PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
3016c199bdfa875f446e85a251c86eeb5d553c49
xamxam/app/public/admin/actions/corbeille.php

61 lines
2.2 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../../../bootstrap.php';
require_once __DIR__ . '/../../../src/AdminAuth.php';
error_log('[corbeille.php] ENTRY | method=' . $_SERVER['REQUEST_METHOD'] . ' | action=' . ($_POST['action'] ?? 'none'));
AdminAuth::requireLogin();
if ($_SERVER['REQUEST_METHOD'] !== 'POST'
|| !isset($_POST['csrf_token'], $_SESSION['csrf_token'])
|| !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
http_response_code(403);
die("Accès refusé.");
}
require_once __DIR__ . '/../../../src/Database.php';
require_once __DIR__ . '/../../../src/AdminLogger.php';
require_once __DIR__ . '/../../../src/ErrorHandler.php';
try {
$db = new Database();
$logger = AdminLogger::make();
$action = $_POST['action'] ?? '';
switch ($action) {
case 'restore':
$thesisId = filter_var($_POST['thesis_id'] ?? '', FILTER_VALIDATE_INT);
if (!$thesisId) throw new Exception("ID invalide.");
$db->restoreThesis($thesisId);
$logger->logPublish(true, [$thesisId]); // log restore as an admin action
App::flash('success', "TFE restauré avec succès.");
break;
case 'hard_delete':
$thesisId = filter_var($_POST['thesis_id'] ?? '', FILTER_VALIDATE_INT);
if (!$thesisId) throw new Exception("ID invalide.");
$db->hardDeleteThesis($thesisId);
$logger->logDelete([$thesisId]);
App::flash('success', "TFE définitivement supprimé.");
break;
case 'empty_trash':
$trashed = $db->getTrashedTheses();
foreach ($trashed as $t) {
$db->hardDeleteThesis((int)$t['id']);
$logger->logDelete([(int)$t['id']]);
}
App::flash('success', "Corbeille vidée (" . count($trashed) . " TFE supprimés définitivement).");
break;
default:
throw new Exception("Action inconnue.");
}
} catch (Exception $e) {
ErrorHandler::log('corbeille', $e);
App::flash('error', ErrorHandler::userMessage($e));
}
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
header('Location: /admin/index.php?tab=trash');
exit;
Reference in New Issue View Git Blame Copy Permalink