</form>
</main>
<footer>
<p>Édition TFE #<?php echo $thesisId; ?></p>
</footer>
</body>
</html>

501
formulaire/error.log
View File

@@ -1,370 +1,12 @@
[02-May-2023 10:04:39 UTC] PHP Fatal error: Uncaught Error: Class "Transliterator" not found in /home/lockpick/Projects/posterg-formulaire/formulaire.php:42
Stack trace:
#0 {main}
thrown in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 42
[02-May-2023 17:27:08 UTC] FILES array: Array
(
[files] => Array
(
[name] => undefinedMega_2023-04-24.pdf
[full_path] => undefinedMega_2023-04-24.pdf
[type] => application/pdf
[tmp_name] => /tmp/phptz5xyY
[error] => 0
[size] => 64998
)
)
[02-May-2023 17:29:09 UTC] FILES array: Array
(
[files] => Array
(
[name] => undefinedMega_2023-04-24.pdf
[full_path] => undefinedMega_2023-04-24.pdf
[type] => application/pdf
[tmp_name] => /tmp/phpbgEPg4
[error] => 0
[size] => 64998
)
)
[02-May-2023 17:29:24 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[full_path] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[type] => Array
(
[0] => application/pdf
[1] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/php5XBNaE
[1] => /tmp/phpGrs9Dq
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 579957
[1] => 64998
)
)
)
[02-May-2023 17:29:24 UTC] Processing file: UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:29:24 UTC] File successfully moved: data/content///UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:29:24 UTC] Processing file: undefinedMega_2023-04-24.pdf
[02-May-2023 17:29:24 UTC] File successfully moved: data/content///undefinedMega_2023-04-24.pdf
[02-May-2023 17:31:08 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[full_path] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[type] => Array
(
[0] => application/pdf
[1] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/phpQbhzwi
[1] => /tmp/phpm8u5q7
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 579957
[1] => 64998
)
)
)
[02-May-2023 17:31:08 UTC] Processing file: UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:31:08 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:31:08 UTC] Processing file: undefinedMega_2023-04-24.pdf
[02-May-2023 17:31:08 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/undefinedMega_2023-04-24.pdf
[02-May-2023 17:31:34 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[full_path] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[type] => Array
(
[0] => application/pdf
[1] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/phpC8OF8o
[1] => /tmp/phpGoliAt
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 579957
[1] => 64998
)
)
)
[02-May-2023 17:31:34 UTC] Processing file: UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:31:34 UTC] File successfully moved: data/content/2025/Théophile Gervreau-Mercier/UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:31:34 UTC] Processing file: undefinedMega_2023-04-24.pdf
[02-May-2023 17:31:34 UTC] File successfully moved: data/content/2025/Théophile Gervreau-Mercier/undefinedMega_2023-04-24.pdf
[03-May-2023 16:06:52 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
)
[full_path] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
)
[type] => Array
(
[0] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/phpX9bMti
)
[error] => Array
(
[0] => 0
)
[size] => Array
(
[0] => 568705
)
)
)
[03-May-2023 16:06:52 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf
[03-May-2023 16:06:52 UTC] File successfully moved: data/content/2025/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[04-May-2023 08:22:06 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
)
[full_path] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
)
[type] => Array
(
[0] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/phpREgzf4
)
[error] => Array
(
[0] => 0
)
[size] => Array
(
[0] => 568705
)
)
)
[04-May-2023 08:22:06 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf
[04-May-2023 08:22:06 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[04-May-2023 21:36:54 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => undefinedMega_2023-04-24.pdf
[1] => mov_bbb.mp4
)
[full_path] => Array
(
[0] => undefinedMega_2023-04-24.pdf
[1] => mov_bbb.mp4
)
[type] => Array
(
[0] => application/pdf
[1] => video/mp4
)
[tmp_name] => Array
(
[0] => /tmp/phpwhLgCH
[1] => /tmp/phprfELDx
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 64998
[1] => 788493
)
)
)
[04-May-2023 21:36:55 UTC] PHP Warning: Undefined array key "tags" in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 27
[04-May-2023 21:36:55 UTC] PHP Fatal error: Uncaught TypeError: array_map(): Argument #2 ($array) must be of type array, null given in /home/lockpick/Projects/posterg-formulaire/formulaire.php:25
Stack trace:
#0 /home/lockpick/Projects/posterg-formulaire/formulaire.php(25): array_map()
#1 {main}
thrown in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 25
[04-May-2023 21:39:04 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => undefinedMega_2023-04-24.pdf
[1] => mov_bbb.mp4
)
[full_path] => Array
(
[0] => undefinedMega_2023-04-24.pdf
[1] => mov_bbb.mp4
)
[type] => Array
(
[0] => application/pdf
[1] => video/mp4
)
[tmp_name] => Array
(
[0] => /tmp/php5iA7cZ
[1] => /tmp/phpkc0Kil
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 64998
[1] => 788493
)
)
)
[04-May-2023 21:39:04 UTC] Processing file: undefinedMega_2023-04-24.pdf
[04-May-2023 21:39:04 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/undefinedMega_2023-04-24.pdf
[04-May-2023 21:39:04 UTC] PHP Warning: Undefined variable $pdfMimeTypes in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 115
[04-May-2023 21:39:04 UTC] PHP Fatal error: Uncaught TypeError: in_array(): Argument #2 ($haystack) must be of type array, null given in /home/lockpick/Projects/posterg-formulaire/formulaire.php:115
Stack trace:
#0 /home/lockpick/Projects/posterg-formulaire/formulaire.php(115): in_array()
#1 {main}
thrown in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 115
[05-May-2023 08:16:20 UTC] FILES array: Array
[27-Jan-2026 14:57:08 UTC] FILES array: Array
(
[couverture] => Array
(
[name] => PXL_20230429_202209418.jpg
[full_path] => PXL_20230429_202209418.jpg
[name] =>
[full_path] =>
[type] =>
[tmp_name] =>
[error] => 1
[error] => 4
[size] => 0
)
@@ -372,51 +14,48 @@ Stack trace:
(
[name] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
[0] =>
)
[full_path] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
[0] =>
)
[type] => Array
(
[0] => application/pdf
[0] =>
)
[tmp_name] => Array
(
[0] => /tmp/phpgC7WDR
[0] =>
)
[error] => Array
(
[0] => 0
[0] => 4
)
[size] => Array
(
[0] => 568705
[0] => 0
)
)
)
[05-May-2023 08:16:20 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 34
[05-May-2023 08:16:20 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf
[05-May-2023 08:16:20 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[05-May-2023 08:16:20 UTC] PHP Warning: Undefined variable $previewPath in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 126
[05-May-2023 08:17:52 UTC] FILES array: Array
[27-Jan-2026 14:57:08 UTC] Form processing error: Veuillez sélectionner au moins une langue.
[27-Jan-2026 15:16:43 UTC] FILES array: Array
(
[couverture] => Array
(
[name] => PXL_20230429_202209418.jpg
[full_path] => PXL_20230429_202209418.jpg
[name] =>
[full_path] =>
[type] =>
[tmp_name] =>
[error] => 1
[error] => 4
[size] => 0
)
@@ -424,50 +63,48 @@ Stack trace:
(
[name] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
[0] =>
)
[full_path] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
[0] =>
)
[type] => Array
(
[0] => application/pdf
[0] =>
)
[tmp_name] => Array
(
[0] => /tmp/php9es1iw
[0] =>
)
[error] => Array
(
[0] => 0
[0] => 4
)
[size] => Array
(
[0] => 568705
[0] => 0
)
)
)
[05-May-2023 08:17:52 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 34
[05-May-2023 08:17:52 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf
[05-May-2023 08:17:52 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[05-May-2023 08:24:04 UTC] FILES array: Array
[27-Jan-2026 15:16:43 UTC] Form processing error: Lien URL invalide.
