PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: req annexes, add HTMX inline file validation (MIME/size)

Browse Source 
- Annexes file input now required when 'has_annexes' checkbox is checked
- PHP-side validation: if has_annexes but no files, throw error
- HTMX inline file validation: POSTs to validate-file-fragment on file change
  - Validates MIME type against per-field whitelists (couverture, note_intention,
    tfe, annexes)
  - Validates file size with PDF-specific 100MB limit
  - Supports both single-file and multi-file inputs
  - Returns green ✓ or red ✕ inline validation messages
- Shared validation logic in src/Controllers/validate-file-fragment-shared.php
- Admin wrapper: admin/validate-file-fragment.php (with AdminAuth guard)
- Partage route: /partage/validate-file-fragment (dispatched via index.php)
- CSS: .file-validation-msg, .fv-ok (green), .fv-error (red)
- file-field.php: accepts $fieldName for per-input validation type,
  auto-detects admin/partage validate URL
This commit is contained in:
Pontoporeia
2026-05-10 15:55:35 +02:00
parent a1a5d4609f
commit e06a317499
10 changed files with 503 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/public/admin/validate-file-fragment.php Normal file
View File

@@ -0,0 +1,12 @@
<?php
/**
* validate-file-fragment.php (admin)
*
* Admin-gated HTMX fragment: validates uploaded file MIME type and size.
* Wraps the shared validation logic.
*/
require_once __DIR__ . '/../../bootstrap.php';
require_once __DIR__ . '/../../src/AdminAuth.php';
AdminAuth::requireLogin();
require_once APP_ROOT . '/src/Controllers/validate-file-fragment-shared.php';

16
app/public/assets/css/form.css
View File

@@ -516,6 +516,22 @@
color: var(--text-tertiary);
}
/* ── Inline file validation messages (HTMX) ──────────────────────────────── */
.file-validation-msg {
margin-top: var(--space-3xs);
font-size: var(--step--2);
line-height: 1.5;
}
.fv-ok {
color: var(--success, #2d6a4f);
}
.fv-error {
color: var(--danger, #c1121f);
}
/* ── TFE file upload queue (.tfe-file-queue) ────────────────────────────── */
.admin-files-fieldgroup {

