PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 11:09:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add comprehensive thesis management system with database migration

Browse Source 
This commit introduces a complete thesis management interface and migrates
the system from YAML-based storage to SQLite:

Core Changes:
- Add Database.php helper class with PDO connection and entity management
- Add list.php for viewing all theses with filtering and sorting
- Add edit.php for modifying existing thesis records
- Add import.php for migrating legacy YAML data to SQLite
- Add justfile with development tasks (serve, init-test-db, etc.)

Documentation:
- Add MIGRATION.md with complete migration guide and architecture docs
- Update README.md with database setup and Just recipe instructions
- Update .gitignore to exclude test databases and error logs

Modified Forms:
- Enhanced formulaire.php with transaction-based SQLite processing
- Updated index.php with database-driven form options
- Improved thanks.php to read from database views

The new architecture provides:
- Normalized database schema (19 tables, 2 views)
- Transaction safety and referential integrity
- CRUD operations for thesis management
- Filtering by year, orientation, AP program, publication status
- Secure file handling with metadata tracking

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Théophile Gervreau-Mercier
2026-01-27 15:43:01 +01:00
parent 99ccd60f90
commit 95f52d549e
22 changed files with 3263 additions and 725 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.gitignore vendored
View File

@@ -1,12 +1,21 @@
vendor/ vendor/
compose.lock compose.lock
### Test databases ###
formulaire/test.db
db/test.db
### Data et Mémoire### ### Data et Mémoire###
formulaire/data/yaml/* formulaire/data/yaml/*
formulaire/data/content/* formulaire/data/content/*
formulaire/data/cover/* formulaire/data/cover/*
formulaire/data/theses/*
formulaire/data/covers/*
front-backend/data/yaml/* front-backend/data/yaml/*
front-backend/data/content/* front-backend/data/content/*
front-backend/data/cover/* front-backend/data/cover/*
### Logs ###
formulaire/error.log

2
db/Database_TFE_test.csv
View File

@@ -33,7 +33,7 @@ Nous vivons une épidémie invisible : linflammation chronique des systèmes
Je travaille en auto-ethnographie incarnée, depuis des expériences qui débordent le discours : douleurs chroniques, gestes dauto-défense somatique, apprentissages empiriques. Je croise pratiques somatiques (TRE®—tremblement neurogénique guidé, Body-Mind Centering®, contact-impro) et enquêtes théoriques (traumatologie, écologies affectives), pour élaborer une recherche-création qui pense avec le mouvement et par le toucher. Ce cadre a donné naissance à une méthode en devenir : la DarkDance—un protocole souple, subversif et sans dogme, qui considère muscles, fascias, organes et liquides comme des milieux pensants, et les engage dans une politique de la sensation. Je travaille en auto-ethnographie incarnée, depuis des expériences qui débordent le discours : douleurs chroniques, gestes dauto-défense somatique, apprentissages empiriques. Je croise pratiques somatiques (TRE®—tremblement neurogénique guidé, Body-Mind Centering®, contact-impro) et enquêtes théoriques (traumatologie, écologies affectives), pour élaborer une recherche-création qui pense avec le mouvement et par le toucher. Ce cadre a donné naissance à une méthode en devenir : la DarkDance—un protocole souple, subversif et sans dogme, qui considère muscles, fascias, organes et liquides comme des milieux pensants, et les engage dans une politique de la sensation.
Les enjeux sont de déplacer la critique des systèmes de domination dans les tissus mêmes des corps (cartographies somatiques du pouvoir). Et douvrir des espaces de re(co)naissance pour celles et ceux dont larchive est manquante—« les corps qui ne comptent pas ».",,,français,,,99 pages,, Les enjeux sont de déplacer la critique des systèmes de domination dans les tissus mêmes des corps (cartographies somatiques du pouvoir). Et douvrir des espaces de re(co)naissance pour celles et ceux dont larchive est manquante—« les corps qui ne comptent pas ».",,,français,,,99 pages,,
2025-008,"L'école, le parlement et la cuisine",,Alice Néron,alice.neron@outlook.com,Ayoh Kré Duchâtelet et Karolina Svobodova,objet éditorial,2025,,DN,Approfondi,"art participatif, assemblée, bruxelles, joie, conversation, affects, collectif, pouvoir d'agir","Lécole, le parlement et la cuisine revient sur trois situations dart participatif engagées à Bruxelles ces cinq dernières années à partir de mon expérience: Bodies of Knowledge, le Code du numérique et «Cuisiner (...)». Bodies of Knowledge («Lécole»), de lartiste performeuse Sarah Vanhee, est une «salle de classe» nomade installée dans l'espace public pour apprendre des savoirs de vie des habitant·es. Le Code du Numérique («le parlement»),porté par lasbl reconnue en éducation permanente Habitant·es des images, est un faux vrai code de loi écrit à partir de témoignages pour réglementer le numérique. Il s'écrit pendant les «parlements humains»: un outil d'animation qui met en scène une assemblée législative. Les ateliers «Cuisiner (...)» organisés avec Zeste Le Reste visent à cuisiner des problèmes collectifs en même temps quun repas. 2025-008,"L'école, le parlement et la cuisine",,Alice Néron,alice.neron@outlook.com,"Ayoh Kré Duchâtelet,Karolina Svobodova",objet éditorial,2025,,DN,Approfondi,"art participatif, assemblée, bruxelles, joie, conversation, affects, collectif, pouvoir d'agir","Lécole, le parlement et la cuisine revient sur trois situations dart participatif engagées à Bruxelles ces cinq dernières années à partir de mon expérience: Bodies of Knowledge, le Code du numérique et «Cuisiner (...)». Bodies of Knowledge («Lécole»), de lartiste performeuse Sarah Vanhee, est une «salle de classe» nomade installée dans l'espace public pour apprendre des savoirs de vie des habitant·es. Le Code du Numérique («le parlement»),porté par lasbl reconnue en éducation permanente Habitant·es des images, est un faux vrai code de loi écrit à partir de témoignages pour réglementer le numérique. Il s'écrit pendant les «parlements humains»: un outil d'animation qui met en scène une assemblée législative. Les ateliers «Cuisiner (...)» organisés avec Zeste Le Reste visent à cuisiner des problèmes collectifs en même temps quun repas.
Ce mémoire questionne les potentiels transformateurs de ces trois dispositifs. Comment peuvent-ils participer ou non à nous faire sentir plus capables ensemble et à faire émerger des capacités de sentir, de penser et dagir en commun ? Comment peuvent-ils, ou non, nous permettre (artistes et participant·es) de reprendre joyeusement prise sur des affects tristes ? Que nous font-ils faire ? Ce mémoire questionne les potentiels transformateurs de ces trois dispositifs. Comment peuvent-ils participer ou non à nous faire sentir plus capables ensemble et à faire émerger des capacités de sentir, de penser et dagir en commun ? Comment peuvent-ils, ou non, nous permettre (artistes et participant·es) de reprendre joyeusement prise sur des affects tristes ? Que nous font-ils faire ?
",,,français,,,160 pages en plusieurs brochures,, ",,,français,,,160 pages en plusieurs brochures,,
1
33
34
35
36
37
38
39

BIN
db/posterg.db Normal file
View File

Binary file not shown.

31
formulaire/.gitignore vendored Normal file
View File

@@ -0,0 +1,31 @@
# Test database
test.db
# Error logs
error.log
# Uploaded files (for testing)
data/theses/
data/covers/
# Keep the data directories but ignore contents
!data/theses/.gitkeep
!data/covers/.gitkeep
# PHP session files
sessions/
# Composer
vendor/
composer.lock
# OS files
.DS_Store
Thumbs.db
# IDE
.vscode/
.idea/
*.swp
*.swo
*~

277
formulaire/Database.php Normal file
View File

@@ -0,0 +1,277 @@
<?php
/**
* Database connection and helper class for Post-ERG thesis database
*/
class Database {
private $pdo;
private $dbPath;
/**
* Constructor - establishes database connection
* @param string $dbPath Path to SQLite database file
*/
public function __construct($dbPath = null) {
if ($dbPath === null) {
// Check for test database first (for local development)
$testDb = __DIR__ . '/test.db';
if (file_exists($testDb)) {
$this->dbPath = $testDb;
} else {
// Default to parent directory's db folder (production)
$this->dbPath = __DIR__ . '/../db/posterg.db';
}
} else {
$this->dbPath = $dbPath;
}
try {
$this->pdo = new PDO('sqlite:' . $this->dbPath);
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$this->pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
// Enable foreign key constraints
$this->pdo->exec('PRAGMA foreign_keys = ON');
} catch (PDOException $e) {
error_log("Database connection failed: " . $e->getMessage());
throw new Exception("Impossible de se connecter à la base de données.");
}
}
/**
* Get PDO instance for direct queries if needed
* @return PDO
*/
public function getPDO() {
return $this->pdo;
}
/**
* Begin a transaction
*/
public function beginTransaction() {
return $this->pdo->beginTransaction();
}
/**
* Commit a transaction
*/
public function commit() {
return $this->pdo->commit();
}
/**
* Rollback a transaction
*/
public function rollback() {
return $this->pdo->rollback();
}
/**
* Find or create an author
* @param string $name Author name
* @param string $email Author email (optional)
* @return int Author ID
*/
public function findOrCreateAuthor($name, $email = null) {
// Try to find existing author by name
$stmt = $this->pdo->prepare("SELECT id FROM authors WHERE name = ?");
$stmt->execute([$name]);
$author = $stmt->fetch();
if ($author) {
// Update email if provided and different
if ($email && $email !== '') {
$updateStmt = $this->pdo->prepare("UPDATE authors SET email = ? WHERE id = ?");
$updateStmt->execute([$email, $author['id']]);
}
return $author['id'];
}
// Create new author
$stmt = $this->pdo->prepare("INSERT INTO authors (name, email) VALUES (?, ?)");
$stmt->execute([$name, $email]);
return $this->pdo->lastInsertId();
}
/**
* Find or create a supervisor
* @param string $name Supervisor name
* @return int Supervisor ID
*/
public function findOrCreateSupervisor($name) {
// Try to find existing supervisor
$stmt = $this->pdo->prepare("SELECT id FROM supervisors WHERE name = ?");
$stmt->execute([$name]);
$supervisor = $stmt->fetch();
if ($supervisor) {
return $supervisor['id'];
}
// Create new supervisor
$stmt = $this->pdo->prepare("INSERT INTO supervisors (name) VALUES (?)");
$stmt->execute([$name]);
return $this->pdo->lastInsertId();
}
/**
* Find or create a keyword
* @param string $keyword Keyword text
* @return int Keyword ID
*/
public function findOrCreateKeyword($keyword) {
$keyword = trim($keyword);
if (empty($keyword)) {
return null;
}
// Try to find existing keyword
$stmt = $this->pdo->prepare("SELECT id FROM keywords WHERE keyword = ?");
$stmt->execute([$keyword]);
$kw = $stmt->fetch();
if ($kw) {
return $kw['id'];
}
// Create new keyword
$stmt = $this->pdo->prepare("INSERT INTO keywords (keyword) VALUES (?)");
$stmt->execute([$keyword]);
return $this->pdo->lastInsertId();
}
/**
* Get orientation ID by name
* @param string $name Orientation name
* @return int|null Orientation ID or null if not found
*/
public function getOrientationId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM orientations WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get AP program ID by name
* @param string $name AP program name
* @return int|null AP program ID or null if not found
*/
public function getAPProgramId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM ap_programs WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get finality type ID by name
* @param string $name Finality type name
* @return int|null Finality type ID or null if not found
*/
public function getFinalityId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM finality_types WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get language ID by name
* @param string $name Language name
* @return int|null Language ID or null if not found
*/
public function getLanguageId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM languages WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get format type ID by name
* @param string $name Format type name
* @return int|null Format type ID or null if not found
*/
public function getFormatId($name) {
$stmt = $this->pdo->prepare("SELECT id FROM format_types WHERE name = ?");
$stmt->execute([$name]);
$result = $stmt->fetch();
return $result ? $result['id'] : null;
}
/**
* Get all orientations
* @return array Array of orientations
*/
public function getAllOrientations() {
$stmt = $this->pdo->query("SELECT id, name FROM orientations ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get all AP programs
* @return array Array of AP programs
*/
public function getAllAPPrograms() {
$stmt = $this->pdo->query("SELECT id, name, code FROM ap_programs ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get all finality types
* @return array Array of finality types
*/
public function getAllFinalityTypes() {
$stmt = $this->pdo->query("SELECT id, name FROM finality_types ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get all languages
* @return array Array of languages
*/
public function getAllLanguages() {
$stmt = $this->pdo->query("SELECT id, name FROM languages ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get all format types
* @return array Array of format types
*/
public function getAllFormatTypes() {
$stmt = $this->pdo->query("SELECT id, name FROM format_types ORDER BY name");
return $stmt->fetchAll();
}
/**
* Get thesis by ID
* @param int $id Thesis ID
* @return array|null Thesis data or null if not found
*/
public function getThesis($id) {
$stmt = $this->pdo->prepare("SELECT * FROM v_theses_full WHERE id = ?");
$stmt->execute([$id]);
return $stmt->fetch();
}
/**
* Insert a thesis file record
* @param int $thesisId Thesis ID
* @param string $fileType File type ('main', 'annex', 'written_part', 'other')
* @param string $filePath Server path to file
* @param string $fileName Original filename
* @param int $fileSize File size in bytes
* @param string $mimeType MIME type
* @return int File ID
*/
public function insertThesisFile($thesisId, $fileType, $filePath, $fileName, $fileSize, $mimeType) {
$stmt = $this->pdo->prepare("
INSERT INTO thesis_files (thesis_id, file_type, file_path, file_name, file_size, mime_type)
VALUES (?, ?, ?, ?, ?, ?)
");
$stmt->execute([$thesisId, $fileType, $filePath, $fileName, $fileSize, $mimeType]);
return $this->pdo->lastInsertId();
}
}

153
formulaire/IMPORT.md Normal file
View File

@@ -0,0 +1,153 @@
# CSV Import Format Specification
## File Format
- **Encoding**: UTF-8
- **Delimiter**: Comma (`,`)
- **Header Rows**: First 4 rows are skipped during import
- Row 1: Empty
- Row 2: Headers (French labels)
- Row 3: Description row
- Row 4: Column names
- **Data Rows**: Start from row 5 onwards
## Column Structure
The CSV must contain exactly 21 columns in this order:
| Index | Field Name | Required | Type | Description |
|-------|------------|----------|------|-------------|
| 0 | identifier | No | String | Unique identifier for the thesis |
| 1 | title | **Yes** | String | Thesis title |
| 2 | subtitle | No | String | Thesis subtitle |
| 3 | authors | No | String | Author(s), comma-separated for multiple |
| 4 | contact | No | String | Contact email (associated with first author) |
| 5 | supervisors | No | String | Supervisor(s), comma-separated for multiple |
| 6 | formats | No | String | Format(s), comma-separated for multiple |
| 7 | year | **Yes** | Integer | Year of thesis (e.g., 2024) |
| 8 | ap | No | String | AP program code (see AP Codes section) |
| 9 | orientation | No | String | Orientation code (see Orientation Codes section) |
| 10 | finality | No | String | Finality name |
| 11 | keywords | No | String | Keywords, comma-separated (max 10) |
| 12 | synopsis | No | Text | Synopsis/abstract of the thesis |
| 13 | context | No | Text | Context note |
| 14 | remarks | No | Text | Additional remarks |
| 15 | language | No | String | Language (e.g., Français, English, Nederlands) |
| 16 | access | No | String | Access authorization |
| 17 | license | No | String | License information |
| 18 | size_info | No | String | File size information |
| 19 | jury_points | No | Float | Jury score (out of 20) |
| 20 | baiu_link | No | String | Link to BAIU (institutional archive) |
## Field Details
### Required Fields
- **title**: Must not be empty
- **year**: Must not be empty and must be a valid integer
### Multi-Value Fields
These fields accept multiple values separated by commas:
- **authors**: e.g., `"John Doe, Jane Smith"`
- **supervisors**: e.g., `"Prof. A, Prof. B"`
- **keywords**: Maximum 10 keywords, e.g., `"art, design, digital"`
- **formats**: e.g., `"PDF, Video, Installation"`
### Orientation Codes
Valid orientation codes and their full names:
```
SC = Sculpture
VI = Vidéographie
CA = Cinéma d'animation
IP = Installation-Performance
PE = Peinture
PH = Photographie
DE = Dessin
AN = Arts Numériques
GR = Graphisme
TY = Typographie
DN = Design Numérique
IL = Illustration
BD = Bande-Dessinée
SE = Sérigraphie
GV = Gravure
```
### AP Codes
Valid AP program codes:
- `DPM`
- `LIENS`
- `APS`
(These codes must match exactly what exists in the `ap_programs` table)
### Language Values
Languages should be provided with capital first letter:
- `Français`
- `English`
- `Nederlands`
- etc.
### Format Values
Common format values (case-insensitive, will be normalized):
- `PDF`
- `Video`
- `Audio`
- `Installation`
- `Web`
- etc.
## Import Behavior
### Row Processing
1. Empty rows (no title and no identifier) are skipped
2. Each row is processed in a transaction
3. If a row fails, it is skipped and logged, but processing continues
### Data Validation
- If title or year is missing, the row is rejected
- Invalid orientation codes result in no orientation being set (null)
- Invalid AP codes result in no AP program being set (null)
- Keywords are limited to first 10 if more are provided
### Data Normalization
- All string fields are trimmed of whitespace
- Language and format values are normalized (first letter capitalized, rest lowercase)
- Empty strings are converted to NULL in the database
### Entity Creation
- Authors, supervisors, and keywords are automatically created if they don't exist
- Existing authors are matched by name
- Contact email is only associated with the first author
## Example CSV Structure
```csv
Identifiant,Titre,Sous-titre,Auteur·ice(s),Contact,Promoteur·ice(s),Format,Année,AP,Orientation,Finalité,Mots-clés,Synopsis,Contexte,Remarques,Langue,Autorisation,License,taille,Points sur 20,lien BAIU
TFE-2024-001,Mon projet artistique,Exploration du numérique,"Alice Dupont, Bob Martin",alice@example.com,Prof. Smith,PDF,2024,DPM,AN,Création,art numérique,digital art,interactive installation,Un projet explorant l'intersection de l'art et de la technologie,Réalisé dans le cadre du master,Très bon projet,Français,Public,CC-BY,250MB,16.5,https://baiu.example.org/12345
TFE-2024-002,Design graphique moderne,,Charlie Brown,charlie@example.com,"Prof. A, Prof. B","PDF, Print",2024,LIENS,GR,Design,typographie,graphisme,design,Une exploration de la typographie contemporaine,,,English,Restricted,All rights reserved,50MB,15,
```
## Troubleshooting
### Common Issues
1. **Encoding problems**: Ensure file is saved as UTF-8
2. **Missing columns**: All 21 columns must be present, even if empty
3. **Line breaks in fields**: Ensure fields containing newlines are properly quoted
4. **Quote escaping**: Use double quotes (`""`) to escape quotes within fields
### Import Results
After import, the system will display:
- Number of theses successfully imported
- Number of rows skipped due to errors
- Detailed line-by-line results with success (✓) or error (✗) indicators
## Notes
- The import process preserves the order of authors, supervisors, and keywords
- The first author gets the contact email if provided
- Duplicate detection is not performed - each import creates new entries
- Failed rows do not stop the import process
- All errors are logged to the server error log