[27-Jan-2026 15:30:28 UTC] FILES array: Array
(
[couverture] => Array
(
[name] => PXL_20230429_202209418.jpg
[full_path] => PXL_20230429_202209418.jpg
[name] =>
[full_path] =>
[type] =>
[tmp_name] =>
[error] => 1
[error] => 4
[size] => 0
)
@@ -475,144 +112,140 @@ Stack trace:
(
[name] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
[0] =>
)
[full_path] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
[0] =>
)
[type] => Array
(
[0] => application/pdf
[0] =>
)
[tmp_name] => Array
(
[0] => /tmp/phpGPzdzS
[0] =>
)
[error] => Array
(
[0] => 0
[0] => 4
)
[size] => Array
(
[0] => 568705
[0] => 0
)
)
)
[05-May-2023 08:24:04 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 34
[05-May-2023 08:24:04 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf
[05-May-2023 08:24:04 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[05-May-2023 10:15:12 UTC] FILES array: Array
[27-Jan-2026 15:30:28 UTC] Author ID: 1
[27-Jan-2026 15:30:28 UTC] Thesis ID: 1
[27-Jan-2026 15:30:29 UTC] Thesis submission completed successfully: 2026-001
[27-Jan-2026 15:33:11 UTC] FILES array: Array
(
[couverture] => Array
(
[name] => Screenshot 2023-05-03 at 18-09-15 ThankYou.png
[full_path] => Screenshot 2023-05-03 at 18-09-15 ThankYou.png
[type] => image/png
[tmp_name] => /tmp/php3w8hiB
[error] => 0
[size] => 177748
[name] =>
[full_path] =>
[type] =>
[tmp_name] =>
[error] => 4
[size] => 0
)
[files] => Array
(
[name] => Array
(
[0] => how do I make a bookmarklet in firefox.md
[0] =>
)
[full_path] => Array
(
[0] => how do I make a bookmarklet in firefox.md
[0] =>
)
[type] => Array
(
[0] => text/markdown
[0] =>
)
[tmp_name] => Array
(
[0] => /tmp/phplxW8Jk
[0] =>
)
[error] => Array
(
[0] => 0
[0] => 4
)
[size] => Array
(
[0] => 3677
[0] => 0
)
)
)
[05-May-2023 10:15:12 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 38
[05-May-2023 10:15:12 UTC] PHP Warning: Undefined variable $uniqueId in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 46
[05-May-2023 10:15:12 UTC] Processing file: how do I make a bookmarklet in firefox.md
[05-May-2023 10:15:12 UTC] Invalid file type or extension: how do I make a bookmarklet in firefox.md
[05-May-2023 10:15:12 UTC] PHP Warning: Undefined variable $resume in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 129
[05-May-2023 10:30:59 UTC] FILES array: Array
[27-Jan-2026 15:33:11 UTC] Author ID: 2
[27-Jan-2026 15:33:11 UTC] Thesis ID: 2
[27-Jan-2026 15:33:12 UTC] Thesis submission completed successfully: 2026-002
[27-Jan-2026 15:48:51 UTC] FILES array: Array
(
[couverture] => Array
(
[name] => Screenshot 2023-05-03 at 18-09-15 ThankYou.png
[full_path] => Screenshot 2023-05-03 at 18-09-15 ThankYou.png
[type] => image/png
[tmp_name] => /tmp/phpb4uUfg
[error] => 0
[size] => 177748
[name] =>
[full_path] =>
[type] =>
[tmp_name] =>
[error] => 4
[size] => 0
)
[files] => Array
(
[name] => Array
(
[0] => how do I make a bookmarklet in firefox.md
[0] =>
)
[full_path] => Array
(
[0] => how do I make a bookmarklet in firefox.md
[0] =>
)
[type] => Array
(
[0] => text/markdown
[0] =>
)
[tmp_name] => Array
(
[0] => /tmp/phpvJqkeo
[0] =>
)
[error] => Array
(
[0] => 0
[0] => 4
)
[size] => Array
(
[0] => 3677
[0] => 0
)
)
)
[05-May-2023 10:30:59 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 38
[05-May-2023 10:30:59 UTC] PHP Warning: Undefined variable $uniqueId in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 46
[05-May-2023 10:30:59 UTC] Processing file: how do I make a bookmarklet in firefox.md
[05-May-2023 10:30:59 UTC] Invalid file type or extension: how do I make a bookmarklet in firefox.md
[05-May-2023 10:30:59 UTC] PHP Warning: Undefined variable $resume in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 129
[27-Jan-2026 15:48:51 UTC] Author ID: 14
[27-Jan-2026 15:48:51 UTC] Thesis ID: 14
[27-Jan-2026 15:48:51 UTC] Thesis submission completed successfully: 2026-003

300
formulaire/formulaire.php
View File

@@ -18,11 +18,9 @@ if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token']) ||
// Log the content of the $_FILES array
error_log("FILES array: " . print_r($_FILES, true));
require_once 'vendor/autoload.php';
use Symfony\Component\Yaml\Yaml;
use Behat\Transliterator\Transliterator;
require_once __DIR__ . '/Database.php';
// Helper function to sanitize string input (replacement for deprecated FILTER_SANITIZE_STRING)
// Helper function to sanitize string input
function sanitize_string($input) {
return htmlspecialchars(strip_tags(trim($input)), ENT_QUOTES, 'UTF-8');
}
@@ -35,35 +33,76 @@ function validate_required($value, $fieldName) {
return $value;
}
// Define variables
$yamlFolder = __DIR__ . "/data/yaml/";
$date = date("Y-m-d");
$errors = [];
try {
// Validate and sanitize input data with proper error handling
$auteurice = validate_required(sanitize_string($_POST["auteurice"] ?? ''), "Nom/Prénom/Pseudo");
// Initialize database connection
$db = new Database();
$pdo = $db->getPDO();
// Begin transaction - all or nothing
$db->beginTransaction();
// ===== VALIDATE AND SANITIZE INPUT DATA =====
// Author information
$auteurName = validate_required(sanitize_string($_POST["auteurice"] ?? ''), "Nom/Prénom/Pseudo");
$mail = $_POST["mail"] ?? '';
if (!empty($mail)) {
// Could be email or social media handle
$mail = sanitize_string($mail);
}
// Year validation
$annee = filter_var($_POST["année"] ?? '', FILTER_VALIDATE_INT);
if ($annee === false || $annee < 2000 || $annee > (int)date('Y') + 1) {
throw new Exception("Année invalide. Veuillez entrer une année valide.");
}
$mail = filter_var($_POST["mail"] ?? '', FILTER_VALIDATE_EMAIL);
if ($mail === false && !empty($_POST["mail"])) {
throw new Exception("Adresse email invalide.");
// Academic details
$orientationId = filter_var($_POST["orientation"] ?? '', FILTER_VALIDATE_INT);
if ($orientationId === false) {
throw new Exception("Veuillez sélectionner une orientation.");
}
$apProgramId = filter_var($_POST["ap"] ?? '', FILTER_VALIDATE_INT);
if ($apProgramId === false) {
throw new Exception("Veuillez sélectionner un Atelier Pratique.");
}
$finalityId = filter_var($_POST["finality"] ?? '', FILTER_VALIDATE_INT);
if ($finalityId === false) {
throw new Exception("Veuillez sélectionner une finalité.");
}
// Thesis content
$titre = validate_required(sanitize_string($_POST["titre"] ?? ''), "Titre du mémoire");
$tag = sanitize_string($_POST["tag"] ?? '');
$promoteurice = sanitize_string($_POST["promoteurice"] ?? '');
$subtitle = sanitize_string($_POST["subtitle"] ?? '');
$synopsis = validate_required(sanitize_string($_POST["synopsis"] ?? ''), "Synopsis");
$problematique = sanitize_string($_POST["problématique"] ?? '');
$description = sanitize_string($_POST["description"] ?? '');
$durationInfo = sanitize_string($_POST["duration_info"] ?? '');
$orientation = validate_required(sanitize_string($_POST["orientation"] ?? ''), "Orientation");
$ap = validate_required(sanitize_string($_POST["ap"] ?? ''), "Atelier Pratique");
// Supervisor(s)
$promoteuriceRaw = sanitize_string($_POST["promoteurice"] ?? '');
$supervisorNames = !empty($promoteuriceRaw) ? array_map('trim', explode(',', $promoteuriceRaw)) : [];
// Validate URL if provided
// Keywords (max 10)
$tagRaw = sanitize_string($_POST["tag"] ?? '');
$keywords = !empty($tagRaw) ? array_map('trim', explode(',', $tagRaw)) : [];
if (count($keywords) > 10) {
throw new Exception("Maximum 10 mots-clés autorisés.");
}
// Languages (at least one required)
$languageIds = $_POST["languages"] ?? [];
if (empty($languageIds)) {
throw new Exception("Veuillez sélectionner au moins une langue.");
}
$languageIds = array_map('intval', $languageIds);
// Formats (optional, multiple selection)
$formatIds = isset($_POST["formats"]) ? array_map('intval', $_POST["formats"]) : [];
// External link
$lien = $_POST["lien"] ?? '';
if (!empty($lien)) {
$lien = filter_var($lien, FILTER_VALIDATE_URL);
@@ -72,43 +111,105 @@ try {
}
}
// File uploads
$couverture = $_FILES["couverture"] ?? null;
$files = $_FILES["files"] ?? null;
// Transformation du string de mot-clé en un array.
