PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
79eddf5d5a0256f0eb2116917ec47c4bc8eb94e1
xamxam/app/public/admin/actions/filepond/relink.php
Pontoporeia 79eddf5d5a feat: fix file deletion on save + trash policy + documents/ prefix + relink browser 
1. note_intention: Delete old file only when a genuinely new upload arrives
   (32-char hex file_id), not when the FilePond pool preserves an existing
   file by sending its DB integer ID.  Previously the DB integer ID
   triggered $hasNewNote=true, which deleted the existing note_intention
   from disk+DB, then handleFilePondSingleFile couldn't re-process it
   because the regex requires a hex pattern.  Same fix applied to cover.

2. All file deletions now use deleteThesisFileToTrash() which renames
   files to tmp/_trash/ instead of unlinking.  The trash preserves
   original filenames prefixed with DB id for traceability.  Skips
   website URLs and PeerTube refs (no disk file).

3. Storage prefix changed from theses/ to documents/ to reflect that
   the folder holds all document types (determined by file_type in DB).
   MediaController visibility gate supports both prefixes for backward
   compat with existing files.

4. File browser + relink feature for orphaned files:
   - /admin/fragments/file-browser.php — HTMX tree browser for
     storage/documents/ and storage/theses/
   - /admin/actions/filepond/relink.php — POST endpoint that inserts
     a thesis_files row pointing to existing on-disk file
   - Per-pool "📂 Relier" buttons (edit mode only)
   - JS: XamxamOpenFileBrowser / XamxamRelinkFile with FilePond integration
   - CSS: .relink-modal dialog + .file-browser tree styles
2026-05-19 00:08:06 +02:00

121 lines
3.5 KiB
PHP
Raw Blame History

<?php
/**
* Relink endpoint — attach an orphaned on-disk file to a thesis.
*
* POST /admin/actions/filepond/relink.php
* Body: JSON { thesis_id: 123, file_path: "documents/2025/FOLDER/file.pdf",
* file_name: "file.pdf", file_size: 12345, mime_type: "application/pdf",
* queue_type: "tfe", file_type: "main" }
*
* Inserts a thesis_files row pointing to the existing on-disk file.
* The file is NOT copied or moved — it stays where it is.
*/
require_once __DIR__ . '/../../../../bootstrap.php';
require_once __DIR__ . '/../../../../src/AdminAuth.php';
AdminAuth::requireLogin();
// CSRF via header
$csrfHeader = $_SERVER['HTTP_X_CSRF_TOKEN'] ?? '';
if (!isset($_SESSION['csrf_token'])
|| !hash_equals($_SESSION['csrf_token'], $csrfHeader)) {
http_response_code(403);
die('Token CSRF invalide.');
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
die('Méthode non autorisée.');
}
$body = json_decode(file_get_contents('php://input'), true);
if (!is_array($body)) {
http_response_code(400);
die('JSON invalide.');
}
$thesisId = filter_var($body['thesis_id'] ?? '', FILTER_VALIDATE_INT);
$filePath = trim($body['file_path'] ?? '');
$fileName = trim($body['file_name'] ?? basename($filePath));
$fileSize = (int)($body['file_size'] ?? 0);
$fileType = trim($body['file_type'] ?? '');
$queueType = trim($body['queue_type'] ?? '');
$mimeType = trim($body['mime_type'] ?? 'application/octet-stream');
if (!$thesisId || $filePath === '') {
http_response_code(400);
die('Paramètres invalides (thesis_id + file_path requis).');
}
// Security: only allow paths under documents/ or theses/
if (!preg_match('#^(documents|theses)/#', $filePath)) {
http_response_code(403);
die('Chemin de fichier non autorisé.');
}
$absPath = STORAGE_ROOT . '/' . $filePath;
$realPath = realpath($absPath);
$realStorage = realpath(STORAGE_ROOT);
if ($realPath === false || !str_starts_with($realPath, $realStorage)) {
http_response_code(404);
die('Fichier introuvable ou chemin interdit.');
}
if (!is_file($realPath)) {
http_response_code(404);
die('Le chemin ne pointe pas vers un fichier.');
}
// Detect MIME if not provided
if ($mimeType === 'application/octet-stream') {
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($realPath);
}
// Map queue_type to file_type if not explicitly given
if ($fileType === '') {
$fileTypeMap = [
'cover' => 'cover',
'note_intention' => 'note_intention',
'tfe' => 'main',
'annexe' => 'annex',
];
$fileType = $fileTypeMap[$queueType] ?? 'main';
}
require_once APP_ROOT . '/src/Database.php';
$db = Database::getInstance();
// Check if this file is already linked to this thesis (avoid duplicate)
$pdo = $db->getConnection();
$stmt = $pdo->prepare('SELECT id FROM thesis_files WHERE thesis_id = ? AND file_path = ?');
$stmt->execute([$thesisId, $filePath]);
if ($stmt->fetch()) {
http_response_code(409);
die('Ce fichier est déjà lié à ce TFE.');
}
$db->insertThesisFile(
$thesisId,
$fileType,
$filePath,
$fileName,
$fileSize,
$mimeType,
null,
null
);
// Get the new file's ID
$newId = $pdo->lastInsertId();
error_log("[relink] thesis_id=$thesisId file_path=$filePath file_type=$fileType new_id=$newId");
header('Content-Type: application/json');
echo json_encode([
'ok' => true,
'id' => (int)$newId,
'message' => 'Fichier relié avec succès.',
]);
exit;
Reference in New Issue View Git Blame Copy Permalink