refine: required confirmation_email field on both student forms, StudentEmail uses it directly

- Add dedicated 'confirmation_email' (type=email, required) field
  to student form at end of submission (partage + admin).
- ThesisCreateController now validates it is present and a valid
  email; form is rejected if missing/invalid.
- Autofocus mapping for confirmation_email errors.
- StudentEmail uses confirmation_email directly (removed extractEmail
  hack that mined email from free-form contact field).

app/public/partage/index.php

@@ -467,6 +467,12 @@ function renderShareLinkForm(string $slug, array $link): void
                     </div>
                 </fieldset>
 
+                <!-- ═══════════════════ E-mail de confirmation ═══════════ -->
+                <fieldset>
+                    <legend>E-mail de confirmation</legend>
+                    <?php $name = 'confirmation_email'; $label = 'Adresse e-mail * :'; $value = old($formData, 'confirmation_email'); $type = 'email'; $required = true; $placeholder = 'ton.email@exemple.be'; $hint = 'Nécessaire pour recevoir le récapitulatif de ta soumission.'; include APP_ROOT . '/templates/partials/form/text-field.php'; ?>
+                </fieldset>
+
                 <div class="form-footer">
                     <button type="submit" name="go">Soumettre</button>
                 </div>
@@ -542,11 +548,15 @@ function handleShareLinkSubmission(string $slug): void
     }
 
     require_once APP_ROOT . '/src/Controllers/ThesisCreateController.php';
+    require_once APP_ROOT . '/src/StudentEmail.php';
 
     try {
         $ctrl     = ThesisCreateController::make();
         $thesisId = $ctrl->submit($_POST, $_FILES);
 
+        // Send confirmation e-mail (non-blocking; failure doesn't stop redirect)
+        $emailSent = StudentEmail::sendConfirmation(Database::getInstance(), $thesisId, $_POST);
+
         // Mark the link as used
         $shareLinkModel = new ShareLink(Database::getInstance());
         $shareLinkModel->incrementUsage($link['id']);
@@ -554,6 +564,7 @@ function handleShareLinkSubmission(string $slug): void
         // Clean up share-specific session data
         unset($_SESSION[$shareCsrfKey]);
         unset($_SESSION['share_verified_' . $slug]);
+        $_SESSION['share_email_sent'] = $emailSent;
 
         // Redirect to thanks page
         header('Location: /partage/thanks.php?id=' . urlencode((string)$thesisId));

app/public/partage/thanks.php

@@ -22,6 +22,10 @@ if (!$thesis) {
     die('TFE introuvable.');
 }
 
+// Was the confirmation e-mail sent?
+$emailSent = !empty($_SESSION['share_email_sent']);
+unset($_SESSION['share_email_sent']);
+
 // Get the share link slug from the referer path
 $pathParts = explode('/', trim($_SERVER['REQUEST_URI'] ?? '', '/'));
 $slug = count($pathParts) >= 2 ? $pathParts[0] : null;
@@ -70,12 +74,27 @@ $pageTitle = 'Merci — TFE enregistré';
         .thanks-center .btn-add-another:hover {
             background: #555;
         }
+        .email-sent-notice {
+            display: inline-block;
+            padding: 0.75rem 1.5rem;
+            background: #e8f5e9;
+            border: 1px solid #a5d6a7;
+            border-radius: 6px;
+            font-size: 0.95rem;
+            color: #2e7d32;
+            margin: 0 0 1.5rem;
+        }
     </style>
 </head>
 <body>
     <div class="thanks-center">
         <h1>✅ Merci !</h1>
         <p>Votre TFE a bien été enregistré sur la plateforme.</p>
+        <?php if ($emailSent): ?>
+        <div class="email-sent-notice">
+            📧 Un e-mail de confirmation a été envoyé avec un récapitulatif de votre soumission.
+        </div>
+        <?php endif; ?>
         <?php if ($thesis): ?>
         <div class="thesis-title"><?= htmlspecialchars($thesis['title']) ?> — <?= htmlspecialchars($thesis['authors'] ?? '') ?></div>
         <?php endif; ?>