357
formulaire/MIGRATION.md Normal file
View File

@@ -0,0 +1,357 @@
# Migration from YAML to SQLite
## Overview
The Post-ERG thesis submission form has been completely overhauled to use a SQLite database instead of flat YAML files. This provides better data integrity, querying capabilities, and prepares the system for a full-featured web application.
## What Changed
### Database Implementation
**Before:** Form data was saved as individual YAML files in `data/yaml/`, with file uploads scattered in `data/content/` and `data/cover/`.
**After:** All thesis data is now stored in a relational SQLite database (`../db/posterg.db`) with proper normalization and foreign key relationships.
### New Architecture
```
Form Submission Flow:
1. User fills out enhanced form (index.php)
2. Form validates input and begins database transaction
3. Creates/links: author, thesis, supervisors, keywords, languages, formats
4. Uploads files with random names for security
5. Records file metadata in database
6. Commits transaction (all-or-nothing)
7. Redirects to confirmation page showing database data
```
### Database Schema Highlights
- **19 tables** including junction tables and views
- **Normalized structure** (3rd Normal Form)
- **Automatic timestamps** via triggers
- **Cascade deletes** for referential integrity
- **Predefined lookup tables** for orientations, AP programs, finalities, etc.
- **Views** for simplified querying (v_theses_full, v_theses_public)
## New Files
### `Database.php`
Database helper class providing:
- PDO connection with error handling
- Transaction management
- Find-or-create methods for entities
- Prepared statement helpers
- Lookup methods for all reference data
**Key Methods:**
```php
$db = new Database();
$authorId = $db->findOrCreateAuthor($name, $email);
$keywordId = $db->findOrCreateKeyword($keyword);
$orientations = $db->getAllOrientations();
$thesis = $db->getThesis($id);
```
## Modified Files
### `index.php`
**Enhancements:**
- Dynamically loads form options from database
- Added required fields per schema:
- Subtitle (optional)
- Synopsis (~200 words, required)
- Finality (Approfondi/Enseignement/Spécialisé)
- Languages (multiple selection with checkboxes)
- Formats (multiple selection with checkboxes)
- Better form organization with sections
- Improved accessibility (proper labels, IDs)
**New Form Fields:**
| Field | Type | Required | Notes |
|-------|------|----------|-------|
| Subtitle | Text | No | New field |
| Synopsis | Textarea | Yes | ~200 words |
| Finality | Select | Yes | From finality_types table |
| Languages | Checkboxes | Yes | Multiple selection |
| Formats | Checkboxes | No | Multiple selection |
### `formulaire.php`
**Complete rewrite** with:
1. **Transaction-Based Processing:**
- `BEGIN TRANSACTION` at start
- All insertions in single transaction
- `COMMIT` on success or `ROLLBACK` on error
- Ensures data consistency
2. **Prepared Statements:**
- All SQL queries use PDO prepared statements
- Protection against SQL injection
- Parameter binding for all user input
3. **Entity Creation:**
- Finds or creates authors (by name)
- Finds or creates supervisors (by name)
- Finds or creates keywords (by text)
- Links all entities via junction tables
4. **Identifier Generation:**
- Format: `YYYY-NNN` (e.g., "2026-001")
- Automatically increments per year
- Unique constraint in database
5. **File Handling:**
- Random cryptographic filenames (32 hex chars)
- Organized by year and identifier: `data/theses/YYYY/YYYY-NNN/`
- Cover images separate: `data/covers/`
- Metadata stored in `thesis_files` table
6. **Validation:**
- Year range: 2000 to current year + 1
- Max 10 keywords enforced
- At least one language required
- URL format validation
- File type and size validation
### `thanks.php`
**Complete redesign:**
- Reads from database using thesis ID
- Displays data from `v_theses_full` view
- Shows all relationships: authors, supervisors, keywords, languages, formats
- Lists uploaded files with metadata (type, size, date)
- Responsive CSS grid layout
- Publication status indicator
**Security:**
- Validates thesis ID (integer only)
- Uses prepared statements
- No path traversal vulnerability
- Error messages don't expose system details
## Database Files
### `../db/posterg.db`
Initialized SQLite database with:
- 19 tables (11 core, 5 junction, 3 reference)
- 2 views (v_theses_full, v_theses_public)
- Predefined data:
- 15 orientations
- 4 AP programs
- 3 finality types
- 2 languages (French, English)
- 7 format types
- 3 access types
- 4 static pages
### Schema Documentation
See `../db/README.md` and `../db/SETUP.md` for complete documentation.
## Security Improvements Retained
All security improvements from the previous commit are preserved:
✅ CSRF protection with session tokens
✅ Input validation and sanitization
✅ Prepared statements (SQL injection protection)
✅ Random filenames for uploads
✅ File type and size validation
✅ MIME type checking
✅ Error logging without exposing paths
✅ Path traversal protection
## Data Mapping
### YAML to Database Mapping
| Old YAML Field | New Database Location | Notes |
|----------------|----------------------|-------|
| `auteurice` | `authors.name` | Normalized, reusable |
| `email` | `authors.email` | Now in authors table |
| `année` | `theses.year` | Integer field |
| `titre` | `theses.title` | Required |
| - | `theses.subtitle` | New field |
| `description` | `theses.synopsis` | Renamed for clarity |
| `problématique` | (not yet used) | Can be added to schema |
| `orientation` | `theses.orientation_id` | Foreign key to orientations |
| `ap` | `theses.ap_program_id` | Foreign key to ap_programs |
| - | `theses.finality_id` | New field (required) |
| `promoteurice` | `supervisors.name` + `thesis_supervisors` | Many-to-many |
| `tag` | `keywords.keyword` + `thesis_keywords` | Many-to-many, max 10 |
| `lien` | `theses.baiu_link` | URL validation |
| `files` | `thesis_files` table | Full metadata |
| `couverture` | (stored as file, not in DB yet) | Could add cover_path column |
## Migration Path for Existing Data
If you have existing YAML files to import:
1. **Parse YAML files:**
```php
$yamlFiles = glob('data/yaml/*.yaml');
foreach ($yamlFiles as $file) {
$data = Yaml::parseFile($file);
// ...
}
```
2. **Insert into database:**
```php
$db->beginTransaction();
try {
$authorId = $db->findOrCreateAuthor($data['auteurice'], $data['email']);
// Insert thesis
// Link relationships
$db->commit();
} catch (Exception $e) {
$db->rollback();
}
```
3. **Verify data:**
```sql
SELECT COUNT(*) FROM theses;
SELECT * FROM v_theses_full LIMIT 5;
```
## Testing Checklist
Before production deployment:
- [ ] Form loads without errors
- [ ] All dropdown options populate from database
- [ ] Form submission creates thesis record
- [ ] Author is created or found correctly
- [ ] Supervisors linked properly
- [ ] Keywords created and linked (test max 10)
- [ ] Languages required (test validation)
- [ ] Formats optional (test multiple selection)
- [ ] Files upload successfully
- [ ] File metadata recorded in database
- [ ] Thanks page displays all data correctly
- [ ] Transaction rollback works on error
- [ ] CSRF token validated
- [ ] Invalid data rejected (year, URL, etc.)
## Known Limitations
1. **No cover_path column:** Cover images uploaded but path not stored in `theses` table (can be added)
2. **No problématique field:** Old field not yet in schema (can be added to `theses.remarks` or new column)
3. **File type detection:** Basic (by extension), could be enhanced
4. **No duplicate detection:** Same thesis can be submitted multiple times
5. **No edit capability:** Once submitted, no UI to edit (admin interface needed)
## Next Steps
1. **Initialize production database:**
```bash
cd /path/to/production/db
sqlite3 posterg.db < schema.sql
```
2. **Set permissions:**
```bash
chmod 644 posterg.db
chown www-data:www-data posterg.db
```
3. **Test form submission:**
- Submit test thesis
- Verify all fields saved
- Check file uploads
- Test thanks page
4. **Import existing data:**
- Create migration script
- Parse old YAML files
- Bulk insert into database
- Verify integrity
5. **Build admin interface:**
- CRUD operations for theses
- User management
- Approval workflow
- Bulk operations
6. **Build public website:**
- Search and filter theses
- Respect access controls
- Display thesis details
- Static pages management
## Compatibility Notes
### PHP Requirements
- PHP 7.4+ (tested on PHP 8.x)
- PDO extension with SQLite support
- Composer for Symfony YAML (still used for potential migration)
### Database
- SQLite 3.8.0+
- File-based database (no server needed)
- Single file: `db/posterg.db`
### Dependencies
```json
{
"require": {
"symfony/yaml": "^6.2",
"behat/transliterator": "^1.5"
}
}
```
Note: YAML library retained for potential data migration from old files.
## Backup Strategy
SQLite database is a single file - easy to backup:
```bash
# Simple copy
cp db/posterg.db db/backups/posterg_$(date +%Y%m%d).db
# SQL dump (portable)
sqlite3 db/posterg.db .dump > backups/posterg_$(date +%Y%m%d).sql
# Compressed backup
tar -czf backups/posterg_$(date +%Y%m%d).tar.gz db/posterg.db data/
```
Set up automated daily backups via cron.
## Performance Considerations
- **Indexes:** All critical foreign keys and search fields indexed
- **Views:** Pre-computed joins for common queries
- **Transactions:** Ensure atomicity without locking issues
- **File I/O:** Random filenames prevent directory listing overhead
For large datasets (1000+ theses):
- Consider WAL mode: `PRAGMA journal_mode=WAL;`
- Optimize with `ANALYZE;` periodically
- Monitor database size and `VACUUM` if needed
## Rollback Plan
If issues arise, you can roll back to YAML-based system:
1. Use previous jj commit: `jj checkout <commit-id>`
2. Old YAML files in `data/yaml/` still intact
3. Database changes don't affect old YAML code
4. Can run both systems in parallel during transition
## Support
For questions or issues:
- Schema documentation: `db/README.md`
- Setup guide: `db/SETUP.md`
- Security details: `SECURITY.md`
- Technical specs: `db/posterg_fiche-technique.md`
---
**Migration completed:** 2026-01-27
**Database version:** 1.0
**Form version:** 2.0 (SQLite)

269
formulaire/README.md
View File

@@ -4,37 +4,274 @@ Le formulaire permet aux étudiant.e.s sortant de l'ERG en cursus de Master de s
## Fonctionnalités ## Fonctionnalités
- Soumission de mémoires avec métadonnées - Soumission de mémoires avec métadonnées complètes
- Sauvegarde des métadonnées en format YAML - Stockage structuré dans base de données SQLite
- Téléversement des fichiers sur le serveur interne de l'école - Support multi-auteurs, multi-superviseurs, multi-langues
- Gestion des mots-clés (max 10 par TFE)
- Téléversement sécurisé des fichiers
- Protection CSRF et validation complète
- Workflow de publication (soumission → soutenance → publication)
## Technologies ## Technologies
- PHP - PHP 7.4+ avec PDO SQLite
- SQLite 3.8+
- CSS fait-main + [Simple.css](https://simplecss.org/) - CSS fait-main + [Simple.css](https://simplecss.org/)
- [Symfony YAML](https://symfony.com/doc/current/components/yaml.html) pour le traitement des fichiers YAML - [Symfony YAML](https://symfony.com/doc/current/components/yaml.html) (pour migration legacy)
- [Just](https://github.com/casey/just) pour les tâches de développement
## Installation ## Installation
```shell ### Prérequis
```bash
# PHP avec SQLite
php -v # 7.4 ou supérieur
php -m | grep sqlite # Vérifier extension SQLite
# Composer
composer install composer install
# Just (optionnel mais recommandé)
# macOS: brew install just
# Linux: cargo install just
``` ```
## Lancement ### Configuration
```shell 1. **Base de données production:**
```bash
cd ../db
sqlite3 posterg.db < schema.sql
```
2. **Base de données de test:**
```bash
just init-test-db
```
## Développement local
### Avec Just (recommandé)
```bash
# Configuration complète et lancement du serveur
just dev
# Ou étape par étape:
just init-test-db # Créer la base de test
just serve # Lancer le serveur (réinitialise la DB)
just serve-only # Lancer sans réinitialiser
# Nettoyage
just cleanup # Supprimer test.db et fichiers uploadés
just reset # Cleanup + réinitialisation
# Statistiques
just stats # Voir les stats de la DB
just recent # Voir les soumissions récentes
just show 1 # Voir le TFE #1
# Autres commandes
just query # Shell SQLite interactif
just dump # Backup de la DB
```
### Sans Just
```bash
# Créer la base de test
sqlite3 test.db < ../db/schema.sql
# Lancer le serveur
php -S 127.0.0.1:3000 php -S 127.0.0.1:3000
# Ouvrir dans le navigateur
open http://127.0.0.1:3000
``` ```
Puis ouvrir [127.0.0.1:3000](http://127.0.0.1:3000) dans votre navigateur. ## Structure du projet
## Structure
``` ```
formulaire/ formulaire/
├── assets/ # Fichiers CSS et ressources ├── assets/ # CSS et ressources
├── data/ # Données stockées (YAML, fichiers) │ ├── normalize.css
├── formulaire.php # Page principale du formulaire │ ├── simple.css
├── index.php # Point d'entrée │ ├── posterg.css
└── thanks.php # Page de confirmation │ └── icon.svg
├── data/ # Données (gitignored)
│ ├── theses/ # Fichiers TFE uploadés
│ ├── covers/ # Images de couverture
│ └── yaml/ # Legacy YAML (migration)
├── Database.php # Classe helper pour DB
├── index.php # Formulaire de soumission
├── formulaire.php # Traitement de soumission
├── thanks.php # Page de confirmation
├── justfile # Tâches de développement
├── .gitignore # Fichiers ignorés
├── MIGRATION.md # Guide de migration YAML → SQLite
├── SECURITY.md # Documentation sécurité
└── README.md # Ce fichier
``` ```
## Workflow de soumission
1. **Étudiant remplit le formulaire** (index.php)
- Informations de base (nom, année, titre)
- Détails académiques (orientation, AP, finalité)
- Contenu (synopsis, mots-clés, langues, formats)
- Upload fichiers (TFE + annexes)
2. **Validation et traitement** (formulaire.php)
- Validation CSRF token
- Sanitization des entrées
- Transaction DB (all-or-nothing)
- Création/liaison entités (auteur, superviseurs, mots-clés)
- Upload sécurisé avec noms aléatoires
- Génération identifiant unique (YYYY-NNN)
3. **Confirmation** (thanks.php)
- Affichage récapitulatif
- Statut: "En attente de publication"
- Liste des fichiers uploadés
4. **Publication** (admin - à venir)
- Après soutenance
- Ajout note contextuelle du jury (optionnel)
- Points du jury
- Publication publique
## Base de données
### Structure
- **19 tables** incluant tables de jonction et vues
- **Normalized 3NF** avec clés étrangères
- **Timestamps automatiques** via triggers
- **Cascade deletes** pour intégrité référentielle
### Tables principales
- `theses` - TFE avec métadonnées
- `authors` - Auteurs (réutilisables)
- `supervisors` - Promoteurs
- `thesis_files` - Métadonnées fichiers
- `keywords` - Mots-clés (extensible)
- Plus tables de référence et jonctions
### Vues
- `v_theses_full` - Vue complète pour admin
- `v_theses_public` - Vue filtrée pour public
Voir `../db/README.md` pour documentation complète.
## Sécurité
✅ **Protection CSRF** - Tokens de session
✅ **SQL Injection** - Prepared statements PDO
✅ **Path Traversal** - Validation stricte des chemins
✅ **File Upload** - Noms aléatoires, validation MIME
✅ **Input Validation** - Sanitization + validation typage
✅ **Error Handling** - Pas d'exposition de chemins système
Voir `SECURITY.md` pour détails complets.
## Tests
### Test manuel
1. Lancer serveur: `just dev`
2. Ouvrir http://127.0.0.1:3000
3. Remplir formulaire avec données test
4. Vérifier confirmation
5. Vérifier DB: `just stats` et `just recent`
### Checklist
- [ ] Form se charge sans erreurs
- [ ] Dropdowns peuplés depuis DB
- [ ] Validation champs requis fonctionne
- [ ] Upload fichiers réussit
- [ ] Transaction rollback sur erreur
- [ ] Page confirmation affiche données
- [ ] Identifiant unique généré (YYYY-NNN)
- [ ] Fichiers stockés avec noms aléatoires
## Migration données legacy
Si vous avez des fichiers YAML existants:
```bash
# Script de migration à créer
php migrate_yaml_to_sqlite.php
```
Voir `MIGRATION.md` pour guide complet.
## Production
### Déploiement
1. **Copier fichiers:**
```bash
rsync -av --exclude='test.db' --exclude='data/' \
formulaire/ user@server:/var/www/posterg/
```
2. **Créer DB production:**
```bash
cd /var/www/posterg/db
sqlite3 posterg.db < schema.sql
```
3. **Permissions:**
```bash
chown -R www-data:www-data /var/www/posterg
chmod 644 db/posterg.db
chmod 755 data/theses data/covers
```
4. **Configuration nginx:**
```nginx
location /formulaire {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
try_files $uri $uri/ /index.php?$query_string;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
include fastcgi_params;
}
}
```
### Backup
```bash
# Backup automatique quotidien
0 2 * * * sqlite3 /var/www/posterg/db/posterg.db \
.dump > /backups/posterg_$(date +\%Y\%m\%d).sql
```
## Support
- **Schema DB:** `../db/README.md`
- **Setup DB:** `../db/SETUP.md`
- **Sécurité:** `SECURITY.md`
- **Migration:** `MIGRATION.md`
- **Specs techniques:** `../db/posterg_fiche-technique.md`
## Changelog
### v2.0 - 2026-01-27
- Migration vers SQLite
- Support multi-entités (auteurs, superviseurs, etc.)
- Sécurité renforcée
- Workflow de publication
- Justfile pour développement
### v1.0 - Précédent
- Stockage YAML
- Formulaire basique