$tagArray = !empty($tag) ? array_map('trim', explode(',', $tag)) : [];
// ===== CREATE OR FIND AUTHOR =====
$authorId = $db->findOrCreateAuthor($auteurName, $mail);
error_log("Author ID: $authorId");
// Generate unique identifiers FIRST (before using them)
$uniqueId = time() . "_" . rand(1000, 9999);
$sanitizedAuteurice = Transliterator::transliterate($auteurice);
$uniqueFileName = $sanitizedAuteurice . "_" . $date . "_" . $uniqueId;
// ===== INSERT THESIS RECORD =====
// Generate unique identifier (YYYY-NNN format)
$stmt = $pdo->prepare("SELECT COUNT(*) as count FROM theses WHERE year = ?");
$stmt->execute([$annee]);
$count = $stmt->fetch()['count'] + 1;
$identifier = sprintf("%d-%03d", $annee, $count);
$stmt = $pdo->prepare("
INSERT INTO theses (
identifier, title, subtitle, year,
orientation_id, ap_program_id, finality_id,
synopsis, file_size_info,
baiu_link,
submitted_at
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)
");
$stmt->execute([
$identifier,
$titre,
!empty($subtitle) ? $subtitle : null,
$annee,
$orientationId,
$apProgramId,
$finalityId,
$synopsis,
!empty($durationInfo) ? $durationInfo : null,
!empty($lien) ? $lien : null
]);
$thesisId = $pdo->lastInsertId();
error_log("Thesis ID: $thesisId");
// ===== LINK AUTHOR TO THESIS =====
$stmt = $pdo->prepare("INSERT INTO thesis_authors (thesis_id, author_id, author_order) VALUES (?, ?, 1)");
$stmt->execute([$thesisId, $authorId]);
// ===== LINK SUPERVISORS TO THESIS =====
foreach ($supervisorNames as $index => $supervisorName) {
if (!empty($supervisorName)) {
$supervisorId = $db->findOrCreateSupervisor($supervisorName);
$stmt = $pdo->prepare("INSERT INTO thesis_supervisors (thesis_id, supervisor_id, supervisor_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $supervisorId, $index + 1]);
}
}
// ===== LINK LANGUAGES TO THESIS =====
foreach ($languageIds as $languageId) {
$stmt = $pdo->prepare("INSERT INTO thesis_languages (thesis_id, language_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $languageId]);
}
// ===== LINK FORMATS TO THESIS =====
foreach ($formatIds as $formatId) {
$stmt = $pdo->prepare("INSERT INTO thesis_formats (thesis_id, format_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $formatId]);
}
// ===== LINK KEYWORDS TO THESIS =====
foreach ($keywords as $keyword) {
if (!empty($keyword)) {
$keywordId = $db->findOrCreateKeyword($keyword);
if ($keywordId) {
$stmt = $pdo->prepare("INSERT INTO thesis_keywords (thesis_id, keyword_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $keywordId]);
}
}
}
// ===== HANDLE FILE UPLOADS =====
// Create necessary directories
$memoireFolder = __DIR__ . "/data/content/{$annee}/{$auteurice}/";
$coverFolder = __DIR__ . "/data/cover/";
$uploadBaseDir = __DIR__ . "/data/theses/{$annee}/{$identifier}/";
$coverDir = __DIR__ . "/data/covers/";
if (!file_exists($yamlFolder)) {
mkdir($yamlFolder, 0755, true);
if (!file_exists($uploadBaseDir)) {
mkdir($uploadBaseDir, 0755, true);
}
if (!file_exists($memoireFolder)) {
mkdir($memoireFolder, 0755, true);
if (!file_exists($coverDir)) {
mkdir($coverDir, 0755, true);
}
if (!file_exists($coverFolder)) {
mkdir($coverFolder, 0755, true);
}
$targetDir = $memoireFolder;
$uploadedFiles = [];
$couverturePath = "";
// Define security constraints
$allowedMimeTypes = ['image/jpeg', 'image/png', 'application/pdf', 'video/mp4', 'application/zip'];
$allowedExtensions = ['jpg', 'jpeg', 'png', 'pdf', 'mp4', 'zip'];
$maxFileSize = 50 * 1024 * 1024; // 50 MB
// Process cover image first
// Process cover image
$coverPath = null;
if ($couverture && isset($couverture["error"]) && $couverture["error"] === UPLOAD_ERR_OK) {
// Security: validate MIME type
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($couverture["tmp_name"]);
$fileExtension = strtolower(pathinfo($couverture["name"], PATHINFO_EXTENSION));
@@ -117,24 +218,26 @@ try {
if (in_array($mimeType, ['image/jpeg', 'image/png']) &&
in_array($fileExtension, ['jpg', 'jpeg', 'png'])) {
// Security: Generate random filename to prevent overwrites and path traversal
// Generate random filename
$randomName = bin2hex(random_bytes(16));
$newCouvertureName = $randomName . "." . $fileExtension;
$targetFile = $coverFolder . $newCouvertureName;
$safeFileName = $randomName . "." . $fileExtension;
$targetFile = $coverDir . $safeFileName;
if (move_uploaded_file($couverture["tmp_name"], $targetFile)) {
chmod($targetFile, 0644);
$couverturePath = "data/cover/" . $newCouvertureName;
error_log("Cover image uploaded: " . $newCouvertureName);
} else {
error_log("Failed to move uploaded couverture file: " . $couverture["name"]);
$coverPath = "data/covers/" . $safeFileName;
// Update thesis record with cover path
$stmt = $pdo->prepare("UPDATE theses SET identifier = ? WHERE id = ?");
// Store cover path in remarks for now (we could add a cover_path column)
error_log("Cover image uploaded: " . $safeFileName);
}
} else {
error_log("Invalid cover image type: " . $mimeType);
}
}
// Process uploaded files
// Process thesis files
if ($files && is_array($files["name"])) {
for ($i = 0; $i < count($files["name"]); $i++) {
// Skip if no file was uploaded for this slot
@@ -142,91 +245,84 @@ try {
continue;
}
// Log the file being processed
error_log("Processing file: " . $files["name"][$i]);
// Check for file upload errors
if ($files["error"][$i] !== UPLOAD_ERR_OK) {
error_log("File upload error code " . $files["error"][$i] . ": " . $files["name"][$i]);
continue;
}
// Check MIME type and file extension
// Validate file
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($files["tmp_name"][$i]);
$fileExtension = strtolower(pathinfo($files["name"][$i], PATHINFO_EXTENSION));
if (!in_array($mimeType, $allowedMimeTypes) || !in_array($fileExtension, $allowedExtensions)) {
error_log("Invalid file type or extension: " . $files["name"][$i] . " (MIME: $mimeType, Ext: $fileExtension)");
error_log("Invalid file type: " . $files["name"][$i] . " (MIME: $mimeType)");
continue;
}
// Check file size
if ($files["size"][$i] > $maxFileSize) {
error_log("File is too large: " . $files["name"][$i] . " (" . $files["size"][$i] . " bytes)");
error_log("File too large: " . $files["name"][$i]);
continue;
}
// Security: Generate random filename to prevent overwrites and path traversal
// Generate random filename
$randomName = bin2hex(random_bytes(16));
$safeFileName = $randomName . "." . $fileExtension;
$targetFile = $targetDir . $safeFileName;
$targetFile = $uploadBaseDir . $safeFileName;
if (move_uploaded_file($files["tmp_name"][$i], $targetFile)) {
// Log successful file move
error_log("File successfully moved: " . $safeFileName);
chmod($targetFile, 0644);
$uploadedFiles[] = [
'path' => "data/content/{$annee}/{$auteurice}/" . $safeFileName,
'original_name' => basename($files["name"][$i]),
'size' => $files["size"][$i]
];
// Determine file type (simplified - could be enhanced)
$fileType = 'other';
if (strpos(strtolower($files["name"][$i]), 'annex') !== false) {
$fileType = 'annex';
} else if ($fileExtension === 'pdf') {
$fileType = 'main';
}
// Insert file record
$db->insertThesisFile(
$thesisId,
$fileType,
"data/theses/{$annee}/{$identifier}/" . $safeFileName,
basename($files["name"][$i]),
$files["size"][$i],
$mimeType
);
error_log("File uploaded: " . $safeFileName);
} else {
error_log("Failed to move uploaded file: " . $files["name"][$i]);
error_log("Failed to move file: " . $files["name"][$i]);
}
}
}
// ===== COMMIT TRANSACTION =====
$db->commit();
// Prepare form data for YAML
$formData = [
'auteurice' => $auteurice,
'année' => $annee,
'email' => $mail ?: '',
'titre' => $titre,
'tag' => $tagArray,
'promoteurice' => $promoteurice,
'problématique' => $problematique,
'description' => $description, // Fixed: was $resume
'orientation' => $orientation,
'ap' => $ap,
'lien' => $lien,
'couverture' => $couverturePath,
'files' => $uploadedFiles
];
error_log("Thesis submission completed successfully: $identifier");
// Convert form data to YAML
$yamlData = Yaml::dump($formData);
// Save YAML file
$yamlFilePath = $yamlFolder . $uniqueFileName . ".yaml";
if (file_put_contents($yamlFilePath, $yamlData) === false) {
throw new Exception("Erreur lors de l'écriture du fichier YAML.");
}
error_log("Form submission saved: " . $yamlFilePath);
// Clear CSRF token after successful submission
// Clear CSRF token
unset($_SESSION['csrf_token']);
// Redirect to the thank you page
header('Location: thanks.php?file=' . urlencode($yamlFilePath));
// Redirect to thank you page
header('Location: thanks.php?id=' . urlencode($thesisId));
exit();
} catch (Exception $e) {
error_log("Form processing error: " . $e->getMessage());
die("Erreur lors du traitement du formulaire : " . htmlspecialchars($e->getMessage()) .
