Refactor + feat: unify format/fichiers HTMX fragment, reorder format types, add file constraints, fix admin auth

* **Unified Format + Fichiers into a single HTMX fragment** * Introduced `app/public/partage/fichiers-fragment.php` as shared dynamic block returning both format checkboxes and adaptive “Fichiers” fieldset * Logic adapts inputs based on selected formats: * no selection / upload formats → standard file inputs * “Site web” → URL fields only * “Site web + upload” → file inputs + URL sub-fieldset * Added admin wrapper: `app/public/admin/fichiers-fragment.php` (gated via `admin_mode=1`) * Added `app/public/admin/format-website-fragment.php` for edit-mode website URL toggling * Wired route `/partage/fichiers-fragment` in `app/public/partage/index.php` * Refactored `form.php` (add/edit partage) to use single `#format-fichiers-block` instead of separate fragments * Edit mode format checkboxes now target `format-website-fragment.php` → `#edit-website-url-fieldset` * Added `$hxInclude` support in `checkbox-list.php` for configurable HTMX includes * **Format system migration + ordering** * Migration `020_format_types_sort_and_rename.sql`: * added `sort_order` column to `format_types` * inserted new format **Image** * defined ordering: Écriture · Image · Audio · Vidéo · Site web · Performance · Objet éditorial · Installation · Autre * `Database.php`: format queries now use `ORDER BY sort_order, id` * `fichiers-fragment.php`: * uses ordered format list * resolves Image/Vidéo/Audio by name * introduces `$hasImage` flag * preserves `admin_mode` across HTMX requests * **File constraints and UX updates** * Enforced **100 MB PDF limit** * `ThesisCreateController`: `MAX_PDF_SIZE = 100MB` for PDFs only * `ThesisEditController`: same PDF-specific constraint applied * Other file types remain capped at 500 MB * Updated UI hints in `fichiers-fragment.php` and edit form: * explicitly mention 100 MB PDF limit * added reference to `bentopdf.com` for compression guidance * `file-field.php`: added `$hintRaw` to allow HTML rendering in hints * **Admin authentication fix** * Fixed missing auth in admin fragments * Added `require_once AdminAuth.php` * Replaced direct usage with `AdminAuth::requireLogin()` * Applied consistent pattern with existing fragment authentication approach * **Migrations included** * `019_add_ecriture_format.sql` * `020_format_types_sort_and_rename.sql` * **Files affected** * Controllers: `ThesisCreateController`, `ThesisEditController` * DB layer: `Database.php` * Public fragments: `partage/fichiers-fragment.php`, `admin/fichiers-fragment.php`, `admin/format-website-fragment.php` * Templates: `form.php`, `checkbox-list.php`, `file-field.php` * Routing: `partage/index.php` * Misc: `TODO.md` This consolidates format normalization, HTMX UI simplification, file validation rules, and admin stability fixes into a single coherent system update.
2026-06-25 16:19:19 +02:00 · 2026-05-08 13:03:18 +02:00
parent 7e35bba530
commit e6829994b6
13 changed files with 390 additions and 49 deletions
--- a/app/templates/partials/form/checkbox-list.php
+++ b/app/templates/partials/form/checkbox-list.php
@@ -16,13 +16,15 @@
 *   string  $hxPost    — optional hx-post URL for HTMX live update
 *   string  $hxTarget  — optional hx-target CSS selector for HTMX swap
 *   string  $hxSwap    — optional hx-swap value; default 'outerHTML'
+ *   string  $hxInclude — optional hx-include selector; default 'this, #website-url-fieldset'
 */

