xamxam

PostERG/xamxam

Fork 0

mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00

Commit Graph

Author	SHA1	Message	Date
Pontoporeia	6f7a02244f	maintenance: allow /partage through gate, fix fragment routing, add visibility table in admin Extract shared filepond logic into src/FilepondHandler.php class. Admin filepond endpoints delegate to the handler after AdminAuth check. New partage filepond endpoints at /partage/actions/filepond/ verify share_active session flag + CSRF token, no admin auth required. JS reads filepond-base meta tag to determine endpoint path: - Admin pages: /admin/actions/filepond (via head.php isAdmin check) - Partage form: /partage/actions/filepond (explicit meta) partage/index.php sets share_active = true on form render, cleans up on successful submit. Partage process endpoint rate-limited to 30/5min per session. No nginx changes needed — /partage/ location already handles PHP without auth_basic.	2026-05-19 00:08:06 +02:00
Pontoporeia	6e7c0c00e3	refactor: merge video/audio FilePond pools into TFE input - Remove separate video/audio/peertube_video/peertube_audio pools from UI - TFE pool now accepts all file types including video/audio - When PeerTube is enabled, video/audio dropped into TFE pool auto-upload to PeerTube (process.php detects MIME and uploads immediately) - PeerTube return IDs now encode type: peertube:video:UUID or peertube:audio:UUID - load.php returns placeholder SVG for PeerTube files so they appear in FilePond - Edit mode: all existing files (including PeerTube) shown in TFE FilePond pool - Remove legacy video/audio/peertube_* handling from both controllers - Remove unused vide/audio/peertube_* entries from JS QUEUE_CONFIG	2026-05-19 00:08:06 +02:00
Pontoporeia	2e9ebfc684	filepond: implement async server-ID upload architecture with nested queue support + PeerTube integration Replace `storeAsFile:true` with a full async FilePond round-trip pipeline using opaque server-side file IDs. * Added 4 new PHP endpoints under `/admin/actions/filepond/`: * `process.php` — upload/process single file and return opaque `file_id` * `revert.php` — delete pending tmp uploads before form submit * `load.php` — stream existing files by DB ID for FilePond preload * `remove.php` — soft-delete `thesis_files` rows * `process.php` improvements: * accept arbitrary FilePond field names instead of hardcoded `file` * support PHP-nested multi-file queue inputs (`queue_file[tfe][]`) * explicit unwrapping of nested `$_FILES` structures * add `audio/mp3` to audio + `peertube_audio` MIME whitelists * immediate upload of `peertube_` files to PeerTube, returning `peertube:{uuid}` IDs extensive `error_log()` instrumentation for request, CSRF, MIME, upload, and save stages * `revert.php` now accepts `peertube:` IDs without local cleanup * `ThesisFileHandler`: * add `handleFilePondQueueFiles()` + `handleFilePondSingleFile()` * process async uploads from `storage/tmp/filepond/` via opaque `file_id` * inline handling of `peertube:{uuid}` IDs with direct `thesis_files` insertion * remove obsolete deferred PeerTube queue-processing flow * `ThesisCreateController` + `ThesisEditController`: * gate async path behind `filepond_mode=1` * preserve legacy multipart flow as fallback * `file-upload-filepond.js`: * remove `storeAsFile:true` * add `buildServerConfig()` for async endpoint wiring * fix `syncOrderInput()` to use `serverId` * add `onprocessfile` hook * add `fileValidateSizeFilterItem` for per-extension size caps * preload existing uploads via `data-existing-files` + `server.load` * replace static `INPUT_ID_TO_TYPE` map with `data-queue-type` * add extensive `console.log()` debugging across upload pipeline stages * `upload-progress.js`: * block form submission while uploads are pending * update `collectFileNames()` to read processed FilePond items * Templates/layout: * add `data-queue-type` * add `data-existing-files` * add global CSRF meta tag outside admin-only context * add `filepond_mode` hidden input * add CSRF token/meta support for partage pages * move website URL field below file upload block * `.gitignore`: exclude `storage/tmp/` from version control	2026-05-19 00:08:06 +02:00

Author

SHA1

Message

Date

Pontoporeia

6f7a02244f

maintenance: allow /partage through gate, fix fragment routing, add visibility table in admin

Extract shared filepond logic into src/FilepondHandler.php class.
Admin filepond endpoints delegate to the handler after AdminAuth check.
New partage filepond endpoints at /partage/actions/filepond/ verify
share_active session flag + CSRF token, no admin auth required.

