mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-06-25 16:19:19 +02:00
d5fee1acfb
- Replace fetch(redirect:manual) with XMLHttpRequest in file-upload-queue.js. The previous fetch-based redirect detection was broken because opaque redirects hide the Location header. XHR's responseURL reliably exposes the final URL after server-side redirects. - Add console.log tracing at every decision point in submit interception: entry, hasFiles check, enctype check, double-submit guard, XHR status, redirect detection, error fallback. - Add error_log entry-point logging to all 16 admin action files plus the partage/index.php submission handler and password gate. Each logs: request method, content type/length, POST keys, file counts, and queue-specific file counts where applicable. - Add double-submit guard (_xamxamActiveSubmit) to prevent duplicate XHR sends when the native submit handler fires after interception.
32 lines
970 B
PHP
32 lines
970 B
PHP
<?php
|
|
require_once __DIR__ . '/../../bootstrap.php';
|
|
require_once __DIR__ . '/../../src/AdminAuth.php';
|
|
|
|
error_log('[admin/login.php] ENTRY | method=' . $_SERVER['REQUEST_METHOD'] . ' | is_auth=' . (AdminAuth::isAuthenticated() ? '1' : '0') . ' | has_password=' . (AdminAuth::hasPassword() ? '1' : '0'));
|
|
|
|
if (!AdminAuth::hasPassword()) {
|
|
header('Location: /admin/');
|
|
exit;
|
|
}
|
|
if (AdminAuth::isAuthenticated()) {
|
|
header('Location: /admin/');
|
|
exit;
|
|
}
|
|
|
|
$error = '';
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$password = $_POST['password'] ?? '';
|
|
if (AdminAuth::login($password)) {
|
|
header('Location: /admin/');
|
|
exit;
|
|
}
|
|
$error = 'Mot de passe incorrect.';
|
|
}
|
|
|
|
$pageTitle = 'Connexion';
|
|
$isAdmin = true; $bodyClass = 'admin-body';
|
|
require_once APP_ROOT . '/templates/head.php';
|
|
include APP_ROOT . '/templates/header.php';
|
|
include APP_ROOT . '/templates/admin/login.php';
|
|
require_once APP_ROOT . '/templates/admin/footer.php';
|