348
app/public/assets/js/file-upload-queue.js
View File

@@ -11,139 +11,245 @@
* after swap without a global event listener.
*/
window.XamxamInitFileUploads = function () {
console.log('[file-upload-queue] XamxamInitFileUploads called');
var ICON = {
pdf: '\uD83D\uDCC4', video: '\uD83C\uDFAC', audio: '\uD83D\uDD0A',
zip: '\uD83D\uDDDC\uFE0F', vtt: '\uD83D\uDCAC', image: '\uD83D\uDDBC\uFE0F', other: '\uD83D\uDCCE'
};
console.log("[file-upload-queue] XamxamInitFileUploads called");
var ICON = {
pdf: "\uD83D\uDCC4",
video: "\uD83C\uDFAC",
audio: "\uD83D\uDD0A",
zip: "\uD83D\uDDDC\uFE0F",
vtt: "\uD83D\uDCAC",
image: "\uD83D\uDDBC\uFE0F",
other: "\uD83D\uDCCE",
};
function iconFor(file) {
var t = file.type || '', n = file.name.toLowerCase();
if (/^image\//.test(t)) return ICON.image;
if (t === 'application/pdf' || /\.pdf$/.test(n)) return ICON.pdf;
if (/^video\//.test(t) || /\.(mp4|webm|mov|ogv)$/.test(n)) return ICON.video;
if (/^audio\//.test(t) || /\.(mp3|ogg|oga|wav|flac|aac|m4a)$/.test(n)) return ICON.audio;
if (/\.(zip|tar|gz|tgz)$/.test(n)) return ICON.zip;
if (/\.vtt$/.test(n)) return ICON.vtt;
return ICON.other;
}
function iconFor(file) {
var t = file.type || "",
n = file.name.toLowerCase();
if (/^image\//.test(t)) return ICON.image;
if (t === "application/pdf" || /\.pdf$/.test(n)) return ICON.pdf;
if (/^video\//.test(t) || /\.(mp4|webm|mov|ogv)$/.test(n))
return ICON.video;
if (/^audio\//.test(t) || /\.(mp3|ogg|oga|wav|flac|aac|m4a)$/.test(n))
return ICON.audio;
if (/\.(zip|tar|gz|tgz)$/.test(n)) return ICON.zip;
if (/\.vtt$/.test(n)) return ICON.vtt;
return ICON.other;
}
function humanSize(b) {
return b >= 1073741824 ? (b / 1073741824).toFixed(2) + ' GB'
: b >= 1048576 ? (b / 1048576).toFixed(2) + ' MB'
: b >= 1024 ? (b / 1024).toFixed(1) + ' KB'
: b + ' B';
}
function humanSize(b) {
return b >= 1073741824
? (b / 1073741824).toFixed(2) + " GB"
: b >= 1048576
? (b / 1048576).toFixed(2) + " MB"
: b >= 1024
? (b / 1024).toFixed(1) + " KB"
: b + " B";
}
function esc(s) { return s.replace(/[&<>"]/g, function(c){ return {'&':'&amp;','<':'&lt;','>':'&gt;','"':'&quot;'}[c]; }); }
function esc(s) {
return s.replace(/[&<>"]/g, function (c) {
return { "&": "&amp;", "<": "&lt;", ">": "&gt;", '"': "&quot;" }[c];
});
}
// ── 1. TFE multi-file queue ────────────────────────────────────────────
var picker = document.getElementById('tfe-files-input');
var queue = document.getElementById('tfe-file-queue');
var empty = document.getElementById('tfe-file-queue-empty');
var sortHint = document.getElementById('tfe-file-queue-sort-hint');
if (picker && queue) {
console.log('[file-upload-queue] init TFE queue picker=', picker, 'multiple=', picker.multiple);
var fileArray = [];
// ── 1. TFE multi-file queue ────────────────────────────────────────────
var picker = document.getElementById("tfe-files-input");
var queue = document.getElementById("tfe-file-queue");
var empty = document.getElementById("tfe-file-queue-empty");
var sortHint = document.getElementById("tfe-file-queue-sort-hint");
if (picker && queue) {
console.log(
"[file-upload-queue] init TFE queue picker=",
picker,
"multiple=",
picker.multiple,
);
var fileArray = [];
if (typeof Sortable !== 'undefined') {
Sortable.create(queue, { animation: 150, handle: '.fq-drag-handle', ghostClass: 'fq-ghost',
onEnd: function () {
var items = queue.querySelectorAll('.fq-item');
var newArr = Array.prototype.map.call(items, function (li) { return fileArray[parseInt(li.getAttribute('data-idx'), 10)]; });
fileArray = newArr;
renderQueue();
}
});
}
if (typeof Sortable !== "undefined") {
Sortable.create(queue, {
animation: 150,
handle: ".fq-drag-handle",
ghostClass: "fq-ghost",
onEnd: function () {
var items = queue.querySelectorAll(".fq-item");
var newArr = Array.prototype.map.call(items, function (li) {
return fileArray[parseInt(li.getAttribute("data-idx"), 10)];
});
fileArray = newArr;
renderQueue();
},
});
}
picker.onchange = function () {
console.log('[file-upload-queue] onchange fired, files count:', picker.files.length, 'names:', Array.from(picker.files).map(function(f){return f.name}));
fileArray = fileArray.concat(Array.from(picker.files));
console.log('[file-upload-queue] fileArray after concat, length:', fileArray.length);