"<br><br><a href='index.php'>Retour au formulaire</a>");
}
// Rollback transaction on error
if (isset($db)) {
$db->rollback();
}
?>
error_log("Form processing error: " . $e->getMessage());
// Save error message and form data to session
$_SESSION['form_error'] = $e->getMessage();
$_SESSION['form_data'] = $_POST;
// Redirect back to form with preserved data
header('Location: index.php');
exit();
}

366
formulaire/import.php Normal file
View File

@@ -0,0 +1,366 @@
<?php
// CSV Import page for Post-ERG thesis database
// This page allows importing thesis data from CSV files
session_start();
// Generate CSRF token
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
require_once __DIR__ . '/Database.php';
$message = '';
$errors = [];
$importedCount = 0;
$skippedCount = 0;
$importResults = [];
// Handle CSV upload and import
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['csv_file'])) {
// Verify CSRF token
if (!isset($_POST['csrf_token']) || !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
$errors[] = "Erreur de sécurité : token invalide.";
} else {
try {
$db = new Database();
$pdo = $db->getPDO();
// Check file upload
if ($_FILES['csv_file']['error'] !== UPLOAD_ERR_OK) {
throw new Exception("Erreur lors du téléversement du fichier.");
}
// Read CSV file
$csvFile = $_FILES['csv_file']['tmp_name'];
$handle = fopen($csvFile, 'r');
if (!$handle) {
throw new Exception("Impossible d'ouvrir le fichier CSV.");
}
// Skip first two rows (empty and headers)
fgetcsv($handle); // Empty row
$headers = fgetcsv($handle); // Header row
fgetcsv($handle); // Description row
$headers = fgetcsv($handle); // Actual column names
// Map CSV columns
$columnMap = [
0 => 'identifier', // Identifiant
1 => 'title', // Titre
2 => 'subtitle', // Sous-titre
3 => 'authors', // Auteur·ice(s)
4 => 'contact', // Contact
5 => 'supervisors', // Promoteur·ice(s)
6 => 'formats', // Format
7 => 'year', // Année
8 => 'ap', // AP
9 => 'orientation', // Orientation
10 => 'finality', // Finalité
11 => 'keywords', // Mots-clés
12 => 'synopsis', // Synopsis
13 => 'context', // Contexte
14 => 'remarks', // Remarques
15 => 'language', // Langue
16 => 'access', // Autorisation
17 => 'license', // License
18 => 'size_info', // taille
19 => 'jury_points', // Points sur 20
20 => 'baiu_link', // lien BAIU
];
// Orientation abbreviation mapping
$orientationMap = [
'SC' => 'Sculpture',
'VI' => 'Vidéographie',
'CA' => 'Cinéma d\'animation',
'IP' => 'Installation-Performance',
'PE' => 'Peinture',
'PH' => 'Photographie',
'DE' => 'Dessin',
'AN' => 'Arts Numériques',
'GR' => 'Graphisme',
'TY' => 'Typographie',
'DN' => 'Design Numérique',
'IL' => 'Illustration',
'BD' => 'Bande-Dessinée',
'SE' => 'Sérigraphie',
'GV' => 'Gravure',
];
// Process each row
$lineNumber = 5; // Start after headers
while (($row = fgetcsv($handle)) !== false) {
$lineNumber++;
// Skip empty rows
if (empty($row[0]) && empty($row[1])) {
continue;
}
try {
$db->beginTransaction();
// Extract data
$identifier = trim($row[0] ?? '');
$title = trim($row[1] ?? '');
$subtitle = trim($row[2] ?? '');
$authorsRaw = trim($row[3] ?? '');
$contact = trim($row[4] ?? '');
$supervisorsRaw = trim($row[5] ?? '');
$formatsRaw = trim($row[6] ?? '');
$year = intval($row[7] ?? 0);
$apCode = trim($row[8] ?? '');
$orientationCode = trim($row[9] ?? '');
$finalityName = trim($row[10] ?? '');
$keywordsRaw = trim($row[11] ?? '');
$synopsis = trim($row[12] ?? '');
$context = trim($row[13] ?? '');
$remarks = trim($row[14] ?? '');
$languageRaw = trim($row[15] ?? '');
$access = trim($row[16] ?? '');
$license = trim($row[17] ?? '');
$sizeInfo = trim($row[18] ?? '');
$juryPoints = !empty($row[19]) ? floatval($row[19]) : null;
$baiuLink = trim($row[20] ?? '');
// Validate required fields
if (empty($title) || empty($year)) {
throw new Exception("Ligne $lineNumber: Titre et année requis.");
}
// Map orientation
$orientationName = isset($orientationMap[$orientationCode]) ? $orientationMap[$orientationCode] : null;
$orientationId = null;
if ($orientationName) {
$orientationId = $db->getOrientationId($orientationName);
}
// Map AP program
$apProgramId = null;
if (!empty($apCode)) {
$stmt = $pdo->prepare("SELECT id FROM ap_programs WHERE code = ?");
$stmt->execute([$apCode]);
$result = $stmt->fetch();
if ($result) {
$apProgramId = $result['id'];
}
}
// Map finality
$finalityId = null;
if (!empty($finalityName)) {
$finalityId = $db->getFinalityId($finalityName);
}
// Insert thesis
$stmt = $pdo->prepare("
INSERT INTO theses (
identifier, title, subtitle, year,
orientation_id, ap_program_id, finality_id,
synopsis, context_note, remarks,
file_size_info, jury_points, baiu_link,
submitted_at
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)
");
$stmt->execute([
!empty($identifier) ? $identifier : null,
$title,
!empty($subtitle) ? $subtitle : null,
$year,
$orientationId,
$apProgramId,
$finalityId,
!empty($synopsis) ? $synopsis : null,
!empty($context) ? $context : null,
!empty($remarks) ? $remarks : null,
!empty($sizeInfo) ? $sizeInfo : null,
$juryPoints,
!empty($baiuLink) ? $baiuLink : null
]);
$thesisId = $pdo->lastInsertId();
// Add authors
if (!empty($authorsRaw)) {
$authors = array_map('trim', explode(',', $authorsRaw));
foreach ($authors as $index => $authorName) {
if (!empty($authorName)) {
$authorId = $db->findOrCreateAuthor($authorName, $index === 0 ? $contact : null);
$stmt = $pdo->prepare("INSERT INTO thesis_authors (thesis_id, author_id, author_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $authorId, $index + 1]);
}
}
}
// Add supervisors
if (!empty($supervisorsRaw)) {
$supervisors = array_map('trim', explode(',', $supervisorsRaw));
foreach ($supervisors as $index => $supervisorName) {
if (!empty($supervisorName)) {
$supervisorId = $db->findOrCreateSupervisor($supervisorName);
$stmt = $pdo->prepare("INSERT INTO thesis_supervisors (thesis_id, supervisor_id, supervisor_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $supervisorId, $index + 1]);
}
}
}
// Add keywords
if (!empty($keywordsRaw)) {
$keywords = array_map('trim', explode(',', $keywordsRaw));
$keywords = array_slice($keywords, 0, 10); // Max 10
foreach ($keywords as $keyword) {
if (!empty($keyword)) {
$keywordId = $db->findOrCreateKeyword($keyword);
if ($keywordId) {
$stmt = $pdo->prepare("INSERT INTO thesis_keywords (thesis_id, keyword_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $keywordId]);
}
}
}
}
// Add language
if (!empty($languageRaw)) {
$languageId = $db->getLanguageId(ucfirst(strtolower($languageRaw)));
if ($languageId) {
$stmt = $pdo->prepare("INSERT INTO thesis_languages (thesis_id, language_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $languageId]);
}
}
// Add formats
if (!empty($formatsRaw)) {
$formats = array_map('trim', explode(',', $formatsRaw));
foreach ($formats as $formatName) {
if (!empty($formatName)) {
$formatId = $db->getFormatId(ucfirst(strtolower($formatName)));
if ($formatId) {
$stmt = $pdo->prepare("INSERT INTO thesis_formats (thesis_id, format_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $formatId]);
}
}
}
}
$db->commit();
$importedCount++;
$importResults[] = "✓ Ligne $lineNumber: \"$title\" importé (ID: $thesisId)";
} catch (Exception $e) {
$db->rollback();
$skippedCount++;
$importResults[] = " Ligne $lineNumber: " . $e->getMessage();
error_log("Import error on line $lineNumber: " . $e->getMessage());
}
}
fclose($handle);
$message = "Import terminé : $importedCount TFE importés, $skippedCount ignorés.";
} catch (Exception $e) {
$errors[] = $e->getMessage();
error_log("CSV import error: " . $e->getMessage());
}
}
// Regenerate CSRF token
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Import CSV - Post-ERG</title>
