PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
6f7a02244f3ed1f12e397400958943b1a286c595
xamxam/app/public/admin/actions/language.php
Pontoporeia d5fee1acfb fix: repair form submission with queued files + add comprehensive debug logging 
- Replace fetch(redirect:manual) with XMLHttpRequest in file-upload-queue.js.
  The previous fetch-based redirect detection was broken because opaque
  redirects hide the Location header. XHR's responseURL reliably exposes
  the final URL after server-side redirects.

- Add console.log tracing at every decision point in submit interception:
  entry, hasFiles check, enctype check, double-submit guard, XHR status,
  redirect detection, error fallback.

- Add error_log entry-point logging to all 16 admin action files plus
  the partage/index.php submission handler and password gate. Each logs:
  request method, content type/length, POST keys, file counts, and
  queue-specific file counts where applicable.

- Add double-submit guard (_xamxamActiveSubmit) to prevent duplicate
  XHR sends when the native submit handler fires after interception.
2026-05-19 00:08:05 +02:00

74 lines
2.8 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../../../bootstrap.php';
require_once __DIR__ . '/../../../src/AdminAuth.php';
error_log('[language.php] ENTRY | method=' . $_SERVER['REQUEST_METHOD'] . ' | action=' . ($_POST['action'] ?? 'none') . ' | post_keys=' . implode(',', array_keys($_POST)));
AdminAuth::requireLogin();
if ($_SERVER['REQUEST_METHOD'] !== 'POST'
|| !isset($_POST['csrf_token'], $_SESSION['csrf_token'])
|| !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
http_response_code(403);
die("Accès refusé.");
}
require_once __DIR__ . '/../../../src/Database.php';
require_once __DIR__ . '/../../../src/AdminLogger.php';
require_once __DIR__ . '/../../../src/ErrorHandler.php';
try {
$db = new Database();
$logger = AdminLogger::make();
$action = $_POST['action'] ?? '';
switch ($action) {
case 'rename':
$id = filter_var($_POST['language_id'] ?? '', FILTER_VALIDATE_INT);
$newName = trim($_POST['new_name'] ?? '');
if (!$id || $newName === '') throw new Exception("Paramètres invalides.");
$db->renameLanguage($id, $newName);
break;
case 'merge':
$sourceId = filter_var($_POST['source_id'] ?? '', FILTER_VALIDATE_INT);
$targetId = filter_var($_POST['target_id'] ?? '', FILTER_VALIDATE_INT);
if (!$sourceId || !$targetId) throw new Exception("Paramètres invalides.");
$db->mergeLanguage($sourceId, $targetId);
break;
case 'merge_bulk':
$targetId = filter_var($_POST['target_id'] ?? '', FILTER_VALIDATE_INT);
$sourceIds = isset($_POST['selected_langs']) && is_array($_POST['selected_langs'])
? array_map('intval', $_POST['selected_langs'])
: [];
if (!$targetId || empty($sourceIds)) throw new Exception("Paramètres invalides.");
$sourceIds = array_values(array_diff($sourceIds, [$targetId]));
if (empty($sourceIds)) throw new Exception("Aucune source à fusionner.");
foreach ($sourceIds as $sid) {
$db->mergeLanguage($sid, $targetId);
}
break;
case 'delete':
$id = filter_var($_POST['language_id'] ?? '', FILTER_VALIDATE_INT);
if (!$id) throw new Exception("ID invalide.");
$db->deleteLanguage($id);
break;
default:
throw new Exception("Action inconnue.");
}
App::flash('success', "Opération effectuée.");
} catch (Exception $e) {
ErrorHandler::log('language', $e);
App::flash('error', ErrorHandler::userMessage($e));
}
$redirect = '/admin/contenus.php';
// Allow the caller to override the redirect
if (!empty($_POST['return']) && str_starts_with($_POST['return'], '/')) {
$redirect = $_POST['return'];
}
header('Location: ' . $redirect);
exit();
Reference in New Issue View Git Blame Copy Permalink