fix: add help email, preserve file names on validation error, license fix

The share link (partage) form does not expose a license field and does not send access_type_id (defaults to 2/Interne). Server-side validation was unconditionally requiring a license for non-admin submissions, causing all share link submissions to fail. Now the license check is gated on adminMode=false AND accessTypeId=1 (Libre), matching the client-side HTMX fragment behaviour in licence-fragment.php. Also fixed a use-before-definition where accessTypeId was referenced before being assigned. Student form improvements: - Add xamxam@erg.be mailto link at top of form - On validation error, append "Si le problème persiste, envoyez un e-mail à xamxam@erg.be" to the flash message - Preserve uploaded file names across validation redirects: store in session (share_primed_files_<slug>), display as warning on form re-render so the student knows which files to re-select - License: only required for non-admin when access_type_id=1 (Libre), not for Interne (2) or Interdit (3). Fixes share link submissions failing with "Veuillez sélectionner une licence". Also fixed use-before-definition of accessTypeId.
2026-06-25 16:19:19 +02:00 · 2026-05-10 14:06:05 +02:00
parent 6224e3ede0
commit ab6e266807
11 changed files with 828 additions and 553 deletions
--- a/app/public/partage/index.php
+++ b/app/public/partage/index.php
@@ -378,6 +378,27 @@ function renderShareLinkForm(string $slug, array $link): void
                <p class="thesis-add-subtitle">Formulaire pour <a href="/">XAMXAM</a></p>
            </div>

+            <div class="share-help-contact">
+                <p>Des questions ou un problème avec le formulaire ?
+                <a href="mailto:xamxam@erg.be">xamxam@erg.be</a></p>
+            </div>
+
+            <?php
+            // Show previously-selected files that were lost during validation redirect
+            $primedFiles = $_SESSION['share_primed_files_' . $slug] ?? null;
+            unset($_SESSION['share_primed_files_' . $slug]);
+            if ($primedFiles && count($primedFiles) > 0): ?>
+            <div class="flash-warning" role="alert">
+                <p>⚠️ Les fichiers suivants avaient été sélectionnés avant l'erreur de validation.
+                Veuillez les sélectionner à nouveau :</p>
+                <ul>
+                    <?php foreach ($primedFiles as $pf): ?>
+                    <li><?= htmlspecialchars($pf) ?></li>
+                    <?php endforeach; ?>
+                </ul>
+            </div>
+            <?php endif; ?>
+
            <?php include APP_ROOT . '/templates/partials/form/form.php'; ?>
        </main>
    </body>
@@ -507,8 +528,9 @@ function handleShareLinkSubmission(string $slug): void
        // Store as plain text — htmlspecialchars() is applied at render time.
        $_SESSION['_flash_warning'] = 'Votre soumission ressemble à un TFE déjà enregistré.'
            . "\n" . $e->existingIdentifier . ' — ' . $e->existingTitle . ' (' . $e->existingYear . ')'
-            . "\nSi vous pensez qu'il s'agit d'une erreur, veuillez contacter l'équipe.";
+            . "\nSi vous pensez qu'il s'agit d'une erreur, vous pouvez contacter l'équipe à xamxam@erg.be.";
        $_SESSION['form_data_share_' . $slug] = $_POST;
+        storePrimedFiles($slug);
        $_SESSION[$shareCsrfKey] = bin2hex(random_bytes(32)); // Regenerate token

        header('Location: /partage/' . urlencode($slug));
@@ -522,8 +544,10 @@ function handleShareLinkSubmission(string $slug): void
        ]);
        ErrorHandler::log('partage_submit', $e, ['slug' => $slug, 'author' => $authorName]);

-        $_SESSION['_flash_error'] = ErrorHandler::userMessage($e);
+        $_SESSION['_flash_error'] = ErrorHandler::userMessage($e)
+            . "\n\nSi le problème persiste, envoyez un e-mail à xamxam@erg.be.";
        $_SESSION['form_data_share_' . $slug] = $_POST;
+        storePrimedFiles($slug);
        $_SESSION[$shareCsrfKey] = bin2hex(random_bytes(32)); // Regenerate token

        // Redirect back to the form
@@ -549,3 +573,48 @@ function old(array $data, string $key, string $default = ''): string {
    }
    return is_array($value) ? htmlspecialchars(json_encode($value)) : htmlspecialchars((string)$value);
 }
+
+/**
+ * Store names of uploaded files in session so they can be shown
+ * to the user on form re-render after a validation error.
+ *
+ * $_FILES is not preserved across redirects, but the user should know
+ * which files they need to re-select.
+ */
+function storePrimedFiles(string $slug): void
+{
+    $names = [];
+    if (!empty($_FILES['couverture']['name'])) {
+        $names[] = 'Couverture : ' . $_FILES['couverture']['name'];
+    }
+    if (!empty($_FILES['note_intention']['name'])) {
+        $names[] = 'Note d\'intention : ' . $_FILES['note_intention']['name'];
+    }
+    if (!empty($_FILES['files']['name']) && is_array($_FILES['files']['name'])) {
+        foreach ($_FILES['files']['name'] as $name) {
+            if ($name !== '' && $name !== null) {
+                $names[] = 'TFE : ' . $name;
+            }
+        }
+    }
+    if (!empty($_FILES['annexes']['name'])) {
+        if (is_array($_FILES['annexes']['name'])) {
+            foreach ($_FILES['annexes']['name'] as $name) {
+                if ($name !== '' && $name !== null) {
+                    $names[] = 'Annexe : ' . $name;
+                }
+            }
+        } else {
+            $names[] = 'Annexe : ' . $_FILES['annexes']['name'];
+        }
+    }
+    if (!empty($_FILES['peertube_video']['name'])) {
+        $names[] = 'Vidéo PeerTube : ' . $_FILES['peertube_video']['name'];
+    }
+    if (!empty($_FILES['peertube_audio']['name'])) {
+        $names[] = 'Audio PeerTube : ' . $_FILES['peertube_audio']['name'];
+    }
+    if (!empty($names)) {
+        $_SESSION['share_primed_files_' . $slug] = $names;
+    }
+}