picker.value = '';
renderQueue();
};
picker.onchange = function () {
console.log(
"[file-upload-queue] onchange fired, files count:",
picker.files.length,
"names:",
Array.from(picker.files).map(function (f) {
return f.name;
}),
);
fileArray = fileArray.concat(Array.from(picker.files));
console.log(
"[file-upload-queue] fileArray after concat, length:",
fileArray.length,
);
picker.value = "";
renderQueue();
};
function renderQueue() {
queue.innerHTML = '';
if (!fileArray.length) { empty.style.display = ''; if (sortHint) sortHint.style.display = 'none'; injectHiddenFields([]); return; }
empty.style.display = 'none';
if (sortHint) sortHint.style.display = '';
fileArray.forEach(function (file, idx) {
var li = document.createElement('li');
li.className = 'fq-item';
li.setAttribute('data-idx', idx);
li.innerHTML =
'<span class="fq-drag-handle" title="R\u00e9ordonner">\u2820</span>' +
'<span class="fq-icon">' + iconFor(file) + '</span>' +
'<span class="fq-info"><span class="fq-name">' + esc(file.name) + '</span>' +
'<span class="fq-size">' + humanSize(file.size) + '</span></span>' +
'<button type="button" class="admin-btn-remove fq-remove" aria-label="Retirer ' + esc(file.name) + '">&#x2715;</button>';
li.querySelector('.fq-remove').onclick = (function (i) { return function () { fileArray.splice(i, 1); renderQueue(); }; })(idx);
queue.appendChild(li);
});
injectHiddenFields(Array.from(queue.querySelectorAll('.fq-item')));
}
function renderQueue() {
queue.innerHTML = "";
if (!fileArray.length) {
empty.style.display = "";
if (sortHint) sortHint.style.display = "none";
injectHiddenFields([]);
return;
}
empty.style.display = "none";
if (sortHint) sortHint.style.display = "";
fileArray.forEach(function (file, idx) {
var li = document.createElement("li");
li.className = "fq-item";
li.setAttribute("data-idx", idx);
li.innerHTML =
'<span class="fq-drag-handle" title="R\u00e9ordonner">\u2820</span>' +
'<span class="fq-icon">' +
iconFor(file) +
"</span>" +
'<span class="fq-info"><span class="fq-name">' +
esc(file.name) +
"</span>" +
'<span class="fq-size">' +
humanSize(file.size) +
"</span></span>" +
'<button type="button" class="admin-btn-remove fq-remove" aria-label="Retirer ' +
esc(file.name) +
'">&#x2715;</button>';
li.querySelector(".fq-remove").onclick = (function (i) {
return function () {
fileArray.splice(i, 1);
renderQueue();
};
})(idx);
queue.appendChild(li);
});
injectHiddenFields(Array.from(queue.querySelectorAll(".fq-item")));
}
function injectHiddenFields(items) {
var form = picker.closest('form');
if (!form) return;
form.querySelectorAll('.fq-hidden-label, .fq-hidden-order').forEach(function (el) { el.remove(); });
items.forEach(function (li, sortedIdx) {
var label = li.querySelector('.fq-label');
var lInp = document.createElement('input'); lInp.type = 'hidden'; lInp.name = 'file_labels[]'; lInp.value = label ? label.value : ''; lInp.className = 'fq-hidden-label'; form.appendChild(lInp);
var oInp = document.createElement('input'); oInp.type = 'hidden'; oInp.name = 'file_orders[]'; oInp.value = sortedIdx + 1; oInp.className = 'fq-hidden-order'; form.appendChild(oInp);
});
}
function injectHiddenFields(items) {
var form = picker.closest("form");
if (!form) return;
form
.querySelectorAll(".fq-hidden-label, .fq-hidden-order")
.forEach(function (el) {
el.remove();
});
items.forEach(function (li, sortedIdx) {
var label = li.querySelector(".fq-label");
var lInp = document.createElement("input");
lInp.type = "hidden";
lInp.name = "file_labels[]";
lInp.value = label ? label.value : "";
lInp.className = "fq-hidden-label";
form.appendChild(lInp);
var oInp = document.createElement("input");
oInp.type = "hidden";
oInp.name = "file_orders[]";
oInp.value = sortedIdx + 1;
oInp.className = "fq-hidden-order";
form.appendChild(oInp);
});
}
// On submit, refresh hidden fields from current queue state
var form = picker.closest('form');
if (form) form.addEventListener('submit', function () { injectHiddenFields(Array.from(queue.querySelectorAll('.fq-item'))); });
}
// On submit, refresh hidden fields from current queue state
var form = picker.closest("form");
if (form)
form.addEventListener("submit", function () {
