varlog/templates/profile.php

<?php ob_start(); ?>

<form method="post" action="/profile">
<div class="d-flex align-items-center justify-content-between gap-3 mb-4">
    <h1 class="h4 mb-0">Mon profil</h1>
    <button type="submit" class="btn btn-primary btn-sm">Enregistrer</button>
</div>

<?php if ($profileSuccess): ?>
    <div class="alert alert-success py-2 small mb-3">Profil mis à jour.</div>
<?php endif; ?>
<?php if ($profileError !== ''): ?>
    <div class="alert alert-danger py-2 small mb-3"><?= htmlspecialchars($profileError) ?></div>
<?php endif; ?>
<div class="row g-4">

    <!-- Colonne gauche : identité -->
    <div class="col-md-4">
        <div class="card h-100">
            <div class="card-header small fw-semibold">Identité</div>
            <div class="card-body d-flex flex-column gap-3">
                <div>
                    <label class="form-label fw-semibold" for="display_name">Nom affiché</label>
                    <input type="text" id="display_name" name="display_name"
                           class="form-control"
                           value="<?= htmlspecialchars($profileCurrentName) ?>"
                           placeholder="Prénom Nom" required>
                    <div class="form-text">
                        Affiché comme auteur sur vos articles.
                        <?php if (($profileCurrentSlug ?? '') !== ''): ?>
                            <br>Page publique : <a href="/profil/<?= rawurlencode($profileCurrentSlug) ?>">/profil/<?= htmlspecialchars($profileCurrentSlug) ?></a>
                        <?php endif; ?>
                    </div>
                </div>
                <div>
                    <label class="form-label fw-semibold text-muted">Email</label>
                    <input type="text" class="form-control" value="<?= htmlspecialchars(currentUserEmail() ?? '') ?>" disabled>
                </div>
            </div>
        </div>
    </div>

    <!-- Colonne droite : page publique -->
    <div class="col-md-8">
        <div class="card h-100">
            <div class="card-header small fw-semibold">Page publique</div>
            <div class="card-body d-flex flex-column gap-3">
                <div>
                    <label class="form-label fw-semibold" for="bio">Biographie</label>
                    <textarea id="bio" name="bio" class="form-control" rows="5"
                              placeholder="Quelques mots sur vous…"><?= htmlspecialchars($profileCurrentBio ?? '') ?></textarea>
                    <div class="form-text">Affichée sur votre page de profil public.</div>
                </div>
                <div>
                    <label class="form-label fw-semibold" for="profile_url">URL externe</label>
                    <input type="url" id="profile_url" name="profile_url"
                           class="form-control"
                           value="<?= htmlspecialchars($profileCurrentUrl ?? '') ?>"
                           placeholder="https://example.com/~vous">
                    <div class="form-text">Lien vers un site ou profil externe (utilisé dans les métadonnées article:author, JSON-LD).</div>
                </div>
            </div>
        </div>
    </div>

</div>
</form>

<!-- Flux RSS -->
<div class="mt-4" id="feeds">
    <h2 class="h6 text-muted mb-3">Flux RSS</h2>
    <div class="row g-3 align-items-start">
        <div class="col-md-8">
            <?php if (!empty($profileFeeds)): ?>
            <div class="card mb-3">
                <ul class="list-group list-group-flush">
                    <?php foreach ($profileFeeds as $_feed): ?>
                    <li class="list-group-item d-flex align-items-center gap-2 py-2">
                        <div class="flex-grow-1 min-w-0">
                            <div class="fw-semibold small text-truncate"><?= htmlspecialchars($_feed['label'] ?: $_feed['feed_url']) ?></div>
                            <div class="text-muted small text-truncate"><?= htmlspecialchars($_feed['feed_url']) ?></div>
                        </div>
                        <form method="post" action="/feed/delete" class="flex-shrink-0">
                            <input type="hidden" name="feed_id" value="<?= (int)$_feed['id'] ?>">
                            <button class="btn btn-sm btn-outline-danger py-0" data-confirm="Supprimer ce flux ?">✕</button>
                        </form>
                    </li>
                    <?php endforeach; ?>
                </ul>
            </div>
            <?php endif; ?>
        </div>
        <div class="col-md-4">
            <div class="card">
                <div class="card-header small fw-semibold">Ajouter un flux</div>
                <div class="card-body">
                    <form method="post" action="/feed/add">
                        <div class="mb-2">
                            <input type="url" name="feed_url" class="form-control form-control-sm"
                                   placeholder="https://example.com/feed.xml" required>
                        </div>
                        <div class="mb-3">
                            <input type="text" name="feed_label" class="form-control form-control-sm"
                                   placeholder="Libellé (optionnel)" maxlength="100">
                        </div>
                        <button class="btn btn-primary btn-sm w-100">Ajouter</button>
                    </form>
                </div>
            </div>
        </div>
    </div>
</div>

<?php
$pdo = dbPdo();
$_profileRoles = [];
if ($pdo) {
    $st = $pdo->prepare(
        'SELECT r.name, r.label, COALESCE(array_agg(rc.capability) FILTER (WHERE rc.capability IS NOT NULL), \'{}\') AS caps
             FROM user_roles ur
             JOIN roles r ON r.id = ur.role_id
             LEFT JOIN role_capabilities rc ON rc.role_id = r.id
             WHERE ur.user_email = :email
             GROUP BY r.id, r.name, r.label
             ORDER BY r.name'
    );
    $st->execute([':email' => currentUserEmail()]);
    $_profileRoles = $st->fetchAll(PDO::FETCH_ASSOC);
}
if (!empty($_profileRoles)): ?>
<div class="mt-4">
    <h2 class="h6 text-muted mb-3">Rôles &amp; droits</h2>
    <div class="row g-3">
    <?php foreach ($_profileRoles as $_role):
        $_caps = array_filter(
            explode(',', trim((string)$_role['caps'], '{}')),
            static fn ($c) => $c !== ''
        );
        ?>
    <div class="col-md-4">
        <div class="card">
            <div class="card-header d-flex align-items-center gap-2 py-2">
                <strong><?= htmlspecialchars($_role['label']) ?></strong>
                <code class="text-muted small"><?= htmlspecialchars($_role['name']) ?></code>
            </div>
            <?php if (!empty($_caps)): ?>
            <ul class="list-group list-group-flush small">
                <?php foreach ($_caps as $_cap):
                    $_label = KNOWN_CAPABILITIES[trim($_cap)] ?? trim($_cap); ?>
                <li class="list-group-item py-1"><?= htmlspecialchars($_label) ?></li>
                <?php endforeach; ?>
            </ul>
            <?php else: ?>
            <div class="card-body py-2 small text-muted">Aucun droit associé à ce rôle.</div>
            <?php endif; ?>
        </div>
    </div>
    <?php endforeach; ?>
    </div>
</div>
<?php endif; ?>

<?php
$content = ob_get_clean();
$title   = 'Mon profil';
include __DIR__ . '/layout.php';