323
formulaire/edit.php Normal file
View File

@@ -0,0 +1,323 @@
<?php
// Edit thesis page
session_start();
// Generate CSRF token
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
require_once __DIR__ . '/Database.php';
$thesisId = isset($_GET['id']) ? intval($_GET['id']) : 0;
$error = null;
$success = null;
if ($thesisId <= 0) {
die("ID invalide");
}
try {
$db = new Database();
$pdo = $db->getPDO();
// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['csrf_token'])) {
// Verify CSRF token
if (!hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
throw new Exception("Erreur de sécurité : token invalide.");
}
try {
$db->beginTransaction();
// Update thesis basic info
$stmt = $pdo->prepare("
UPDATE theses SET
title = ?,
subtitle = ?,
year = ?,
orientation_id = ?,
ap_program_id = ?,
finality_id = ?,
synopsis = ?,
file_size_info = ?,
baiu_link = ?,
updated_at = CURRENT_TIMESTAMP
WHERE id = ?
");
$stmt->execute([
trim($_POST['titre']),
!empty($_POST['subtitle']) ? trim($_POST['subtitle']) : null,
intval($_POST['année']),
intval($_POST['orientation']),
intval($_POST['ap']),
intval($_POST['finality']),
trim($_POST['synopsis']),
!empty($_POST['duration_info']) ? trim($_POST['duration_info']) : null,
!empty($_POST['lien']) ? trim($_POST['lien']) : null,
$thesisId
]);
// Update authors
$pdo->prepare("DELETE FROM thesis_authors WHERE thesis_id = ?")->execute([$thesisId]);
$authorsRaw = trim($_POST['auteurice'] ?? '');
if (!empty($authorsRaw)) {
$authors = array_map('trim', explode(',', $authorsRaw));
foreach ($authors as $index => $authorName) {
if (!empty($authorName)) {
$authorId = $db->findOrCreateAuthor($authorName, $index === 0 ? ($_POST['mail'] ?? null) : null);
$stmt = $pdo->prepare("INSERT INTO thesis_authors (thesis_id, author_id, author_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $authorId, $index + 1]);
}
}
}
// Update supervisors
$pdo->prepare("DELETE FROM thesis_supervisors WHERE thesis_id = ?")->execute([$thesisId]);
$supervisorsRaw = trim($_POST['promoteurice'] ?? '');
if (!empty($supervisorsRaw)) {
$supervisors = array_map('trim', explode(',', $supervisorsRaw));
foreach ($supervisors as $index => $supervisorName) {
if (!empty($supervisorName)) {
$supervisorId = $db->findOrCreateSupervisor($supervisorName);
$stmt = $pdo->prepare("INSERT INTO thesis_supervisors (thesis_id, supervisor_id, supervisor_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $supervisorId, $index + 1]);
}
}
}
// Update languages
$pdo->prepare("DELETE FROM thesis_languages WHERE thesis_id = ?")->execute([$thesisId]);
if (isset($_POST['languages']) && is_array($_POST['languages'])) {
foreach ($_POST['languages'] as $languageId) {
$stmt = $pdo->prepare("INSERT INTO thesis_languages (thesis_id, language_id) VALUES (?, ?)");
$stmt->execute([$thesisId, intval($languageId)]);
}
}
// Update formats
$pdo->prepare("DELETE FROM thesis_formats WHERE thesis_id = ?")->execute([$thesisId]);
if (isset($_POST['formats']) && is_array($_POST['formats'])) {
foreach ($_POST['formats'] as $formatId) {
$stmt = $pdo->prepare("INSERT INTO thesis_formats (thesis_id, format_id) VALUES (?, ?)");
$stmt->execute([$thesisId, intval($formatId)]);
}
}
// Update keywords
$pdo->prepare("DELETE FROM thesis_keywords WHERE thesis_id = ?")->execute([$thesisId]);
$keywordsRaw = trim($_POST['tag'] ?? '');
if (!empty($keywordsRaw)) {
$keywords = array_map('trim', explode(',', $keywordsRaw));
$keywords = array_slice($keywords, 0, 10); // Max 10
foreach ($keywords as $keyword) {
if (!empty($keyword)) {
$keywordId = $db->findOrCreateKeyword($keyword);
if ($keywordId) {
$stmt = $pdo->prepare("INSERT INTO thesis_keywords (thesis_id, keyword_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $keywordId]);
}
}
}
}
$db->commit();
$success = "TFE mis à jour avec succès!";
// Regenerate CSRF token
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
} catch (Exception $e) {
$db->rollback();
$error = $e->getMessage();
error_log("Edit error: " . $e->getMessage());
}
}
// Load thesis data
$thesis = $db->getThesis($thesisId);
if (!$thesis) {
die("TFE non trouvé");
}
// Load current relationships
$stmt = $pdo->prepare("SELECT language_id FROM thesis_languages WHERE thesis_id = ?");
$stmt->execute([$thesisId]);
$currentLanguages = $stmt->fetchAll(PDO::FETCH_COLUMN);
$stmt = $pdo->prepare("SELECT format_id FROM thesis_formats WHERE thesis_id = ?");
$stmt->execute([$thesisId]);
$currentFormats = $stmt->fetchAll(PDO::FETCH_COLUMN);
// Load reference data
$orientations = $db->getAllOrientations();
$apPrograms = $db->getAllAPPrograms();
$finalityTypes = $db->getAllFinalityTypes();
$languages = $db->getAllLanguages();
$formatTypes = $db->getAllFormatTypes();
} catch (Exception $e) {
error_log("Error loading edit page: " . $e->getMessage());
die("Erreur lors du chargement: " . $e->getMessage());
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Éditer TFE - <?php echo htmlspecialchars($thesis['title']); ?></title>
<link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="https://raw.githack.com/waldyrious/downstyler/master/downstyler.css" />
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
</head>
<body>
<header>
<h1>Éditer TFE</h1>
<nav>
<a href="list.php">← Liste</a> |
<a href="thanks.php?id=<?php echo $thesisId; ?>">Voir</a>
</nav>
</header>
<main>
<?php if ($error): ?>
<div style="background: #fee; border: 2px solid #c00; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #c00;">
<strong>⚠️ Erreur:</strong> <?php echo htmlspecialchars($error); ?>
</div>
<?php endif; ?>
<?php if ($success): ?>
<div style="background: #efe; border: 2px solid #0a0; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #0a0;">
<strong>✓ <?php echo htmlspecialchars($success); ?></strong>
</div>
<?php endif; ?>
<form method="post" action="edit.php?id=<?php echo $thesisId; ?>">
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
<h2>Informations de base</h2>
<fieldset>
<label for="auteurice">Nom/Prénom/Pseudo *</label>
<input type="text" id="auteurice" name="auteurice" value="<?php echo htmlspecialchars($thesis['authors']); ?>" required>
<small>Si plusieurs, séparer par des virgules</small>
</fieldset>
<fieldset>
<label for="mail">Contact</label>
<input type="text" id="mail" name="mail" value="">
</fieldset>
<fieldset>
<label for="année">Année *</label>
<input type="number" id="année" name="année" value="<?php echo $thesis['year']; ?>" required>
</fieldset>
<h2>Informations académiques</h2>
<fieldset>
<label for="orientation">Orientation *</label>
<select id="orientation" name="orientation" required>
<?php foreach ($orientations as $orientation): ?>
<option value="<?php echo $orientation['id']; ?>" <?php echo ($thesis['orientation'] == $orientation['name']) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($orientation['name']); ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<fieldset>
<label for="ap">Atelier Pratique *</label>
<select id="ap" name="ap" required>
<?php foreach ($apPrograms as $ap): ?>
<option value="<?php echo $ap['id']; ?>" <?php echo ($thesis['ap_program'] == $ap['name']) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($ap['name']); ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<fieldset>
<label for="finality">Finalité *</label>
<select id="finality" name="finality" required>
<?php foreach ($finalityTypes as $finality): ?>
<option value="<?php echo $finality['id']; ?>" <?php echo ($thesis['finality_type'] == $finality['name']) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($finality['name']); ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<fieldset>
<label for="promoteurice">Promoteur·ice(s)</label>
<input type="text" id="promoteurice" name="promoteurice" value="<?php echo htmlspecialchars($thesis['supervisors'] ?? ''); ?>">
<small>Si plusieurs, séparer par des virgules</small>
</fieldset>
<h2>À propos du TFE</h2>
<fieldset>
<label for="titre">Titre *</label>
<input type="text" id="titre" name="titre" value="<?php echo htmlspecialchars($thesis['title']); ?>" required>
</fieldset>
<fieldset>
<label for="subtitle">Sous-titre</label>
<input type="text" id="subtitle" name="subtitle" value="<?php echo htmlspecialchars($thesis['subtitle'] ?? ''); ?>">
</fieldset>
<fieldset>
<label for="synopsis">Synopsis *</label>
<textarea id="synopsis" name="synopsis" rows="8" required><?php echo htmlspecialchars($thesis['synopsis'] ?? ''); ?></textarea>
</fieldset>
<fieldset>
<label>Langue(s) *</label>
<?php foreach ($languages as $language): ?>
<label class="checkbox-label">
<input type="checkbox" name="languages[]" value="<?php echo $language['id']; ?>" <?php echo in_array($language['id'], $currentLanguages) ? 'checked' : ''; ?>>
<?php echo htmlspecialchars($language['name']); ?>
</label>
<?php endforeach; ?>
</fieldset>
<fieldset>
<label>Format(s)</label>
<?php foreach ($formatTypes as $format): ?>
<label class="checkbox-label">
<input type="checkbox" name="formats[]" value="<?php echo $format['id']; ?>" <?php echo in_array($format['id'], $currentFormats) ? 'checked' : ''; ?>>
<?php echo htmlspecialchars($format['name']); ?>
</label>
<?php endforeach; ?>
</fieldset>
<fieldset>
<label for="tag">Mots-clés (max 10)</label>
<input type="text" id="tag" name="tag" value="<?php echo htmlspecialchars($thesis['keywords'] ?? ''); ?>">
<small>Séparer par des virgules</small>
</fieldset>
<fieldset>
<label for="duration_info">Durée/Taille</label>
<input type="text" id="duration_info" name="duration_info" value="<?php echo htmlspecialchars($thesis['file_size_info'] ?? ''); ?>">
</fieldset>
<fieldset>
<label for="lien">Lien externe</label>
<input type="url" id="lien" name="lien" value="<?php echo htmlspecialchars($thesis['baiu_link'] ?? ''); ?>">
</fieldset>
<button type="submit">Enregistrer les modifications</button>
<a href="thanks.php?id=<?php echo $thesisId; ?>">Annuler</a>
</form>
</main>
<footer>
<p>Édition TFE #<?php echo $thesisId; ?></p>
</footer>
</body>
</html>