injectHiddenFields(Array.from(queue.querySelectorAll(".fq-item")));
});
}
// ── 2. Single-file previews (data-preview attribute) ────────────────────
document.querySelectorAll('input[type="file"][data-preview]').forEach(function (input) {
if (input.id === 'tfe-files-input') return;
console.log('[file-upload-queue] binding preview for', input.id, 'multiple=', input.multiple);
var container = document.getElementById(input.getAttribute('data-preview'));
if (!container) return;
input.onchange = function () {
container.innerHTML = '';
Array.from(input.files).forEach(function (file) {
var item = document.createElement('div'); item.className = 'fp-item';
if (/^image\//.test(file.type)) {
var img = document.createElement('img'); img.className = 'fp-thumb'; img.alt = file.name;
var reader = new FileReader();
reader.onload = function (e) { img.src = e.target.result; };
reader.readAsDataURL(file);
item.appendChild(img);
} else {
var ic = document.createElement('span'); ic.className = 'fp-icon'; ic.textContent = iconFor(file);
item.appendChild(ic);
}
var meta = document.createElement('span'); meta.className = 'fp-meta';
meta.innerHTML = '<span class="fp-name">' + esc(file.name) + '</span><span class="fp-size">' + humanSize(file.size) + '</span>';
item.appendChild(meta);
container.appendChild(item);
});
};
});
// ── 2. Single-file previews (data-preview attribute) ────────────────────
document
.querySelectorAll('input[type="file"][data-preview]')
.forEach(function (input) {
if (input.id === "tfe-files-input") return;
console.log(
"[file-upload-queue] binding preview for",
input.id,
"multiple=",
input.multiple,
);
var container = document.getElementById(
input.getAttribute("data-preview"),
);
if (!container) return;
input.onchange = function () {
container.innerHTML = "";
Array.from(input.files).forEach(function (file) {
var item = document.createElement("div");
item.className = "fp-item";
if (/^image\//.test(file.type)) {
var img = document.createElement("img");
img.className = "fp-thumb";
img.alt = file.name;
var reader = new FileReader();
reader.onload = function (e) {
img.src = e.target.result;
};
reader.readAsDataURL(file);
item.appendChild(img);
} else {
var ic = document.createElement("span");
ic.className = "fp-icon";
ic.textContent = iconFor(file);
item.appendChild(ic);
}
var meta = document.createElement("span");
meta.className = "fp-meta";
meta.innerHTML =
'<span class="fp-name">' +
esc(file.name) +
'</span><span class="fp-size">' +
humanSize(file.size) +
"</span>";
item.appendChild(meta);
container.appendChild(item);
});
};
});
// ── 3. Existing-files sortable (edit mode) ──────────────────────────────
var sortList = document.getElementById('existing-files-sortable');
if (sortList && typeof Sortable !== 'undefined') {
Sortable.create(sortList, { animation: 150, handle: '.admin-file-drag-handle', ghostClass: 'fq-ghost',
onEnd: function () {
sortList.querySelectorAll('input[name="file_sort_order[]"]').forEach(function (el) { el.remove(); });
sortList.querySelectorAll('.admin-file-list-item[data-file-id]').forEach(function (li) {
var inp = document.createElement('input'); inp.type = 'hidden'; inp.name = 'file_sort_order[]'; inp.value = li.getAttribute('data-file-id'); li.prepend(inp);
});
}
});
}
// ── 3. Existing-files sortable (edit mode) ──────────────────────────────
var sortList = document.getElementById("existing-files-sortable");
if (sortList && typeof Sortable !== "undefined") {
Sortable.create(sortList, {
animation: 150,
handle: ".admin-file-drag-handle",
ghostClass: "fq-ghost",
onEnd: function () {
sortList
.querySelectorAll('input[name="file_sort_order[]"]')
.forEach(function (el) {
el.remove();
});
sortList
.querySelectorAll(".admin-file-list-item[data-file-id]")
.forEach(function (li) {
var inp = document.createElement("input");
inp.type = "hidden";
inp.name = "file_sort_order[]";
inp.value = li.getAttribute("data-file-id");
li.prepend(inp);
});
},
});
}
};
// Bootstrap on page load
if (document.readyState === 'loading') document.addEventListener('DOMContentLoaded', window.XamxamInitFileUploads);
if (document.readyState === "loading")
document.addEventListener("DOMContentLoaded", window.XamxamInitFileUploads);
else window.XamxamInitFileUploads();

