PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove required from all admin add/edit form inputs

Browse Source 
- Skip required-field validation for orientation/ap/finality/licence/jury in admin add+edit
This commit is contained in:
Pontoporeia
2026-05-08 12:40:06 +02:00
parent 5735ccbc38
commit 95fcbc919a
12 changed files with 216 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
TODO.md
View File

@@ -50,3 +50,24 @@
- [x] `search.php`: show cover thumbnail on result cards
- [x] `student-preview.php`: use `$coverMap` instead of `banner_path`
- [x] Migration applied and file moved to `applied/`
- [x] Remove `required` from all form inputs in admin add/edit
- [x] Introduced `$adminMode` flag in `form.php` (true when `$mode` is `'add'` or `'edit'`)
- [x] Hidden "champs obligatoires" note in admin mode
- [x] All `$required = true` callers in `form.php`, `fieldset-tfe-info.php`, `fieldset-academic.php`, `fieldset-licence-explanation.php`, `fieldset-files.php` changed to `!$adminMode`
- [x] Hardcoded `required` HTML attributes in `fieldset-tfe-info.php` (synopsis, objet radios), `fieldset-licence-explanation.php` (access type radios), `jury-fieldset.php` (promoteur, lecteurs interne/externe) gated on `!$adminMode`
- [x] Dynamic JS `ulbInput.required` in jury fieldset also gated
- [x] Remove server-side validation for orientation, ap, finality, licence, jury roles in `ThesisEditController::save()` — admins can save partial records
- [x] Same for `ThesisCreateController::submit()`: added `$adminMode` param, pass `true` from `admin/actions/formulaire.php`
- [x] Encrypt SMTP password at rest (AES-256-GCM)
- [x] `app/.env` — holds `APP_KEY` (base64, 32 bytes); added to `.gitignore`
- [x] `src/Crypto.php``encrypt()` / `decrypt()` / `isEncrypted()` via OpenSSL AES-256-GCM
- [x] `SmtpRelay::getSettings()` — decrypts password after DB fetch
- [x] `SmtpRelay::updateSettings()` — encrypts password before DB write
- [x] `parametres.php` template — password field no longer pre-filled (ciphertext never sent to browser)
- [x] Migration `018_encrypt_smtp_password.php` — encrypted existing plaintext in DB; moved to applied/
- [x] `justfile``deploy` calls `deploy-env` (uploads `.env` only if remote doesn't exist yet)
- [x] `justfile``deploy-env` recipe: safe upload with guards
- [x] `justfile``reencrypt-password` recipe: rotates APP_KEY on remote DB
- [x] `scripts/reencrypt-smtp-password.php` — decrypts with old key, re-encrypts with new key, updates `.env`