<link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="https://raw.githack.com/waldyrious/downstyler/master/downstyler.css" />
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
</head>
<body>
<header>
<h1>Import CSV - Post-ERG</h1>
<nav>
<a href="index.php">← Nouveau TFE</a> |
<a href="list.php">📋 Liste des TFE</a>
</nav>
</header>
<main>
<h2>Importer des TFE depuis un fichier CSV</h2>
<?php if (!empty($errors)): ?>
<div style="background: #fee; border: 2px solid #c00; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #c00;">
<strong>⚠️ Erreurs:</strong>
<ul>
<?php foreach ($errors as $error): ?>
<li><?php echo htmlspecialchars($error); ?></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
<?php if ($message): ?>
<div style="background: #efe; border: 2px solid #0a0; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #0a0;">
<strong>✓ <?php echo htmlspecialchars($message); ?></strong>
</div>
<?php endif; ?>
<form action="import.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
<fieldset>
<legend>Sélectionner un fichier CSV</legend>
<p><strong>Format attendu:</strong></p>
<ul>
<li>Colonnes: Identifiant, Titre, Sous-titre, Auteur·ice(s), Contact, Promoteur·ice(s), Format, Année, AP, Orientation, Finalité, Mots-clés, Synopsis, Contexte, Remarques, Langue, Autorisation, License, taille, Points sur 20, lien BAIU</li>
<li>Les deux premières lignes seront ignorées (entête)</li>
<li>Séparateur: virgule</li>
<li>Encodage: UTF-8</li>
</ul>
<label for="csv_file">Fichier CSV:</label>
<input type="file" id="csv_file" name="csv_file" accept=".csv" required>
<button type="submit">Importer</button>
</fieldset>
</form>
<?php if (!empty($importResults)): ?>
<h3>Résultats de l'import</h3>
<div style="background: #f5f5f5; padding: 1rem; border-radius: 4px; max-height: 400px; overflow-y: auto;">
<pre style="margin: 0; font-size: 0.9em;"><?php
foreach ($importResults as $result) {
echo htmlspecialchars($result) . "\n";
}
?></pre>
</div>
<?php endif; ?>
<hr>
<h3>Notes importantes</h3>
<ul>
<li><strong>Codes orientation:</strong> SC (Sculpture), VI (Vidéographie), CA (Cinéma d'animation), IP (Installation-Performance), etc.</li>
<li><strong>Codes AP:</strong> DPM, LIENS, APS (comme dans la base)</li>
<li><strong>Auteurs multiples:</strong> Séparer par des virgules</li>
<li><strong>Mots-clés:</strong> Maximum 10, séparés par des virgules</li>
<li><strong>Formats:</strong> Séparer par des virgules</li>
<li>Les lignes avec erreurs seront ignorées et loggées</li>
</ul>
<h3>Exemple de fichier CSV</h3>
<p>Voir: <code>../db/Database_TFE_test.csv</code></p>
</main>
<footer>
<p>Import CSV - Post-ERG Database</p>
</footer>
</body>
</html>

318
formulaire/index.php
View File

@@ -1,8 +1,55 @@
<?php
// Start session and generate CSRF token
session_start();
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
if (empty($_SESSION["csrf_token"])) {
$_SESSION["csrf_token"] = bin2hex(random_bytes(32));
}
// Load database helper
require_once __DIR__ . "/Database.php";
try {
$db = new Database();
$orientations = $db->getAllOrientations();
$apPrograms = $db->getAllAPPrograms();
$finalityTypes = $db->getAllFinalityTypes();
$languages = $db->getAllLanguages();
$formatTypes = $db->getAllFormatTypes();
} catch (Exception $e) {
error_log("Failed to load form data: " . $e->getMessage());
die(
"Erreur lors du chargement du formulaire. Veuillez réessayer plus tard."
);
}
// Get error message and preserved form data from session (if redirected back from error)
$error = isset($_SESSION["form_error"]) ? $_SESSION["form_error"] : null;
$formData = isset($_SESSION["form_data"]) ? $_SESSION["form_data"] : [];
// Clear session data after retrieving
unset($_SESSION["form_error"]);
unset($_SESSION["form_data"]);
// Helper function to get old form value
function old($key, $default = "")
{
global $formData;
return isset($formData[$key])
? htmlspecialchars($formData[$key])
: $default;
}
// Helper function to check if value was previously selected
function wasSelected($key, $value)
{
global $formData;
if (!isset($formData[$key])) {
return false;
}
if (is_array($formData[$key])) {
return in_array($value, $formData[$key]);
}
return $formData[$key] == $value;
}
?>
<!DOCTYPE html>
@@ -13,88 +60,237 @@ if (empty($_SESSION['csrf_token'])) {
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Formulaire</title>
<link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="assets/simple.css">
<link rel="stylesheet" href="assets/posterg.css">
<link rel="stylesheet" href="https://raw.githack.com/waldyrious/downstyler/master/downstyler.css" />
<!-- <link rel="stylesheet" href="assets/simple.css"> -->
<!--<link rel="stylesheet" href="assets/posterg.css"> -->
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
</head>
<body>
<header>
<h1>Formulaire Posterg</h1>
<nav style="margin-top: 1rem;">
<a href="list.php" style="font-size: 0.9em;">📋 Liste des TFE</a> |
<a href="import.php" style="font-size: 0.9em;">📥 Importer CSV</a>
</nav>
</header>
<main>
<?php if ($error): ?>
<div class="error-message" style="background: #fee; border: 2px solid #c00; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #c00;">
<strong>⚠️ Erreur:</strong> <?php echo htmlspecialchars($error); ?>
</div>
<?php endif; ?>
<form action="formulaire.php" method="post" enctype="multipart/form-data">
<!-- CSRF Protection -->
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
<label>Nom/Prénom/Pseudo</label>
<input type="text" name="auteurice" placeholder="..." required>
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars(
$_SESSION["csrf_token"],
); ?>">
<label>Année diplômante (2023, 2024, ...)</label>
<input type="text" name="année" placeholder="..." required>
<h2>Informations de base</h2>
<label>Orientation principale</label>
<select name="orientation" required>
<option value="">-- Ton orientation --</option>
<option value="typographie">Typographie</option>
<option value="graphisme">Graphisme</option>
<option value="designnumérique">Design Numérique</option>
<option value="Cinéma d'animation">Cinéma d'animation</option>
<option value="Illustration">Illustration</option>
<option value="BD">Bande dessinée</option>
<option value="Photographie">Photographie</option>
<option value="Vidéographie">Vidéographie</option>
<option value="Sculpture">Sculpture</option>
<option value="Peinture">Peinture</option>
<option value="Art numérique">Art numérique</option>
<option value="Vidéographie">Vidéographie</option>
<option value="Photographie">Photographie</option>
<option value="Dessin">Dessin</option>
<option value="Installation performance">Installation performance</option>
<fieldset>
<label for="auteurice">Nom/Prénom/Pseudo *</label>
<input type="text" id="auteurice" name="auteurice" placeholder="Nom de l'auteur·ice" value="<?php echo old(
"auteurice",
); ?>" required>
</fieldset>
<fieldset>
<label for="mail">Contact (email, site web, insta, ...)</label>
<input type="text" id="mail" name="mail" placeholder="votre.email@example.com ou @instagram" value="<?php echo old(
"mail",
); ?>">
</fieldset>
<fieldset>
<label for="année">Année diplômante *</label>
<input type="number" id="année" name="année" min="2000" max="<?php echo date(
"Y",
) + 1; ?>" placeholder="<?php echo date(
"Y",
); ?>" value="<?php echo old("année"); ?>" required>
</fieldset>
<h2>Informations académiques</h2>
<fieldset>
<label for="orientation">Orientation principale *</label>
<select id="orientation" name="orientation" required>
<option value="">-- Sélectionner une orientation --</option>
<?php foreach ($orientations as $orientation): ?>
<option value="<?php echo htmlspecialchars(
$orientation["id"],
