Reintroduce TFE duration metadata: DB columns, form fields, controllers, views, and migration

Add 'unsafe-eval' to CSP script-src directives (htmx requires Function())

app/public/admin/actions/settings.php

@@ -1,12 +1,10 @@
 <?php
 require_once __DIR__ . '/../../../bootstrap.php';
 require_once __DIR__ . '/../../../src/AdminAuth.php';
-error_log('[settings.php] ENTRY | method=' . $_SERVER['REQUEST_METHOD'] . ' | section=' . ($_POST['section'] ?? 'none') . ' | post_keys=' . implode(',', array_keys($_POST)));
 AdminAuth::requireLogin();
 
 if (!isset($_POST['csrf_token'], $_SESSION['csrf_token'])
     || !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
-    error_log('[settings.php] CSRF FAIL | session_token=' . ($_SESSION['csrf_token'] ?? 'none') . ' | post_token=' . ($_POST['csrf_token'] ?? 'none'));
     App::flash('error', "Erreur de sécurité : token invalide.");
     header('Location: /admin/parametres.php');
     exit;
@@ -21,7 +19,6 @@ $logger = AdminLogger::make();
 
 $isHxRequest = (isset($_SERVER['HTTP_HX_REQUEST']) && $_SERVER['HTTP_HX_REQUEST'] === 'true');
 $section = $_POST['section'] ?? '';
-error_log('[settings.php] PROCESS | section=' . $section . ' | post_keys=' . implode(',', array_keys($_POST)));
 
 /**
  * Return an HTML toast fragment for HTMX responses and exit.
@@ -58,9 +55,7 @@ function hxToastError(string $message): never {
 if ($section === 'formulaire_restrictions') {
     // HTMX may not send unchecked checkboxes even with hidden 0-value inputs;
     // missing key means unchecked → treat as '0'.
-    $rawPost = $_POST['restricted_files_enabled'] ?? '(missing)';
     $newValue = empty($_POST['restricted_files_enabled']) ? '0' : '1';
-    error_log('[settings.php] SAVE formulaire_restrictions | restricted_files_enabled raw=' . var_export($rawPost, true) . ' | resolved=' . $newValue);
     $db->setSetting('restricted_files_enabled', $newValue);
     $logger->logFormSettingsUpdate(['restricted_files_enabled' => $newValue]);
     if ($isHxRequest) {
@@ -76,9 +71,7 @@ if ($section === 'formulaire_restrictions') {
     ];
     $newValues = [];
     foreach ($allowed as $key) {
-        $raw = $_POST[$key] ?? '(missing)';
         $value = empty($_POST[$key]) ? '0' : '1';
-        error_log('[settings.php] SAVE formulaire_acces | ' . $key . ' raw=' . var_export($raw, true) . ' | resolved=' . $value);
         $db->setSetting($key, $value);
         $newValues[$key] = $value;
     }
@@ -89,14 +82,10 @@ if ($section === 'formulaire_restrictions') {
         App::flash('success', "Degrés d'ouverture mis à jour.");
     }
 } elseif ($section === 'objet_types') {
-    $rawThese = $_POST['objet_these_enabled'] ?? '(missing)';
-    $rawFrart = $_POST['objet_frart_enabled'] ?? '(missing)';
     $newValues = [
         'objet_these_enabled' => empty($_POST['objet_these_enabled']) ? '0' : '1',
         'objet_frart_enabled' => empty($_POST['objet_frart_enabled']) ? '0' : '1',
     ];
-    error_log('[settings.php] SAVE objet_types | objet_these_enabled raw=' . var_export($rawThese, true) . ' | resolved=' . $newValues['objet_these_enabled']);
-    error_log('[settings.php] SAVE objet_types | objet_frart_enabled raw=' . var_export($rawFrart, true) . ' | resolved=' . $newValues['objet_frart_enabled']);
     $db->setSetting('objet_these_enabled', $newValues['objet_these_enabled']);
     $db->setSetting('objet_frart_enabled', $newValues['objet_frart_enabled']);
     $logger->logObjetTypesUpdate($newValues);