-$checked   = $checked   ?? [];
-$required  = $required  ?? false;
-$hxPost    = $hxPost    ?? '';
-$hxTarget  = $hxTarget  ?? '';
-$hxSwap    = $hxSwap    ?? 'outerHTML';
+$checked    = $checked    ?? [];
+$required   = $required   ?? false;
+$hxPost     = $hxPost     ?? '';
+$hxTarget   = $hxTarget   ?? '';
+$hxSwap     = $hxSwap     ?? 'outerHTML';
+$hxInclude  = $hxInclude  ?? 'this, #website-url-fieldset';
 ?>
 <div>
    <span class="admin-row-label"><?= htmlspecialchars($label) ?><?= $required ? ' <span class="asterisk">*</span>' : '' ?></span>
@@ -32,7 +34,7 @@ $hxSwap    = $hxSwap    ?? 'outerHTML';
              hx-post="<?= htmlspecialchars($hxPost) ?>"
              hx-target="<?= htmlspecialchars($hxTarget) ?>"
              hx-trigger="change"
-              hx-include="this, #website-url-fieldset"
+              hx-include="<?= htmlspecialchars($hxInclude) ?>"
              hx-swap="<?= htmlspecialchars($hxSwap) ?>"
              <?php endif; ?>>
        <legend class="sr-only"><?= htmlspecialchars($label) ?></legend>
@@ -52,4 +54,4 @@ $hxSwap    = $hxSwap    ?? 'outerHTML';
    </fieldset>
 </div>
 <?php
-unset($checked, $hxPost, $hxTarget, $hxSwap);
+unset($checked, $hxPost, $hxTarget, $hxSwap, $hxInclude);
--- a/app/templates/partials/form/file-field.php
+++ b/app/templates/partials/form/file-field.php
@@ -14,6 +14,7 @@

 $accept   = $accept   ?? '';
 $hint     = $hint     ?? null;
+$hintRaw  = $hintRaw  ?? false; // when true, $hint is emitted as raw HTML
 $required = $required ?? false;
 $multiple = $multiple ?? false;
 $id       = $id       ?? $name;
@@ -31,9 +32,9 @@ $previewId = 'fp-' . htmlspecialchars($id);
               data-preview="<?= $previewId ?>">
        <div id="<?= $previewId ?>" class="file-preview-list" aria-live="polite"></div>
        <?php if ($hint): ?>
-        <small><?= htmlspecialchars($hint) ?></small>
+        <small><?= $hintRaw ? $hint : htmlspecialchars($hint) ?></small>
        <?php endif; ?>
    </div>
 </div>
 <?php
-unset($accept, $hint, $required, $multiple, $id, $previewId);
+unset($accept, $hint, $hintRaw, $required, $multiple, $id, $previewId);
--- a/app/templates/partials/form/form.php
+++ b/app/templates/partials/form/form.php
@@ -230,23 +230,44 @@ $checkedFormatsForSiteWeb = $checkedFormatsForSiteWeb ?? [];
        require APP_ROOT . "/templates/partials/form/jury-fieldset.php";
        ?>

-        <!-- ═══════════════════ Format(s) ═══════════════════ -->
+        <!-- ═══════════════════ Format(s) + Fichiers ═══════════════════ -->
+<?php if ($filesMode === 'add'): ?>
+        <?php
+        // Add / partage mode: Format + Fichiers rendered as one HTMX-swappable block.
+        // Synthesise POST-like data so fichiers-fragment.php can render the initial state.
+        if ($mode === "partage" && isset($helpFn)) {
+            $helpContent = $helpFn("fieldset_files");
+            include APP_ROOT . "/templates/partials/form/form-help-block.php";
+        }
+        // Temporarily populate $_POST so the fragment can read formats/website values.
+        $_savedPost = $_POST;
+        $_POST['formats']       = $checkedFormatsForSiteWeb;
+        $_POST['website_url']   = $existingWebsiteUrl;
+        $_POST['website_label'] = $existingWebsiteLabel;
+        $_POST['admin_mode']    = $adminMode ? '1' : '0';
+        include APP_ROOT . '/public/partage/fichiers-fragment.php';
+        $_POST = $_savedPost;
+        unset($_savedPost);
+        ?>
+<?php else: ?>
+        <!-- Edit mode: Format checkboxes (old website fragment) + existing files management -->
        <fieldset>
            <legend>Format(s)</legend>
            <?php
-            $name = "formats";
-            $label = "Format(s) du TFE :";
-            $options = $formatTypes;
-            $checked = $formData["formats"] ?? [];
+            $name     = "formats";
+            $label    = "Format(s) du TFE :";
+            $options  = $formatTypes;
+            $checked  = $formData["formats"] ?? [];
            $required = !$adminMode;
-            $hxPost = "/partage/format-website-fragment";
-            $hxTarget = "#website-url-fieldset";
+            $hxPost     = "/admin/format-website-fragment.php";
+            $hxTarget   = "#edit-website-url-fieldset";
+            $hxSwap     = "outerHTML";
+            $hxInclude  = "this, #edit-website-url-fieldset";
            include APP_ROOT . "/templates/partials/form/checkbox-list.php";
            ?>
        </fieldset>

