fix: change adminOld return type from string to string|array

The closure returned arrays when formData values were arrays (e.g. jury_promoteur), but the PHP return type annotation was :string. PHP 8.x enforces this strictly, causing a fatal TypeError in jury-fieldset.php on add mode.
2026-06-25 16:19:19 +02:00 · 2026-06-15 16:16:02 +02:00
parent d588ae004d
commit a5db81a73d
3 changed files with 14 additions and 7 deletions
--- a/app/public/assets/js/app/file-upload-filepond.js
+++ b/app/public/assets/js/app/file-upload-filepond.js
@@ -245,7 +245,11 @@
 			process: {
 				url: `${base}/process.php`,
 				method: "POST",
-				headers: { "X-CSRF-Token": csrfToken },
+				// Use a function for headers so the CSRF token is re-read
+				// from the meta tag on every request.  The autosave handler
+				// rotates the token periodically and updates the meta tag;
+				// a static snapshot captured at init time would go stale.
+				headers: () => ({ "X-CSRF-Token": getCsrfToken() }),
 				ondata: (formData) => {
 					formData.append("queue_type", queueType);
 					console.log(`[filepond] process ondata | queueType=${queueType}`);
@@ -283,7 +287,8 @@
 			revert: {
 				url: `${base}/revert.php`,
 				method: "DELETE",
-				headers: { "X-CSRF-Token": csrfToken },
+				// Re-read CSRF token on each request (same rationale as process).
+				headers: () => ({ "X-CSRF-Token": getCsrfToken() }),
 				onload: () => {
 					console.log("[filepond] revert OK");
 				},
@@ -320,7 +325,7 @@
 				if (/^[a-f0-9]{32}$/.test(source)) {
 					fetch(`${base}/revert.php`, {
 						method: "DELETE",
-						headers: { "X-CSRF-Token": csrfToken },
+						headers: { "X-CSRF-Token": getCsrfToken() },
 						body: source,
 					})
 						.then((r) => {
@@ -343,7 +348,7 @@
 					method: "DELETE",
 					headers: {
 						"Content-Type": "application/json",
-						"X-CSRF-Token": csrfToken,
+						"X-CSRF-Token": getCsrfToken(),
 					},
 					body: JSON.stringify({ db_id: source }),
 				})