PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-06-25 16:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9152b120e8a188225558c8c7c2a2ed442ed429c4
xamxam/app/public/admin/actions/publish.php
Pontoporeia d5fee1acfb fix: repair form submission with queued files + add comprehensive debug logging 
- Replace fetch(redirect:manual) with XMLHttpRequest in file-upload-queue.js.
  The previous fetch-based redirect detection was broken because opaque
  redirects hide the Location header. XHR's responseURL reliably exposes
  the final URL after server-side redirects.

- Add console.log tracing at every decision point in submit interception:
  entry, hasFiles check, enctype check, double-submit guard, XHR status,
  redirect detection, error fallback.

- Add error_log entry-point logging to all 16 admin action files plus
  the partage/index.php submission handler and password gate. Each logs:
  request method, content type/length, POST keys, file counts, and
  queue-specific file counts where applicable.

- Add double-submit guard (_xamxamActiveSubmit) to prevent duplicate
  XHR sends when the native submit handler fires after interception.
2026-05-19 00:08:05 +02:00

73 lines
2.4 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../../../bootstrap.php';
require_once __DIR__ . '/../../../src/AdminAuth.php';
error_log('[publish.php] ENTRY | method=' . $_SERVER['REQUEST_METHOD'] . ' | action=' . ($_POST['action'] ?? 'none') . ' | is_bulk=' . (!empty($_POST['bulk']) ? '1' : '0') . ' | post_keys=' . implode(',', array_keys($_POST)));
AdminAuth::requireLogin();
require_once __DIR__ . '/../../../src/Database.php';
require_once __DIR__ . '/../../../src/AdminLogger.php';
require_once __DIR__ . '/../../../src/ErrorHandler.php';
if (!isset($_POST['csrf_token'], $_SESSION['csrf_token'])
|| !hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
App::flash('error', 'Erreur de sécurité : token invalide.');
header('Location: ../index.php');
exit;
}
$action = $_POST['action'] ?? '';
$isBulk = !empty($_POST['bulk']);
if (!in_array($action, ['publish', 'unpublish'], true)) {
App::flash('error', 'Action invalide.');
header('Location: ../index.php');
exit;
}
$published = ($action === 'publish');
try {
$db = new Database();
$logger = AdminLogger::make();
if ($isBulk) {
$ids = array_filter(array_map('intval', $_POST['selected_theses'] ?? []), fn($id) => $id > 0);
if (empty($ids)) {
App::flash('error', 'Aucun TFE sélectionné.');
header('Location: ../index.php');
exit;
}
$db->bulkSetPublished($ids, $published);
$logger->logPublish($published, array_values($ids));
$count = count($ids);
App::flash('success', $published
? "$count TFE(s) publié(s) avec succès."
: "$count TFE(s) retiré(s) de la publication.");
} else {
$thesisId = filter_var($_POST['thesis_id'] ?? '', FILTER_VALIDATE_INT);
if (!$thesisId || $thesisId <= 0) {
App::flash('error', 'ID invalide.');
header('Location: ../index.php');
exit;
}
$db->setPublished($thesisId, $published);
$logger->logPublish($published, [$thesisId]);
App::flash('success', $published ? 'TFE publié avec succès.' : 'TFE retiré de la publication.');
}
} catch (Exception $e) {
ErrorHandler::log('thesis_publish', $e);
App::flash('error', 'Erreur lors de la modification : ' . ErrorHandler::userMessage($e));
}
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
header('Location: ../index.php');
exit;
Reference in New Issue View Git Blame Copy Permalink