2
app/public/partage/fichiers-fragment.php
View File

@@ -197,7 +197,7 @@ $hasAnnexesChecked = !empty($_POST['has_annexes']);
$label = 'Annexes :';
$accept = '.pdf,.zip,.tar,.gz';
$hint = 'PDF ou archives ZIP/TAR. Max 500 MB.';
$required = false;
$required = !$adminMode;
$multiple = true;
include APP_ROOT . '/templates/partials/form/file-field.php';
?>

7
app/public/partage/index.php
View File

@@ -36,6 +36,13 @@ if ($slug === 'format-website-fragment' && $_SERVER['REQUEST_METHOD'] === 'POST'
exit;
}
// Special route: /partage/validate-file-fragment (HTMX fragment — file MIME/size validation)
if ($slug === 'validate-file-fragment' && $_SERVER['REQUEST_METHOD'] === 'POST') {
App::boot();
require_once __DIR__ . '/../../src/Controllers/validate-file-fragment-shared.php';
exit;
}
// Special route: /partage/fichiers-fragment (HTMX fragment — format-aware fichiers block)
if ($slug === 'fichiers-fragment' && $_SERVER['REQUEST_METHOD'] === 'POST') {
App::boot();

6
app/src/Controllers/ThesisCreateController.php
View File

@@ -512,6 +512,12 @@ class ThesisCreateController
$exemplaireErg = !empty($post['exemplaire_erg']);
$cc2r = !empty($post['cc2r']);
// Annexes validation: if has_annexes is checked, at least one annexe file must be provided
$hasAnnexes = !empty($post['has_annexes']);
if (!$adminMode && $hasAnnexes && empty($_FILES['annexes']['name'][0])) {
throw new Exception('Veuillez fournir au moins un fichier d\'annexe.');
}
return compact(
'authorNames',
'mail',

