Alexander/homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Alexander:7f4022f9f73c0c502f6cba729b651133dcca6073
Branches Tags
Alexander:master Alexander:better-auth-flow Alexander:svelte5 Alexander:feature-cospend
..
compare: Alexander:0dc950c824ae2b5f43238208f4b631bffaa46736
Branches Tags
Alexander:master Alexander:better-auth-flow Alexander:svelte5 Alexander:feature-cospend

2 Commits
7f4022f9f7 ... 0dc950c824

Author SHA1 Message Date
Alexander Bocken
0dc950c824 fix: prevent infinite effect loop in recipe translation workflow
All checks were successful
CI / update (push) Successful in 1m14s
Details 
Convert recipe data functions to $derived reactive variables to prevent
infinite $effect loops. Previously, calling functions inline in component
props created new objects on every reactive check, causing the
TranslationApproval component's syncBaseRecipeReferences $effect to run
continuously, resulting in the translation workflow hanging.
 2026-01-13 15:12:16 +01:00
Alexander Bocken
0a49e20c02 refactor: migrate recipe forms to SvelteKit actions with secure image upload 
Refactor recipe add/edit routes from client-side fetch to proper SvelteKit
form actions with progressive enhancement and comprehensive security improvements.

**Security Enhancements:**
- Implement 5-layer image validation (file size, MIME type, extension, magic bytes, Sharp structure)
- Replace insecure base64 JSON encoding with FormData for file uploads
- Add file-type@19 dependency for magic bytes validation
- Validate actual file type via magic bytes to prevent file type spoofing

**Progressive Enhancement:**
- Forms now work without JavaScript using native browser submission
- Add use:enhance for improved client-side UX when JS is available
- Serialize complex nested data (ingredients/instructions) via JSON in hidden fields
- Translation workflow integrated via programmatic form submission

**Bug Fixes:**
- Add type="button" to all interactive buttons in CreateIngredientList and CreateStepList
  to prevent premature form submission when clicking on ingredients/steps
- Fix SSR errors by using season_local state instead of get_season() DOM query
- Fix redirect handling in form actions (redirects were being caught as errors)
- Fix TranslationApproval to handle recipes without images using null-safe checks
- Add reactive effect to sync editableEnglish.images with germanData.images length
- Detect and hide 150x150 placeholder images in CardAdd component

**Features:**
- Make image uploads optional for recipe creation (use placeholder based on short_name)
- Handle three image scenarios in edit: keep existing, upload new, rename on short_name change
- Automatic image file renaming across full/thumb/placeholder directories when short_name changes
- Change detection for partial translation updates in edit mode

**Technical Changes:**
- Create imageValidation.ts utility with comprehensive file validation
- Create recipeFormHelpers.ts for data extraction, validation, and serialization
- Refactor /api/rezepte/img/add endpoint to use FormData instead of base64
- Update CardAdd component to upload via FormData immediately with proper error handling
- Use Image API for placeholder detection (avoids CORS issues with fetch)
 2026-01-13 15:12:07 +01:00
2 changed files with 22 additions and 24 deletions
Expand all files Collapse all files

10
src/routes/[recipeLang=recipeLang]/add/+page.svelte
View File

@@ -85,9 +85,8 @@
return season; return season;
} }
// Prepare German recipe data // Prepare German recipe data - use $derived to prevent infinite effect loops
function getGermanRecipeData() { let germanRecipeData = $derived({
return {
...card_data, ...card_data,
...add_info, ...add_info,
images: uploaded_image_filename ? [{ mediapath: uploaded_image_filename, alt: "", caption: "" }] : [], images: uploaded_image_filename ? [{ mediapath: uploaded_image_filename, alt: "", caption: "" }] : [],
@@ -101,8 +100,7 @@
preamble, preamble,
addendum, addendum,
isBaseRecipe, isBaseRecipe,
}; });
}
// Show translation workflow before submission // Show translation workflow before submission
function prepareSubmit() { function prepareSubmit() {
@@ -385,7 +383,7 @@ button.action_button {
{#if showTranslationWorkflow} {#if showTranslationWorkflow}
<div id="translation-section"> <div id="translation-section">
<TranslationApproval <TranslationApproval
germanData={getGermanRecipeData()} germanData={germanRecipeData}
onapproved={handleTranslationApproved} onapproved={handleTranslationApproved}
onskipped={handleTranslationSkipped} onskipped={handleTranslationSkipped}
oncancelled={handleTranslationCancelled} oncancelled={handleTranslationCancelled}

10
src/routes/[recipeLang=recipeLang]/edit/[name]/+page.svelte
View File

@@ -103,8 +103,8 @@
return season; return season;
} }
// Get current German recipe data // Get current German recipe data - use $derived to prevent infinite effect loops
function getCurrentRecipeData() { let currentRecipeData = $derived.by(() => {
// Ensure we always have a valid images array with at least one item // Ensure we always have a valid images array with at least one item
let recipeImages; let recipeImages;
if (uploaded_image_filename) { if (uploaded_image_filename) {
@@ -142,11 +142,11 @@
note, note,
isBaseRecipe, isBaseRecipe,
}; };
} });
// Detect which fields have changed from the original // Detect which fields have changed from the original
function detectChangedFields(): string[] { function detectChangedFields(): string[] {
const current = getCurrentRecipeData(); const current = currentRecipeData;
const changed: string[] = []; const changed: string[] = [];
const fieldsToCheck = [ const fieldsToCheck = [
@@ -486,7 +486,7 @@
{#if showTranslationWorkflow} {#if showTranslationWorkflow}
<div id="translation-section"> <div id="translation-section">
<TranslationApproval <TranslationApproval
germanData={getCurrentRecipeData()} germanData={currentRecipeData}
englishData={translationData} englishData={translationData}
changedFields={changedFields} changedFields={changedFields}
isEditMode={true} isEditMode={true}