); ?>" <?php echo wasSelected(
"orientation",
$orientation["id"],
)
? "selected"
: ""; ?>>
<?php echo htmlspecialchars(
$orientation["name"],
); ?>
</option>
<?php endforeach; ?>
</select>
<label>Atelier Pratique</label>
<select name="ap" required>
<option value="">-- Ton AP --</option>
<option value="DPM">Design et politique du multiple</option>
<option value="APS">Art et pratique situé</option>
<option value="R&E">Récits et expérimentation</option>
<option value="PAOC">Pratique de l'art et outils critiques</option>
<fieldset>
<label for="ap">Atelier Pratique (AP) *</label>
<select id="ap" name="ap" required>
<option value="">-- Sélectionner un AP --</option>
<?php foreach ($apPrograms as $ap): ?>
<option value="<?php echo htmlspecialchars(
$ap["id"],
); ?>" <?php echo wasSelected("ap", $ap["id"])
? "selected"
: ""; ?>>
<?php echo htmlspecialchars($ap["name"]); ?>
<?php if (
$ap["code"]
): ?> (<?php echo htmlspecialchars(
$ap["code"],
); ?>)<?php endif; ?>
</option>
<?php endforeach; ?>
</select>
<label>Contact : mail, insta, ...</label>
<input type="email" name="mail" placeholder="Votre contact">
</fieldset>
<label>Titre du mémoire</label>
<input type="titre" name="titre" placeholder="..." required>
<fieldset>
<label for="finality">Finalité du master *</label>
<select id="finality" name="finality" required>
<option value="">-- Sélectionner une finalité --</option>
<?php foreach ($finalityTypes as $finality): ?>
<option value="<?php echo htmlspecialchars(
$finality["id"],
); ?>" <?php echo wasSelected(
"finality",
$finality["id"],
)
? "selected"
: ""; ?>>
<?php echo htmlspecialchars($finality["name"]); ?>
</option>
<?php endforeach; ?>
</select>
<label>Tag/mots-clefs sur le mémoire</label>
<input type="text" name="tag" placeholder="typographie, photographie, outils libre, post-colonial,..">
</fieldset>
<label>Promoteur.rice</label>
<input type="text" name="promoteurice" placeholder="nom/prénom/pseudo">
<fieldset>
<label for="promoteurice">Promoteur·ice(s)</label>
<input type="text" id="promoteurice" name="promoteurice" placeholder="Nom du/de la promoteur·ice (si plusieurs, séparer par des virgules)" value="<?php echo old(
"promoteurice",
); ?>">
<label>Problématique</label>
<input type="text" name="problématique" placeholder="Problématique de ton mémoire...">
</fieldset>
<label>Résumé en quelque lignes</label>
<textarea id="textareaField" rows="8" type="text" name="description" placeholder="Description de ton mémoire..."></textarea>
<h2>À propos du TFE</h2>
<label>Lien vers un site web ou quelque chose d'autres en lignes</label>
<input type="text" name="lien" placeholder="https://monmémoire.erg.be/...">
<label>Importer une couverture</label>
<i>Vérifie que ton fichier est bien un jpg.</i>
<fieldset>
<label for="titre">Titre du mémoire *</label>
<input type="text" id="titre" name="titre" placeholder="Titre de votre TFE" value="<?php echo old(
"titre",
); ?>" required>
</fieldset>
<fieldset>
<label for="subtitle">Sous-titre (si applicable)</label>
<input type="text" id="subtitle" name="subtitle" placeholder="Sous-titre de votre TFE" value="<?php echo old(
"subtitle",
); ?>">
</fieldset>
<fieldset>
<label for="synopsis">Synopsis (environ 200 mots) *</label>
<textarea id="synopsis" name="synopsis" rows="8" placeholder="Décrivez votre TFE en quelques paragraphes..." required><?php echo old(
"synopsis",
); ?></textarea>
</fieldset>
<fieldset>
<label for="problématique">Problématique</label>
<textarea id="problématique" name="problématique" rows="4" placeholder="La problématique principale de votre mémoire..."><?php echo old(
"problématique",
); ?></textarea>
</fieldset>
<fieldset>
<label>Langue(s) du TFE * (sélection multiple possible)</label>
<?php foreach ($languages as $language): ?>
<label class="checkbox-label">
<input type="checkbox" name="languages[]" value="<?php echo htmlspecialchars(
$language["id"],
); ?>" <?php echo wasSelected(
"languages",
$language["id"],
)
? "checked"
: ""; ?>>
<?php echo htmlspecialchars($language["name"]); ?>
</label>
<?php endforeach; ?>
</fieldset>
<fieldset>
<label>Format(s) (sélection multiple possible)</label>
<?php foreach ($formatTypes as $format): ?>
<label class="checkbox-label">
<input type="checkbox" name="formats[]" value="<?php echo htmlspecialchars(
$format["id"],
); ?>" <?php echo wasSelected(
"formats",
$format["id"],
)
? "checked"
: ""; ?>>
<?php echo htmlspecialchars($format["name"]); ?>
</label>
<?php endforeach; ?>
</fieldset>
<fieldset>
<label for="tag">Mots-clés (max 10, séparés par des virgules)</label>
<input type="text" id="tag" name="tag" placeholder="typographie, photographie, outils libre, post-colonial..." value="<?php echo old(
"tag",
); ?>">
<small>Séparez les mots-clés par des virgules. Maximum 10 mots-clés.</small>
</fieldset>
<fieldset>
<label for="duration_info">Durée/Taille (si applicable)</label>
<input type="text" id="duration_info" name="duration_info" placeholder="Ex: 68 minutes, 128 pages, 78 pages + 15 minutes" value="<?php echo old(
"duration_info",
); ?>">
<small>Indiquez la durée (en minutes) ou le nombre de pages de votre TFE.</small>
</fieldset>
<fieldset>
<label for="lien">Lien vers un site web ou ressource en ligne</label>
<input type="url" id="lien" name="lien" placeholder="https://monmemoire.erg.be/..." value="<?php echo old(
"lien",
); ?>">
</fieldset>
<h2>Fichiers</h2>
<fieldset>
<label for="couverture">Importer une image de couverture</label>
<small>Formats acceptés : JPG, PNG. Taille max : 10MB.</small>
<input type="file" id="couverture" name="couverture" accept="image/jpeg,image/png">
</fieldset>
<fieldset>
<label for="files">Importer le TFE et les fichiers annexes</label>
<small>Formats acceptés : PDF, JPG, PNG, MP4, ZIP. Taille max par fichier : 50MB.</small>
<small>Si vous voulez importer un dossier, créez une archive ZIP.</small>
<input type="file" id="files" name="files[]" multiple accept=".pdf,.jpg,.jpeg,.png,.mp4,.zip">
</fieldset>
<br>
<!-- THE FILES[] IS NECESSARY IF THERE ARE MULTIPLE FILES UPLOADED -->
<input type="file" name="couverture">
<label>Importer les divers fichers de son mémoire</label>
<i>Si tu veux importer un dossier, créer une archive zip.</i>
<!-- THE FILES[] IS NECESSARY IF THERE ARE MULTIPLE FILES UPLOADED -->
<input type="file" name="files[]" multiple>
<br>
<input type="submit" name="go" value="envoyer">
<input type="submit" name="go" value="Soumettre mon TFE">
</form>
</main>
@@ -102,4 +298,4 @@ if (empty($_SESSION['csrf_token'])) {
<p>Formulaire fait avec ❤ en PHP et <a href="https://github.com/kevquirk/simple.css">SimpleCSS</a>.</p>
</footer>
</body>
</html>
</html>

78
formulaire/justfile Normal file
View File

@@ -0,0 +1,78 @@
# Justfile for Post-ERG thesis form testing
# Default recipe - show available commands
default:
@just --list
# Create test database from schema
init-test-db:
@echo "Creating test database from schema..."
@sqlite3 test.db < ../db/schema.sql
@echo "✓ Test database created: test.db"
@sqlite3 test.db "SELECT COUNT(*) || ' tables created' FROM sqlite_master WHERE type='table';"
@sqlite3 test.db "SELECT COUNT(*) || ' orientations loaded' FROM orientations;"
@sqlite3 test.db "SELECT COUNT(*) || ' AP programs loaded' FROM ap_programs;"
# Start PHP development server
serve: init-test-db
@echo "Starting PHP development server on http://localhost:3000"
@echo "Press Ctrl+C to stop"
@php -S 127.0.0.1:3000
# Start server without reinitializing database
serve-only:
@echo "Starting PHP development server on http://localhost:3000"
@echo "Press Ctrl+C to stop"
@php -S 127.0.0.1:3000
# Clean up test database and uploaded files
cleanup:
@echo "Cleaning up test files..."
