Surface virus detection error on file upload with server log entry

- Upload route now returns a specific 422 error when virus is detected
  instead of falling through to the generic 'Failed to upload file' message
- Virus rejection is logged to server log via admin daemon with username,
  filename, and file area
- Unknown upload errors now log to PHP error log before returning generic message
- Add errors.files.upload.virus_detected i18n key to en/es/fr

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: awehttam

config/i18n/en/errors.php

@@ -143,6 +143,7 @@
     'errors.files.upload.area_not_found' => 'File area not found',
     'errors.files.upload.read_only' => 'This file area is read-only',
     'errors.files.upload.admin_only' => 'Only administrators can upload files to this area',
+    'errors.files.upload.virus_detected' => 'File rejected: virus detected',
     'errors.files.upload.failed' => 'Failed to upload file',
 
     // Admin Users

config/i18n/es/errors.php

@@ -143,6 +143,7 @@
     'errors.files.upload.area_not_found' => 'Area de archivos no encontrada',
     'errors.files.upload.read_only' => 'Esta area de archivos es de solo lectura',
     'errors.files.upload.admin_only' => 'Solo los administradores pueden subir archivos a esta area',
+    'errors.files.upload.virus_detected' => 'Archivo rechazado: virus detectado',
     'errors.files.upload.failed' => 'No se pudo subir el archivo',
 
     // Admin Users

config/i18n/fr/errors.php

@@ -112,6 +112,7 @@
     'errors.files.upload.area_not_found' => 'Zone de fichiers introuvable',
     'errors.files.upload.read_only' => 'Cette zone de fichiers est en lecture seule',
     'errors.files.upload.admin_only' => 'Seuls les administrateurs peuvent téléverser des fichiers dans cette zone',
+    'errors.files.upload.virus_detected' => 'Fichier rejeté : virus détecté',
     'errors.files.upload.failed' => 'Échec du téléversement du fichier',
     'errors.admin.users.not_found' => 'Utilisateur introuvable',
     'errors.admin.users.create_failed' => 'Échec de la création de l\'utilisateur',

public_html/sw.js

@@ -1,4 +1,4 @@
-const CACHE_NAME = 'binkcache-v196';
+const CACHE_NAME = 'binkcache-v197';
 
 // Static assets to precache
 const staticAssets = [

routes/api-routes.php

@@ -2486,7 +2486,22 @@ function apiLocalizeErrorPayload(array $payload, ?array $user = null): array
                 apiError('errors.files.upload.read_only', apiLocalizedText('errors.files.upload.read_only', 'This file area is read-only', $user));
             } elseif ($message === 'Only administrators can upload files to this area.') {
                 apiError('errors.files.upload.admin_only', apiLocalizedText('errors.files.upload.admin_only', 'Only administrators can upload files to this area', $user));
+            } elseif ($message === 'File rejected: virus detected.') {
+                try {
+                    $logClient = new \BinktermPHP\Admin\AdminDaemonClient();
+                    $logClient->serverLog('WARNING', 'Infected file upload rejected', [
+                        'username'  => $user['username'] ?? 'unknown',
+                        'filename'  => $_FILES['file']['name'] ?? 'unknown',
+                        'file_area' => $_POST['file_area_id'] ?? 'unknown',
+                    ]);
+                    $logClient->close();
+                } catch (\Throwable $logEx) {
+                    error_log("Failed to write virus rejection server log: " . $logEx->getMessage());
+                }
+                http_response_code(422);
+                apiError('errors.files.upload.virus_detected', apiLocalizedText('errors.files.upload.virus_detected', 'File rejected: virus detected', $user));
             } else {
+                error_log("File upload error: " . $message);
                 apiError('errors.files.upload.failed', apiLocalizedText('errors.files.upload.failed', 'Failed to upload file', $user));
             }
         }