cedricAbonnel/folio
1
0
Fork 0
Code Issues 15 Pull Requests Actions Packages Projects Releases Wiki Activity

fix : formulaires imbriqués dans bulk-form (toggle à la une + dupliquer)

Browse Source 
Les <form> admin_toggle_featured et duplicate étaient imbriqués dans
#bulk-form — HTML invalide, le navigateur soumettait le form parent
(suppression) au lieu du bon. Fix : attribut form="id" HTML5 + forms
cachés placés après le bulk-form. Ajoute note CSP + nested forms dans
consignes.md.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Cédric Abonnel
2026-05-16 11:30:12 +02:00
parent 430b7ddd6f
commit fabe5a9f53
2 changed files with 29 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
templates/admin.php
+28 -13
View File
@@ -350,15 +350,11 @@ function adminStatusBadge(array $a, int $now): string
<td class="text-center">
<?php if (isAdmin()): ?>
<?php $_isFeatured = !empty($a['featured']); ?>
<?php $_backUrl = '/admin/articles?' . http_build_query(array_filter(['filter_author' => $adminData['filter_author'] ?? '', 'filter_category' => $adminData['filter_category'] ?? '', 'filter_status' => $adminData['filter_status'] ?? '', 'filter_search' => $adminData['filter_search'] ?? '', 'filter_featured' => $adminData['filter_featured'] ?? '', 'sort' => $_sortBy, 'dir' => $_sortDir], fn ($v) => $v !== '')); ?>
<form method="post" action="/?action=admin_toggle_featured" class="d-inline m-0">
<input type="hidden" name="uuid" value="<?= htmlspecialchars($a['uuid']) ?>">
<input type="hidden" name="_back" value="<?= htmlspecialchars($_backUrl) ?>">
<button type="submit" class="btn btn-link p-0 border-0 lh-1 fs-6"
title="<?= $_isFeatured ? 'Retirer de la une' : 'Mettre à la une' ?>">
<?= $_isFeatured ? '★' : '<span class="text-muted">☆</span>' ?>
</button>
</form>
<button type="submit" form="toggle-featured-<?= htmlspecialchars($a['uuid']) ?>"
class="btn btn-link p-0 border-0 lh-1 fs-6"
title="<?= $_isFeatured ? 'Retirer de la une' : 'Mettre à la une' ?>">
<?= $_isFeatured ? '★' : '<span class="text-muted">☆</span>' ?>
</button>
<?php else: ?>
<?= !empty($a['featured']) ? '★' : '' ?>
<?php endif; ?>
@@ -369,16 +365,35 @@ function adminStatusBadge(array $a, int $now): string
<td class="text-end text-nowrap">
<a href="/edit/<?= htmlspecialchars($a['uuid']) ?>"
class="btn btn-outline-secondary btn-sm">Modifier</a>
<form method="post" action="/duplicate/<?= htmlspecialchars($a['uuid']) ?>" class="d-inline ms-1">
<button type="submit" class="btn btn-outline-secondary btn-sm"
title="Dupliquer en brouillon">⧉</button>
</form>
<button type="submit" form="dup-<?= htmlspecialchars($a['uuid']) ?>"
class="btn btn-outline-secondary btn-sm ms-1"
title="Dupliquer en brouillon">⧉</button>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</form>
<?php
/* Formulaires hors bulk-form (nested forms invalides en HTML) */
$_backUrl = '/admin/articles?' . http_build_query(array_filter([
'filter_author' => $adminData['filter_author'] ?? '',
'filter_category' => $adminData['filter_category'] ?? '',
'filter_status' => $adminData['filter_status'] ?? '',
'filter_search' => $adminData['filter_search'] ?? '',
'filter_featured' => $adminData['filter_featured'] ?? '',
'sort' => $_sortBy,
'dir' => $_sortDir,
], fn ($v) => $v !== ''));
foreach ($adminData['articles'] as $_fa):
?>
<form id="toggle-featured-<?= htmlspecialchars($_fa['uuid']) ?>" method="post" action="/?action=admin_toggle_featured" hidden>
<input type="hidden" name="uuid" value="<?= htmlspecialchars($_fa['uuid']) ?>">
<input type="hidden" name="_back" value="<?= htmlspecialchars($_backUrl) ?>">
</form>
<form id="dup-<?= htmlspecialchars($_fa['uuid']) ?>" method="post" action="/duplicate/<?= htmlspecialchars($_fa['uuid']) ?>" hidden>
</form>
<?php endforeach; ?>
<script src="/assets/js/admin.js" defer></script>
<?php endif; ?>