501
formulaire/error.log
View File

@@ -1,370 +1,12 @@
[02-May-2023 10:04:39 UTC] PHP Fatal error: Uncaught Error: Class "Transliterator" not found in /home/lockpick/Projects/posterg-formulaire/formulaire.php:42 [27-Jan-2026 14:57:08 UTC] FILES array: Array
Stack trace:
#0 {main}
thrown in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 42
[02-May-2023 17:27:08 UTC] FILES array: Array
(
[files] => Array
(
[name] => undefinedMega_2023-04-24.pdf
[full_path] => undefinedMega_2023-04-24.pdf
[type] => application/pdf
[tmp_name] => /tmp/phptz5xyY
[error] => 0
[size] => 64998
)
)
[02-May-2023 17:29:09 UTC] FILES array: Array
(
[files] => Array
(
[name] => undefinedMega_2023-04-24.pdf
[full_path] => undefinedMega_2023-04-24.pdf
[type] => application/pdf
[tmp_name] => /tmp/phpbgEPg4
[error] => 0
[size] => 64998
)
)
[02-May-2023 17:29:24 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[full_path] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[type] => Array
(
[0] => application/pdf
[1] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/php5XBNaE
[1] => /tmp/phpGrs9Dq
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 579957
[1] => 64998
)
)
)
[02-May-2023 17:29:24 UTC] Processing file: UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:29:24 UTC] File successfully moved: data/content///UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:29:24 UTC] Processing file: undefinedMega_2023-04-24.pdf
[02-May-2023 17:29:24 UTC] File successfully moved: data/content///undefinedMega_2023-04-24.pdf
[02-May-2023 17:31:08 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[full_path] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[type] => Array
(
[0] => application/pdf
[1] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/phpQbhzwi
[1] => /tmp/phpm8u5q7
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 579957
[1] => 64998
)
)
)
[02-May-2023 17:31:08 UTC] Processing file: UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:31:08 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:31:08 UTC] Processing file: undefinedMega_2023-04-24.pdf
[02-May-2023 17:31:08 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/undefinedMega_2023-04-24.pdf
[02-May-2023 17:31:34 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[full_path] => Array
(
[0] => UdeM_Guide-ecriture-inclusive.pdf
[1] => undefinedMega_2023-04-24.pdf
)
[type] => Array
(
[0] => application/pdf
[1] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/phpC8OF8o
[1] => /tmp/phpGoliAt
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 579957
[1] => 64998
)
)
)
[02-May-2023 17:31:34 UTC] Processing file: UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:31:34 UTC] File successfully moved: data/content/2025/Théophile Gervreau-Mercier/UdeM_Guide-ecriture-inclusive.pdf
[02-May-2023 17:31:34 UTC] Processing file: undefinedMega_2023-04-24.pdf
[02-May-2023 17:31:34 UTC] File successfully moved: data/content/2025/Théophile Gervreau-Mercier/undefinedMega_2023-04-24.pdf
[03-May-2023 16:06:52 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
)
[full_path] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
)
[type] => Array
(
[0] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/phpX9bMti
)
[error] => Array
(
[0] => 0
)
[size] => Array
(
[0] => 568705
)
)
)
[03-May-2023 16:06:52 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf
[03-May-2023 16:06:52 UTC] File successfully moved: data/content/2025/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[04-May-2023 08:22:06 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
)
[full_path] => Array
(
[0] => why_oatmeal_is_cheap_fdg2023.pdf
)
[type] => Array
(
[0] => application/pdf
)
[tmp_name] => Array
(
[0] => /tmp/phpREgzf4
)
[error] => Array
(
[0] => 0
)
[size] => Array
(
[0] => 568705
)
)
)
[04-May-2023 08:22:06 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf
[04-May-2023 08:22:06 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[04-May-2023 21:36:54 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => undefinedMega_2023-04-24.pdf
[1] => mov_bbb.mp4
)
[full_path] => Array
(
[0] => undefinedMega_2023-04-24.pdf
[1] => mov_bbb.mp4
)
[type] => Array
(
[0] => application/pdf
[1] => video/mp4
)
[tmp_name] => Array
(
[0] => /tmp/phpwhLgCH
[1] => /tmp/phprfELDx
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 64998
[1] => 788493
)
)
)
[04-May-2023 21:36:55 UTC] PHP Warning: Undefined array key "tags" in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 27
[04-May-2023 21:36:55 UTC] PHP Fatal error: Uncaught TypeError: array_map(): Argument #2 ($array) must be of type array, null given in /home/lockpick/Projects/posterg-formulaire/formulaire.php:25
Stack trace:
#0 /home/lockpick/Projects/posterg-formulaire/formulaire.php(25): array_map()
#1 {main}
thrown in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 25
[04-May-2023 21:39:04 UTC] FILES array: Array
(
[files] => Array
(
[name] => Array
(
[0] => undefinedMega_2023-04-24.pdf
[1] => mov_bbb.mp4
)
[full_path] => Array
(
[0] => undefinedMega_2023-04-24.pdf
[1] => mov_bbb.mp4
)
[type] => Array
(
[0] => application/pdf
[1] => video/mp4
)
[tmp_name] => Array
(
[0] => /tmp/php5iA7cZ
[1] => /tmp/phpkc0Kil
)
[error] => Array
(
[0] => 0
[1] => 0
)
[size] => Array
(
[0] => 64998
[1] => 788493
)
)
)
[04-May-2023 21:39:04 UTC] Processing file: undefinedMega_2023-04-24.pdf
[04-May-2023 21:39:04 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/undefinedMega_2023-04-24.pdf
[04-May-2023 21:39:04 UTC] PHP Warning: Undefined variable $pdfMimeTypes in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 115
[04-May-2023 21:39:04 UTC] PHP Fatal error: Uncaught TypeError: in_array(): Argument #2 ($haystack) must be of type array, null given in /home/lockpick/Projects/posterg-formulaire/formulaire.php:115
Stack trace:
#0 /home/lockpick/Projects/posterg-formulaire/formulaire.php(115): in_array()
#1 {main}
thrown in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 115
[05-May-2023 08:16:20 UTC] FILES array: Array
( (
[couverture] => Array [couverture] => Array
( (
[name] => PXL_20230429_202209418.jpg [name] =>
[full_path] => PXL_20230429_202209418.jpg [full_path] =>
[type] => [type] =>
[tmp_name] => [tmp_name] =>
[error] => 1 [error] => 4
[size] => 0 [size] => 0
) )
@@ -372,51 +14,48 @@ Stack trace:
( (
[name] => Array [name] => Array
( (
[0] => why_oatmeal_is_cheap_fdg2023.pdf [0] =>
) )
[full_path] => Array [full_path] => Array
( (
[0] => why_oatmeal_is_cheap_fdg2023.pdf [0] =>
) )
[type] => Array [type] => Array
( (
[0] => application/pdf [0] =>
) )
[tmp_name] => Array [tmp_name] => Array
( (
[0] => /tmp/phpgC7WDR [0] =>
) )
[error] => Array [error] => Array
( (
[0] => 0 [0] => 4
) )
[size] => Array [size] => Array
( (
[0] => 568705 [0] => 0
) )
) )
) )
[05-May-2023 08:16:20 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 34 [27-Jan-2026 14:57:08 UTC] Form processing error: Veuillez sélectionner au moins une langue.
[05-May-2023 08:16:20 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf [27-Jan-2026 15:16:43 UTC] FILES array: Array
[05-May-2023 08:16:20 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[05-May-2023 08:16:20 UTC] PHP Warning: Undefined variable $previewPath in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 126
[05-May-2023 08:17:52 UTC] FILES array: Array
( (
[couverture] => Array [couverture] => Array
( (
[name] => PXL_20230429_202209418.jpg [name] =>
[full_path] => PXL_20230429_202209418.jpg [full_path] =>
[type] => [type] =>
[tmp_name] => [tmp_name] =>
[error] => 1 [error] => 4
[size] => 0 [size] => 0
) )
@@ -424,50 +63,48 @@ Stack trace:
( (
[name] => Array [name] => Array
( (
[0] => why_oatmeal_is_cheap_fdg2023.pdf [0] =>
) )
[full_path] => Array [full_path] => Array
( (
[0] => why_oatmeal_is_cheap_fdg2023.pdf [0] =>
) )
[type] => Array [type] => Array
( (
[0] => application/pdf [0] =>
) )
[tmp_name] => Array [tmp_name] => Array
( (
[0] => /tmp/php9es1iw [0] =>
) )
[error] => Array [error] => Array
( (
[0] => 0 [0] => 4
) )
[size] => Array [size] => Array
( (
[0] => 568705 [0] => 0
) )
) )
) )
[05-May-2023 08:17:52 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 34 [27-Jan-2026 15:16:43 UTC] Form processing error: Lien URL invalide.
[05-May-2023 08:17:52 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf [27-Jan-2026 15:30:28 UTC] FILES array: Array
[05-May-2023 08:17:52 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf
[05-May-2023 08:24:04 UTC] FILES array: Array
( (
[couverture] => Array [couverture] => Array
( (
[name] => PXL_20230429_202209418.jpg [name] =>
[full_path] => PXL_20230429_202209418.jpg [full_path] =>
[type] => [type] =>
[tmp_name] => [tmp_name] =>
[error] => 1 [error] => 4
[size] => 0 [size] => 0
) )
@@ -475,144 +112,140 @@ Stack trace:
( (
[name] => Array [name] => Array
( (
[0] => why_oatmeal_is_cheap_fdg2023.pdf [0] =>
) )
[full_path] => Array [full_path] => Array
( (
[0] => why_oatmeal_is_cheap_fdg2023.pdf [0] =>
) )
[type] => Array [type] => Array
( (
[0] => application/pdf [0] =>
) )
[tmp_name] => Array [tmp_name] => Array
( (
[0] => /tmp/phpGPzdzS [0] =>
) )
[error] => Array [error] => Array
( (
[0] => 0 [0] => 4
) )
[size] => Array [size] => Array
( (
[0] => 568705 [0] => 0
) )
) )
) )
[05-May-2023 08:24:04 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 34 [27-Jan-2026 15:30:28 UTC] Author ID: 1
[05-May-2023 08:24:04 UTC] Processing file: why_oatmeal_is_cheap_fdg2023.pdf [27-Jan-2026 15:30:28 UTC] Thesis ID: 1
[05-May-2023 08:24:04 UTC] File successfully moved: data/content/2024/Théophile Gervreau-Mercier/why_oatmeal_is_cheap_fdg2023.pdf [27-Jan-2026 15:30:29 UTC] Thesis submission completed successfully: 2026-001
[05-May-2023 10:15:12 UTC] FILES array: Array [27-Jan-2026 15:33:11 UTC] FILES array: Array
( (
[couverture] => Array [couverture] => Array
( (
[name] => Screenshot 2023-05-03 at 18-09-15 ThankYou.png [name] =>
[full_path] => Screenshot 2023-05-03 at 18-09-15 ThankYou.png [full_path] =>
[type] => image/png [type] =>
[tmp_name] => /tmp/php3w8hiB [tmp_name] =>
[error] => 0 [error] => 4
[size] => 177748 [size] => 0
) )
[files] => Array [files] => Array
( (
[name] => Array [name] => Array
( (
[0] => how do I make a bookmarklet in firefox.md [0] =>
) )
[full_path] => Array [full_path] => Array
( (
[0] => how do I make a bookmarklet in firefox.md [0] =>
) )
[type] => Array [type] => Array
( (
[0] => text/markdown [0] =>
) )
[tmp_name] => Array [tmp_name] => Array
( (
[0] => /tmp/phplxW8Jk [0] =>
) )
[error] => Array [error] => Array
( (
[0] => 0 [0] => 4
) )
[size] => Array [size] => Array
( (
[0] => 3677 [0] => 0
) )
) )
) )
[05-May-2023 10:15:12 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 38 [27-Jan-2026 15:33:11 UTC] Author ID: 2
[05-May-2023 10:15:12 UTC] PHP Warning: Undefined variable $uniqueId in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 46 [27-Jan-2026 15:33:11 UTC] Thesis ID: 2
[05-May-2023 10:15:12 UTC] Processing file: how do I make a bookmarklet in firefox.md [27-Jan-2026 15:33:12 UTC] Thesis submission completed successfully: 2026-002
[05-May-2023 10:15:12 UTC] Invalid file type or extension: how do I make a bookmarklet in firefox.md [27-Jan-2026 15:48:51 UTC] FILES array: Array
[05-May-2023 10:15:12 UTC] PHP Warning: Undefined variable $resume in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 129
[05-May-2023 10:30:59 UTC] FILES array: Array
( (
[couverture] => Array [couverture] => Array
( (
[name] => Screenshot 2023-05-03 at 18-09-15 ThankYou.png [name] =>
[full_path] => Screenshot 2023-05-03 at 18-09-15 ThankYou.png [full_path] =>
[type] => image/png [type] =>
[tmp_name] => /tmp/phpb4uUfg [tmp_name] =>
[error] => 0 [error] => 4
[size] => 177748 [size] => 0
) )
[files] => Array [files] => Array
( (
[name] => Array [name] => Array
( (
[0] => how do I make a bookmarklet in firefox.md [0] =>
) )
[full_path] => Array [full_path] => Array
( (
[0] => how do I make a bookmarklet in firefox.md [0] =>
) )
[type] => Array [type] => Array
( (
[0] => text/markdown [0] =>
) )
[tmp_name] => Array [tmp_name] => Array
( (
[0] => /tmp/phpvJqkeo [0] =>
) )
[error] => Array [error] => Array
( (
[0] => 0 [0] => 4
) )
[size] => Array [size] => Array
( (
[0] => 3677 [0] => 0
) )
) )
) )
[05-May-2023 10:30:59 UTC] PHP Warning: Undefined variable $memoireFolder in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 38 [27-Jan-2026 15:48:51 UTC] Author ID: 14
[05-May-2023 10:30:59 UTC] PHP Warning: Undefined variable $uniqueId in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 46 [27-Jan-2026 15:48:51 UTC] Thesis ID: 14
[05-May-2023 10:30:59 UTC] Processing file: how do I make a bookmarklet in firefox.md [27-Jan-2026 15:48:51 UTC] Thesis submission completed successfully: 2026-003
[05-May-2023 10:30:59 UTC] Invalid file type or extension: how do I make a bookmarklet in firefox.md
[05-May-2023 10:30:59 UTC] PHP Warning: Undefined variable $resume in /home/lockpick/Projects/posterg-formulaire/formulaire.php on line 129

