PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-07 03:29:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: correct require_once path depth in admin action files

Browse Source
This commit is contained in:
Pontoporeia
2026-03-31 16:15:36 +02:00
parent 94f3fb6736
commit e5d0598208
5 changed files with 11 additions and 1303 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
public/admin/actions/formulaire.php
View File

@@ -1,7 +1,7 @@
<?php // formulaire.php
// Bootstrap application
require_once __DIR__ . "/../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php';
require_once __DIR__ . "/../../../config/bootstrap.php";
require_once __DIR__ . '/../../../src/AdminAuth.php';
// Configure error reporting
ini_set('display_errors', 0);
@@ -21,7 +21,7 @@ if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token']) ||
// Log the content of the $_FILES array
error_log("FILES array: " . print_r($_FILES, true));
require_once __DIR__ . '/../../src/Database.php';
require_once __DIR__ . '/../../../src/Database.php';
// Helper function to sanitize string input
function sanitize_string($input) {

6
public/admin/actions/page.php
View File

@@ -1,6 +1,6 @@
<?php
require_once __DIR__ . "/../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php';
require_once __DIR__ . "/../../../config/bootstrap.php";
require_once __DIR__ . '/../../../src/AdminAuth.php';
AdminAuth::requireLogin();
// CSRF check
@@ -20,7 +20,7 @@ if (strlen($content) > 65535) {
die("Contenu trop long (max 65 535 caractères).");
}
require_once __DIR__ . '/../../src/Database.php';
require_once __DIR__ . '/../../../src/Database.php';
try {
$db = new Database();

6
public/admin/actions/publish.php
View File

@@ -1,7 +1,7 @@
<?php
// Bootstrap application
require_once __DIR__ . "/../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php';
require_once __DIR__ . "/../../../config/bootstrap.php";
require_once __DIR__ . '/../../../src/AdminAuth.php';
/**
* Handle publish/unpublish actions for theses
@@ -9,7 +9,7 @@ require_once __DIR__ . '/../../src/AdminAuth.php';
// PHP-level auth guard (defence-in-depth behind nginx Basic Auth)
AdminAuth::requireLogin();
require_once __DIR__ . '/../../src/Database.php';
require_once __DIR__ . '/../../../src/Database.php';
// Verify CSRF token
if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token']) || !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {