PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

cleanup modal: list stale files to remove; storage restructure: documents/ → {objet}/

Browse Source
This commit is contained in:
Pontoporeia
2026-05-19 22:00:10 +02:00
parent c6199525f9
commit defc919cd0
19 changed files with 292 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/public/admin/actions/filepond/relink.php
View File

@@ -51,8 +51,8 @@ if (!$thesisId || $filePath === '') {
relinkError(400, 'Paramètres invalides (thesis_id + file_path requis).');
}
// Security: only allow paths under documents/ or theses/
if (!preg_match('#^(documents|theses)/#', $filePath)) {
// Security: only allow paths under tfe/ these/ frart/ documents/ or theses/
if (!preg_match('#^(tfe|these|frart|documents|theses)/#', $filePath)) {
relinkError(403, 'Chemin de fichier non autorisé.');
}