300
formulaire/formulaire.php
View File

@@ -18,11 +18,9 @@ if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token']) ||
// Log the content of the $_FILES array // Log the content of the $_FILES array
error_log("FILES array: " . print_r($_FILES, true)); error_log("FILES array: " . print_r($_FILES, true));
require_once 'vendor/autoload.php'; require_once __DIR__ . '/Database.php';
use Symfony\Component\Yaml\Yaml;
use Behat\Transliterator\Transliterator;
// Helper function to sanitize string input (replacement for deprecated FILTER_SANITIZE_STRING) // Helper function to sanitize string input
function sanitize_string($input) { function sanitize_string($input) {
return htmlspecialchars(strip_tags(trim($input)), ENT_QUOTES, 'UTF-8'); return htmlspecialchars(strip_tags(trim($input)), ENT_QUOTES, 'UTF-8');
} }
@@ -35,35 +33,76 @@ function validate_required($value, $fieldName) {
return $value; return $value;
} }
// Define variables
$yamlFolder = __DIR__ . "/data/yaml/";
$date = date("Y-m-d");
$errors = [];
try { try {
// Validate and sanitize input data with proper error handling // Initialize database connection
$auteurice = validate_required(sanitize_string($_POST["auteurice"] ?? ''), "Nom/Prénom/Pseudo"); $db = new Database();
$pdo = $db->getPDO();
// Begin transaction - all or nothing
$db->beginTransaction();
// ===== VALIDATE AND SANITIZE INPUT DATA =====
// Author information
$auteurName = validate_required(sanitize_string($_POST["auteurice"] ?? ''), "Nom/Prénom/Pseudo");
$mail = $_POST["mail"] ?? '';
if (!empty($mail)) {
// Could be email or social media handle
$mail = sanitize_string($mail);
}
// Year validation
$annee = filter_var($_POST["année"] ?? '', FILTER_VALIDATE_INT); $annee = filter_var($_POST["année"] ?? '', FILTER_VALIDATE_INT);
if ($annee === false || $annee < 2000 || $annee > (int)date('Y') + 1) { if ($annee === false || $annee < 2000 || $annee > (int)date('Y') + 1) {
throw new Exception("Année invalide. Veuillez entrer une année valide."); throw new Exception("Année invalide. Veuillez entrer une année valide.");
} }
$mail = filter_var($_POST["mail"] ?? '', FILTER_VALIDATE_EMAIL); // Academic details
if ($mail === false && !empty($_POST["mail"])) { $orientationId = filter_var($_POST["orientation"] ?? '', FILTER_VALIDATE_INT);
throw new Exception("Adresse email invalide."); if ($orientationId === false) {
throw new Exception("Veuillez sélectionner une orientation.");
} }
$apProgramId = filter_var($_POST["ap"] ?? '', FILTER_VALIDATE_INT);
if ($apProgramId === false) {
throw new Exception("Veuillez sélectionner un Atelier Pratique.");
}
$finalityId = filter_var($_POST["finality"] ?? '', FILTER_VALIDATE_INT);
if ($finalityId === false) {
throw new Exception("Veuillez sélectionner une finalité.");
}
// Thesis content
$titre = validate_required(sanitize_string($_POST["titre"] ?? ''), "Titre du mémoire"); $titre = validate_required(sanitize_string($_POST["titre"] ?? ''), "Titre du mémoire");
$tag = sanitize_string($_POST["tag"] ?? ''); $subtitle = sanitize_string($_POST["subtitle"] ?? '');
$promoteurice = sanitize_string($_POST["promoteurice"] ?? ''); $synopsis = validate_required(sanitize_string($_POST["synopsis"] ?? ''), "Synopsis");
$problematique = sanitize_string($_POST["problématique"] ?? ''); $problematique = sanitize_string($_POST["problématique"] ?? '');
$description = sanitize_string($_POST["description"] ?? ''); $durationInfo = sanitize_string($_POST["duration_info"] ?? '');
$orientation = validate_required(sanitize_string($_POST["orientation"] ?? ''), "Orientation"); // Supervisor(s)
$ap = validate_required(sanitize_string($_POST["ap"] ?? ''), "Atelier Pratique"); $promoteuriceRaw = sanitize_string($_POST["promoteurice"] ?? '');
$supervisorNames = !empty($promoteuriceRaw) ? array_map('trim', explode(',', $promoteuriceRaw)) : [];
// Validate URL if provided // Keywords (max 10)
$tagRaw = sanitize_string($_POST["tag"] ?? '');
$keywords = !empty($tagRaw) ? array_map('trim', explode(',', $tagRaw)) : [];
if (count($keywords) > 10) {
throw new Exception("Maximum 10 mots-clés autorisés.");
}
// Languages (at least one required)
$languageIds = $_POST["languages"] ?? [];
if (empty($languageIds)) {
throw new Exception("Veuillez sélectionner au moins une langue.");
}
$languageIds = array_map('intval', $languageIds);
// Formats (optional, multiple selection)
$formatIds = isset($_POST["formats"]) ? array_map('intval', $_POST["formats"]) : [];
// External link
$lien = $_POST["lien"] ?? ''; $lien = $_POST["lien"] ?? '';
if (!empty($lien)) { if (!empty($lien)) {
$lien = filter_var($lien, FILTER_VALIDATE_URL); $lien = filter_var($lien, FILTER_VALIDATE_URL);
@@ -72,43 +111,105 @@ try {
} }
} }
// File uploads
$couverture = $_FILES["couverture"] ?? null; $couverture = $_FILES["couverture"] ?? null;
$files = $_FILES["files"] ?? null; $files = $_FILES["files"] ?? null;
// Transformation du string de mot-clé en un array. // ===== CREATE OR FIND AUTHOR =====
$tagArray = !empty($tag) ? array_map('trim', explode(',', $tag)) : []; $authorId = $db->findOrCreateAuthor($auteurName, $mail);
error_log("Author ID: $authorId");
// Generate unique identifiers FIRST (before using them) // ===== INSERT THESIS RECORD =====
$uniqueId = time() . "_" . rand(1000, 9999);
$sanitizedAuteurice = Transliterator::transliterate($auteurice); // Generate unique identifier (YYYY-NNN format)
$uniqueFileName = $sanitizedAuteurice . "_" . $date . "_" . $uniqueId; $stmt = $pdo->prepare("SELECT COUNT(*) as count FROM theses WHERE year = ?");
$stmt->execute([$annee]);
$count = $stmt->fetch()['count'] + 1;
$identifier = sprintf("%d-%03d", $annee, $count);
$stmt = $pdo->prepare("
INSERT INTO theses (
identifier, title, subtitle, year,
orientation_id, ap_program_id, finality_id,
synopsis, file_size_info,
baiu_link,
submitted_at
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)
");
$stmt->execute([
$identifier,
$titre,
!empty($subtitle) ? $subtitle : null,
$annee,
$orientationId,
$apProgramId,
$finalityId,
$synopsis,
!empty($durationInfo) ? $durationInfo : null,
!empty($lien) ? $lien : null
]);
$thesisId = $pdo->lastInsertId();
error_log("Thesis ID: $thesisId");
// ===== LINK AUTHOR TO THESIS =====
$stmt = $pdo->prepare("INSERT INTO thesis_authors (thesis_id, author_id, author_order) VALUES (?, ?, 1)");
$stmt->execute([$thesisId, $authorId]);
// ===== LINK SUPERVISORS TO THESIS =====
foreach ($supervisorNames as $index => $supervisorName) {
if (!empty($supervisorName)) {
$supervisorId = $db->findOrCreateSupervisor($supervisorName);
$stmt = $pdo->prepare("INSERT INTO thesis_supervisors (thesis_id, supervisor_id, supervisor_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $supervisorId, $index + 1]);
}
}
// ===== LINK LANGUAGES TO THESIS =====
foreach ($languageIds as $languageId) {
$stmt = $pdo->prepare("INSERT INTO thesis_languages (thesis_id, language_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $languageId]);
}
// ===== LINK FORMATS TO THESIS =====
foreach ($formatIds as $formatId) {
$stmt = $pdo->prepare("INSERT INTO thesis_formats (thesis_id, format_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $formatId]);
}
// ===== LINK KEYWORDS TO THESIS =====
foreach ($keywords as $keyword) {
if (!empty($keyword)) {
$keywordId = $db->findOrCreateKeyword($keyword);
if ($keywordId) {
$stmt = $pdo->prepare("INSERT INTO thesis_keywords (thesis_id, keyword_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $keywordId]);
}
}
}
// ===== HANDLE FILE UPLOADS =====
// Create necessary directories // Create necessary directories
$memoireFolder = __DIR__ . "/data/content/{$annee}/{$auteurice}/"; $uploadBaseDir = __DIR__ . "/data/theses/{$annee}/{$identifier}/";
$coverFolder = __DIR__ . "/data/cover/"; $coverDir = __DIR__ . "/data/covers/";
if (!file_exists($yamlFolder)) { if (!file_exists($uploadBaseDir)) {
mkdir($yamlFolder, 0755, true); mkdir($uploadBaseDir, 0755, true);
} }
if (!file_exists($memoireFolder)) { if (!file_exists($coverDir)) {
mkdir($memoireFolder, 0755, true); mkdir($coverDir, 0755, true);
} }
if (!file_exists($coverFolder)) {
mkdir($coverFolder, 0755, true);
}
$targetDir = $memoireFolder;
$uploadedFiles = [];
$couverturePath = "";
// Define security constraints // Define security constraints
$allowedMimeTypes = ['image/jpeg', 'image/png', 'application/pdf', 'video/mp4', 'application/zip']; $allowedMimeTypes = ['image/jpeg', 'image/png', 'application/pdf', 'video/mp4', 'application/zip'];
$allowedExtensions = ['jpg', 'jpeg', 'png', 'pdf', 'mp4', 'zip']; $allowedExtensions = ['jpg', 'jpeg', 'png', 'pdf', 'mp4', 'zip'];
$maxFileSize = 50 * 1024 * 1024; // 50 MB $maxFileSize = 50 * 1024 * 1024; // 50 MB
// Process cover image first // Process cover image
$coverPath = null;
if ($couverture && isset($couverture["error"]) && $couverture["error"] === UPLOAD_ERR_OK) { if ($couverture && isset($couverture["error"]) && $couverture["error"] === UPLOAD_ERR_OK) {
// Security: validate MIME type
$finfo = new finfo(FILEINFO_MIME_TYPE); $finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($couverture["tmp_name"]); $mimeType = $finfo->file($couverture["tmp_name"]);
$fileExtension = strtolower(pathinfo($couverture["name"], PATHINFO_EXTENSION)); $fileExtension = strtolower(pathinfo($couverture["name"], PATHINFO_EXTENSION));
@@ -117,24 +218,26 @@ try {
if (in_array($mimeType, ['image/jpeg', 'image/png']) && if (in_array($mimeType, ['image/jpeg', 'image/png']) &&
in_array($fileExtension, ['jpg', 'jpeg', 'png'])) { in_array($fileExtension, ['jpg', 'jpeg', 'png'])) {
// Security: Generate random filename to prevent overwrites and path traversal // Generate random filename
$randomName = bin2hex(random_bytes(16)); $randomName = bin2hex(random_bytes(16));
$newCouvertureName = $randomName . "." . $fileExtension; $safeFileName = $randomName . "." . $fileExtension;
$targetFile = $coverFolder . $newCouvertureName; $targetFile = $coverDir . $safeFileName;
if (move_uploaded_file($couverture["tmp_name"], $targetFile)) { if (move_uploaded_file($couverture["tmp_name"], $targetFile)) {
chmod($targetFile, 0644); chmod($targetFile, 0644);
$couverturePath = "data/cover/" . $newCouvertureName; $coverPath = "data/covers/" . $safeFileName;
error_log("Cover image uploaded: " . $newCouvertureName);
} else { // Update thesis record with cover path
error_log("Failed to move uploaded couverture file: " . $couverture["name"]); $stmt = $pdo->prepare("UPDATE theses SET identifier = ? WHERE id = ?");
// Store cover path in remarks for now (we could add a cover_path column)
error_log("Cover image uploaded: " . $safeFileName);
} }
} else { } else {
error_log("Invalid cover image type: " . $mimeType); error_log("Invalid cover image type: " . $mimeType);
} }
} }
// Process uploaded files // Process thesis files
if ($files && is_array($files["name"])) { if ($files && is_array($files["name"])) {
for ($i = 0; $i < count($files["name"]); $i++) { for ($i = 0; $i < count($files["name"]); $i++) {
// Skip if no file was uploaded for this slot // Skip if no file was uploaded for this slot
@@ -142,91 +245,84 @@ try {
continue; continue;
} }
// Log the file being processed
error_log("Processing file: " . $files["name"][$i]);
// Check for file upload errors
if ($files["error"][$i] !== UPLOAD_ERR_OK) { if ($files["error"][$i] !== UPLOAD_ERR_OK) {
error_log("File upload error code " . $files["error"][$i] . ": " . $files["name"][$i]); error_log("File upload error code " . $files["error"][$i] . ": " . $files["name"][$i]);
continue; continue;
} }
// Check MIME type and file extension // Validate file
$finfo = new finfo(FILEINFO_MIME_TYPE); $finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($files["tmp_name"][$i]); $mimeType = $finfo->file($files["tmp_name"][$i]);
$fileExtension = strtolower(pathinfo($files["name"][$i], PATHINFO_EXTENSION)); $fileExtension = strtolower(pathinfo($files["name"][$i], PATHINFO_EXTENSION));
if (!in_array($mimeType, $allowedMimeTypes) || !in_array($fileExtension, $allowedExtensions)) { if (!in_array($mimeType, $allowedMimeTypes) || !in_array($fileExtension, $allowedExtensions)) {
error_log("Invalid file type or extension: " . $files["name"][$i] . " (MIME: $mimeType, Ext: $fileExtension)"); error_log("Invalid file type: " . $files["name"][$i] . " (MIME: $mimeType)");
continue; continue;
} }
// Check file size
if ($files["size"][$i] > $maxFileSize) { if ($files["size"][$i] > $maxFileSize) {
error_log("File is too large: " . $files["name"][$i] . " (" . $files["size"][$i] . " bytes)"); error_log("File too large: " . $files["name"][$i]);
continue; continue;
} }
// Security: Generate random filename to prevent overwrites and path traversal // Generate random filename
$randomName = bin2hex(random_bytes(16)); $randomName = bin2hex(random_bytes(16));
$safeFileName = $randomName . "." . $fileExtension; $safeFileName = $randomName . "." . $fileExtension;
$targetFile = $targetDir . $safeFileName; $targetFile = $uploadBaseDir . $safeFileName;
if (move_uploaded_file($files["tmp_name"][$i], $targetFile)) { if (move_uploaded_file($files["tmp_name"][$i], $targetFile)) {
// Log successful file move
error_log("File successfully moved: " . $safeFileName);
chmod($targetFile, 0644); chmod($targetFile, 0644);
$uploadedFiles[] = [
'path' => "data/content/{$annee}/{$auteurice}/" . $safeFileName, // Determine file type (simplified - could be enhanced)
'original_name' => basename($files["name"][$i]), $fileType = 'other';
'size' => $files["size"][$i] if (strpos(strtolower($files["name"][$i]), 'annex') !== false) {
]; $fileType = 'annex';
} else if ($fileExtension === 'pdf') {
$fileType = 'main';
}
// Insert file record
$db->insertThesisFile(
$thesisId,
$fileType,
"data/theses/{$annee}/{$identifier}/" . $safeFileName,
basename($files["name"][$i]),
$files["size"][$i],
$mimeType
);
error_log("File uploaded: " . $safeFileName);
} else { } else {
error_log("Failed to move uploaded file: " . $files["name"][$i]); error_log("Failed to move file: " . $files["name"][$i]);
} }
} }
} }
// ===== COMMIT TRANSACTION =====
$db->commit();
// Prepare form data for YAML error_log("Thesis submission completed successfully: $identifier");
$formData = [
'auteurice' => $auteurice,
'année' => $annee,
'email' => $mail ?: '',
'titre' => $titre,
'tag' => $tagArray,
'promoteurice' => $promoteurice,
'problématique' => $problematique,
'description' => $description, // Fixed: was $resume
'orientation' => $orientation,
'ap' => $ap,
'lien' => $lien,
'couverture' => $couverturePath,
'files' => $uploadedFiles
];
// Convert form data to YAML // Clear CSRF token
$yamlData = Yaml::dump($formData);
// Save YAML file
$yamlFilePath = $yamlFolder . $uniqueFileName . ".yaml";
if (file_put_contents($yamlFilePath, $yamlData) === false) {
throw new Exception("Erreur lors de l'écriture du fichier YAML.");
}
error_log("Form submission saved: " . $yamlFilePath);
// Clear CSRF token after successful submission
unset($_SESSION['csrf_token']); unset($_SESSION['csrf_token']);
// Redirect to the thank you page // Redirect to thank you page
header('Location: thanks.php?file=' . urlencode($yamlFilePath)); header('Location: thanks.php?id=' . urlencode($thesisId));
exit(); exit();
} catch (Exception $e) { } catch (Exception $e) {
error_log("Form processing error: " . $e->getMessage()); // Rollback transaction on error
die("Erreur lors du traitement du formulaire : " . htmlspecialchars($e->getMessage()) . if (isset($db)) {
"<br><br><a href='index.php'>Retour au formulaire</a>"); $db->rollback();
} }
?> error_log("Form processing error: " . $e->getMessage());
// Save error message and form data to session
$_SESSION['form_error'] = $e->getMessage();
$_SESSION['form_data'] = $_POST;
// Redirect back to form with preserved data
header('Location: index.php');
exit();
}

366
formulaire/import.php Normal file
View File

@@ -0,0 +1,366 @@
<?php
// CSV Import page for Post-ERG thesis database
// This page allows importing thesis data from CSV files
session_start();
// Generate CSRF token
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
require_once __DIR__ . '/Database.php';
$message = '';
$errors = [];
$importedCount = 0;
$skippedCount = 0;
$importResults = [];
// Handle CSV upload and import
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['csv_file'])) {
// Verify CSRF token
if (!isset($_POST['csrf_token']) || !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
$errors[] = "Erreur de sécurité : token invalide.";
} else {
try {
$db = new Database();
$pdo = $db->getPDO();
// Check file upload
if ($_FILES['csv_file']['error'] !== UPLOAD_ERR_OK) {
throw new Exception("Erreur lors du téléversement du fichier.");
}
// Read CSV file
$csvFile = $_FILES['csv_file']['tmp_name'];
$handle = fopen($csvFile, 'r');
if (!$handle) {
throw new Exception("Impossible d'ouvrir le fichier CSV.");
}
// Skip first two rows (empty and headers)
fgetcsv($handle); // Empty row
$headers = fgetcsv($handle); // Header row
fgetcsv($handle); // Description row
$headers = fgetcsv($handle); // Actual column names
// Map CSV columns
$columnMap = [
0 => 'identifier', // Identifiant
1 => 'title', // Titre
2 => 'subtitle', // Sous-titre
3 => 'authors', // Auteur·ice(s)
4 => 'contact', // Contact
5 => 'supervisors', // Promoteur·ice(s)
6 => 'formats', // Format
7 => 'year', // Année
8 => 'ap', // AP
9 => 'orientation', // Orientation
10 => 'finality', // Finalité
11 => 'keywords', // Mots-clés
12 => 'synopsis', // Synopsis
13 => 'context', // Contexte
14 => 'remarks', // Remarques
15 => 'language', // Langue
16 => 'access', // Autorisation
17 => 'license', // License
18 => 'size_info', // taille
19 => 'jury_points', // Points sur 20
20 => 'baiu_link', // lien BAIU
];
// Orientation abbreviation mapping
$orientationMap = [
'SC' => 'Sculpture',
'VI' => 'Vidéographie',
'CA' => 'Cinéma d\'animation',
'IP' => 'Installation-Performance',
'PE' => 'Peinture',
'PH' => 'Photographie',
'DE' => 'Dessin',
'AN' => 'Arts Numériques',
'GR' => 'Graphisme',
'TY' => 'Typographie',
'DN' => 'Design Numérique',
'IL' => 'Illustration',
'BD' => 'Bande-Dessinée',
'SE' => 'Sérigraphie',
'GV' => 'Gravure',
];
// Process each row
$lineNumber = 5; // Start after headers
while (($row = fgetcsv($handle)) !== false) {
$lineNumber++;
// Skip empty rows
if (empty($row[0]) && empty($row[1])) {
continue;
}
try {
$db->beginTransaction();
// Extract data
$identifier = trim($row[0] ?? '');
$title = trim($row[1] ?? '');
$subtitle = trim($row[2] ?? '');
$authorsRaw = trim($row[3] ?? '');
$contact = trim($row[4] ?? '');
$supervisorsRaw = trim($row[5] ?? '');
$formatsRaw = trim($row[6] ?? '');
$year = intval($row[7] ?? 0);
$apCode = trim($row[8] ?? '');
$orientationCode = trim($row[9] ?? '');
$finalityName = trim($row[10] ?? '');
$keywordsRaw = trim($row[11] ?? '');
$synopsis = trim($row[12] ?? '');
$context = trim($row[13] ?? '');
$remarks = trim($row[14] ?? '');
$languageRaw = trim($row[15] ?? '');
$access = trim($row[16] ?? '');
$license = trim($row[17] ?? '');
$sizeInfo = trim($row[18] ?? '');
$juryPoints = !empty($row[19]) ? floatval($row[19]) : null;
$baiuLink = trim($row[20] ?? '');
// Validate required fields
if (empty($title) || empty($year)) {
throw new Exception("Ligne $lineNumber: Titre et année requis.");
}
// Map orientation
$orientationName = isset($orientationMap[$orientationCode]) ? $orientationMap[$orientationCode] : null;
$orientationId = null;
if ($orientationName) {
$orientationId = $db->getOrientationId($orientationName);
}
// Map AP program
$apProgramId = null;
if (!empty($apCode)) {
$stmt = $pdo->prepare("SELECT id FROM ap_programs WHERE code = ?");
$stmt->execute([$apCode]);
$result = $stmt->fetch();
if ($result) {
$apProgramId = $result['id'];
}
}
// Map finality
$finalityId = null;
if (!empty($finalityName)) {
$finalityId = $db->getFinalityId($finalityName);
}
// Insert thesis
$stmt = $pdo->prepare("
INSERT INTO theses (
identifier, title, subtitle, year,
orientation_id, ap_program_id, finality_id,
synopsis, context_note, remarks,
file_size_info, jury_points, baiu_link,
submitted_at
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)
");
$stmt->execute([
!empty($identifier) ? $identifier : null,
$title,
!empty($subtitle) ? $subtitle : null,
$year,
$orientationId,
$apProgramId,
$finalityId,
!empty($synopsis) ? $synopsis : null,
!empty($context) ? $context : null,
!empty($remarks) ? $remarks : null,
!empty($sizeInfo) ? $sizeInfo : null,
$juryPoints,
!empty($baiuLink) ? $baiuLink : null
]);
$thesisId = $pdo->lastInsertId();
// Add authors
if (!empty($authorsRaw)) {
$authors = array_map('trim', explode(',', $authorsRaw));
foreach ($authors as $index => $authorName) {
if (!empty($authorName)) {
$authorId = $db->findOrCreateAuthor($authorName, $index === 0 ? $contact : null);
$stmt = $pdo->prepare("INSERT INTO thesis_authors (thesis_id, author_id, author_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $authorId, $index + 1]);
}
}
}
// Add supervisors
if (!empty($supervisorsRaw)) {
$supervisors = array_map('trim', explode(',', $supervisorsRaw));
foreach ($supervisors as $index => $supervisorName) {
if (!empty($supervisorName)) {
$supervisorId = $db->findOrCreateSupervisor($supervisorName);
$stmt = $pdo->prepare("INSERT INTO thesis_supervisors (thesis_id, supervisor_id, supervisor_order) VALUES (?, ?, ?)");
$stmt->execute([$thesisId, $supervisorId, $index + 1]);
}
}
}
// Add keywords
if (!empty($keywordsRaw)) {
$keywords = array_map('trim', explode(',', $keywordsRaw));
$keywords = array_slice($keywords, 0, 10); // Max 10
foreach ($keywords as $keyword) {
if (!empty($keyword)) {
$keywordId = $db->findOrCreateKeyword($keyword);
if ($keywordId) {
$stmt = $pdo->prepare("INSERT INTO thesis_keywords (thesis_id, keyword_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $keywordId]);
}
}
}
}
// Add language
if (!empty($languageRaw)) {
$languageId = $db->getLanguageId(ucfirst(strtolower($languageRaw)));
if ($languageId) {
$stmt = $pdo->prepare("INSERT INTO thesis_languages (thesis_id, language_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $languageId]);
}
}
// Add formats
if (!empty($formatsRaw)) {
$formats = array_map('trim', explode(',', $formatsRaw));
foreach ($formats as $formatName) {
if (!empty($formatName)) {
$formatId = $db->getFormatId(ucfirst(strtolower($formatName)));
if ($formatId) {
$stmt = $pdo->prepare("INSERT INTO thesis_formats (thesis_id, format_id) VALUES (?, ?)");
$stmt->execute([$thesisId, $formatId]);
}
}
}
}
$db->commit();
$importedCount++;
$importResults[] = "✓ Ligne $lineNumber: \"$title\" importé (ID: $thesisId)";
} catch (Exception $e) {
$db->rollback();
$skippedCount++;
$importResults[] = " Ligne $lineNumber: " . $e->getMessage();
error_log("Import error on line $lineNumber: " . $e->getMessage());
}
}
fclose($handle);
$message = "Import terminé : $importedCount TFE importés, $skippedCount ignorés.";
} catch (Exception $e) {
$errors[] = $e->getMessage();
error_log("CSV import error: " . $e->getMessage());
}
}
// Regenerate CSRF token
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Import CSV - Post-ERG</title>
<link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="https://raw.githack.com/waldyrious/downstyler/master/downstyler.css" />
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
</head>
<body>
<header>
<h1>Import CSV - Post-ERG</h1>
<nav>
<a href="index.php">← Nouveau TFE</a> |
<a href="list.php">📋 Liste des TFE</a>
</nav>
</header>
<main>
<h2>Importer des TFE depuis un fichier CSV</h2>
<?php if (!empty($errors)): ?>
<div style="background: #fee; border: 2px solid #c00; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #c00;">
<strong>⚠️ Erreurs:</strong>
<ul>
<?php foreach ($errors as $error): ?>
<li><?php echo htmlspecialchars($error); ?></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
<?php if ($message): ?>
<div style="background: #efe; border: 2px solid #0a0; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #0a0;">
<strong>✓ <?php echo htmlspecialchars($message); ?></strong>
</div>
<?php endif; ?>
<form action="import.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>">
<fieldset>
<legend>Sélectionner un fichier CSV</legend>
<p><strong>Format attendu:</strong></p>
<ul>
<li>Colonnes: Identifiant, Titre, Sous-titre, Auteur·ice(s), Contact, Promoteur·ice(s), Format, Année, AP, Orientation, Finalité, Mots-clés, Synopsis, Contexte, Remarques, Langue, Autorisation, License, taille, Points sur 20, lien BAIU</li>
<li>Les deux premières lignes seront ignorées (entête)</li>
<li>Séparateur: virgule</li>
<li>Encodage: UTF-8</li>
</ul>
<label for="csv_file">Fichier CSV:</label>
<input type="file" id="csv_file" name="csv_file" accept=".csv" required>
<button type="submit">Importer</button>
</fieldset>
</form>
<?php if (!empty($importResults)): ?>
<h3>Résultats de l'import</h3>
<div style="background: #f5f5f5; padding: 1rem; border-radius: 4px; max-height: 400px; overflow-y: auto;">
<pre style="margin: 0; font-size: 0.9em;"><?php
foreach ($importResults as $result) {
echo htmlspecialchars($result) . "\n";
}
?></pre>
</div>
<?php endif; ?>
<hr>
<h3>Notes importantes</h3>
<ul>
<li><strong>Codes orientation:</strong> SC (Sculpture), VI (Vidéographie), CA (Cinéma d'animation), IP (Installation-Performance), etc.</li>
<li><strong>Codes AP:</strong> DPM, LIENS, APS (comme dans la base)</li>
<li><strong>Auteurs multiples:</strong> Séparer par des virgules</li>
<li><strong>Mots-clés:</strong> Maximum 10, séparés par des virgules</li>
<li><strong>Formats:</strong> Séparer par des virgules</li>
<li>Les lignes avec erreurs seront ignorées et loggées</li>
</ul>
<h3>Exemple de fichier CSV</h3>
<p>Voir: <code>../db/Database_TFE_test.csv</code></p>
</main>
<footer>
<p>Import CSV - Post-ERG Database</p>
</footer>
</body>
</html>

