mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-06 19:19:19 +02:00
467aced734
Phase 1: Consolidate shared infrastructure - Create shared/ directory for common code - Consolidate Database.php from front-backend and formulaire into unified shared/Database.php - Smart path detection for test.db vs posterg.db - Secure search with wildcard escaping and input validation - Support both singleton and direct instantiation patterns - Full CRUD methods for admin functionality - Move RateLimit.php to shared/ (30 requests/min) - Update all require paths across apps to use shared/ Phase 2: Reorganize directory structure - Rename front-backend/ → apps/public/ - Rename formulaire/ → apps/admin/ - Rename db/ → database/ - Update all file paths for new structure - Create root .gitignore excluding databases, cache, logs Implement secure search feature - Add apps/public/search.php with full-text search across theses - Search filters: query, year, orientation, AP program, keywords - Security features: - SQL injection prevention (prepared statements) - Wildcard injection prevention (escape % and _) - Input validation (max 200 chars, year range 1900-2100) - Rate limiting (30 req/min per IP) - Pagination limited to 100 results/page - XSS protection (htmlspecialchars on output) Add comprehensive test suite - Create apps/public/tests/ with proper structure - tests/Integration/SearchTest.php - 12 search scenarios - tests/Security/SecurityTest.php - vulnerability testing - tests/Unit/RateLimitTest.php - rate limit behavior - Create database/fixtures/CreateTestDatabase.php - Add apps/public/run-tests.php test runner - All tests passing (4/4 suites) Update deployment configuration - Rename justfile 'sync' recipe to 'deploy' - Create deploy group with separate deploy-public and deploy-admin - Add test-deploy recipe for test database - Exclude *.db, tests/, cache/, *.md from production deploy - Deploy shared/ to both public and admin locations Stats: +4482 insertions, -654 deletions across 72 files
165 lines
6.3 KiB
PHP
165 lines
6.3 KiB
PHP
<?php
|
|
// Disable displaying errors, log errors to a file named 'error.log'
|
|
ini_set('display_errors', 0);
|
|
ini_set('log_errors', 1);
|
|
ini_set('error_log', 'error.log');
|
|
|
|
// Load required libraries and classes
|
|
require_once __DIR__ . '/../../shared/Database.php';
|
|
|
|
// Check if an id parameter is provided in the URL
|
|
if (isset($_GET['id'])) {
|
|
$thesisId = intval($_GET['id']);
|
|
try {
|
|
$db = Database::getInstance();
|
|
$data = $db->getThesisById($thesisId);
|
|
|
|
if (!$data) {
|
|
// Thesis not found or not published
|
|
header('Location: index.php');
|
|
exit;
|
|
}
|
|
} catch (Exception $e) {
|
|
error_log("Error loading thesis: " . $e->getMessage());
|
|
header('Location: index.php');
|
|
exit;
|
|
}
|
|
} else {
|
|
// Redirect to the index page if no id parameter is provided
|
|
header('Location: index.php');
|
|
exit;
|
|
}
|
|
|
|
// Include the header template
|
|
include 'inc/header.php'; ?>
|
|
|
|
<section class="section">
|
|
<div class="container">
|
|
<div class="columns is-variable is-1-mobile is-0-tablet is-3-desktop is-8-widescreen is-2-fullhd">
|
|
<!-- INFO CARD -->
|
|
<div class="column is-one-third">
|
|
<div class="card">
|
|
<div class="card-content">
|
|
<!-- Display the title and author from the database -->
|
|
<h1 class="title">
|
|
<?= htmlspecialchars($data['title']); ?>
|
|
<?php if (!empty($data['subtitle'])): ?>
|
|
<br><small><?= htmlspecialchars($data['subtitle']); ?></small>
|
|
<?php endif; ?>
|
|
</h1>
|
|
<h2 class="subtitle">par
|
|
<?= htmlspecialchars($data['authors'] ?? 'Auteur inconnu'); ?>
|
|
</h2>
|
|
|
