mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-07 03:29:19 +02:00
92e344b757
Tags admin: - Database: getAllTagsWithCount(), renameTag(), mergeTag(), deleteTag() - public/admin/tags.php: table with inline rename/merge/delete forms, CSRF-guarded - public/admin/actions/tag.php: routes on action=rename|merge|delete - templates/admin/head.php: 'Mots-clés' nav link - admin.css: admin-inline-form, admin-btn--sm/warning/danger variants Maintenance mode: - config/bootstrap.php: gate on MAINTENANCE_FLAG file; admin/ and maintenance.php exempt - public/maintenance.php: 503 dark minimal page - public/admin/actions/maintenance.php: enable/disable toggle - public/admin/index.php: status bar with toggle button - admin.css: admin-maintenance-bar styles TFE Visibility (Libre/Interne/Interdit via existing access_type_id): - migration 002_add_visibility.sql: seeds access_types if missing - Database: setVisibility(), bulkSetVisibility(), getAccessTypes() - public/media.php: blocks thesis files for access_type_id=3 - public/tfe.php: shows access_type, context_note; hides file panel for Interdit - public/admin/edit.php: access_type_id select + context_note textarea; saves both - public/admin/index.php: three-state badge (Libre/Interne/Interdit) per row - public/admin/actions/visibility.php: single + bulk visibility action handler - admin.css: status-access badge variants
45 lines
1.5 KiB
PHP
45 lines
1.5 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Simple configuration for website
|
|
*/
|
|
|
|
// Define application root
|
|
define('APP_ROOT', dirname(__DIR__));
|
|
|
|
// Storage directory for uploaded files — intentionally outside the webroot
|
|
// so no uploaded content is ever directly web-accessible (items #3 & #4).
|
|
// Files are served through public/media.php which validates paths and MIME types.
|
|
define('STORAGE_ROOT', '/var/www/posterg/storage');
|
|
|
|
// Error reporting
|
|
if (php_sapi_name() === 'cli-server') {
|
|
// Development mode
|
|
error_reporting(E_ALL);
|
|
ini_set('display_errors', '1');
|
|
} else {
|
|
// Production mode
|
|
error_reporting(E_ALL);
|
|
ini_set('display_errors', '0');
|
|
ini_set('log_errors', '1');
|
|
}
|
|
|
|
// Load admin credentials if available (defines ADMIN_PASSWORD_HASH for AdminAuth)
|
|
if (file_exists(APP_ROOT . '/config/admin_credentials.php')) {
|
|
require_once APP_ROOT . '/config/admin_credentials.php';
|
|
}
|
|
|
|
// Maintenance mode gate — block public pages; allow /admin/ through.
|
|
// The flag file lives in storage/ (outside webroot) to avoid web exposure.
|
|
define('MAINTENANCE_FLAG', APP_ROOT . '/storage/maintenance.flag');
|
|
if (file_exists(MAINTENANCE_FLAG)) {
|
|
// Allow admin panel through (by path prefix) and the maintenance page itself
|
|
$requestPath = $_SERVER['REQUEST_URI'] ?? '';
|
|
$isAdmin = str_starts_with($requestPath, '/admin');
|
|
$isMaintenance = str_contains($requestPath, 'maintenance.php');
|
|
if (!$isAdmin && !$isMaintenance) {
|
|
require APP_ROOT . '/public/maintenance.php';
|
|
exit();
|
|
}
|
|
}
|