mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-06-25 08:09:18 +02:00
73 lines
2.4 KiB
PHP
73 lines
2.4 KiB
PHP
<?php
|
|
/**
|
|
* PeerTube video deletion endpoint (admin).
|
|
*
|
|
* POST /admin/actions/peertube-delete.php
|
|
* Body: csrf_token + uuid
|
|
*
|
|
* Deletes a video from the PeerTube channel entirely.
|
|
*/
|
|
require_once __DIR__ . '/../../../bootstrap.php';
|
|
require_once __DIR__ . '/../../../src/AdminAuth.php';
|
|
AdminAuth::requireLogin();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST'
|
|
|| !isset($_POST['csrf_token'], $_SESSION['csrf_token'])
|
|
|| !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
|
|
http_response_code(403);
|
|
header('Content-Type: application/json; charset=utf-8');
|
|
echo json_encode(['success' => false, 'error' => 'CSRF invalide.']);
|
|
exit;
|
|
}
|
|
|
|
$uuid = trim($_POST['uuid'] ?? '');
|
|
if ($uuid === '' || !preg_match('/^[a-zA-Z0-9\-_]+$/', $uuid)) {
|
|
http_response_code(400);
|
|
header('Content-Type: application/json; charset=utf-8');
|
|
echo json_encode(['success' => false, 'error' => 'UUID invalide.']);
|
|
exit;
|
|
}
|
|
|
|
require_once APP_ROOT . '/src/Database.php';
|
|
require_once APP_ROOT . '/src/PeerTubeService.php';
|
|
|
|
$db = new Database();
|
|
|
|
if (!PeerTubeService::isConfigured($db)) {
|
|
http_response_code(503);
|
|
header('Content-Type: application/json; charset=utf-8');
|
|
echo json_encode(['success' => false, 'error' => 'PeerTube non configuré.']);
|
|
exit;
|
|
}
|
|
|
|
// Also remove any stale DB references to this UUID
|
|
$pdo = $db->getConnection();
|
|
$stmt = $pdo->prepare(
|
|
"SELECT id FROM thesis_files WHERE file_path = ?"
|
|
);
|
|
$stmt->execute(['peertube_ids:' . $uuid]);
|
|
$dbRefs = $stmt->fetchAll(PDO::FETCH_COLUMN);
|
|
$dbCleaned = count($dbRefs);
|
|
foreach ($dbRefs as $id) {
|
|
$pdo->prepare("DELETE FROM thesis_files WHERE id = ?")->execute([$id]);
|
|
}
|
|
|
|
$deleted = PeerTubeService::deleteVideo($db, $uuid);
|
|
|
|
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
|
|
|
|
if ($deleted) {
|
|
error_log("[peertube-delete] uuid=$uuid deleted" . ($dbCleaned > 0 ? " + $dbCleaned DB ref(s) cleaned" : ""));
|
|
if (isset($_SERVER['HTTP_HX_REQUEST'])) {
|
|
require __DIR__ . '/peertube-orphans-fragment.php';
|
|
exit;
|
|
}
|
|
header('Content-Type: application/json; charset=utf-8');
|
|
echo json_encode(['success' => true]);
|
|
} else {
|
|
error_log("[peertube-delete] uuid=$uuid delete failed" . ($dbCleaned > 0 ? " (cleaned $dbCleaned DB refs though)" : ""));
|
|
header('Content-Type: application/json; charset=utf-8');
|
|
echo json_encode(['success' => false, 'error' => 'Échec de la suppression sur PeerTube (vérifiez les logs).']);
|
|
}
|
|
exit;
|