|
<h3 class="subtitle"></h3>
|
|
<div class="columns">
|
|
<div class="column is-half ">
|
|
<?php if (!empty($data['orientation']) || !empty($data['ap_program'])): ?>
|
|
<h3 class="subtitle">
|
|
<?php if (!empty($data['orientation'])): ?>
|
|
<?= htmlspecialchars($data['orientation']); ?>
|
|
<?php endif; ?>
|
|
<?php if (!empty($data['orientation']) && !empty($data['ap_program'])): ?>
|
|
et
|
|
<?php endif; ?>
|
|
<?php if (!empty($data['ap_program'])): ?>
|
|
<?= htmlspecialchars($data['ap_program']); ?>
|
|
<?php endif; ?>
|
|
</h3>
|
|
<?php endif; ?>
|
|
<p class="block tag subtitle is-6">
|
|
<?= htmlspecialchars($data['year']); ?>
|
|
</p>
|
|
<?php if (!empty($data['finality_type'])): ?>
|
|
<p class="block">
|
|
<strong>Finalité:</strong> <?= htmlspecialchars($data['finality_type']); ?>
|
|
</p>
|
|
<?php endif; ?>
|
|
</div>
|
|
|
|
<div class="column">
|
|
<?php if (!empty($data['context_note'])): ?>
|
|
<p class="block">
|
|
<em><?= htmlspecialchars($data['context_note']); ?></em>
|
|
</p>
|
|
<?php endif; ?>
|
|
|
|
<?php if (!empty($data['supervisors'])): ?>
|
|
<p class="block">
|
|
<strong>Promoteur.ice.s:</strong>
|
|
<?= htmlspecialchars($data['supervisors']); ?>
|
|
</p>
|
|
<?php endif; ?>
|
|
|
|
<?php if (!empty($data['languages'])): ?>
|
|
<p class="block">
|
|
<strong>Langue(s):</strong>
|
|
<?= htmlspecialchars($data['languages']); ?>
|
|
</p>
|
|
<?php endif; ?>
|
|
|
|
<?php if (!empty($data['formats'])): ?>
|
|
<p class="block">
|
|
<strong>Format(s):</strong>
|
|
<?= htmlspecialchars($data['formats']); ?>
|
|
</p>
|
|
<?php endif; ?>
|
|
|
|
<?php if (!empty($data['keywords'])): ?>
|
|
<p class="block">
|
|
<strong>Mots-clés:</strong>
|
|
<?= htmlspecialchars($data['keywords']); ?>
|
|
</p>
|
|
<?php endif; ?>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div class="box">
|
|
<?php if (!empty($data['synopsis'])): ?>
|
|
<?= nl2br(htmlspecialchars($data['synopsis'])); ?>
|
|
<?php endif; ?>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="column is-two-third">
|
|
<div class="content">
|
|
<!-- Check if there are any files in the database -->
|
|
<?php if (isset($data['files']) && count($data['files']) > 0): ?>
|
|
<!-- Loop through the files and display them based on their file type -->
|
|
<?php foreach ($data['files'] as $file): ?>
|
|
<?php $ext = strtolower(pathinfo($file['file_path'], PATHINFO_EXTENSION)); ?>
|
|
<div class="block">
|
|
<?php if ($ext === 'pdf'): ?>
|
|
<!-- Display PDF files using the embed element -->
|
|
<embed src="<?= htmlspecialchars($file['file_path']); ?>" type="application/pdf" width="100%" height="600px" />
|
|
<?php elseif (in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'bmp'])): ?>
|
|
<!-- Display image files using the img element -->
|
|
<figure>
|
|
<img src="<?= htmlspecialchars($file['file_path']); ?>" alt="<?= htmlspecialchars($file['file_name']); ?>">
|
|
</figure>
|
|
<?php elseif ($ext === 'mp4'): ?>
|
|
<!-- Display MP4 video files using the video element -->
|
|
<video width="100%" height="auto" controls>
|
|
<source src="<?= htmlspecialchars($file['file_path']); ?>" type="video/mp4">
|
|
Your browser does not support the video tag.
|
|
</video>
|
|
<?php endif; ?>
|
|
<?php if (!empty($file['description'])): ?>
|
|
<p class="help"><?= htmlspecialchars($file['description']); ?></p>
|
|
<?php endif; ?>
|
|
</div>
|
|
|
|
<?php endforeach; ?>
|
|
<?php else: ?>
|
|
<p class="notification is-warning">Aucun fichier disponible pour ce mémoire.</p>
|
|
<?php endif; ?>
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</section>
|
|
|
|
<!-- Include the footer template -->
|
|
<?php include 'inc/footer.php'; ?>
|