PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Split form.css into form-base.css and form-admin.css, drop dead upload-progress code

Browse Source 
Also introduces $extraCssAdmin support in head.php for admin-only
stylesheets (form-admin.css, filepond CSS, system.css). Admin pages
now use $extraCssAdmin for admin-only assets and $extraCss for
shared stylesheets like form-base.css.
This commit is contained in:
Pontoporeia
2026-06-11 11:04:01 +02:00
parent 99125cc8e3
commit cbd369bc72
15 changed files with 250 additions and 682 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/public/admin/actions/edit.php
View File

@@ -32,12 +32,7 @@ require_once APP_ROOT . '/src/ErrorHandler.php';
try {
$ctrl = ThesisEditController::create();
$progressToken = $_POST['progress_token'] ?? bin2hex(random_bytes(8));
$ctrl->save($thesisId, $_POST, $_FILES, $progressToken);
// Clean up progress file
require_once APP_ROOT . '/src/PeerTubeService.php';
PeerTubeService::clearProgress($progressToken);
$ctrl->save($thesisId, $_POST, $_FILES);
// Regenerate CSRF token after successful save
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));

45
app/public/admin/actions/upload-progress.php
View File

@@ -1,45 +0,0 @@
<?php
/**
* upload-progress.php
*
* Returns the current upload/processing progress for a given token.
* Called by the client-side upload-progress.js while the form XHR is in flight.
*
* GET /admin/actions/upload-progress.php?token=<token>
*
* Response: JSON
* { "stage": "upload"|"processing"|"done", "pct": 45, "file": "video.mp4" }
*
* Progress data is written by ThesisEditController / ThesisCreateController
* to a temp file during processing.
*/
require_once __DIR__ . '/../../../bootstrap.php';
// No AdminAuth check here — this endpoint is called by client-side JS during
// both admin and partage (student) form uploads. Access is guarded by the
// progress token (64 bits of entropy, fresh per form render) which must match
// a temp file that only exists during an active upload.
header('Content-Type: application/json');
$token = $_GET['token'] ?? '';
if (!preg_match('/^[a-f0-9]{16}$/', $token)) {
echo json_encode(['stage' => 'error', 'error' => 'Invalid token']);
exit;
}
$progressFile = sys_get_temp_dir() . '/xamxam_upload_' . $token . '.json';
if (!file_exists($progressFile)) {
// No progress file yet — still in upload phase (or token invalid)
echo json_encode(['stage' => 'upload', 'pct' => 0, 'file' => '']);
exit;
}
$data = json_decode(file_get_contents($progressFile), true);
if (!$data) {
echo json_encode(['stage' => 'upload', 'pct' => 0, 'file' => '']);
exit;
}
echo json_encode($data);

3
app/public/admin/add.php
View File

@@ -54,7 +54,8 @@ function wasSelected($key, $value) {
$isAdmin = true;
$bodyClass = 'admin-body';
$extraCss = ['/assets/css/form.css', '/assets/css/filepond.min.css', '/assets/css/filepond-plugin-image-preview.min.css'];
$extraCss = ['/assets/css/form-base.css'];
$extraCssAdmin = ['/assets/css/form-admin.css', '/assets/css/filepond.min.css', '/assets/css/filepond-plugin-image-preview.min.css'];
$extraJs = ['/assets/js/vendor/filepond.min.js', '/assets/js/vendor/filepond-plugin-file-validate-type.min.js', '/assets/js/vendor/filepond-plugin-file-validate-size.min.js', '/assets/js/vendor/filepond-plugin-image-preview.min.js', '/assets/js/vendor/filepond-plugin-image-exif-orientation.min.js', '/assets/js/app/file-upload-filepond.js', '/assets/js/app/beforeunload-guard.js', '/assets/js/app/pill-search.js', '/assets/js/app/jury-autocomplete.js'];
require_once APP_ROOT . '/templates/head.php';
include APP_ROOT . '/templates/header.php';

3
app/public/admin/edit.php
View File

@@ -39,7 +39,8 @@ try {
}
$isAdmin = true; $bodyClass = 'admin-body';
$extraCss = ['/assets/css/form.css', '/assets/css/filepond.min.css', '/assets/css/filepond-plugin-image-preview.min.css'];
$extraCss = ['/assets/css/form-base.css'];
$extraCssAdmin = ['/assets/css/form-admin.css', '/assets/css/filepond.min.css', '/assets/css/filepond-plugin-image-preview.min.css'];
$extraJs = ['/assets/js/vendor/filepond.min.js', '/assets/js/vendor/filepond-plugin-file-validate-type.min.js', '/assets/js/vendor/filepond-plugin-file-validate-size.min.js', '/assets/js/vendor/filepond-plugin-image-preview.min.js', '/assets/js/vendor/filepond-plugin-image-exif-orientation.min.js', '/assets/js/app/file-upload-filepond.js', '/assets/js/app/beforeunload-guard.js', '/assets/js/app/pill-search.js', '/assets/js/app/jury-autocomplete.js'];
require_once APP_ROOT . '/templates/head.php';
include APP_ROOT . '/templates/header.php';

2
app/public/admin/index.php
View File

@@ -515,7 +515,7 @@ if ($isHtmx) {
include APP_ROOT . '/templates/admin/index-table.php';
}
} else {
$extraCss = ['/assets/css/filepond.min.css', '/assets/css/filepond-plugin-image-preview.min.css'];
$extraCssAdmin = ['/assets/css/filepond.min.css', '/assets/css/filepond-plugin-image-preview.min.css'];
$extraJs = ['/assets/js/vendor/filepond.min.js', '/assets/js/vendor/filepond-plugin-file-validate-type.min.js', '/assets/js/vendor/filepond-plugin-file-validate-size.min.js', '/assets/js/vendor/filepond-plugin-image-preview.min.js', '/assets/js/vendor/filepond-plugin-image-exif-orientation.min.js', '/assets/js/app/file-upload-filepond.js'];
require_once APP_ROOT . '/templates/head.php';
include APP_ROOT . '/templates/header.php';

2
app/public/admin/parametres.php
View File

@@ -74,7 +74,7 @@ if (empty($_SESSION['csrf_token'])) {
}
$isAdmin = true; $bodyClass = 'admin-body';
$extraCss = ['/assets/css/system.css'];
$extraCssAdmin = ['/assets/css/system.css'];
require_once APP_ROOT . '/templates/head.php';
include APP_ROOT . '/templates/header.php';
include APP_ROOT . '/templates/admin/parametres.php';