@rm -f test.db
@rm -f error.log
@rm -rf data/theses/*
@rm -rf data/covers/*
@echo "✓ Cleanup complete"
# Reset: cleanup and reinitialize
reset: cleanup init-test-db
@echo "✓ Test environment reset"
# Show database statistics
stats:
@echo "=== Database Statistics ==="
@sqlite3 test.db "SELECT COUNT(*) || ' theses' FROM theses;"
@sqlite3 test.db "SELECT COUNT(*) || ' authors' FROM authors;"
@sqlite3 test.db "SELECT COUNT(*) || ' supervisors' FROM supervisors;"
@sqlite3 test.db "SELECT COUNT(*) || ' keywords' FROM keywords;"
@sqlite3 test.db "SELECT COUNT(*) || ' files uploaded' FROM thesis_files;"
# Show recent submissions
recent:
@echo "=== Recent Submissions ==="
@sqlite3 -column -header test.db "SELECT identifier, title, year, submitted_at FROM theses ORDER BY submitted_at DESC LIMIT 5;"
# Query database interactively
query:
@sqlite3 test.db
# Show full thesis details
show id:
@sqlite3 -column -header test.db "SELECT * FROM v_theses_full WHERE id = {{id}};"
# Dump database to SQL
dump:
@sqlite3 test.db .dump > test_backup_$(date +%Y%m%d_%H%M%S).sql
@echo "✓ Database dumped to test_backup_$(date +%Y%m%d_%H%M%S).sql"
# Create data directories if they don't exist
setup-dirs:
@mkdir -p data/theses
@mkdir -p data/covers
@mkdir -p data/yaml
@touch data/theses/.gitkeep
@touch data/covers/.gitkeep
@echo "✓ Data directories created"
# Full setup: directories + database + serve
dev: setup-dirs init-test-db serve

295
formulaire/list.php Normal file
View File

@@ -0,0 +1,295 @@
<?php
// List all theses in the database
session_start();
require_once __DIR__ . '/Database.php';
try {
$db = new Database();
$pdo = $db->getPDO();
// Get filter parameters
$searchQuery = isset($_GET['search']) ? trim($_GET['search']) : '';
$yearFilter = isset($_GET['year']) ? intval($_GET['year']) : null;
$orientationFilter = isset($_GET['orientation']) ? intval($_GET['orientation']) : null;
// Build query
$sql = "SELECT
t.id, t.identifier, t.title, t.subtitle, t.year,
o.name as orientation,
ap.name as ap_program,
GROUP_CONCAT(DISTINCT a.name) as authors,
t.submitted_at,
t.is_published
FROM theses t
LEFT JOIN orientations o ON t.orientation_id = o.id
LEFT JOIN ap_programs ap ON t.ap_program_id = ap.id
LEFT JOIN thesis_authors ta ON t.id = ta.thesis_id
LEFT JOIN authors a ON ta.author_id = a.id
WHERE 1=1";
$params = [];
if ($searchQuery) {
$sql .= " AND (t.title LIKE ? OR t.subtitle LIKE ? OR a.name LIKE ?)";
$searchParam = "%$searchQuery%";
$params[] = $searchParam;
$params[] = $searchParam;
$params[] = $searchParam;
}
if ($yearFilter) {
$sql .= " AND t.year = ?";
$params[] = $yearFilter;
}
if ($orientationFilter) {
$sql .= " AND t.orientation_id = ?";
$params[] = $orientationFilter;
}
$sql .= " GROUP BY t.id ORDER BY t.year DESC, t.submitted_at DESC";
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
$theses = $stmt->fetchAll();
// Get unique years for filter
$yearsStmt = $pdo->query("SELECT DISTINCT year FROM theses ORDER BY year DESC");
$years = $yearsStmt->fetchAll(PDO::FETCH_COLUMN);
// Get orientations for filter
$orientations = $db->getAllOrientations();
} catch (Exception $e) {
error_log("Error loading theses list: " . $e->getMessage());
die("Erreur lors du chargement de la liste.");
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Liste des TFE - Post-ERG</title>
<link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="https://raw.githack.com/waldyrious/downstyler/master/downstyler.css" />
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
<style>
.filters {
background: #f5f5f5;
padding: 1rem;
margin-bottom: 2rem;
border-radius: 4px;
}
.filters form {
display: flex;
gap: 1rem;
flex-wrap: wrap;
align-items: end;
}
.filters fieldset {
margin: 0;
padding: 0;
border: none;
min-width: 200px;
}
.thesis-table {
width: 100%;
border-collapse: collapse;
}
.thesis-table th,
.thesis-table td {
padding: 0.75rem;
text-align: left;
border-bottom: 1px solid #ddd;
}
.thesis-table th {
background: #f0f0f0;
font-weight: bold;
}
.thesis-table tr:hover {
background: #f9f9f9;
}
.thesis-title {
font-weight: bold;
}
.thesis-subtitle {
font-style: italic;
color: #666;
font-size: 0.9em;
}
.status-badge {
display: inline-block;
padding: 0.25rem 0.5rem;
border-radius: 3px;
font-size: 0.85em;
}
.status-pending {
background: #ffd700;
color: #000;
}
.status-published {
background: #90ee90;
color: #000;
}
.actions {
display: flex;
gap: 0.5rem;
}
.btn {
padding: 0.35rem 0.75rem;
border-radius: 3px;
text-decoration: none;
font-size: 0.9em;
display: inline-block;
}
.btn-view {
background: #4a90e2;
color: white;
}
.btn-edit {
background: #f39c12;
color: white;
}
.stats {
display: flex;
gap: 2rem;
margin-bottom: 2rem;
flex-wrap: wrap;
}
.stat-card {
background: #f5f5f5;
padding: 1rem;
border-radius: 4px;
min-width: 150px;
}
.stat-number {
font-size: 2em;
font-weight: bold;
color: #4a90e2;
}
.stat-label {
color: #666;
font-size: 0.9em;
}
</style>
</head>
<body>
<header>
<h1>Liste des TFE</h1>
<nav>
<a href="index.php">← Nouveau TFE</a> |
<a href="import.php">📥 Importer CSV</a>
</nav>
</header>
<main>
<div class="stats">
<div class="stat-card">
<div class="stat-number"><?php echo count($theses); ?></div>
<div class="stat-label">TFE total</div>
</div>
<div class="stat-card">
<div class="stat-number"><?php echo count(array_filter($theses, fn($t) => $t['is_published'])); ?></div>
<div class="stat-label">Publiés</div>
</div>
<div class="stat-card">
<div class="stat-number"><?php echo count(array_filter($theses, fn($t) => !$t['is_published'])); ?></div>
<div class="stat-label">En attente</div>
</div>
</div>
<div class="filters">
<form method="get" action="list.php">
<fieldset>
<label for="search">Rechercher</label>
<input type="text" id="search" name="search" placeholder="Titre, auteur..." value="<?php echo htmlspecialchars($searchQuery); ?>">
</fieldset>
<fieldset>
<label for="year">Année</label>
<select id="year" name="year">
<option value="">Toutes</option>
<?php foreach ($years as $year): ?>
<option value="<?php echo $year; ?>" <?php echo $yearFilter == $year ? 'selected' : ''; ?>>
<?php echo $year; ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<fieldset>
<label for="orientation">Orientation</label>
<select id="orientation" name="orientation">
<option value="">Toutes</option>
<?php foreach ($orientations as $orientation): ?>
<option value="<?php echo $orientation['id']; ?>" <?php echo $orientationFilter == $orientation['id'] ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($orientation['name']); ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<button type="submit">Filtrer</button>
<?php if ($searchQuery || $yearFilter || $orientationFilter): ?>
<a href="list.php">Réinitialiser</a>
<?php endif; ?>
</form>
</div>
<?php if (empty($theses)): ?>
<p>Aucun TFE trouvé.</p>
<?php else: ?>
<table class="thesis-table">
<thead>
<tr>
<th>ID</th>
<th>Titre</th>
<th>Auteur(s)</th>
<th>Année</th>
<th>Orientation</th>
<th>AP</th>
<th>Statut</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($theses as $thesis): ?>
<tr>
<td><?php echo htmlspecialchars($thesis['identifier'] ?? $thesis['id']); ?></td>
<td>
<div class="thesis-title"><?php echo htmlspecialchars($thesis['title']); ?></div>
<?php if ($thesis['subtitle']): ?>
<div class="thesis-subtitle"><?php echo htmlspecialchars($thesis['subtitle']); ?></div>
<?php endif; ?>
</td>
<td><?php echo htmlspecialchars($thesis['authors'] ?? 'N/A'); ?></td>
<td><?php echo $thesis['year']; ?></td>
<td><?php echo htmlspecialchars($thesis['orientation'] ?? 'N/A'); ?></td>
<td><?php echo htmlspecialchars($thesis['ap_program'] ?? 'N/A'); ?></td>
<td>
<?php if ($thesis['is_published']): ?>
<span class="status-badge status-published">Publié</span>
<?php else: ?>
<span class="status-badge status-pending">En attente</span>
<?php endif; ?>
</td>
<td>
<div class="actions">
<a href="thanks.php?id=<?php echo $thesis['id']; ?>" class="btn btn-view">Voir</a>
<a href="edit.php?id=<?php echo $thesis['id']; ?>" class="btn btn-edit">Éditer</a>
</div>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
</main>
<footer>
<p>Post-ERG - <?php echo count($theses); ?> TFE dans la base de données</p>
</footer>
</body>
</html>

311
formulaire/thanks.php
View File

@@ -4,79 +4,292 @@ ini_set('display_errors', 0);
ini_set('log_errors', 1);
ini_set('error_log', 'error.log');
require 'vendor/autoload.php';
require __DIR__ . '/Database.php';
use Symfony\Component\Yaml\Yaml;
// Security: Validate file parameter to prevent path traversal
$yamlFile = '';
$data = null;
// Security: Validate thesis ID parameter
$thesisId = null;
$thesis = null;
$files = [];
$error = null;
if (isset($_GET['file'])) {
$requestedFile = urldecode($_GET['file']);
// Security: Only allow files from the yaml directory
$yamlFolder = realpath(__DIR__ . '/data/yaml/');
$requestedPath = realpath($requestedFile);
// Verify the file exists and is within the allowed directory
if ($requestedPath &&
$yamlFolder &&
strpos($requestedPath, $yamlFolder) === 0 &&
file_exists($requestedPath) &&
pathinfo($requestedPath, PATHINFO_EXTENSION) === 'yaml') {
if (isset($_GET['id'])) {
$thesisId = filter_var($_GET['id'], FILTER_VALIDATE_INT);
if ($thesisId !== false && $thesisId > 0) {
try {
$data = Yaml::parseFile($requestedPath);
$yamlFile = $requestedPath;
$db = new Database();
$pdo = $db->getPDO();
// Get thesis data
$thesis = $db->getThesis($thesisId);
if (!$thesis) {
$error = "TFE non trouvé.";
} else {
// Get associated files
$stmt = $pdo->prepare("
SELECT file_type, file_name, file_size, mime_type, uploaded_at
FROM thesis_files
WHERE thesis_id = ?