191
app/src/Controllers/validate-file-fragment-shared.php Normal file
View File

@@ -0,0 +1,191 @@
<?php
/**
* validate-file-fragment.php
*
* HTMX fragment: validates a single uploaded file against MIME type and size
* constraints. Returns an inline error message or clears the file input wrapper.
*
* Expected POST (multipart/form-data):
* file — the uploaded file
* field_name — 'couverture' | 'note_intention' | 'tfe' | 'annexes'
* admin_mode — '1' to skip validation (admins can upload anything)
*/
require_once __DIR__ . '/../../bootstrap.php';
$adminMode = ($_POST['admin_mode'] ?? '0') === '1';
$fieldName = $_POST['field_name'] ?? '';
// Read file from the field-name-specific key (e.g., $_FILES['couverture'], $_FILES['annexes'])
// For multi-file inputs (name ends with []), the first file is validated.
$rawFile = $_FILES[$fieldName] ?? null;
if ($rawFile && is_array($rawFile['name'] ?? null)) {
// Multi-file: flatten first entry
$file = [
'name' => $rawFile['name'][0] ?? null,
'tmp_name' => $rawFile['tmp_name'][0] ?? null,
'error' => $rawFile['error'][0] ?? UPLOAD_ERR_NO_FILE,
'size' => $rawFile['size'][0] ?? 0,
];
// Validate ALL selected files (batch validation)
$allFiles = [];
$count = count($rawFile['name'] ?? []);
for ($i = 0; $i < $count; $i++) {
$allFiles[] = [
'name' => $rawFile['name'][$i] ?? null,
'tmp_name' => $rawFile['tmp_name'][$i] ?? null,
'error' => $rawFile['error'][$i] ?? UPLOAD_ERR_NO_FILE,
'size' => $rawFile['size'][$i] ?? 0,
];
}
} else {
$file = $rawFile;
$allFiles = $file ? [$file] : [];
}
// ── No file provided — clear any existing validation state ──────────────────
if (empty($allFiles)) {
echo '';
exit;
}
if ($adminMode) {
// Admins: no validation, always OK
$count = count($allFiles);
echo '<span class="fv-ok">✓ ' . $count . ' fichier' . ($count > 1 ? 's' : '') . ' accepté' . ($count > 1 ? 's' : '') . '</span>';
exit;
}
// ── MIME + extension whitelist per field type ────────────────────────────────
$finfo = new finfo(FILEINFO_MIME_TYPE);
$constraints = match ($fieldName) {
'couverture' => [
'mimes' => ['image/jpeg', 'image/png', 'image/webp'],
'exts' => ['jpg', 'jpeg', 'png', 'webp'],
'maxSize' => 20 * 1024 * 1024, // 20 MB
'label' => 'Image de couverture',
'allowedDesc' => 'JPG, PNG ou WEBP',
'maxSizeDesc' => '20 MB',
],
'note_intention' => [
'mimes' => ['application/pdf'],
'exts' => ['pdf'],
'maxSize' => 100 * 1024 * 1024, // 100 MB
'label' => 'Note d\'intention',
'allowedDesc' => 'PDF uniquement',
'maxSizeDesc' => '100 MB',
],
'tfe' => [
'mimes' => [
'application/pdf',
'image/jpeg', 'image/png', 'image/gif', 'image/webp',
'video/mp4', 'video/webm', 'video/ogg', 'video/quicktime',
'audio/mpeg', 'audio/mp3', 'audio/ogg', 'audio/wav',
'audio/flac', 'audio/aac', 'audio/x-m4a', 'audio/mp4',
'text/vtt',
'application/zip', 'application/x-zip-compressed',
'application/x-tar', 'application/gzip',
'application/octet-stream',
],
'exts' => [
'jpg', 'jpeg', 'png', 'gif', 'webp', 'pdf',
'mp4', 'webm', 'ogv', 'mov',
'mp3', 'ogg', 'oga', 'wav', 'flac', 'aac', 'm4a',
'vtt', 'zip', 'tar', 'gz', 'tgz',
],
'maxSize' => 500 * 1024 * 1024, // 500 MB
'label' => 'Fichier TFE',
'allowedDesc' => 'PDF, images, vidéos, audio, archives',
'maxSizeDesc' => '500 MB',
],
'annexes' => [
'mimes' => [
'application/pdf', 'image/jpeg', 'image/png', 'image/gif', 'image/webp',
'video/mp4', 'video/webm', 'video/ogg', 'video/quicktime',
'audio/mpeg', 'audio/mp3', 'audio/ogg', 'audio/wav',
'audio/flac', 'audio/aac', 'audio/x-m4a', 'audio/mp4',
'text/vtt',
'application/zip', 'application/x-zip-compressed',
'application/x-tar', 'application/gzip',
'application/octet-stream',
],
'exts' => [
'jpg', 'jpeg', 'png', 'gif', 'webp', 'pdf',
'mp4', 'webm', 'ogv', 'mov',
'mp3', 'ogg', 'oga', 'wav', 'flac', 'aac', 'm4a',
'vtt', 'zip', 'tar', 'gz', 'tgz',
],
'maxSize' => 500 * 1024 * 1024, // 500 MB
'label' => 'Annexe',
'allowedDesc' => 'PDF, archives, images',
'maxSizeDesc' => '500 MB',
],
default => [
'mimes' => [],
'exts' => [],
'maxSize' => 500 * 1024 * 1024,
'label' => 'Fichier',
'allowedDesc' => 'tous types',
'maxSizeDesc' => '500 MB',
],
};
// ── Validate each file ──────────────────────────────────────────────────────
$errors = [];
$oks = [];
foreach ($allFiles as $idx => $f) {
if (($f['error'] ?? UPLOAD_ERR_NO_FILE) !== UPLOAD_ERR_OK) {
continue;
}
$mimeType = $finfo->file($f['tmp_name']);
$ext = strtolower(pathinfo($f['name'], PATHINFO_EXTENSION));
$size = $f['size'];
if ($mimeType === 'text/plain' && $ext === 'vtt') {
$mimeType = 'text/vtt';
}
// PDF size limit
$effMaxSize = $constraints['maxSize'];
$effMaxDesc = $constraints['maxSizeDesc'];
if ($mimeType === 'application/pdf' || $ext === 'pdf') {
$effMaxSize = min($effMaxSize, 100 * 1024 * 1024);
$effMaxDesc = '100 MB';
}
// Validate MIME
$mimeOk = false;
if ($mimeType === 'application/octet-stream' && !in_array($ext, $constraints['exts'], true)) {
$mimeOk = false;
} elseif (in_array($mimeType, $constraints['mimes'], true)) {
$mimeOk = true;
} elseif (in_array($ext, $constraints['exts'], true)) {
$mimeOk = true;
}
if (!$mimeOk) {
$errors[] = '✕ <em>' . htmlspecialchars($f['name']) . '</em> : type non accepté.'
. ' Formats acceptés : ' . htmlspecialchars($constraints['allowedDesc']) . '.';
continue;
}
if ($size > $effMaxSize) {
$mb = round($size / 1024 / 1024, 1);
$errors[] = '✕ <em>' . htmlspecialchars($f['name']) . '</em> : fichier trop volumineux ('
. $mb . ' MB). Maximum : ' . htmlspecialchars($effMaxDesc) . '.';
continue;
}
$oks[] = '✓ <em>' . htmlspecialchars($f['name']) . '</em> : ' . round($size / 1024 / 1024, 1) . ' MB';
}
// ── Output ────────────────────────────────────────────────────────────────────
if (!empty($errors)) {
echo '<span class="fv-error">' . implode('<br>', $errors) . '</span>';
} elseif (!empty($oks)) {
echo '<span class="fv-ok">' . implode('<br>', $oks) . '</span>';
} else {
echo '';
}