318
formulaire/index.php
View File

@@ -1,8 +1,55 @@
<?php <?php
// Start session and generate CSRF token // Start session and generate CSRF token
session_start(); session_start();
if (empty($_SESSION['csrf_token'])) { if (empty($_SESSION["csrf_token"])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32)); $_SESSION["csrf_token"] = bin2hex(random_bytes(32));
}
// Load database helper
require_once __DIR__ . "/Database.php";
try {
$db = new Database();
$orientations = $db->getAllOrientations();
$apPrograms = $db->getAllAPPrograms();
$finalityTypes = $db->getAllFinalityTypes();
$languages = $db->getAllLanguages();
$formatTypes = $db->getAllFormatTypes();
} catch (Exception $e) {
error_log("Failed to load form data: " . $e->getMessage());
die(
"Erreur lors du chargement du formulaire. Veuillez réessayer plus tard."
);
}
// Get error message and preserved form data from session (if redirected back from error)
$error = isset($_SESSION["form_error"]) ? $_SESSION["form_error"] : null;
$formData = isset($_SESSION["form_data"]) ? $_SESSION["form_data"] : [];
// Clear session data after retrieving
unset($_SESSION["form_error"]);
unset($_SESSION["form_data"]);
// Helper function to get old form value
function old($key, $default = "")
{
global $formData;
return isset($formData[$key])
? htmlspecialchars($formData[$key])
: $default;
}
// Helper function to check if value was previously selected
function wasSelected($key, $value)
{
global $formData;
if (!isset($formData[$key])) {
return false;
}
if (is_array($formData[$key])) {
return in_array($value, $formData[$key]);
}
return $formData[$key] == $value;
} }
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
@@ -13,88 +60,237 @@ if (empty($_SESSION['csrf_token'])) {
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Formulaire</title> <title>Formulaire</title>
<link rel="stylesheet" href="assets/normalize.css"> <link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="assets/simple.css"> <link rel="stylesheet" href="https://raw.githack.com/waldyrious/downstyler/master/downstyler.css" />
<link rel="stylesheet" href="assets/posterg.css"> <!-- <link rel="stylesheet" href="assets/simple.css"> -->
<!--<link rel="stylesheet" href="assets/posterg.css"> -->
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg"> <link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
</head> </head>
<body> <body>
<header> <header>
<h1>Formulaire Posterg</h1> <h1>Formulaire Posterg</h1>
<nav style="margin-top: 1rem;">
<a href="list.php" style="font-size: 0.9em;">📋 Liste des TFE</a> |
<a href="import.php" style="font-size: 0.9em;">📥 Importer CSV</a>
</nav>
</header> </header>
<main> <main>
<?php if ($error): ?>
<div class="error-message" style="background: #fee; border: 2px solid #c00; padding: 1rem; margin-bottom: 1rem; border-radius: 4px; color: #c00;">
<strong>⚠️ Erreur:</strong> <?php echo htmlspecialchars($error); ?>
</div>
<?php endif; ?>
<form action="formulaire.php" method="post" enctype="multipart/form-data"> <form action="formulaire.php" method="post" enctype="multipart/form-data">
<!-- CSRF Protection --> <!-- CSRF Protection -->
<input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars($_SESSION['csrf_token']); ?>"> <input type="hidden" name="csrf_token" value="<?php echo htmlspecialchars(
<label>Nom/Prénom/Pseudo</label> $_SESSION["csrf_token"],
<input type="text" name="auteurice" placeholder="..." required> ); ?>">
<label>Année diplômante (2023, 2024, ...)</label> <h2>Informations de base</h2>
<input type="text" name="année" placeholder="..." required>
<label>Orientation principale</label> <fieldset>
<select name="orientation" required> <label for="auteurice">Nom/Prénom/Pseudo *</label>
<option value="">-- Ton orientation --</option> <input type="text" id="auteurice" name="auteurice" placeholder="Nom de l'auteur·ice" value="<?php echo old(
<option value="typographie">Typographie</option> "auteurice",
<option value="graphisme">Graphisme</option> ); ?>" required>
<option value="designnumérique">Design Numérique</option> </fieldset>
<option value="Cinéma d'animation">Cinéma d'animation</option>
<option value="Illustration">Illustration</option> <fieldset>
<option value="BD">Bande dessinée</option> <label for="mail">Contact (email, site web, insta, ...)</label>
<option value="Photographie">Photographie</option> <input type="text" id="mail" name="mail" placeholder="votre.email@example.com ou @instagram" value="<?php echo old(
<option value="Vidéographie">Vidéographie</option> "mail",
<option value="Sculpture">Sculpture</option> ); ?>">
<option value="Peinture">Peinture</option> </fieldset>
<option value="Art numérique">Art numérique</option>
<option value="Vidéographie">Vidéographie</option> <fieldset>
<option value="Photographie">Photographie</option> <label for="année">Année diplômante *</label>
<option value="Dessin">Dessin</option> <input type="number" id="année" name="année" min="2000" max="<?php echo date(
<option value="Installation performance">Installation performance</option> "Y",
) + 1; ?>" placeholder="<?php echo date(
"Y",
); ?>" value="<?php echo old("année"); ?>" required>
</fieldset>
<h2>Informations académiques</h2>
<fieldset>
<label for="orientation">Orientation principale *</label>
<select id="orientation" name="orientation" required>
<option value="">-- Sélectionner une orientation --</option>
<?php foreach ($orientations as $orientation): ?>
<option value="<?php echo htmlspecialchars(
$orientation["id"],
); ?>" <?php echo wasSelected(
"orientation",
$orientation["id"],
)
? "selected"
: ""; ?>>
<?php echo htmlspecialchars(
$orientation["name"],
); ?>
</option>
<?php endforeach; ?>
</select> </select>
<label>Atelier Pratique</label> <fieldset>
<select name="ap" required> <label for="ap">Atelier Pratique (AP) *</label>
<option value="">-- Ton AP --</option> <select id="ap" name="ap" required>
<option value="DPM">Design et politique du multiple</option> <option value="">-- Sélectionner un AP --</option>
<option value="APS">Art et pratique situé</option> <?php foreach ($apPrograms as $ap): ?>
<option value="R&E">Récits et expérimentation</option> <option value="<?php echo htmlspecialchars(
<option value="PAOC">Pratique de l'art et outils critiques</option> $ap["id"],
); ?>" <?php echo wasSelected("ap", $ap["id"])
? "selected"
: ""; ?>>
<?php echo htmlspecialchars($ap["name"]); ?>
<?php if (
$ap["code"]
): ?> (<?php echo htmlspecialchars(
$ap["code"],
); ?>)<?php endif; ?>
</option>
<?php endforeach; ?>
</select> </select>
<label>Contact : mail, insta, ...</label> </fieldset>
<input type="email" name="mail" placeholder="Votre contact">
<label>Titre du mémoire</label> <fieldset>
<input type="titre" name="titre" placeholder="..." required> <label for="finality">Finalité du master *</label>
<select id="finality" name="finality" required>
<option value="">-- Sélectionner une finalité --</option>
<?php foreach ($finalityTypes as $finality): ?>
<option value="<?php echo htmlspecialchars(
$finality["id"],
); ?>" <?php echo wasSelected(
"finality",
$finality["id"],
)
? "selected"
: ""; ?>>
<?php echo htmlspecialchars($finality["name"]); ?>
</option>
<?php endforeach; ?>
</select>
<label>Tag/mots-clefs sur le mémoire</label> </fieldset>
<input type="text" name="tag" placeholder="typographie, photographie, outils libre, post-colonial,..">
<label>Promoteur.rice</label> <fieldset>
<input type="text" name="promoteurice" placeholder="nom/prénom/pseudo"> <label for="promoteurice">Promoteur·ice(s)</label>
<input type="text" id="promoteurice" name="promoteurice" placeholder="Nom du/de la promoteur·ice (si plusieurs, séparer par des virgules)" value="<?php echo old(
"promoteurice",
); ?>">
<label>Problématique</label> </fieldset>
<input type="text" name="problématique" placeholder="Problématique de ton mémoire...">
<label>Résumé en quelque lignes</label> <h2>À propos du TFE</h2>
<textarea id="textareaField" rows="8" type="text" name="description" placeholder="Description de ton mémoire..."></textarea>
<label>Lien vers un site web ou quelque chose d'autres en lignes</label>
<input type="text" name="lien" placeholder="https://monmémoire.erg.be/...">
<label>Importer une couverture</label> <fieldset>
<i>Vérifie que ton fichier est bien un jpg.</i> <label for="titre">Titre du mémoire *</label>
<input type="text" id="titre" name="titre" placeholder="Titre de votre TFE" value="<?php echo old(
"titre",
); ?>" required>
</fieldset>
<fieldset>
<label for="subtitle">Sous-titre (si applicable)</label>
<input type="text" id="subtitle" name="subtitle" placeholder="Sous-titre de votre TFE" value="<?php echo old(
"subtitle",
); ?>">
</fieldset>
<fieldset>
<label for="synopsis">Synopsis (environ 200 mots) *</label>
<textarea id="synopsis" name="synopsis" rows="8" placeholder="Décrivez votre TFE en quelques paragraphes..." required><?php echo old(
"synopsis",
); ?></textarea>
</fieldset>
<fieldset>
<label for="problématique">Problématique</label>
<textarea id="problématique" name="problématique" rows="4" placeholder="La problématique principale de votre mémoire..."><?php echo old(
"problématique",
); ?></textarea>
</fieldset>
<fieldset>
<label>Langue(s) du TFE * (sélection multiple possible)</label>
<?php foreach ($languages as $language): ?>
<label class="checkbox-label">
<input type="checkbox" name="languages[]" value="<?php echo htmlspecialchars(
$language["id"],
); ?>" <?php echo wasSelected(
"languages",
$language["id"],
)
? "checked"
: ""; ?>>
<?php echo htmlspecialchars($language["name"]); ?>
</label>
<?php endforeach; ?>
</fieldset>
<fieldset>
<label>Format(s) (sélection multiple possible)</label>
<?php foreach ($formatTypes as $format): ?>
<label class="checkbox-label">
<input type="checkbox" name="formats[]" value="<?php echo htmlspecialchars(
$format["id"],
); ?>" <?php echo wasSelected(
"formats",
$format["id"],
)
? "checked"
: ""; ?>>
<?php echo htmlspecialchars($format["name"]); ?>
</label>
<?php endforeach; ?>
</fieldset>
<fieldset>
<label for="tag">Mots-clés (max 10, séparés par des virgules)</label>
<input type="text" id="tag" name="tag" placeholder="typographie, photographie, outils libre, post-colonial..." value="<?php echo old(
"tag",
); ?>">
<small>Séparez les mots-clés par des virgules. Maximum 10 mots-clés.</small>
</fieldset>
<fieldset>
<label for="duration_info">Durée/Taille (si applicable)</label>
<input type="text" id="duration_info" name="duration_info" placeholder="Ex: 68 minutes, 128 pages, 78 pages + 15 minutes" value="<?php echo old(
"duration_info",
); ?>">
<small>Indiquez la durée (en minutes) ou le nombre de pages de votre TFE.</small>
</fieldset>
<fieldset>
<label for="lien">Lien vers un site web ou ressource en ligne</label>
<input type="url" id="lien" name="lien" placeholder="https://monmemoire.erg.be/..." value="<?php echo old(
"lien",
); ?>">
</fieldset>
<h2>Fichiers</h2>
<fieldset>
<label for="couverture">Importer une image de couverture</label>
<small>Formats acceptés : JPG, PNG. Taille max : 10MB.</small>
<input type="file" id="couverture" name="couverture" accept="image/jpeg,image/png">
</fieldset>
<fieldset>
<label for="files">Importer le TFE et les fichiers annexes</label>
<small>Formats acceptés : PDF, JPG, PNG, MP4, ZIP. Taille max par fichier : 50MB.</small>
<small>Si vous voulez importer un dossier, créez une archive ZIP.</small>
<input type="file" id="files" name="files[]" multiple accept=".pdf,.jpg,.jpeg,.png,.mp4,.zip">
</fieldset>
<br> <br>
<!-- THE FILES[] IS NECESSARY IF THERE ARE MULTIPLE FILES UPLOADED --> <input type="submit" name="go" value="Soumettre mon TFE">
<input type="file" name="couverture">
<label>Importer les divers fichers de son mémoire</label>
<i>Si tu veux importer un dossier, créer une archive zip.</i>
<!-- THE FILES[] IS NECESSARY IF THERE ARE MULTIPLE FILES UPLOADED -->
<input type="file" name="files[]" multiple>
<br>
<input type="submit" name="go" value="envoyer">
</form> </form>
</main> </main>
@@ -102,4 +298,4 @@ if (empty($_SESSION['csrf_token'])) {
<p>Formulaire fait avec ❤ en PHP et <a href="https://github.com/kevquirk/simple.css">SimpleCSS</a>.</p> <p>Formulaire fait avec ❤ en PHP et <a href="https://github.com/kevquirk/simple.css">SimpleCSS</a>.</p>
</footer> </footer>
</body> </body>
</html> </html>

78
formulaire/justfile Normal file
View File

@@ -0,0 +1,78 @@
# Justfile for Post-ERG thesis form testing
# Default recipe - show available commands
default:
@just --list
# Create test database from schema
init-test-db:
@echo "Creating test database from schema..."
@sqlite3 test.db < ../db/schema.sql
@echo "✓ Test database created: test.db"
@sqlite3 test.db "SELECT COUNT(*) || ' tables created' FROM sqlite_master WHERE type='table';"
@sqlite3 test.db "SELECT COUNT(*) || ' orientations loaded' FROM orientations;"
@sqlite3 test.db "SELECT COUNT(*) || ' AP programs loaded' FROM ap_programs;"
# Start PHP development server
serve: init-test-db
@echo "Starting PHP development server on http://localhost:3000"
@echo "Press Ctrl+C to stop"
@php -S 127.0.0.1:3000
# Start server without reinitializing database
serve-only:
@echo "Starting PHP development server on http://localhost:3000"
@echo "Press Ctrl+C to stop"
@php -S 127.0.0.1:3000
# Clean up test database and uploaded files
cleanup:
@echo "Cleaning up test files..."
@rm -f test.db
@rm -f error.log
@rm -rf data/theses/*
@rm -rf data/covers/*
@echo "✓ Cleanup complete"
# Reset: cleanup and reinitialize
reset: cleanup init-test-db
@echo "✓ Test environment reset"
# Show database statistics
stats:
@echo "=== Database Statistics ==="
@sqlite3 test.db "SELECT COUNT(*) || ' theses' FROM theses;"
@sqlite3 test.db "SELECT COUNT(*) || ' authors' FROM authors;"
@sqlite3 test.db "SELECT COUNT(*) || ' supervisors' FROM supervisors;"
@sqlite3 test.db "SELECT COUNT(*) || ' keywords' FROM keywords;"
@sqlite3 test.db "SELECT COUNT(*) || ' files uploaded' FROM thesis_files;"
# Show recent submissions
recent:
@echo "=== Recent Submissions ==="
@sqlite3 -column -header test.db "SELECT identifier, title, year, submitted_at FROM theses ORDER BY submitted_at DESC LIMIT 5;"
# Query database interactively
query:
@sqlite3 test.db
# Show full thesis details
show id:
@sqlite3 -column -header test.db "SELECT * FROM v_theses_full WHERE id = {{id}};"
# Dump database to SQL
dump:
@sqlite3 test.db .dump > test_backup_$(date +%Y%m%d_%H%M%S).sql
@echo "✓ Database dumped to test_backup_$(date +%Y%m%d_%H%M%S).sql"
# Create data directories if they don't exist
setup-dirs:
@mkdir -p data/theses
@mkdir -p data/covers
@mkdir -p data/yaml
@touch data/theses/.gitkeep
@touch data/covers/.gitkeep
@echo "✓ Data directories created"
# Full setup: directories + database + serve
dev: setup-dirs init-test-db serve