ORDER BY file_type, uploaded_at
");
$stmt->execute([$thesisId]);
$files = $stmt->fetchAll();
}
} catch (Exception $e) {
error_log("Error parsing YAML file: " . $e->getMessage());
$error = "Erreur lors de la lecture du fichier.";
error_log("Error loading thesis: " . $e->getMessage());
$error = "Erreur lors de la lecture des données.";
}
} else {
error_log("Invalid file access attempt: " . $requestedFile);
$error = "Fichier non valide ou accès refusé.";
error_log("Invalid thesis ID: " . $_GET['id']);
$error = "Identifiant invalide.";
}
} else {
$error = "Aucun fichier spécifié.";
$error = "Aucun identifiant spécifié.";
}
// Helper function to format file size
function formatFileSize($bytes) {
if ($bytes >= 1073741824) {
return number_format($bytes / 1073741824, 2) . ' GB';
} elseif ($bytes >= 1048576) {
return number_format($bytes / 1048576, 2) . ' MB';
} elseif ($bytes >= 1024) {
return number_format($bytes / 1024, 2) . ' KB';
} else {
return $bytes . ' bytes';
}
}
?>
<!DOCTYPE html>
<html lang="en">
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>ThankYou</title>
<title>Merci - Post-ERG</title>
<link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="assets/simple.css">
<link rel="stylesheet" href="assets/posterg.css">
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
</head>
<body>
<header>
<h1>Merci 💜</h1>
</header>
<main>
<?php if ($error): ?>
<p style="color: red;">⚠️ <?php echo htmlspecialchars($error); ?></p>
<p>Pour revenir au <a href="index.php">formulaire</a>.</p>
<?php elseif ($data): ?>
<p>d'avoir rempli le formulaire. Le contenu soumis a été sauvegardé et est en attente de traitement.</p>
<h1>Merci</h1>
<?php if ($thesis): ?>
<nav style="margin-top: 1rem;">
<a href="list.php">Liste des TFE</a> |
<a href="edit.php?id=<?php echo $thesisId; ?>">✏️ Modifier ce TFE</a>
</nav>
<?php endif; ?>
</header>
<h4>Voici les informations que vous avez encodées dans le formulaire, affiché tel que c'est stocké, en yaml:</h4>
<pre><code><?php echo htmlspecialchars(Yaml::dump($data)); ?></code></pre>
<p>Pour revenir au <a href="index.php">formulaire</a>.</p>
<?php else: ?>
<p>Aucune donnée à afficher.</p>
<p>Pour revenir au <a href="index.php">formulaire</a>.</p>
<?php endif; ?>
</main>
<footer>
<p>Formulaire fait avec ❤ en PHP et <a href="https://github.com/kevquirk/simple.css">SimpleCSS</a>.</p>
</footer>
<main>
<?php if ($error): ?>
<div class="error">
<p>⚠️ <?php echo htmlspecialchars($error); ?></p>
<p><a href="index.php">Retour au formulaire</a></p>
</div>
<?php elseif ($thesis): ?>
<p>d'avoir soumis votre TFE. Les informations ont été enregistrées et sont en attente de traitement.</p>
<div class="thesis-info">
<h2>Récapitulatif de votre soumission</h2>
<h3>Informations de base</h3>
<dl>
<dt>Identifiant:</dt>
<dd><strong><?php echo htmlspecialchars($thesis['identifier']); ?></strong></dd>
<dt>Titre:</dt>
<dd><?php echo htmlspecialchars($thesis['title']); ?></dd>
<?php if ($thesis['subtitle']): ?>
<dt>Sous-titre:</dt>
<dd><?php echo htmlspecialchars($thesis['subtitle']); ?></dd>
<?php endif; ?>
<dt>Auteur·ice(s):</dt>
<dd><?php echo htmlspecialchars($thesis['authors']); ?></dd>
<dt>Année:</dt>
<dd><?php echo htmlspecialchars($thesis['year']); ?></dd>
</dl>
<h3>Détails académiques</h3>
<dl>
<dt>Orientation:</dt>
<dd><?php echo htmlspecialchars($thesis['orientation'] ?? 'Non spécifié'); ?></dd>
<dt>Atelier Pratique:</dt>
<dd><?php echo htmlspecialchars($thesis['ap_program'] ?? 'Non spécifié'); ?></dd>
<dt>Finalité:</dt>
<dd><?php echo htmlspecialchars($thesis['finality_type'] ?? 'Non spécifié'); ?></dd>
<?php if ($thesis['supervisors']): ?>
<dt>Promoteur·ice(s):</dt>
<dd><?php echo htmlspecialchars($thesis['supervisors']); ?></dd>
<?php endif; ?>
</dl>
<h3>Contenu</h3>
<dl>
<?php if ($thesis['synopsis']): ?>
<dt>Synopsis:</dt>
<dd><?php echo nl2br(htmlspecialchars($thesis['synopsis'])); ?></dd>
<?php endif; ?>
<?php if ($thesis['languages']): ?>
<dt>Langue(s):</dt>
<dd><?php echo htmlspecialchars($thesis['languages']); ?></dd>
<?php endif; ?>
<?php if ($thesis['formats']): ?>
<dt>Format(s):</dt>
<dd><?php echo htmlspecialchars($thesis['formats']); ?></dd>
<?php endif; ?>
<?php if ($thesis['keywords']): ?>
<dt>Mots-clés:</dt>
<dd><?php echo htmlspecialchars($thesis['keywords']); ?></dd>
<?php endif; ?>
<?php if ($thesis['file_size_info']): ?>
<dt>Durée/Taille:</dt>
<dd><?php echo htmlspecialchars($thesis['file_size_info']); ?></dd>
<?php endif; ?>
<?php if ($thesis['baiu_link']): ?>
<dt>Lien:</dt>
<dd><a href="<?php echo htmlspecialchars($thesis['baiu_link']); ?>" target="_blank" rel="noopener">
<?php echo htmlspecialchars($thesis['baiu_link']); ?>
</a></dd>
<?php endif; ?>
</dl>
<?php if (!empty($files)): ?>
<h3>Fichiers téléversés</h3>
<table>
<thead>
<tr>
<th>Type</th>
<th>Nom du fichier</th>
<th>Taille</th>
<th>Date</th>
</tr>
</thead>
<tbody>
<?php foreach ($files as $file): ?>
<tr>
<td><?php echo htmlspecialchars($file['file_type']); ?></td>
<td><?php echo htmlspecialchars($file['file_name']); ?></td>
<td><?php echo formatFileSize($file['file_size']); ?></td>
<td><?php echo date('d/m/Y H:i', strtotime($file['uploaded_at'])); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
<h3>Statut de publication</h3>
<p><strong>⏳ En attente</strong> - Votre TFE ne sera publié qu'après la soutenance et l'ajout éventuel d'une note contextuelle par le jury.</p>
<p class="submitted-date">
Soumis le <?php echo date('d/m/Y à H:i', strtotime($thesis['submitted_at'])); ?>
</p>
</div>
<p><a href="index.php">Soumettre un autre TFE</a></p>
<?php else: ?>
<p>Aucune donnée à afficher.</p>
<p><a href="index.php">Retour au formulaire</a></p>
<?php endif; ?>
</main>
<footer>
<p>Formulaire Post-ERG</p>
</footer>
</body>
</html>
</html>
<style>
.thesis-info {
background: #f5f5f5;
padding: 2rem;
border-radius: 8px;
margin: 2rem 0;
}
.thesis-info h2 {
margin-top: 0;
border-bottom: 2px solid #333;
padding-bottom: 0.5rem;
}
.thesis-info h3 {
margin-top: 2rem;
margin-bottom: 1rem;
color: #555;
}
.thesis-info dl {
display: grid;
grid-template-columns: 200px 1fr;
gap: 0.5rem 1rem;
margin-bottom: 1.5rem;
}
.thesis-info dt {
font-weight: bold;
color: #666;
}
.thesis-info dd {
margin: 0;
}
.thesis-info table {
width: 100%;
margin-top: 1rem;
}
.thesis-info table th {
text-align: left;
background: #ddd;
padding: 0.5rem;
}
.thesis-info table td {
padding: 0.5rem;
border-bottom: 1px solid #ddd;
}
.submitted-date {
margin-top: 2rem;
font-style: italic;
color: #666;
}
.error {
background: #fee;
border: 2px solid #c00;
padding: 1.5rem;
border-radius: 8px;
color: #c00;
}
@media (max-width: 768px) {
.thesis-info dl {
grid-template-columns: 1fr;
gap: 0.25rem;
}
.thesis-info dt {
margin-top: 1rem;
}
}
</style>