PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 19:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: correct require_once path depth in admin action files

Browse Source
This commit is contained in:
Pontoporeia
2026-03-31 16:15:36 +02:00
parent 94f3fb6736
commit e5d0598208
5 changed files with 11 additions and 1303 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1296
TODO.md
View File

File diff suppressed because it is too large Load Diff

6
public/admin/actions/formulaire.php
View File

@@ -1,7 +1,7 @@
<?php // formulaire.php <?php // formulaire.php
// Bootstrap application // Bootstrap application
require_once __DIR__ . "/../../config/bootstrap.php"; require_once __DIR__ . "/../../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php'; require_once __DIR__ . '/../../../src/AdminAuth.php';
// Configure error reporting // Configure error reporting
ini_set('display_errors', 0); ini_set('display_errors', 0);
@@ -21,7 +21,7 @@ if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token']) ||
// Log the content of the $_FILES array // Log the content of the $_FILES array
error_log("FILES array: " . print_r($_FILES, true)); error_log("FILES array: " . print_r($_FILES, true));
require_once __DIR__ . '/../../src/Database.php'; require_once __DIR__ . '/../../../src/Database.php';
// Helper function to sanitize string input // Helper function to sanitize string input
function sanitize_string($input) { function sanitize_string($input) {

6
public/admin/actions/page.php
View File

@@ -1,6 +1,6 @@
<?php <?php
require_once __DIR__ . "/../../config/bootstrap.php"; require_once __DIR__ . "/../../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php'; require_once __DIR__ . '/../../../src/AdminAuth.php';
AdminAuth::requireLogin(); AdminAuth::requireLogin();
// CSRF check // CSRF check
@@ -20,7 +20,7 @@ if (strlen($content) > 65535) {
die("Contenu trop long (max 65 535 caractères)."); die("Contenu trop long (max 65 535 caractères).");
} }
require_once __DIR__ . '/../../src/Database.php'; require_once __DIR__ . '/../../../src/Database.php';
try { try {
$db = new Database(); $db = new Database();

6
public/admin/actions/publish.php
View File

@@ -1,7 +1,7 @@
<?php <?php
// Bootstrap application // Bootstrap application
require_once __DIR__ . "/../../config/bootstrap.php"; require_once __DIR__ . "/../../../config/bootstrap.php";
require_once __DIR__ . '/../../src/AdminAuth.php'; require_once __DIR__ . '/../../../src/AdminAuth.php';
/** /**
* Handle publish/unpublish actions for theses * Handle publish/unpublish actions for theses
@@ -9,7 +9,7 @@ require_once __DIR__ . '/../../src/AdminAuth.php';
// PHP-level auth guard (defence-in-depth behind nginx Basic Auth) // PHP-level auth guard (defence-in-depth behind nginx Basic Auth)
AdminAuth::requireLogin(); AdminAuth::requireLogin();
require_once __DIR__ . '/../../src/Database.php'; require_once __DIR__ . '/../../../src/Database.php';
// Verify CSRF token // Verify CSRF token
if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token']) || !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) { if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token']) || !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {

BIN
storage/posterg.db
View File

Binary file not shown.