mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-07 11:39:18 +02:00
ca5983075d
- AdminLogger: JSON-lines → /var/log/xamxam.log (prod) / storage/logs/admin.log (dev) + best-effort DB mirror to admin_audit_log table - DB: admin_audit_log table, share_links.is_archived column - ShareLink: archive() replaces delete(), toggleActive() returns new state, listActive()/listArchived() split, validateLink blocks archived slugs - All action handlers wired: publish, unpublish, visibility, delete, csv/db export, tfe add/edit, tags, pages, apropos, form-help, access-request, maintenance, settings (formulaire toggles, objet types, smtp update), smtp-test - acces.php: archive button replaces delete; collapsible archived links section - setup-server.sh: provision /var/log/xamxam.log (www-data:xamxam 640)
80 lines
2.9 KiB
PHP
80 lines
2.9 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../../../bootstrap.php';
|
|
require_once __DIR__ . '/../../../src/AdminAuth.php';
|
|
AdminAuth::requireLogin();
|
|
|
|
if (!isset($_POST['csrf_token'], $_SESSION['csrf_token'])
|
|
|| !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
|
|
App::flash('error', "Erreur de sécurité : token invalide.");
|
|
header('Location: /admin/parametres.php');
|
|
exit;
|
|
}
|
|
|
|
require_once APP_ROOT . '/src/Database.php';
|
|
require_once APP_ROOT . '/src/SmtpRelay.php';
|
|
require_once APP_ROOT . '/src/AdminLogger.php';
|
|
$db = new Database();
|
|
$logger = AdminLogger::make();
|
|
|
|
$section = $_POST['section'] ?? '';
|
|
|
|
if ($section === 'formulaire') {
|
|
$allowed = [
|
|
'access_type_libre_enabled',
|
|
'access_type_interne_enabled',
|
|
'access_type_interdit_enabled',
|
|
'restricted_files_enabled'
|
|
];
|
|
$newValues = [];
|
|
foreach ($allowed as $key) {
|
|
$value = isset($_POST[$key]) ? '1' : '0';
|
|
$db->setSetting($key, $value);
|
|
$newValues[$key] = $value;
|
|
}
|
|
$logger->logFormSettingsUpdate($newValues);
|
|
App::flash('success', "Paramètres du formulaire mis à jour.");
|
|
} elseif ($section === 'objet_types') {
|
|
$newValues = [
|
|
'objet_these_enabled' => isset($_POST['objet_these_enabled']) ? '1' : '0',
|
|
'objet_frart_enabled' => isset($_POST['objet_frart_enabled']) ? '1' : '0',
|
|
];
|
|
$db->setSetting('objet_these_enabled', $newValues['objet_these_enabled']);
|
|
$db->setSetting('objet_frart_enabled', $newValues['objet_frart_enabled']);
|
|
$logger->logObjetTypesUpdate($newValues);
|
|
App::flash('success', "Types de travaux mis à jour.");
|
|
} elseif ($section === 'smtp') {
|
|
$smtpData = [
|
|
'host' => $_POST['smtp_host'] ?? '',
|
|
'port' => $_POST['smtp_port'] ?? 587,
|
|
'encryption' => $_POST['smtp_encryption'] ?? 'tls',
|
|
'username' => $_POST['smtp_username'] ?? '',
|
|
'from_email' => $_POST['smtp_from_email'] ?? '',
|
|
'from_name' => $_POST['smtp_from_name'] ?? 'XAMXAM',
|
|
'notify_email' => $_POST['smtp_notify_email'] ?? '',
|
|
];
|
|
// Only update password when user actually typed something.
|
|
$pwd = $_POST['smtp_password'] ?? '';
|
|
if ($pwd !== '') {
|
|
$smtpData['password'] = $pwd;
|
|
}
|
|
SmtpRelay::updateSettings($db, $smtpData);
|
|
|
|
// Immediately probe the server to validate credentials
|
|
$test = SmtpRelay::test($db);
|
|
$logger->logSmtpUpdate($test['ok']);
|
|
if ($test['ok']) {
|
|
App::flash('success', "Paramètres SMTP mis à jour — connexion validée ✓");
|
|
} else {
|
|
App::flash('error', "Paramètres sauvegardés, mais le test de connexion a échoué : " . $test['error']);
|
|
if ($test['field'] !== null) {
|
|
$_SESSION['_flash_smtp_field'] = $test['field'];
|
|
}
|
|
}
|
|
} else {
|
|
App::flash('error', "Section inconnue.");
|
|
}
|
|
|
|
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
|
|
header('Location: /admin/parametres.php');
|
|
exit;
|