Reintroduce TFE duration metadata: DB columns, form fields, controllers, views, and migration

Add 'unsafe-eval' to CSP script-src directives (htmx requires Function())

app/public/admin/actions/formulaire.php

@@ -3,8 +3,6 @@
 require_once __DIR__ . '/../../../bootstrap.php';
 require_once __DIR__ . '/../../../src/AdminAuth.php';
 
-error_log('[formulaire.php] ENTRY | method=' . $_SERVER['REQUEST_METHOD'] . ' | content_type=' . ($_SERVER['CONTENT_TYPE'] ?? 'none') . ' | content_length=' . ($_SERVER['CONTENT_LENGTH'] ?? '0') . ' | post_keys=' . implode(',', array_keys($_POST)) . ' | files_count=' . count($_FILES) . ' | files_keys=' . implode(',', array_keys($_FILES)) . ' | queue_tfe=' . (isset($_FILES['queue_file']['name']['tfe']) ? count(array_filter($_FILES['queue_file']['name']['tfe'])) : 0));
-
 // Only suppress display_errors in production (cli-server = dev mode).
 if (php_sapi_name() !== 'cli-server') {
     ini_set('display_errors', 0);
@@ -25,8 +23,6 @@ if (!isset($_POST['csrf_token'], $_SESSION['csrf_token'])
     die('Erreur de sécurité : token invalide. Veuillez recharger le formulaire.');
 }
 
-error_log('[formulaire.php] full FILES array: ' . print_r($_FILES, true));
-
 require_once APP_ROOT . '/src/Controllers/ThesisCreateController.php';
 require_once APP_ROOT . '/src/AppLogger.php';
 require_once APP_ROOT . '/src/AdminLogger.php';
@@ -45,6 +41,10 @@ try {
     $logger->logSubmission('admin', $thesisId, $identifier, $authorName);
     $adminLogger->logAdd($thesisId, $identifier, $authorName);
 
+    // Clear autosave draft + FilePond temp files
+    unset($_SESSION['admin_draft_' . ($_POST['draft_token'] ?? '')]);
+    unset($_SESSION['admin_draft_add_token']);
+    unset($_SESSION['filepond_tmp']);
     unset($_SESSION['csrf_token']);
 
     $redirect = '../recapitulatif.php?id=' . $thesisId;