295
formulaire/list.php Normal file
View File

@@ -0,0 +1,295 @@
<?php
// List all theses in the database
session_start();
require_once __DIR__ . '/Database.php';
try {
$db = new Database();
$pdo = $db->getPDO();
// Get filter parameters
$searchQuery = isset($_GET['search']) ? trim($_GET['search']) : '';
$yearFilter = isset($_GET['year']) ? intval($_GET['year']) : null;
$orientationFilter = isset($_GET['orientation']) ? intval($_GET['orientation']) : null;
// Build query
$sql = "SELECT
t.id, t.identifier, t.title, t.subtitle, t.year,
o.name as orientation,
ap.name as ap_program,
GROUP_CONCAT(DISTINCT a.name) as authors,
t.submitted_at,
t.is_published
FROM theses t
LEFT JOIN orientations o ON t.orientation_id = o.id
LEFT JOIN ap_programs ap ON t.ap_program_id = ap.id
LEFT JOIN thesis_authors ta ON t.id = ta.thesis_id
LEFT JOIN authors a ON ta.author_id = a.id
WHERE 1=1";
$params = [];
if ($searchQuery) {
$sql .= " AND (t.title LIKE ? OR t.subtitle LIKE ? OR a.name LIKE ?)";
$searchParam = "%$searchQuery%";
$params[] = $searchParam;
$params[] = $searchParam;
$params[] = $searchParam;
}
if ($yearFilter) {
$sql .= " AND t.year = ?";
$params[] = $yearFilter;
}
if ($orientationFilter) {
$sql .= " AND t.orientation_id = ?";
$params[] = $orientationFilter;
}
$sql .= " GROUP BY t.id ORDER BY t.year DESC, t.submitted_at DESC";
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
$theses = $stmt->fetchAll();
// Get unique years for filter
$yearsStmt = $pdo->query("SELECT DISTINCT year FROM theses ORDER BY year DESC");
$years = $yearsStmt->fetchAll(PDO::FETCH_COLUMN);
// Get orientations for filter
$orientations = $db->getAllOrientations();
} catch (Exception $e) {
error_log("Error loading theses list: " . $e->getMessage());
die("Erreur lors du chargement de la liste.");
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Liste des TFE - Post-ERG</title>
<link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="https://raw.githack.com/waldyrious/downstyler/master/downstyler.css" />
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
<style>
.filters {
background: #f5f5f5;
padding: 1rem;
margin-bottom: 2rem;
border-radius: 4px;
}
.filters form {
display: flex;
gap: 1rem;
flex-wrap: wrap;
align-items: end;
}
.filters fieldset {
margin: 0;
padding: 0;
border: none;
min-width: 200px;
}
.thesis-table {
width: 100%;
border-collapse: collapse;
}
.thesis-table th,
.thesis-table td {
padding: 0.75rem;
text-align: left;
border-bottom: 1px solid #ddd;
}
.thesis-table th {
background: #f0f0f0;
font-weight: bold;
}
.thesis-table tr:hover {
background: #f9f9f9;
}
.thesis-title {
font-weight: bold;
}
.thesis-subtitle {
font-style: italic;
color: #666;
font-size: 0.9em;
}
.status-badge {
display: inline-block;
padding: 0.25rem 0.5rem;
border-radius: 3px;
font-size: 0.85em;
}
.status-pending {
background: #ffd700;
color: #000;
}
.status-published {
background: #90ee90;
color: #000;
}
.actions {
display: flex;
gap: 0.5rem;
}
.btn {
padding: 0.35rem 0.75rem;
border-radius: 3px;
text-decoration: none;
font-size: 0.9em;
display: inline-block;
}
.btn-view {
background: #4a90e2;
color: white;
}
.btn-edit {
background: #f39c12;
color: white;
}
.stats {
display: flex;
gap: 2rem;
margin-bottom: 2rem;
flex-wrap: wrap;
}
.stat-card {
background: #f5f5f5;
padding: 1rem;
border-radius: 4px;
min-width: 150px;
}
.stat-number {
font-size: 2em;
font-weight: bold;
color: #4a90e2;
}
.stat-label {
color: #666;
font-size: 0.9em;
}
</style>
</head>
<body>
<header>
<h1>Liste des TFE</h1>
<nav>
<a href="index.php">← Nouveau TFE</a> |
<a href="import.php">📥 Importer CSV</a>
</nav>
</header>
<main>
<div class="stats">
<div class="stat-card">
<div class="stat-number"><?php echo count($theses); ?></div>
<div class="stat-label">TFE total</div>
</div>
<div class="stat-card">
<div class="stat-number"><?php echo count(array_filter($theses, fn($t) => $t['is_published'])); ?></div>
<div class="stat-label">Publiés</div>
</div>
<div class="stat-card">
<div class="stat-number"><?php echo count(array_filter($theses, fn($t) => !$t['is_published'])); ?></div>
<div class="stat-label">En attente</div>
</div>
</div>
<div class="filters">
<form method="get" action="list.php">
<fieldset>
<label for="search">Rechercher</label>
<input type="text" id="search" name="search" placeholder="Titre, auteur..." value="<?php echo htmlspecialchars($searchQuery); ?>">
</fieldset>
<fieldset>
<label for="year">Année</label>
<select id="year" name="year">
<option value="">Toutes</option>
<?php foreach ($years as $year): ?>
<option value="<?php echo $year; ?>" <?php echo $yearFilter == $year ? 'selected' : ''; ?>>
<?php echo $year; ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<fieldset>
<label for="orientation">Orientation</label>
<select id="orientation" name="orientation">
<option value="">Toutes</option>
<?php foreach ($orientations as $orientation): ?>
<option value="<?php echo $orientation['id']; ?>" <?php echo $orientationFilter == $orientation['id'] ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($orientation['name']); ?>
</option>
<?php endforeach; ?>
</select>
</fieldset>
<button type="submit">Filtrer</button>
<?php if ($searchQuery || $yearFilter || $orientationFilter): ?>
<a href="list.php">Réinitialiser</a>
<?php endif; ?>
</form>
</div>
<?php if (empty($theses)): ?>
<p>Aucun TFE trouvé.</p>
<?php else: ?>
<table class="thesis-table">
<thead>
<tr>
<th>ID</th>
<th>Titre</th>
<th>Auteur(s)</th>
<th>Année</th>
<th>Orientation</th>
<th>AP</th>
<th>Statut</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($theses as $thesis): ?>
<tr>
<td><?php echo htmlspecialchars($thesis['identifier'] ?? $thesis['id']); ?></td>
<td>
<div class="thesis-title"><?php echo htmlspecialchars($thesis['title']); ?></div>
<?php if ($thesis['subtitle']): ?>
<div class="thesis-subtitle"><?php echo htmlspecialchars($thesis['subtitle']); ?></div>
<?php endif; ?>
</td>
<td><?php echo htmlspecialchars($thesis['authors'] ?? 'N/A'); ?></td>
<td><?php echo $thesis['year']; ?></td>
<td><?php echo htmlspecialchars($thesis['orientation'] ?? 'N/A'); ?></td>
<td><?php echo htmlspecialchars($thesis['ap_program'] ?? 'N/A'); ?></td>
<td>
<?php if ($thesis['is_published']): ?>
<span class="status-badge status-published">Publié</span>
<?php else: ?>
<span class="status-badge status-pending">En attente</span>
<?php endif; ?>
</td>
<td>
<div class="actions">
<a href="thanks.php?id=<?php echo $thesis['id']; ?>" class="btn btn-view">Voir</a>
<a href="edit.php?id=<?php echo $thesis['id']; ?>" class="btn btn-edit">Éditer</a>
</div>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
</main>
<footer>
<p>Post-ERG - <?php echo count($theses); ?> TFE dans la base de données</p>
</footer>
</body>
</html>

311
formulaire/thanks.php
View File

@@ -4,79 +4,292 @@ ini_set('display_errors', 0);
ini_set('log_errors', 1); ini_set('log_errors', 1);
ini_set('error_log', 'error.log'); ini_set('error_log', 'error.log');
require 'vendor/autoload.php'; require __DIR__ . '/Database.php';
use Symfony\Component\Yaml\Yaml; // Security: Validate thesis ID parameter
$thesisId = null;
// Security: Validate file parameter to prevent path traversal $thesis = null;
$yamlFile = ''; $files = [];
$data = null;
$error = null; $error = null;
if (isset($_GET['file'])) { if (isset($_GET['id'])) {
$requestedFile = urldecode($_GET['file']); $thesisId = filter_var($_GET['id'], FILTER_VALIDATE_INT);
// Security: Only allow files from the yaml directory
$yamlFolder = realpath(__DIR__ . '/data/yaml/');
$requestedPath = realpath($requestedFile);
// Verify the file exists and is within the allowed directory
if ($requestedPath &&
$yamlFolder &&
strpos($requestedPath, $yamlFolder) === 0 &&
file_exists($requestedPath) &&
pathinfo($requestedPath, PATHINFO_EXTENSION) === 'yaml') {
if ($thesisId !== false && $thesisId > 0) {
try { try {
$data = Yaml::parseFile($requestedPath); $db = new Database();
$yamlFile = $requestedPath; $pdo = $db->getPDO();
// Get thesis data
$thesis = $db->getThesis($thesisId);
if (!$thesis) {
$error = "TFE non trouvé.";
} else {
// Get associated files
$stmt = $pdo->prepare("
SELECT file_type, file_name, file_size, mime_type, uploaded_at
FROM thesis_files
WHERE thesis_id = ?
ORDER BY file_type, uploaded_at
");
$stmt->execute([$thesisId]);
$files = $stmt->fetchAll();
}
} catch (Exception $e) { } catch (Exception $e) {
error_log("Error parsing YAML file: " . $e->getMessage()); error_log("Error loading thesis: " . $e->getMessage());
$error = "Erreur lors de la lecture du fichier."; $error = "Erreur lors de la lecture des données.";
} }
} else { } else {
error_log("Invalid file access attempt: " . $requestedFile); error_log("Invalid thesis ID: " . $_GET['id']);
$error = "Fichier non valide ou accès refusé."; $error = "Identifiant invalide.";
} }
} else { } else {
$error = "Aucun fichier spécifié."; $error = "Aucun identifiant spécifié.";
}
// Helper function to format file size
function formatFileSize($bytes) {
if ($bytes >= 1073741824) {
return number_format($bytes / 1073741824, 2) . ' GB';
} elseif ($bytes >= 1048576) {
return number_format($bytes / 1048576, 2) . ' MB';
} elseif ($bytes >= 1024) {
return number_format($bytes / 1024, 2) . ' KB';
} else {
return $bytes . ' bytes';
}
} }
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="fr">
<head> <head>
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>ThankYou</title> <title>Merci - Post-ERG</title>
<link rel="stylesheet" href="assets/normalize.css"> <link rel="stylesheet" href="assets/normalize.css">
<link rel="stylesheet" href="assets/simple.css"> <link rel="stylesheet" href="assets/simple.css">
<link rel="stylesheet" href="assets/posterg.css"> <link rel="stylesheet" href="assets/posterg.css">
<link rel="shortcut icon" href="assets/icon.svg" type="image/svg"> <link rel="shortcut icon" href="assets/icon.svg" type="image/svg">
</head> </head>
<body> <body>
<header> <header>
<h1>Merci 💜</h1> <h1>Merci</h1>
</header> <?php if ($thesis): ?>
<main> <nav style="margin-top: 1rem;">
<?php if ($error): ?> <a href="list.php">Liste des TFE</a> |
<p style="color: red;">⚠️ <?php echo htmlspecialchars($error); ?></p> <a href="edit.php?id=<?php echo $thesisId; ?>">✏️ Modifier ce TFE</a>
<p>Pour revenir au <a href="index.php">formulaire</a>.</p> </nav>
<?php elseif ($data): ?> <?php endif; ?>
<p>d'avoir rempli le formulaire. Le contenu soumis a été sauvegardé et est en attente de traitement.</p> </header>
<h4>Voici les informations que vous avez encodées dans le formulaire, affiché tel que c'est stocké, en yaml:</h4> <main>
<pre><code><?php echo htmlspecialchars(Yaml::dump($data)); ?></code></pre> <?php if ($error): ?>
<p>Pour revenir au <a href="index.php">formulaire</a>.</p> <div class="error">
<?php else: ?> <p>⚠️ <?php echo htmlspecialchars($error); ?></p>
<p>Aucune donnée à afficher.</p> <p><a href="index.php">Retour au formulaire</a></p>
<p>Pour revenir au <a href="index.php">formulaire</a>.</p> </div>
<?php endif; ?>
</main> <?php elseif ($thesis): ?>
<footer> <p>d'avoir soumis votre TFE. Les informations ont été enregistrées et sont en attente de traitement.</p>
<p>Formulaire fait avec ❤ en PHP et <a href="https://github.com/kevquirk/simple.css">SimpleCSS</a>.</p>
</footer> <div class="thesis-info">
<h2>Récapitulatif de votre soumission</h2>
<h3>Informations de base</h3>
<dl>
<dt>Identifiant:</dt>
<dd><strong><?php echo htmlspecialchars($thesis['identifier']); ?></strong></dd>
<dt>Titre:</dt>
<dd><?php echo htmlspecialchars($thesis['title']); ?></dd>
<?php if ($thesis['subtitle']): ?>
<dt>Sous-titre:</dt>
<dd><?php echo htmlspecialchars($thesis['subtitle']); ?></dd>
<?php endif; ?>
<dt>Auteur·ice(s):</dt>
<dd><?php echo htmlspecialchars($thesis['authors']); ?></dd>
<dt>Année:</dt>
<dd><?php echo htmlspecialchars($thesis['year']); ?></dd>
</dl>
<h3>Détails académiques</h3>
<dl>
<dt>Orientation:</dt>
<dd><?php echo htmlspecialchars($thesis['orientation'] ?? 'Non spécifié'); ?></dd>
<dt>Atelier Pratique:</dt>
<dd><?php echo htmlspecialchars($thesis['ap_program'] ?? 'Non spécifié'); ?></dd>
<dt>Finalité:</dt>
<dd><?php echo htmlspecialchars($thesis['finality_type'] ?? 'Non spécifié'); ?></dd>
<?php if ($thesis['supervisors']): ?>
<dt>Promoteur·ice(s):</dt>
<dd><?php echo htmlspecialchars($thesis['supervisors']); ?></dd>
<?php endif; ?>
</dl>
<h3>Contenu</h3>
<dl>
<?php if ($thesis['synopsis']): ?>
<dt>Synopsis:</dt>
<dd><?php echo nl2br(htmlspecialchars($thesis['synopsis'])); ?></dd>
<?php endif; ?>
<?php if ($thesis['languages']): ?>
<dt>Langue(s):</dt>
<dd><?php echo htmlspecialchars($thesis['languages']); ?></dd>
<?php endif; ?>
<?php if ($thesis['formats']): ?>
<dt>Format(s):</dt>
<dd><?php echo htmlspecialchars($thesis['formats']); ?></dd>
<?php endif; ?>
<?php if ($thesis['keywords']): ?>
<dt>Mots-clés:</dt>
<dd><?php echo htmlspecialchars($thesis['keywords']); ?></dd>
<?php endif; ?>
<?php if ($thesis['file_size_info']): ?>
<dt>Durée/Taille:</dt>
<dd><?php echo htmlspecialchars($thesis['file_size_info']); ?></dd>
<?php endif; ?>
<?php if ($thesis['baiu_link']): ?>
<dt>Lien:</dt>
<dd><a href="<?php echo htmlspecialchars($thesis['baiu_link']); ?>" target="_blank" rel="noopener">
<?php echo htmlspecialchars($thesis['baiu_link']); ?>
</a></dd>
<?php endif; ?>
</dl>
<?php if (!empty($files)): ?>
<h3>Fichiers téléversés</h3>
<table>
<thead>
<tr>
<th>Type</th>
<th>Nom du fichier</th>
<th>Taille</th>
<th>Date</th>
</tr>
</thead>
<tbody>
<?php foreach ($files as $file): ?>
<tr>
<td><?php echo htmlspecialchars($file['file_type']); ?></td>
<td><?php echo htmlspecialchars($file['file_name']); ?></td>
<td><?php echo formatFileSize($file['file_size']); ?></td>
<td><?php echo date('d/m/Y H:i', strtotime($file['uploaded_at'])); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
<h3>Statut de publication</h3>
<p><strong>⏳ En attente</strong> - Votre TFE ne sera publié qu'après la soutenance et l'ajout éventuel d'une note contextuelle par le jury.</p>
<p class="submitted-date">
Soumis le <?php echo date('d/m/Y à H:i', strtotime($thesis['submitted_at'])); ?>
</p>
</div>
<p><a href="index.php">Soumettre un autre TFE</a></p>
<?php else: ?>
<p>Aucune donnée à afficher.</p>
<p><a href="index.php">Retour au formulaire</a></p>
<?php endif; ?>
</main>
<footer>
<p>Formulaire Post-ERG</p>
</footer>
</body> </body>
</html> </html>
<style>
.thesis-info {
background: #f5f5f5;
padding: 2rem;
border-radius: 8px;
margin: 2rem 0;
}
.thesis-info h2 {
margin-top: 0;
border-bottom: 2px solid #333;
padding-bottom: 0.5rem;
}
.thesis-info h3 {
margin-top: 2rem;
margin-bottom: 1rem;
color: #555;
}
.thesis-info dl {
display: grid;
grid-template-columns: 200px 1fr;
gap: 0.5rem 1rem;
margin-bottom: 1.5rem;
}
.thesis-info dt {
font-weight: bold;
color: #666;
}
.thesis-info dd {
margin: 0;
}
.thesis-info table {
width: 100%;
margin-top: 1rem;
}
.thesis-info table th {
text-align: left;
background: #ddd;
padding: 0.5rem;
}
.thesis-info table td {
padding: 0.5rem;
border-bottom: 1px solid #ddd;
}
.submitted-date {
margin-top: 2rem;
font-style: italic;
color: #666;
}
.error {
background: #fee;
border: 2px solid #c00;
padding: 1.5rem;
border-radius: 8px;
color: #c00;
}
@media (max-width: 768px) {
.thesis-info dl {
grid-template-columns: 1fr;
gap: 0.25rem;
}
.thesis-info dt {
margin-top: 1rem;
}
}
</style>

