PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 19:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
764edf91212345a5b5651a57ee2d439e9cb3aa69
xamxam/public/index.php
Pontoporeia 1181cfa88b encapsulate raw PDO queries leaking from callers into Database.php methods 
- Add getThesisAccessTypeId(int $id): ?int — replaces raw SELECT in tfe.php
- Add getCoverPathsForTheses(array $ids): array — replaces raw SELECT/IN query in index.php
- Add getFileVisibility(string $path): ?int — replaces raw join query in media.php
- Add getThesisBannerPath(int $id): ?string — replaces unparameterised SQL injection in
  edit.php (SELECT banner_path FROM theses WHERE id = $thesisId was interpolating $thesisId
  directly into the query string; now parameterised via prepared statement)
- Add getThesisRawFields(int $id): ?array — replaces raw SELECT license_id/access_type_id/
  context_note in edit.php
- Add getThesisCount(): int — replaces raw SELECT COUNT(*) in system.php

Callers updated: public/tfe.php, public/index.php, public/media.php,
public/admin/edit.php, public/admin/system.php
2026-03-28 13:32:34 +01:00

161 lines
6.6 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
// Load configuration
require_once __DIR__ . '/../config/bootstrap.php';
require_once APP_ROOT . '/src/Database.php';
$page = isset($_GET["page"]) ? max(1, intval($_GET["page"])) : 1;
$year = isset($_GET["year"]) ? intval($_GET["year"]) : null;
$itemsPerPage = 24;
// Default home view: random theses from latest year (no year filter, no explicit page)
$isDefaultView = (!$year && $page === 1);
try {
$db = Database::getInstance();
$offset = ($page - 1) * $itemsPerPage;
$availableYears = $db->getAvailableYears();
if ($year) {
$itemsToLoad = $db->searchTheses(['year' => $year], $itemsPerPage, $offset);
$totalItems = $db->countSearchResults(['year' => $year]);
} elseif ($isDefaultView) {
$latestYear = $db->getLatestPublishedYear();
$itemsToLoad = $db->getLatestYearTheses($itemsPerPage);
$totalItems = count($itemsToLoad); // no pagination on default view
} else {
$itemsToLoad = $db->getPublishedTheses($itemsPerPage, $offset);
$totalItems = $db->countPublishedTheses();
}
$totalPages = $isDefaultView ? 1 : (int)ceil($totalItems / $itemsPerPage);
// Batch-load cover images for theses that have no banner_path
$coverMap = [];
if (!empty($itemsToLoad)) {
$needCover = array_column(
array_filter($itemsToLoad, fn($t) => empty($t['banner_path'])),
'id'
);
$coverMap = $db->getCoverPathsForTheses($needCover);
}
} catch (Exception $e) {
error_log("Error loading theses: " . $e->getMessage());
$itemsToLoad = [];
$totalPages = 0;
$availableYears = [];
$totalItems = 0;
$latestYear = null;
$isDefaultView = false;
$coverMap = [];
}
$currentNav = '';
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Posterg</title>
<link rel="icon" type="image/svg+xml" href="/assets/admin_favicon.svg">
<link rel="stylesheet" href="assets/modern-normalize.min.css">
<link rel="stylesheet" href="assets/common.css">
<link rel="stylesheet" href="assets/main.css">
<?php if (php_sapi_name() === 'cli-server'): ?>
<script>
(function poll() {
fetch('/live-reload.php').then(r=>r.json()).then(d=>{
if(d.changed) location.reload(); else setTimeout(poll,1000);
}).catch(()=>setTimeout(poll,2000));
})();
</script>
<?php endif; ?>
</head>
<body class="home-body">
<a href="#main-content" class="skip-link">Aller au contenu principal</a>
<?php include APP_ROOT . '/templates/nav.php'; ?>
<?php include APP_ROOT . '/templates/search-bar.php'; ?>
<?php if ($year): ?>
<div class="filter-info">
Année : <?= htmlspecialchars($year) ?>
<a href="index.php" class="clear-filter">✕ Réinitialiser</a>
</div>
<?php elseif ($isDefaultView && !empty($latestYear)): ?>
<div class="filter-info home-latest-label">
Découvrez les TFE de <?= (int)$latestYear ?> — sélection aléatoire
</div>
<?php endif; ?>
<main class="home-main" id="main-content">
<div class="cards-container">
<?php foreach ($itemsToLoad as $item): ?>
<a href="tfe.php?id=<?= (int)$item["id"] ?>" class="card-link">
<div class="card">
<div class="card__media">
<?php
// Resolve thumbnail: banner_path → cover file → gradient placeholder
$thumb = null;
// 1. Banner path (dedicated home thumbnail)
if (!empty($item['banner_path'])) {
$thumb = $item['banner_path'];
}
// 2. Cover image from thesis_files (batch-loaded above)
if (!$thumb && isset($coverMap[$item['id']])) {
$thumb = $coverMap[$item['id']];
}
// 3. Fall through to gradient
?>
<?php if ($thumb): ?>
<img src="/media.php?path=<?= urlencode($thumb) ?>"
alt="<?= htmlspecialchars($item['title']) ?>"
loading="lazy">
<?php else: ?>
<?php
$hue = ($item['id'] * 47 + 160) % 360;
$hue2 = ($hue + 40) % 360;
?>
<div class="card__media--gradient"
style="background:linear-gradient(135deg,hsl(<?= $hue ?>,60%,65%),hsl(<?= $hue2 ?>,55%,45%));">
<span class="card__gradient-author"><?= htmlspecialchars($item['authors'] ?? '') ?></span>
<span class="card__gradient-title"><?= htmlspecialchars($item['title']) ?></span>
</div>
<?php endif; ?>
</div>
<div class="card__info">
<p class="authors"><?= htmlspecialchars($item["authors"] ?? '') ?><?php if (!empty($item['authors']) && !empty($item['title'])): ?> <?php endif; ?><?= htmlspecialchars($item["title"]) ?></p>
</div>
</div>
</a>
<?php endforeach; ?>
<?php if (empty($itemsToLoad)): ?>
<p style="padding:2rem;color:#666;">Aucun mémoire trouvé.</p>
<?php endif; ?>
</div>
<?php if ($totalPages > 1): ?>
<div class="pagination-wrap">
<?php $yearParam = $year ? '&year=' . (int)$year : ''; ?>
<a href="?page=1<?= $yearParam ?>"
class="pagination-btn <?= $page <= 1 ? 'disabled' : '' ?>">«</a>
<a href="?page=<?= max(1, $page - 1) . $yearParam ?>"
class="pagination-btn <?= $page <= 1 ? 'disabled' : '' ?>"></a>
<span class="pagination-info">
<span class="page-current"><?= $page ?></span> / <?= $totalPages ?>
</span>
<a href="?page=<?= min($totalPages, $page + 1) . $yearParam ?>"
class="pagination-btn <?= $page >= $totalPages ? 'disabled' : '' ?>"></a>
<a href="?page=<?= $totalPages . $yearParam ?>"
class="pagination-btn <?= $page >= $totalPages ? 'disabled' : '' ?>">»</a>
</div>
<?php endif; ?>
</main>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink