varlog/public/index.php

<?php

declare(strict_types=1);

define('BASE_PATH', realpath(__DIR__ . '/../'));

if (session_status() === PHP_SESSION_NONE) {
    $isHttps = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
    session_set_cookie_params(['lifetime' => 0, 'path' => '/', 'secure' => $isHttps, 'httponly' => true, 'samesite' => 'Lax']);
    session_start();
}

require_once BASE_PATH . '/src/helpers.php';
require_once BASE_PATH . '/src/auth.php';
require_once BASE_PATH . '/config/config.php';
require_once BASE_PATH . '/src/ArticleManager.php';

$articles = new ArticleManager(BASE_PATH . '/data');

$action = $_GET['action'] ?? 'list';
$uuid   = $_GET['uuid']   ?? '';
$slug   = $_GET['slug']   ?? '';

switch ($action) {

    case 'create':
        requireAuth();

        $title        = $_POST['title']        ?? '';
        $content      = $_POST['content']      ?? '';
        $postSlug     = $_POST['slug']          ?? '';
        $published    = isset($_POST['published']);
        $published_at = str_replace('T', ' ', $_POST['published_at'] ?? date('Y-m-d H:i:s'));
        $errors       = [];

        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            if (trim($title) === '') {
                $errors[] = 'Le titre est obligatoire.';
            }
            if (empty($errors)) {
                $newUuid = $articles->create($title, $content, $published, $postSlug, $published_at, currentUserEmail() ?? '');

                foreach ($_FILES['files']['tmp_name'] ?? [] as $i => $tmpName) {
                    if ($_FILES['files']['error'][$i] === UPLOAD_ERR_OK) {
                        $articles->addFile($newUuid, [
                            'name'     => $_FILES['files']['name'][$i],
                            'tmp_name' => $tmpName,
                            'error'    => $_FILES['files']['error'][$i],
                        ]);
                    }
                }

                header('Location: /');
                exit;
            }
        }

        $formAction = '/?action=create';
        $action     = 'create';
        include BASE_PATH . '/templates/post_form.php';
        break;

    case 'view':
        $article = $slug !== '' ? $articles->getBySlug($slug) : null;
        if (!$article) {
            http_response_code(404);
            echo 'Article introuvable.';
            exit;
        }

        $files = $articles->getFiles($article['uuid']);

        // Résout les chemins de fichiers relatifs dans le contenu
        $rawContent = $articles->resolveFileUrls($article['uuid'], $article['content']);

        include BASE_PATH . '/templates/post_view.php';
        break;

    case 'edit':
        requireAuth();

        $article = $articles->getByUuid($uuid);
        if (!$article) {
            http_response_code(404);
            echo 'Article introuvable.';
            exit;
        }

        $title        = $_POST['title']        ?? $article['title'];
        $content      = $_POST['content']      ?? $article['content'];
        $postSlug     = $_POST['slug']          ?? $article['slug'];
        $published    = isset($_POST['published']) ? true : $article['published'];
        $published_at = $_POST['published_at']
            ?? date('Y-m-d\TH:i', strtotime((string)($article['published_at'] ?? 'now')));
        $errors = [];

        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            if (trim($title) === '') {
                $errors[] = 'Le titre est obligatoire.';
            }
            if (empty($errors)) {
                $articles->update(
                    $uuid,
                    $title,
                    $content,
                    $published,
                    $_POST['slug'] ?? '',
                    str_replace('T', ' ', $_POST['published_at'] ?? ''),
                    $_POST['revision_comment'] ?? ''
                );

                foreach ($_FILES['files']['tmp_name'] ?? [] as $i => $tmpName) {
                    if ($_FILES['files']['error'][$i] === UPLOAD_ERR_OK) {
                        $articles->addFile($uuid, [
                            'name'     => $_FILES['files']['name'][$i],
                            'tmp_name' => $tmpName,
                            'error'    => $_FILES['files']['error'][$i],
                        ]);
                    }
                }

                $updated = $articles->getByUuid($uuid);
                header('Location: /post/' . rawurlencode($updated['slug'] ?? $uuid));
                exit;
            }
        }

        $formAction    = '/?action=edit&uuid=' . rawurlencode($uuid);
        $action        = 'edit';
        $existingFiles = $articles->getFiles($uuid);
        include BASE_PATH . '/templates/post_form.php';
        break;

    case 'delete':
        requireAuth();
        if ($uuid !== '') {
            $articles->delete($uuid);
        }
        header('Location: /');
        exit;

    case 'about':
        include BASE_PATH . '/templates/about.php';
        break;

    case 'legal':
        include BASE_PATH . '/templates/legal.php';
        break;

    case 'contact':
        include BASE_PATH . '/templates/contact.php';
        break;

    case 'licenses':
        include BASE_PATH . '/templates/licenses.php';
        break;

    case 'list':
    default:
        $posts = $articles->getAll();
        include BASE_PATH . '/templates/post_list.php';
        break;
}