mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-07 11:39:18 +02:00
eb67e6d499
Create the central App helper that eliminates ~170 lines of duplicated bootstrap/auth/CSRF preamble across 24 page and action handler files. src/App.php provides: - boot(): loads Database + ensures CSRF token (public pages) - adminGuard(): requires AdminAuth login + boot (admin pages) - verifyCsrf() / rotateCsrf(): centralised CSRF lifecycle - flash() / consumeFlash(): unified flash messages with legacy key drain (error, success, admin_error, admin_success, edit_error, edit_success, form_error all consumed transparently for incremental migration) - redirect(): flash + Location header + exit in one call - render(): head → header → content → footer pipeline with auto admin footer selection App.php is auto-loaded from config/bootstrap.php so all existing pages get the class for free without any changes. templates/partials/flash-messages.php uses App::consumeFlash() to replace the 5+ copy-pasted flash blocks across admin templates. All existing tests pass. No existing page files modified — this is a non-breaking addition that enables incremental controller extraction.
19 lines
681 B
PHP
19 lines
681 B
PHP
<?php
|
|
/**
|
|
* Shared flash-message partial.
|
|
*
|
|
* Consumes all flash variants (unified _flash_* keys and legacy per-page keys)
|
|
* via App::consumeFlash(), then renders the standard alert markup.
|
|
*
|
|
* Usage: include this partial wherever flash messages should appear.
|
|
* No variables need to be set beforehand — it reads from the session directly.
|
|
*/
|
|
$_flash = App::consumeFlash();
|
|
?>
|
|
<?php if ($_flash['error']): ?>
|
|
<div class="admin-alert admin-alert--error">⚠ <?= htmlspecialchars($_flash['error']) ?></div>
|
|
<?php endif; ?>
|
|
<?php if ($_flash['success']): ?>
|
|
<div class="admin-alert admin-alert--success">✓ <?= htmlspecialchars($_flash['success']) ?></div>
|
|
<?php endif; ?>
|