Refactor + feat: unify format/fichiers HTMX fragment, reorder format types, add file constraints, fix admin auth

* **Unified Format + Fichiers into a single HTMX fragment** * Introduced `app/public/partage/fichiers-fragment.php` as shared dynamic block returning both format checkboxes and adaptive “Fichiers” fieldset * Logic adapts inputs based on selected formats: * no selection / upload formats → standard file inputs * “Site web” → URL fields only * “Site web + upload” → file inputs + URL sub-fieldset * Added admin wrapper: `app/public/admin/fichiers-fragment.php` (gated via `admin_mode=1`) * Added `app/public/admin/format-website-fragment.php` for edit-mode website URL toggling * Wired route `/partage/fichiers-fragment` in `app/public/partage/index.php` * Refactored `form.php` (add/edit partage) to use single `#format-fichiers-block` instead of separate fragments * Edit mode format checkboxes now target `format-website-fragment.php` → `#edit-website-url-fieldset` * Added `$hxInclude` support in `checkbox-list.php` for configurable HTMX includes * **Format system migration + ordering** * Migration `020_format_types_sort_and_rename.sql`: * added `sort_order` column to `format_types` * inserted new format **Image** * defined ordering: Écriture · Image · Audio · Vidéo · Site web · Performance · Objet éditorial · Installation · Autre * `Database.php`: format queries now use `ORDER BY sort_order, id` * `fichiers-fragment.php`: * uses ordered format list * resolves Image/Vidéo/Audio by name * introduces `$hasImage` flag * preserves `admin_mode` across HTMX requests * **File constraints and UX updates** * Enforced **100 MB PDF limit** * `ThesisCreateController`: `MAX_PDF_SIZE = 100MB` for PDFs only * `ThesisEditController`: same PDF-specific constraint applied * Other file types remain capped at 500 MB * Updated UI hints in `fichiers-fragment.php` and edit form: * explicitly mention 100 MB PDF limit * added reference to `bentopdf.com` for compression guidance * `file-field.php`: added `$hintRaw` to allow HTML rendering in hints * **Admin authentication fix** * Fixed missing auth in admin fragments * Added `require_once AdminAuth.php` * Replaced direct usage with `AdminAuth::requireLogin()` * Applied consistent pattern with existing fragment authentication approach * **Migrations included** * `019_add_ecriture_format.sql` * `020_format_types_sort_and_rename.sql` * **Files affected** * Controllers: `ThesisCreateController`, `ThesisEditController` * DB layer: `Database.php` * Public fragments: `partage/fichiers-fragment.php`, `admin/fichiers-fragment.php`, `admin/format-website-fragment.php` * Templates: `form.php`, `checkbox-list.php`, `file-field.php` * Routing: `partage/index.php` * Misc: `TODO.md` This consolidates format normalization, HTMX UI simplification, file validation rules, and admin stability fixes into a single coherent system update.
2026-06-25 16:19:19 +02:00 · 2026-05-08 13:03:18 +02:00
parent 7e35bba530
commit e6829994b6
13 changed files with 390 additions and 49 deletions
--- a/app/src/Controllers/ThesisCreateController.php
+++ b/app/src/Controllers/ThesisCreateController.php
@@ -23,6 +23,9 @@ class ThesisCreateController
    /** Maximum allowed file size for thesis files (bytes). */
    private const MAX_FILE_SIZE = 500 * 1024 * 1024; // 500 MB

+    /** Maximum allowed file size for PDF files specifically (bytes). */
+    private const MAX_PDF_SIZE = 100 * 1024 * 1024; // 100 MB
+
    /** MIME types accepted for thesis files. */
    private const ALLOWED_MIME_TYPES = [
        // Images
@@ -640,8 +643,10 @@ class ThesisCreateController
                continue;
            }

-            if ($uploads['size'][$i] > self::MAX_FILE_SIZE) {
-                error_log("ThesisCreateController: file too large {$uploads['name'][$i]}, skipping");
+            $isPdf = ($mimeType === 'application/pdf' || $ext === 'pdf');
+            $sizeLimit = $isPdf ? self::MAX_PDF_SIZE : self::MAX_FILE_SIZE;
+            if ($uploads['size'][$i] > $sizeLimit) {
+                error_log("ThesisCreateController: file too large {$uploads['name'][$i]} (" . round($uploads['size'][$i] / 1024 / 1024) . ' MB), skipping');
                continue;
            }

--- a/app/src/Controllers/ThesisEditController.php
+++ b/app/src/Controllers/ThesisEditController.php
@@ -368,7 +368,8 @@ class ThesisEditController
            'vtt',
            'zip', 'tar', 'gz', 'tgz',
        ];
-        $maxBytes = 500 * 1024 * 1024; // 500 MB
+        $maxBytes    = 500 * 1024 * 1024; // 500 MB
+        $maxPdfBytes = 100 * 1024 * 1024; // 100 MB for PDFs

        $year       = (int)($post['année'] ?? date('Y'));
        $authorName = trim($post['auteurice'] ?? 'unknown');
@@ -429,8 +430,10 @@ class ThesisEditController
                continue;
            }

-            if ($uploads['size'][$i] > $maxBytes) {
-                error_log("ThesisEditController: file too large {$uploads['name'][$i]}, skipping");
+            $isPdf     = ($mimeType === 'application/pdf' || $ext === 'pdf');
+            $sizeLimit = $isPdf ? $maxPdfBytes : $maxBytes;
+            if ($uploads['size'][$i] > $sizeLimit) {
+                error_log("ThesisEditController: file too large {$uploads['name'][$i]} (" . round($uploads['size'][$i] / 1024 / 1024) . ' MB), skipping');
                continue;
            }

--- a/app/src/Database.php
+++ b/app/src/Database.php
@@ -725,7 +725,7 @@ class Database
     */
    public function getAllFormatTypes(): array
    {
-        $stmt = $this->pdo->query('SELECT * FROM format_types ORDER BY name');
+        $stmt = $this->pdo->query('SELECT * FROM format_types ORDER BY sort_order, id');
        return $stmt->fetchAll();
    }