xamxam/TODO.md

TODO

Move Restrictions d'accès aux fichiers to acces.php

• Remove fieldset from templates/admin/contenus.php
• Add fieldset to templates/admin/acces.php
• Load $siteSettings in admin/acces.php controller
• Update redirect in settings.php for formulaire_restrictions → /admin/acces.php

Fix PeerTube upload — Google-resumable protocol adherence

• Use Location header from init response (not reconstruct URL from JSON body)
• Switch chunk method from PUT → PATCH (Google-resumable variant)
• Use actual file MIME type in chunk Content-Type (not application/octet-stream)
• Ensure chunk size is multiple of 256 KB
• Add PATCH/HEAD methods to httpRequest()
• Add CURLOPT_HEADERFUNCTION to capture response headers
• Disable CURLOPT_FOLLOWLOCATION to preserve Location header
• Add cancelUpload() helper for Delete-on-error cleanup
• Test with actual PeerTube instance

HTMX Toast Feedback for Settings Checkboxes (contenus.php)

• Add hx-target response divs to the three fieldsets in contenus.php
• Update settings.php to return HTML toast on HTMX requests

Production Error Fixes (2026-05-11 remote logs)

• 413 Request Entity Too Large — bumped client_max_body_size to 256M, PHP post/upload to 256M, timeouts to 300s
• Missing v_smtp_active view on server — made all CREATE VIEW statements idempotent with IF NOT EXISTS in schema.sql
• bars.svg 404 — created app/public/assets/img/bars.svg (animated SVG spinner)
• Nginx rate limiting too aggressive — increased admin zone to 300r/m, burst=30 to handle ~11 concurrent HTMX fragment requests on contenus.php page load
• Migration idempotency — CREATE INDEX / CREATE TRIGGER / CREATE VIEW now use IF NOT EXISTS in schema.sql and generate-schema.py; migrate.sh no longer fails on re-run
• Database readonly — intermittent permission issue after deploy (added deploy-nginx recipe; permissions should be fixed by --chown + deploy-server.sh)

PeerTube Alternate Labels & FilePond Pools

• Add peertube_video_label and peertube_audio_label columns (migration 029)
• Update PeerTubeService getSettings/updateSettings for new fields
• Add label fields to parametres.php admin form
• Handle label saving in admin/actions/settings.php
• Uncomment video/audio slots in fichiers-fragment.php with FilePond pools when PeerTube enabled
• Register peertube_video / peertube_audio queue types in file-upload-filepond.js
• Update handlePeerTubeUpload → handlePeerTubeQueueFiles in both create/edit controllers
• When PeerTube active, restrict TFE pool to PDF/images/VTT/archives only (no video/audio)
• Add HTMX swap attributes to Vidéo/Audio format checkboxes for live toggling
• Store PeerTube uploads as peertube_ids:{uuid} in thesis_files.file_path
• Create templates/partials/peertube-embed.php iframe embed template
• Render PeerTube embeds in public thesis view (tfe.php)
• Handle PeerTube files in admin recapitulatif.php and fichiers-fragment.php
• Shared SMTP credentials — remove username/password from peertube_settings (migration 031)
• PeerTubeService reads credentials from SmtpRelay
• OAuth client_id/secret fetched on-demand and cached in-memory (no DB storage)
• Resumable upload protocol (POST init + PUT chunks) in PeerTubeService::upload()
• Admin recapitulatif: show real PeerTube watch links (public/unlisted only)
• Optimize public thesis view: load PeerTube instance URL once before file loop
• Test end-to-end: activate PeerTube, set labels, submit form with video/audio files

SQLite Backup & Data Integrity (docs/backup-plan.md)

Phase 1 — WAL Mode

• WAL mode already active (PRAGMA journal_mode → wal) — set in Database constructor
• Verify -wal and -shm sidecar files exist after writes
• Verify nginx/PHP write access to sidecar files on server
• Add deploy-verify-permissions recipe that checks ownership, directory perms, file perms, and writability after rsync
• deploy recipe now uploads and runs deploy-server.sh to fix permissions, then verifies them
• deploy recipe now runs migrations (scripts/migrate.sh) after ensuring DB exists
• fix migrate.sh to detect server vs local layout (no app/ subdir on server)
• regenerate schema.sql from local DB via generate-schema.py (includes v_smtp_active, all 28 migrations)
• fix generate-schema.py to include v_smtp_active (was explicitly excluded)

Phase 2 — Audit Log

• admin_audit_log table already exists (migration 009), AdminLogger already writes to it
• Create the audit_log table for data-level audit (before/after row snapshots)
• Create Audit.php helper class
• Instrument all DELETE, UPDATE, INSERT operations on core tables (theses, tags, languages, thesis_files)
• Verify by triggering a test delete and querying SELECT * FROM audit_log ORDER BY id DESC LIMIT 5

Phase 3 — Soft Deletes

• Add deleted_at columns to languages, tags, theses
• Rebuild views v_theses_full and v_theses_public with deleted_at IS NULL filters
• Update schema.sql for fresh installs
• Replace all hard DELETEs with soft deletes (DELETE → UPDATE ... SET deleted_at = ...)
• Add deleted_at IS NULL to all SELECT queries touching these tables
• Add admin "Corbeille" view for soft-deleted theses with Restore and Hard Delete actions
• Test each htmx-driven element (language search, tag search, repertoire filters) to confirm deleted entries don't appear
• Admin: add soft-deleted tags/languages view with restore option

Phase 4 — Hourly Snapshots via Cronjob

• Create scripts/backup-sqlite.sh (hot backup via sqlite3 .backup, gzip, retention pruning)
• Test locally — backup created, restores correctly
• Add just backup-snapshot command for local ad-hoc backups
• Deploy backup script to server (/usr/local/bin/backup-sqlite.sh) — just deploy-backup-script
• Create /var/backups/xamxam/ directory on server — part of just deploy-backup-cron
• Add cron jobs (hourly 30d + daily 90d) — just deploy-backup-cron
• Test restore from production backup — just test-restore <remote-gz-path>
• Manual backup trigger — just trigger-backup
• Check backup log — just deploy-check-backup-log
• List remote backups — just deploy-list-backups
• One-shot deploy — just deploy-backup (script + cron)

Phase 5 — Remote Sync (for later)

• (Deferred)