JS reads filepond-base meta tag to determine endpoint path:
- Admin pages: /admin/actions/filepond (via head.php isAdmin check)
- Partage form: /partage/actions/filepond (explicit meta)

partage/index.php sets share_active = true on form render, cleans up on
successful submit. Partage process endpoint rate-limited to 30/5min per
session. No nginx changes needed — /partage/ location already handles
PHP without auth_basic.

2026-05-19 00:08:06 +02:00

Pontoporeia

6e7c0c00e3

refactor: merge video/audio FilePond pools into TFE input

- Remove separate video/audio/peertube_video/peertube_audio pools from UI
- TFE pool now accepts all file types including video/audio
- When PeerTube is enabled, video/audio dropped into TFE pool auto-upload
  to PeerTube (process.php detects MIME and uploads immediately)
- PeerTube return IDs now encode type: peertube:video:UUID or peertube:audio:UUID
- load.php returns placeholder SVG for PeerTube files so they appear in FilePond
- Edit mode: all existing files (including PeerTube) shown in TFE FilePond pool
- Remove legacy  video/audio/peertube_* handling from both controllers
- Remove unused vide/audio/peertube_* entries from JS QUEUE_CONFIG

2026-05-19 00:08:06 +02:00

Pontoporeia

2e9ebfc684

filepond: implement async server-ID upload architecture with nested queue support + PeerTube integration

Replace `storeAsFile:true` with a full async FilePond round-trip pipeline using opaque server-side file IDs.

* Added 4 new PHP endpoints under `/admin/actions/filepond/`:

  * `process.php` — upload/process single file and return opaque `file_id`
  * `revert.php` — delete pending tmp uploads before form submit
  * `load.php` — stream existing files by DB ID for FilePond preload
  * `remove.php` — soft-delete `thesis_files` rows
* `process.php` improvements:

  * accept arbitrary FilePond field names instead of hardcoded `file`
  * support PHP-nested multi-file queue inputs (`queue_file[tfe][]`)
  * explicit unwrapping of nested `$_FILES` structures
  * add `audio/mp3` to audio + `peertube_audio` MIME whitelists
  * immediate upload of `peertube_*` files to PeerTube, returning `peertube:{uuid}` IDs
  * extensive `error_log()` instrumentation for request, CSRF, MIME, upload, and save stages
* `revert.php` now accepts `peertube:` IDs without local cleanup
* `ThesisFileHandler`:

  * add `handleFilePondQueueFiles()` + `handleFilePondSingleFile()`
  * process async uploads from `storage/tmp/filepond/` via opaque `file_id`
  * inline handling of `peertube:{uuid}` IDs with direct `thesis_files` insertion
  * remove obsolete deferred PeerTube queue-processing flow
* `ThesisCreateController` + `ThesisEditController`:

  * gate async path behind `filepond_mode=1`
  * preserve legacy multipart flow as fallback
* `file-upload-filepond.js`:

  * remove `storeAsFile:true`
  * add `buildServerConfig()` for async endpoint wiring
  * fix `syncOrderInput()` to use `serverId`
  * add `onprocessfile` hook
  * add `fileValidateSizeFilterItem` for per-extension size caps
  * preload existing uploads via `data-existing-files` + `server.load`
  * replace static `INPUT_ID_TO_TYPE` map with `data-queue-type`
  * add extensive `console.log()` debugging across upload pipeline stages
* `upload-progress.js`:

  * block form submission while uploads are pending
  * update `collectFileNames()` to read processed FilePond items
* Templates/layout:

  * add `data-queue-type`
  * add `data-existing-files`
  * add global CSRF meta tag outside admin-only context
  * add `filepond_mode` hidden input
  * add CSRF token/meta support for partage pages
  * move website URL field below file upload block
* `.gitignore`: exclude `storage/tmp/` from version control

2026-05-19 00:08:06 +02:00

3 Commits