13
app/templates/admin/acces.php
View File

@@ -207,6 +207,19 @@
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: yztqkpzz 9c95f5ce "fix: TFE and annexes files not saved, plus keyword validation and file preview CSS" (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: yztqkpzz 9c95f5ce "fix: TFE and annexes files not saved, plus keyword validation and file preview CSS" (rebased revision)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
- $linkName = $link['name'] ?? '';
- $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff from: somsyvxz 14a3cd10 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebase destination)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ to: uvnvvyny 8b83eae7 "fix: req annexes, add HTMX inline file validation (MIME/size)" (rebased revision)
$linkName = $link['name'] ?? '';
$linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
$linkLockedYear = $link['locked_year'] ?? null;
+%%%%%%% diff from: somsyvxz 249f7943 "Bulk bar anti-shift, tags icons, AP no-wrap, credits reorder" (rebased revision)
+\\\\\\\ to: uvnvvyny 09c854ea "fix: req annexes, add HTMX inline file validation (MIME/size)" (rebased revision)
++ $linkName = $link['name'] ?? '';
++ $linkExpiresVal = $link['expires_at'] ? date('Y-m-d\TH:i', strtotime($link['expires_at'])) : '';
?>
<tr class="admin-table-row" onclick="event.stopPropagation(); window.open('/partage/<?= urlencode($link['slug']) ?>', '_blank')" style="cursor:pointer">

33
app/templates/partials/form/file-field.php
View File

@@ -10,19 +10,35 @@
* bool $required — whether the field is required; default false
* bool $multiple — whether to allow multiple file selection; default false
* string|null $id — override the id attribute (defaults to $name)
* string|null $fieldName — validation field name for HTMX inline validation ('couverture', 'note_intention', 'tfe', 'annexes')
*/
$accept = $accept ?? '';
$hint = $hint ?? null;
$hintRaw = $hintRaw ?? false; // when true, $hint is emitted as raw HTML
$required = $required ?? false;
$multiple = $multiple ?? false;
$id = $id ?? $name;
$accept = $accept ?? '';
$hint = $hint ?? null;
$hintRaw = $hintRaw ?? false; // when true, $hint is emitted as raw HTML
$required = $required ?? false;
$multiple = $multiple ?? false;
$id = $id ?? $name;
$fieldName = $fieldName ?? $name; // validation field name
$previewId = 'fp-' . htmlspecialchars($id);
// Determine HTMX POST endpoint for inline file validation
if (defined('ADMIN_MODE') && ADMIN_MODE) {
$validateUrl = '/admin/validate-file-fragment.php';
} else {
$validateUrl = '/partage/validate-file-fragment';
}
?>
<div>
<label for="<?= htmlspecialchars($id) ?>"><?= htmlspecialchars($label) ?><?= $required ? ' <span class="asterisk">*</span>' : '' ?></label>
<div class="admin-file-input">
<div class="admin-file-input"
hx-post="<?= htmlspecialchars($validateUrl) ?>"
hx-encoding="multipart/form-data"
hx-trigger="change from:input[type='file']"
hx-target="find .file-validation-msg"
hx-swap="innerHTML"
hx-include="[name='admin_mode'], [name='edit_mode'], [name='field_name']">
<input type="hidden" name="field_name" value="<?= htmlspecialchars($fieldName) ?>">
<input type="file"
id="<?= htmlspecialchars($id) ?>"
name="<?= htmlspecialchars($name) ?><?= $multiple ? '[]' : '' ?>"
@@ -30,6 +46,7 @@ $previewId = 'fp-' . htmlspecialchars($id);
<?= $multiple ? 'multiple' : '' ?>
<?= $required ? 'required' : '' ?>
data-preview="<?= $previewId ?>">
<div class="file-validation-msg" aria-live="polite"></div>
<div id="<?= $previewId ?>" class="file-preview-list" aria-live="polite"></div>
<?php if ($hint): ?>
<small><?= $hintRaw ? $hint : htmlspecialchars($hint) ?></small>
@@ -37,4 +54,4 @@ $previewId = 'fp-' . htmlspecialchars($id);
</div>
</div>
<?php
unset($accept, $hint, $hintRaw, $required, $multiple, $id, $previewId);
unset($accept, $hint, $hintRaw, $required, $multiple, $id, $fieldName, $previewId, $validateUrl);