111
front-backend/Database.php Normal file
View File

@@ -0,0 +1,111 @@
<?php
/**
* Database connection class for SQLite
*/
class Database {
private static $instance = null;
private $pdo;
/**
* Private constructor to prevent multiple instances
*/
private function __construct() {
$dbPath = __DIR__ . '/../formulaire/test.db';
if (!file_exists($dbPath)) {
throw new Exception("Database file not found: " . $dbPath);
}
try {
$this->pdo = new PDO('sqlite:' . $dbPath);
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$this->pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
} catch (PDOException $e) {
error_log("Database connection failed: " . $e->getMessage());
throw $e;
}
}
/**
* Get singleton instance
*/
public static function getInstance() {
if (self::$instance === null) {
self::$instance = new self();
}
return self::$instance;
}
/**
* Get PDO connection
*/
public function getConnection() {
return $this->pdo;
}
/**
* Get all published theses with pagination
*/
public function getPublishedTheses($limit = 10, $offset = 0) {
$sql = "SELECT * FROM v_theses_public ORDER BY year DESC, title ASC LIMIT :limit OFFSET :offset";
$stmt = $this->pdo->prepare($sql);
$stmt->bindValue(':limit', $limit, PDO::PARAM_INT);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetchAll();
}
/**
* Count all published theses
*/
public function countPublishedTheses() {
$sql = "SELECT COUNT(*) as count FROM theses WHERE is_published = 1";
$stmt = $this->pdo->query($sql);
$result = $stmt->fetch();
return $result['count'];
}
/**
* Get thesis by ID with all related data
*/
public function getThesisById($id) {
$sql = "SELECT * FROM v_theses_full WHERE id = :id AND is_published = 1";
$stmt = $this->pdo->prepare($sql);
$stmt->bindValue(':id', $id, PDO::PARAM_INT);
$stmt->execute();
$thesis = $stmt->fetch();
if (!$thesis) {
return null;
}
// Get associated files
$thesis['files'] = $this->getThesisFiles($id);
return $thesis;
}
/**
* Get files associated with a thesis
*/
public function getThesisFiles($thesisId) {
$sql = "SELECT * FROM thesis_files WHERE thesis_id = :thesis_id ORDER BY file_type, uploaded_at";
$stmt = $this->pdo->prepare($sql);
$stmt->bindValue(':thesis_id', $thesisId, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetchAll();
}
/**
* Prevent cloning
*/
private function __clone() {}
/**
* Prevent unserialization
*/
public function __wakeup() {
throw new Exception("Cannot unserialize singleton");
}
}

66
front-backend/index.php
View File

@@ -3,61 +3,73 @@ ini_set('display_errors', 0);
ini_set('log_errors', 1); ini_set('log_errors', 1);
ini_set('error_log', 'error.log'); ini_set('error_log', 'error.log');
require_once 'vendor/autoload.php'; require_once 'Database.php';
use Symfony\Component\Yaml\Yaml;
$page = isset($_GET['page']) ? intval($_GET['page']) : 1; $page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$itemsPerPage = 10; $itemsPerPage = 10;
$dir = "data/yaml/*.yaml"; try {
$yamlFiles = glob($dir); $db = Database::getInstance();
$data = []; $offset = ($page - 1) * $itemsPerPage;
$itemsToLoad = $db->getPublishedTheses($itemsPerPage, $offset);
foreach ($yamlFiles as $yamlFile) { $totalItems = $db->countPublishedTheses();
$data[] = Yaml::parseFile($yamlFile); $totalPages = ceil($totalItems / $itemsPerPage);
} catch (Exception $e) {
error_log("Error loading theses: " . $e->getMessage());
$itemsToLoad = [];
$totalPages = 0;
} }
usort($data, function ($a, $b) {
return $a['année'] <=> $b['année'];
});
$offset = ($page - 1) * $itemsPerPage;
$itemsToLoad = array_slice($data, $offset, $itemsPerPage);
include 'inc/header.php'; ?> include 'inc/header.php'; ?>
<section class="section"> <section class="section">
<div class="container"> <div class="container">
<div class="columns is-multiline"> <div class="columns is-multiline">
<?php foreach ($itemsToLoad as $key => $item): ?> <?php foreach ($itemsToLoad as $item): ?>
<div class="column is-one-fifth"> <div class="column is-one-fifth">
<a href="memoire.php?file=<?= urlencode($yamlFiles[$key]); ?>" class="card-link"> <a href="memoire.php?id=<?= $item['id']; ?>" class="card-link">
<div class="card"> <div class="card">
<?php if (isset($item['couverture'])): ?> <?php
// Get cover image from thesis_files if available
$coverImage = null;
if (!empty($item['id'])) {
$files = $db->getThesisFiles($item['id']);
foreach ($files as $file) {
$ext = strtolower(pathinfo($file['file_path'], PATHINFO_EXTENSION));
if (in_array($ext, ['jpg', 'jpeg', 'png', 'gif']) && $file['file_type'] === 'main') {
$coverImage = $file['file_path'];
break;
}
}
}
?>
<?php if ($coverImage): ?>
<div class="card-image"> <div class="card-image">
<figure class="image "> <figure class="image ">
<img src="<?= $item['couverture']; ?>" alt="Image preview"> <img src="<?= htmlspecialchars($coverImage); ?>" alt="Image preview">
</figure> </figure>
</div> </div>
<?php endif; ?> <?php endif; ?>
<div class="card-content"> <div class="card-content">
<h4 class="title is-4"> <h4 class="title is-4">
<?= $item['titre']; ?> <?= htmlspecialchars($item['title']); ?>
</h4> </h4>
<h2 class="subtitle"> <h2 class="subtitle">
<?= $item['auteurice']; ?> <?= htmlspecialchars($item['authors'] ?? 'Auteur inconnu'); ?>
</p> </h2>
<h3 class="tag title is-6 is-link is-light"> <h3 class="tag title is-6 is-link is-light">
<?= $item['année']; ?> <?= htmlspecialchars($item['year']); ?>
</h3> </h3>
<p class="block content"> <p class="block content">
<?php <?php
$excerpt_length = 150; $excerpt_length = 150;
$description_excerpt = substr($item['description'], 0, $excerpt_length) . '...'; $synopsis = $item['synopsis'] ?? '';
$description_excerpt = strlen($synopsis) > $excerpt_length
? substr($synopsis, 0, $excerpt_length) . '...'
: $synopsis;
?> ?>
<?= $description_excerpt; ?> <?= htmlspecialchars($description_excerpt); ?>
</p> </p>
</div> </div>

53
front-backend/justfile Normal file
View File

@@ -0,0 +1,53 @@
# Justfile for Post-ERG front-backend website
# Default recipe - show available commands
default:
@just --list
# Start PHP development server
serve:
@echo "Starting PHP development server on http://localhost:8000"
@echo "Using database: ../formulaire/test.db"
@echo "Press Ctrl+C to stop"
@php -S 127.0.0.1:8000
# Test database connection
test:
@echo "Testing database connection..."
@php test_db.php
# Show database statistics
stats:
@echo "=== Database Statistics ==="
@sqlite3 ../formulaire/test.db "SELECT COUNT(*) || ' total theses' FROM theses;"
@sqlite3 ../formulaire/test.db "SELECT COUNT(*) || ' published theses' FROM theses WHERE is_published = 1;"
@sqlite3 ../formulaire/test.db "SELECT COUNT(*) || ' authors' FROM authors;"
@sqlite3 ../formulaire/test.db "SELECT COUNT(*) || ' keywords' FROM keywords;"
# Show recent published theses
recent:
@echo "=== Recent Published Theses ==="
@sqlite3 -column -header ../formulaire/test.db "SELECT id, title, year, authors FROM v_theses_public ORDER BY year DESC, title LIMIT 10;"
# Query database interactively
query:
@sqlite3 ../formulaire/test.db
# Show specific thesis details
show id:
@sqlite3 -column -header ../formulaire/test.db "SELECT * FROM v_theses_full WHERE id = {{id}};"
# Check PHP syntax for all PHP files
check:
@echo "Checking PHP syntax..."
@php -l Database.php
@php -l index.php
@php -l memoire.php
@php -l apropos.php
@php -l contact.php
@php -l licences.php
@echo "✓ All files have valid syntax"
# View error log
logs:
@if [ -f error.log ]; then tail -n 50 error.log; else echo "No error log found"; fi

124
front-backend/memoire.php
View File

@@ -5,16 +5,27 @@ ini_set('log_errors', 1);
ini_set('error_log', 'error.log'); ini_set('error_log', 'error.log');
// Load required libraries and classes // Load required libraries and classes
require_once 'vendor/autoload.php'; require_once 'Database.php';
use Symfony\Component\Yaml\Yaml;
// Check if a file parameter is provided in the URL // Check if an id parameter is provided in the URL
if (isset($_GET['file'])) { if (isset($_GET['id'])) {
// Decode the URL parameter and parse the YAML file $thesisId = intval($_GET['id']);
$yamlFile = urldecode($_GET['file']); try {
$data = Yaml::parseFile($yamlFile); $db = Database::getInstance();
$data = $db->getThesisById($thesisId);
if (!$data) {
// Thesis not found or not published
header('Location: index.php');
exit;
}
} catch (Exception $e) {
error_log("Error loading thesis: " . $e->getMessage());
header('Location: index.php');
exit;
}
} else { } else {
// Redirect to the index page if no file parameter is provided // Redirect to the index page if no id parameter is provided
header('Location: index.php'); header('Location: index.php');
exit; exit;
} }
@@ -29,74 +40,119 @@ include 'inc/header.php'; ?>
<div class="column is-one-third"> <div class="column is-one-third">
<div class="card"> <div class="card">
<div class="card-content"> <div class="card-content">
<!-- Display the title and author from the YAML data --> <!-- Display the title and author from the database -->
<h1 class="title"> <h1 class="title">
<?= $data['titre']; ?> <?= htmlspecialchars($data['title']); ?>
<?php if (!empty($data['subtitle'])): ?>
<br><small><?= htmlspecialchars($data['subtitle']); ?></small>
<?php endif; ?>
</h1> </h1>
<h2 class="subtitle">par <h2 class="subtitle">par
<?= $data['auteurice']; ?> <?= htmlspecialchars($data['authors'] ?? 'Auteur inconnu'); ?>
</h2> </h2>
<h3 class="subtitle"></h3> <h3 class="subtitle"></h3>
<div class="columns"> <div class="columns">
<div class="column is-half "> <div class="column is-half ">
<h3 class="subtitle"> <?php if (!empty($data['orientation']) || !empty($data['ap_program'])): ?>
<?= $data['orientation']; ?> et <h3 class="subtitle">
<?= $data['ap']; ?> <?php if (!empty($data['orientation'])): ?>
</h3> <?= htmlspecialchars($data['orientation']); ?>
<?php endif; ?>
<?php if (!empty($data['orientation']) && !empty($data['ap_program'])): ?>
et
<?php endif; ?>
<?php if (!empty($data['ap_program'])): ?>
<?= htmlspecialchars($data['ap_program']); ?>
<?php endif; ?>
</h3>
<?php endif; ?>
<p class="block tag subtitle is-6"> <p class="block tag subtitle is-6">
<?= $data['année']; ?> <?= htmlspecialchars($data['year']); ?>
</p> </p>
<?php if (!empty($data['finality_type'])): ?>
<p class="block">
<strong>Finalité:</strong> <?= htmlspecialchars($data['finality_type']); ?>
</p>
<?php endif; ?>
</div> </div>
<div class="column"> <div class="column">
<p class="block"> <?php if (!empty($data['context_note'])): ?>
<?= $data['problématique']; ?> <p class="block">
</p> <em><?= htmlspecialchars($data['context_note']); ?></em>
</p>
<?php endif; ?>
<p class="block"> <?php if (!empty($data['supervisors'])): ?>
<strong>Contact:</strong> <p class="block">
<?= $data['email']; ?> <strong>Promoteur.ice.s:</strong>
</p> <?= htmlspecialchars($data['supervisors']); ?>
<p class="block"> </p>
<strong>Promoteur.ice.s:</strong> <?php endif; ?>
<?= $data['promoteurice']; ?>
</p> <?php if (!empty($data['languages'])): ?>
<p class="block">
<strong>Langue(s):</strong>
<?= htmlspecialchars($data['languages']); ?>
</p>
<?php endif; ?>
<?php if (!empty($data['formats'])): ?>
<p class="block">
<strong>Format(s):</strong>
<?= htmlspecialchars($data['formats']); ?>
</p>
<?php endif; ?>
<?php if (!empty($data['keywords'])): ?>
<p class="block">
<strong>Mots-clés:</strong>
<?= htmlspecialchars($data['keywords']); ?>
</p>
<?php endif; ?>
</div> </div>
</div> </div>
</div> </div>
</div> </div>
<div class="box"> <div class="box">
<?= $data['description']; ?> <?php if (!empty($data['synopsis'])): ?>
<?= nl2br(htmlspecialchars($data['synopsis'])); ?>
<?php endif; ?>
</div> </div>
</div> </div>
<div class="column is-two-third"> <div class="column is-two-third">
<div class="content"> <div class="content">
<!-- Check if there are any files in the YAML data --> <!-- Check if there are any files in the database -->
<?php if (isset($data['files'])): ?> <?php if (isset($data['files']) && count($data['files']) > 0): ?>
<!-- Loop through the files and display them based on their file type --> <!-- Loop through the files and display them based on their file type -->
<?php foreach ($data['files'] as $file): ?> <?php foreach ($data['files'] as $file): ?>
<?php $ext = pathinfo($file, PATHINFO_EXTENSION); ?> <?php $ext = strtolower(pathinfo($file['file_path'], PATHINFO_EXTENSION)); ?>
<div class="block"> <div class="block">
<?php if ($ext === 'pdf'): ?> <?php if ($ext === 'pdf'): ?>
<!-- Display PDF files using the embed element --> <!-- Display PDF files using the embed element -->
<embed src="<?= $file; ?>" type="application/pdf" width="100%" height="600px" /> <embed src="<?= htmlspecialchars($file['file_path']); ?>" type="application/pdf" width="100%" height="600px" />
<?php elseif (in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'bmp'])): ?> <?php elseif (in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'bmp'])): ?>
<!-- Display image files using the img element --> <!-- Display image files using the img element -->
<figure> <figure>
<img src="<?= $file; ?>" alt="Image file"> <img src="<?= htmlspecialchars($file['file_path']); ?>" alt="<?= htmlspecialchars($file['file_name']); ?>">
</figure> </figure>
<?php elseif ($ext === 'mp4'): ?> <?php elseif ($ext === 'mp4'): ?>
<!-- Display MP4 video files using the video element --> <!-- Display MP4 video files using the video element -->
<video width="100%" height="auto" controls> <video width="100%" height="auto" controls>
<source src="<?= $file; ?>" type="video/mp4"> <source src="<?= htmlspecialchars($file['file_path']); ?>" type="video/mp4">
Your browser does not support the video tag. Your browser does not support the video tag.
</video> </video>
<?php endif; ?> <?php endif; ?>
<?php if (!empty($file['description'])): ?>
<p class="help"><?= htmlspecialchars($file['description']); ?></p>
<?php endif; ?>
</div> </div>
<?php endforeach; ?> <?php endforeach; ?>
<?php else: ?>
<p class="notification is-warning">Aucun fichier disponible pour ce mémoire.</p>
<?php endif; ?> <?php endif; ?>
</div> </div>

40
front-backend/test_db.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
// Simple test script to verify database connection and queries
require_once 'Database.php';
try {
$db = Database::getInstance();
echo "✓ Database connection successful\n";
// Test counting theses
$count = $db->countPublishedTheses();
echo "✓ Found {$count} published theses\n";
// Test getting theses
$theses = $db->getPublishedTheses(5, 0);
echo "✓ Retrieved " . count($theses) . " theses\n";
if (count($theses) > 0) {
$first = $theses[0];
echo "\nFirst thesis:\n";
echo " ID: " . $first['id'] . "\n";
echo " Title: " . $first['title'] . "\n";
echo " Author(s): " . ($first['authors'] ?? 'N/A') . "\n";
echo " Year: " . $first['year'] . "\n";
// Test getting single thesis
$thesis = $db->getThesisById($first['id']);
if ($thesis) {
echo "✓ Successfully retrieved thesis details\n";
echo " Orientation: " . ($thesis['orientation'] ?? 'N/A') . "\n";
echo " AP Program: " . ($thesis['ap_program'] ?? 'N/A') . "\n";
echo " Files: " . (count($thesis['files'] ?? [])) . "\n";
}
}
echo "\n✓ All tests passed!\n";
} catch (Exception $e) {
echo "✗ Error: " . $e->getMessage() . "\n";
exit(1);
}

4
justfile
View File

@@ -1,2 +1,4 @@
sync: sync:
rsync -vur --progress ./ posterg:/var/www/html/ rsync -vur --progress ./front-backend/ posterg:/var/www/html/
rsync -vur --progress ./formulaire/ posterg:/var/www/html/formulaire/