-        <!-- ═══════════════════ Fichiers ═══════════════════ -->
-<?php if ($filesMode === "edit"): ?>
+        <!-- ═══════════════════ Fichiers (edit mode) ═══════════════════ -->
        <fieldset>
            <legend>Fichiers</legend>

@@ -386,46 +407,30 @@ $checkedFormatsForSiteWeb = $checkedFormatsForSiteWeb ?? [];
                           accept=".pdf,.jpg,.jpeg,.png,.gif,.webp,.mp4,.webm,.mov,.ogv,.mp3,.ogg,.oga,.wav,.flac,.aac,.m4a,.zip,.tar,.gz,.vtt"
                           class="tfe-file-picker">
                    <small class="admin-file-hint">
-                        Types acceptés : PDF · JPG/PNG/GIF/WEBP · MP4/WebM/MOV (vidéo) · MP3/OGG/WAV/FLAC (audio) · ZIP/TAR (archives) · autres fichiers (téléchargement uniquement). Max 500 MB par fichier.
+                        PDF (max 100 MB) · Images (JPG/PNG/GIF/WEBP) · ZIP/TAR (max 500 MB) · autres fichiers.
+                        PDFs trop lourds ? <a href="https://www.bentopdf.com" target="_blank" rel="noopener">bentopdf.com</a>
                    </small>
                    <ul id="tfe-file-queue" class="tfe-file-queue sortable-list" aria-label="Nouveaux fichiers (réordonnable)"></ul>
                    <p id="tfe-file-queue-empty" class="tfe-queue-empty">Aucun nouveau fichier sélectionné.</p>
                </div>
            </div>
-
-
        </fieldset>
-<?php else: ?>
-        <?php
-        if ($mode === "partage" && isset($helpFn)) {
-            $helpContent = $helpFn("fieldset_files");
-            include APP_ROOT . "/templates/partials/form/form-help-block.php";
-        }
-        include APP_ROOT . "/templates/partials/form/fieldset-files.php";
-        ?>
-<?php endif; ?>

-        <!-- Website URL fieldset — shown/hidden via HTMX when "Site web" checked -->
-        <fieldset id="website-url-fieldset" style="display:none">
+        <!-- Website URL fieldset for edit mode — shown/hidden via HTMX -->
+        <fieldset id="edit-website-url-fieldset" style="display:none">
            <legend>Site web</legend>
-
            <div class="admin-form-group">
                <label for="website_url">URL du site :</label>
                <div class="admin-file-input">
-                    <input type="url"
-                           id="website_url"
-                           name="website_url"
+                    <input type="url" id="website_url" name="website_url"
                           value="<?= htmlspecialchars($existingWebsiteUrl) ?>"
                           placeholder="https://mon-tfe.erg.be">
                    <small>Si le TFE est un site web, entrez son URL ici. Il sera affiché comme un site embarqué sur la page du TFE.</small>
                </div>
            </div>
-
            <div class="admin-form-group">
                <label for="website_label">Légende :</label>
-                <input type="text"
-                       id="website_label"
-                       name="website_label"
+                <input type="text" id="website_label" name="website_label"
                       value="<?= htmlspecialchars($existingWebsiteLabel) ?>"
                       placeholder="Description du site (optionnel)"
                       class="admin-file-label-input"
@@ -433,7 +438,7 @@ $checkedFormatsForSiteWeb = $checkedFormatsForSiteWeb ?? [];
            </div>
        </fieldset>
        <?php
-        // Server-side: show if Site web already checked (e.g. on error redirect)
+        // Server-side: show website fieldset if Site web already checked
        $_stmt = Database::getInstance()
            ->getConnection()
            ->prepare("SELECT id FROM format_types WHERE name = ? LIMIT 1");
@@ -447,9 +452,10 @@ $checkedFormatsForSiteWeb = $checkedFormatsForSiteWeb ?? [];
                true,
            )
        ) {
-            echo '<script>document.getElementById("website-url-fieldset").style.display=""</script>';
+            echo '<script>document.getElementById("edit-website-url-fieldset").style.display=""</script>';
        }
        ?>
+<?php endif; ?>

        <!-- ═══════════════════ Métadonnées complémentaires ═══════════════════ -->
        <?php include APP_ROOT .