PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
6224e3ede0a89b9ac20cb045935fc2cf5f92d23b
xamxam/app/public/admin/actions/settings.php
Pontoporeia 03c5fd217e feat: dual upload system — direct file storage + PeerTube API integration 
Adds a parallel PeerTube upload system behind a feature flag (disabled by default
until upload quota is granted). When disabled, the existing direct file upload
path works unchanged.

Files:
- src/PeerTubeService.php — credential storage (encrypted), OAuth2 token
  retrieval, multipart upload to /api/v1/videos/upload
- migrations/021_peertube_settings.sql — peertube_settings singleton table
  + peertube_upload_enabled site_setting (default 0)
- admin/actions/settings.php — peertube section handler
- admin/parametres.php / templates/admin/parametres.php — PeerTube UI section
- partage/fichiers-fragment.php — shows file inputs when enabled, TODO notice otherwise
- ThesisCreateController / ThesisEditController — handlePeerTubeUpload()
- tfe.php — PeerTube iframe embed detection
- AdminLogger — logPeerTubeUpdate()
2026-05-13 17:59:13 +02:00

100 lines
3.8 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../../../bootstrap.php';
require_once __DIR__ . '/../../../src/AdminAuth.php';
AdminAuth::requireLogin();
if (!isset($_POST['csrf_token'], $_SESSION['csrf_token'])
|| !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
App::flash('error', "Erreur de sécurité : token invalide.");
header('Location: /admin/parametres.php');
exit;
}
require_once APP_ROOT . '/src/Database.php';
require_once APP_ROOT . '/src/SmtpRelay.php';
require_once APP_ROOT . '/src/PeerTubeService.php';
require_once APP_ROOT . '/src/AdminLogger.php';
$db = new Database();
$logger = AdminLogger::make();
$section = $_POST['section'] ?? '';
if ($section === 'formulaire') {
$allowed = [
'access_type_libre_enabled',
'access_type_interne_enabled',
'access_type_interdit_enabled',
'restricted_files_enabled'
];
$newValues = [];
foreach ($allowed as $key) {
$value = isset($_POST[$key]) ? '1' : '0';
$db->setSetting($key, $value);
$newValues[$key] = $value;
}
$logger->logFormSettingsUpdate($newValues);
App::flash('success', "Paramètres du formulaire mis à jour.");
} elseif ($section === 'objet_types') {
$newValues = [
'objet_these_enabled' => isset($_POST['objet_these_enabled']) ? '1' : '0',
'objet_frart_enabled' => isset($_POST['objet_frart_enabled']) ? '1' : '0',
];
$db->setSetting('objet_these_enabled', $newValues['objet_these_enabled']);
$db->setSetting('objet_frart_enabled', $newValues['objet_frart_enabled']);
$logger->logObjetTypesUpdate($newValues);
App::flash('success', "Types de travaux mis à jour.");
} elseif ($section === 'smtp') {
$smtpData = [
'host' => $_POST['smtp_host'] ?? '',
'port' => $_POST['smtp_port'] ?? 587,
'encryption' => $_POST['smtp_encryption'] ?? 'tls',
'username' => $_POST['smtp_username'] ?? '',
'from_email' => $_POST['smtp_from_email'] ?? '',
'from_name' => $_POST['smtp_from_name'] ?? 'XAMXAM',
'notify_email' => $_POST['smtp_notify_email'] ?? '',
];
// Only update password when user actually typed something.
$pwd = $_POST['smtp_password'] ?? '';
if ($pwd !== '') {
$smtpData['password'] = $pwd;
}
SmtpRelay::updateSettings($db, $smtpData);
// Immediately probe the server to validate credentials
$test = SmtpRelay::test($db);
$logger->logSmtpUpdate($test['ok']);
if ($test['ok']) {
App::flash('success', "Paramètres SMTP mis à jour — connexion validée ✓");
} else {
App::flash('error', "Paramètres sauvegardés, mais le test de connexion a échoué : " . $test['error']);
if ($test['field'] !== null) {
$_SESSION['_flash_smtp_field'] = $test['field'];
}
}
} elseif ($section === 'peertube') {
// Feature flag
$enabled = isset($_POST['peertube_upload_enabled']) ? '1' : '0';
$db->setSetting('peertube_upload_enabled', $enabled);
// Credentials — only overwrite password when user typed something
$data = [
'instance_url' => $_POST['peertube_instance_url'] ?? '',
'username' => $_POST['peertube_username'] ?? '',
'channel_id' => $_POST['peertube_channel_id'] ?? 1,
'privacy' => $_POST['peertube_privacy'] ?? 1,
];
$pwd = $_POST['peertube_password'] ?? '';
if ($pwd !== '') {
$data['password'] = $pwd;
}
PeerTubeService::updateSettings($db, $data);
$logger->logPeerTubeUpdate($enabled === '1');
App::flash('success', 'Paramètres PeerTube mis à jour.');
} else {
App::flash('error', "Section inconnue.");
}
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
header('Location: /admin/parametres.php');
exit;
Reference in New Issue View Git Blame Copy Permalink