PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(production): fix multiple remote server errors from nginx logs

Browse Source 
- Fix 413 Request Entity Too Large: bump client_max_body_size to 256M,
  PHP post_max_size/upload_max_filesize to 256M, fastcgi timeouts to 300s
- Fix missing v_smtp_active view: add IF NOT EXISTS to all CREATE VIEW
  statements in schema.sql for idempotent migrates
- Fix bars.svg 404: create animated SVG spinner in app/public/assets/img/
- Fix nginx rate limiting: increase admin zone from 60r/m (1 r/s) to
  300r/m (5 r/s) with burst=30 to handle ~11 concurrent HTMX fragment
  GETs on contenus.php page load
- Add deploy-nginx recipe to justfile for uploading nginx config to server
- Database readonly issue mitigated by existing --chown + deploy-server.sh
  permissions fix
- Add comprehensive PHP/JS debugging logs for settings checkboxes:
  per-field raw POST values in error_log, console.log on htmx:beforeSend,
  htmx:sendError, htmx:afterRequest, toast lifecycle
- Fix toast auto-remove script: use getElementById with unique ID instead
  of querySelector which could remove wrong toast on rapid clicks
This commit is contained in:
Pontoporeia
2026-05-11 03:18:03 +02:00
parent 43064ccbd7
commit be50ac5eb0
9 changed files with 119 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
app/public/admin/actions/settings.php
View File

@@ -6,6 +6,7 @@ AdminAuth::requireLogin();
if (!isset($_POST['csrf_token'], $_SESSION['csrf_token'])
|| !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
error_log('[settings.php] CSRF FAIL | session_token=' . ($_SESSION['csrf_token'] ?? 'none') . ' | post_token=' . ($_POST['csrf_token'] ?? 'none'));
App::flash('error', "Erreur de sécurité : token invalide.");
header('Location: /admin/parametres.php');
exit;
@@ -27,29 +28,41 @@ error_log('[settings.php] PROCESS | section=' . $section . ' | post_keys=' . imp
* The fragment auto-dismisses after 3 seconds via a script at the end.
*/
function hxToastSuccess(string $message): never {
$id = 'toast-' . bin2hex(random_bytes(4));
http_response_code(200);
echo '<div class="toast toast--success" role="status" data-toast-autoremove>' .
echo '<div class="toast toast--success" role="status" id="' . $id . '">' .
'<span class="toast__icon" aria-hidden="true">✓</span> ' .
htmlspecialchars($message) . '</div>' .
'<script>setTimeout(function(){var t=document.querySelector("[data-toast-autoremove]");if(t)t.remove()},3000)</script>';
'<script>' .
'(function(){console.log("[settings-toast] success: ' . htmlspecialchars(addslashes($message), ENT_QUOTES) . '");' .
'var el=document.getElementById("' . $id . '");' .
'if(el){setTimeout(function(){el.remove();console.log("[settings-toast] removed ' . $id . '")},3000)}' .
'})()</script>';
exit;
}
function hxToastError(string $message): never {
$id = 'toast-' . bin2hex(random_bytes(4));
http_response_code(200);
echo '<div class="toast toast--error" role="alert" data-toast-autoremove>' .
echo '<div class="toast toast--error" role="alert" id="' . $id . '">' .
'<span class="toast__icon" aria-hidden="true">⚠</span> ' .
htmlspecialchars($message) . '</div>' .
'<script>setTimeout(function(){var t=document.querySelector("[data-toast-autoremove]");if(t)t.remove()},3000)</script>';
'<script>' .
'(function(){console.warn("[settings-toast] error: ' . htmlspecialchars(addslashes($message), ENT_QUOTES) . '");' .
'var el=document.getElementById("' . $id . '");' .
'if(el){setTimeout(function(){el.remove();console.log("[settings-toast] removed ' . $id . '")},3000)}' .
'})()</script>';
exit;
}
if ($section === 'formulaire_restrictions') {
// HTMX may not send unchecked checkboxes even with hidden 0-value inputs;
// missing key means unchecked → treat as '0'.
$newValues = ['restricted_files_enabled' => empty($_POST['restricted_files_enabled']) ? '0' : '1'];
$db->setSetting('restricted_files_enabled', $newValues['restricted_files_enabled']);
$logger->logFormSettingsUpdate($newValues);
$rawPost = $_POST['restricted_files_enabled'] ?? '(missing)';
$newValue = empty($_POST['restricted_files_enabled']) ? '0' : '1';
error_log('[settings.php] SAVE formulaire_restrictions | restricted_files_enabled raw=' . var_export($rawPost, true) . ' | resolved=' . $newValue);
$db->setSetting('restricted_files_enabled', $newValue);
$logger->logFormSettingsUpdate(['restricted_files_enabled' => $newValue]);
if ($isHxRequest) {
hxToastSuccess('Restrictions d\'accès aux fichiers mises à jour.');
} else {
@@ -63,7 +76,9 @@ if ($section === 'formulaire_restrictions') {
];
$newValues = [];
foreach ($allowed as $key) {
$raw = $_POST[$key] ?? '(missing)';
$value = empty($_POST[$key]) ? '0' : '1';
error_log('[settings.php] SAVE formulaire_acces | ' . $key . ' raw=' . var_export($raw, true) . ' | resolved=' . $value);
$db->setSetting($key, $value);
$newValues[$key] = $value;
}
@@ -74,10 +89,14 @@ if ($section === 'formulaire_restrictions') {
App::flash('success', "Degrés d'ouverture mis à jour.");
}
} elseif ($section === 'objet_types') {
$rawThese = $_POST['objet_these_enabled'] ?? '(missing)';
$rawFrart = $_POST['objet_frart_enabled'] ?? '(missing)';
$newValues = [
'objet_these_enabled' => empty($_POST['objet_these_enabled']) ? '0' : '1',
'objet_frart_enabled' => empty($_POST['objet_frart_enabled']) ? '0' : '1',
];
error_log('[settings.php] SAVE objet_types | objet_these_enabled raw=' . var_export($rawThese, true) . ' | resolved=' . $newValues['objet_these_enabled']);
error_log('[settings.php] SAVE objet_types | objet_frart_enabled raw=' . var_export($rawFrart, true) . ' | resolved=' . $newValues['objet_frart_enabled']);
$db->setSetting('objet_these_enabled', $newValues['objet_these_enabled']);
$db->setSetting('objet_frart_enabled', $newValues['objet_frart_enabled']);
$logger->logObjetTypesUpdate($newValues);

11
app/public/assets/img/bars.svg Normal file
View File

@@ -0,0 +1,11 @@
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="currentColor">
<rect x="1" y="1" width="6" height="22" rx="1">
<animate attributeName="opacity" values="0.3;1;0.3" dur="1s" repeatCount="indefinite" begin="0s"/>
</rect>
<rect x="9" y="1" width="6" height="22" rx="1">
<animate attributeName="opacity" values="0.3;1;0.3" dur="1s" repeatCount="indefinite" begin="0.2s"/>
</rect>
<rect x="17" y="1" width="6" height="22" rx="1">
<animate attributeName="opacity" values="0.3;1;0.3" dur="1s" repeatCount="indefinite" begin="0.4s"/>
</rect>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 582 B