Reintroduce TFE duration metadata: DB columns, form fields, controllers, views, and migration

Add 'unsafe-eval' to CSP script-src directives (htmx requires Function())
2026-06-25 16:19:19 +02:00 · 2026-06-11 13:05:37 +02:00
parent 00fed5f0e3
commit d588ae004d
81 changed files with 1061 additions and 840 deletions
--- a/app/src/Form/FormBootstrap.php
+++ b/app/src/Form/FormBootstrap.php
@@ -32,6 +32,7 @@ class FormBootstrap
                '/assets/js/app/beforeunload-guard.js',
                '/assets/js/app/pill-search.js',
                '/assets/js/app/jury-autocomplete.js',
+                '/assets/js/app/autosave-handler.js',
            ],
        ];
    }
@@ -117,13 +118,47 @@ class FormBootstrap
        $generalitiesHtml    = $helpFn('fieldset_generalites');
        $defaultAccessTypeId = $options['defaultAccessTypeId'] ?? 2;

+        // ── Autosave draft wiring (add / edit only) ─────────────────────┐
+        $autosaveUrl = '/admin/actions/draft.php';
+        $formExtraAttrs = '';
+        $showAutosaveStatus = false;
+        $extraHidden = '';
+        if ($mode === 'add') {
+            // Reuse draft token from session so drafts survive page reloads
+            if (empty($_SESSION['admin_draft_add_token'])) {
+                $_SESSION['admin_draft_add_token'] = bin2hex(random_bytes(8));
+            }
+            $draftToken = $_SESSION['admin_draft_add_token'];
+            $draftKey = 'admin_draft_' . $draftToken;
+            $extraHidden = '<input type="hidden" name="draft_token" value="' . $draftToken . '">';
+            // Hydrate from any previous session (survives accidental navigations)
+            $draft = $_SESSION[$draftKey] ?? [];
+            $formData = array_merge($draft, $formData);
+            $showAutosaveStatus = true;
+        } elseif ($mode === 'edit') {
+            $thesisId = (int)($options['thesisId'] ?? 0);
+            if ($thesisId > 0) {
+                $draftKey = 'admin_draft_edit_' . $thesisId;
+                $extraHidden = '<input type="hidden" name="thesis_id" value="' . $thesisId . '">';
+                $draft = $_SESSION[$draftKey] ?? [];
+                $formData = array_merge($draft, $formData);
+                $showAutosaveStatus = true;
+            }
+        }
+        if ($showAutosaveStatus) {
+            $formExtraAttrs = 'hx-post="' . htmlspecialchars($autosaveUrl) . '"';
+        }
+
        return array_merge([
            // Base
            'mode'             => $mode,
            'formAction'       => $formAction,
-            'hiddenFields'     => $hiddenFields,
+            'hiddenFields'     => $hiddenFields . $extraHidden,
            'errorFieldName'   => $autofocusField,
            'synopsisExtra'    => $options['synopsisExtra'] ?? '',
+            'formExtraAttrs'   => $formExtraAttrs,
+            'showAutosaveStatus' => $showAutosaveStatus,
+            'autosaveUrl'      => $autosaveUrl,

            // Helpers
            'helpFn'           => $helpFn,
@@ -174,6 +209,8 @@ class FormBootstrap
            'contactPublic'           => false,
            'currentContextNote'      => null,
            'currentContactVisible'   => null,
+            'currentDurationValue'    => null,
+            'currentDurationUnit'     => 'pages',

            // Files (edit mode)
            'currentCover'           => null,