'Erreur de sécurité : token invalide.']); exit; } App::flash('error', 'Erreur de sécurité : token invalide.'); header('Location: /admin/contenus.php'); exit; } $allowedSlugs = ['about', 'licenses']; $slug = $_POST['slug'] ?? ''; $content = $_POST['content'] ?? ''; if (!in_array($slug, $allowedSlugs, true)) { if ($isAjax) { http_response_code(400); header('Content-Type: application/json'); echo json_encode(['error' => 'Slug de page invalide.']); exit; } App::flash('error', 'Slug de page invalide.'); header('Location: /admin/contenus.php'); exit; } require_once APP_ROOT . '/src/Database.php'; require_once APP_ROOT . '/src/AdminLogger.php'; require_once APP_ROOT . '/src/ErrorHandler.php'; $db = new Database(); try { $db->savePage($slug, $content); AdminLogger::make()->logPageEdit($slug); if ($isAjax) { $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); header('Content-Type: application/json'); echo json_encode([ 'success' => true, 'csrf_token' => $_SESSION['csrf_token'], ]); exit; } App::flash('success', 'Page « ' . htmlspecialchars($slug) . ' » mise à jour.'); } catch (Exception $e) { ErrorHandler::log('page', $e); $msg = 'Erreur lors de la sauvegarde : ' . ErrorHandler::userMessage($e); if ($isAjax) { http_response_code(500); header('Content-Type: application/json'); echo json_encode(['error' => $msg]); exit; } App::flash('error', $msg); } $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); header('Location: /admin/contenus.php'); exit;