Журнал изменений

Adds four standalone HTML demo files to docs/ for the statistics subsystem: a browser analysis demo, a monitor dashboard, and two etalon/reference variants. These files are design references and are not loaded by the CMS at runtime.

Core changes:

1. Demo files (docs/):
2. statistic-browser-analysis-demo.html — browser/UA analysis visualization
3. statistic-monitor-dashboard.html — statistics monitor dashboard layout
4. statistic-monitor-etalon-demo.html — etalon reference demo
5. statistic-monitor-etalon-v2.html — etalon reference v2

Benefits: - Design references available alongside the codebase for review - No runtime impact; files are not referenced from any CMS module

Technical notes: - Standalone HTML; no CMS dependencies or includes - Located in docs/ which is not served by the web root

Addresses several targeted CSS issues in the admin theme: tightens the tooltip child selector to avoid unintended matches, revises sidebar count badge styling, moves IP/flag rules outside the table context, and replaces the language-link hover background with a filter-based approach.

Core changes:

1. Tooltip selector fix (theme.css):

2. .sl-tip div → .sl-tip > div (and ::after variant) Prevents deep descendant divs inside tooltip content from receiving position:absolute, which broke nested markup

3. Sidebar count badge (theme.css):
4. Count label link color: warning-strong conditional → always primary
5. Removed has([data-sl-toggle-control]) color overrides on anchor

6. Count value span: added explicit bg-subtle background and border-strong border instead of inheriting from the danger/warning context

7. Danger badge: removed background fill; uses border-strong + warning-strong text
8. .sl-menu-list-image: border removed for sl_block_1 and sl_block_2 sidebar blocks
9. IP / flag layout (theme.css):

10. Removed .sl-table-list-sort parent scope from .sl-col-ip, .sl-geo-flag, .sl-geo-flag img, .sl-col-ip a — rules now apply globally

11. .sl-geo-flag: added justify-content: center
12. IP link min-height and line-height: 16px → 24px (matches flag image height)
13. Menu grid link (theme.css):
14. Default state: removed background: bg-soft (now transparent/inherited)
15. Hover: bg changed from primary-tint to bg-soft
16. Language hover (theme.css):
17. Removed background-color hover on .sl-admin-language-link
18. Added filter: brightness(1.08) on hover for subtle brightness effect
19. Set explicit background: transparent on both states
20. Sort table tbody th padding (theme.css):
21. Added rules for tbody th padding to match td spacing in .sl-table-list-sort

Benefits: - Tooltip no longer bleeds position styles into nested content - Sidebar badges visually consistent regardless of warning/normal state - Flag + IP link correctly aligned outside table-only context

Technical notes: - All changes are additive CSS tweaks; no HTML structure changes - No new CSS class names introduced

Replaces raw content_html strings and ad-hoc row_attr usage in the database admin table with the typed column flags already used across other admin tables. Adds is_summary and is_no_sort flags to the table-cells and table-row fragments.

Core changes:

1. Admin database module (admin/modules/database.php):

2. Data rows: all cells now carry typed flags (is_col_id, is_col_count, is_col_date, is_col_actions) and use has_content_text/content_text where HTML escaping is safe

3. Summary row: replaced bold span content_html cells with typed cells; uses is_summary to render <th> instead of <td>

4. Summary row: replaced raw row_attr='data-sort-method="none"' with is_no_sort
5. Table head: all columns carry typed flags; removed is_fixed from table call
6. Table cells fragment (templates/admin/fragments/table-cells.html):

7. Added is_summary branch: when true renders <th> elements instead of <td> for the summary/totals row, preserving all class and attribute logic

8. Table row fragment (templates/admin/fragments/table-row.html):
9. Added is_no_sort: when true emits data-sort-method="none" on the <tr>
10. Removed support for raw row_attr (no longer needed after this migration)

Benefits: - Summary row styled as <th> for semantic correctness and proper sort exclusion - Column widths controlled by CSS class flags, not fixed table layout - Consistent with other admin tables; no more ad-hoc row_attr strings

Technical notes: - is_fixed removed from database table; column sizing now via CSS col-* classes - is_summary and is_no_sort are additive fragment flags; no other tables affected

Adds the missing getUserSessionAdminInfo case to the go=5 AJAX dispatcher in index.php and updates the update_query in getUserSessionAdminInfo() to include the correct go value and a CSRF token, preventing open-endpoint access.

Core changes:

1. AJAX dispatcher (index.php):
2. Added case 'getUserSessionAdminInfo': getUserSessionAdminInfo() to go=5 block
3. Admin session info (core/system.php):

4. update_query changed from 'go=1&op=getUserSessionAdminInfo' to 'go=5&op=getUserSessionAdminInfo&token='.getSiteToken()

Benefits: - AJAX endpoint is CSRF-protected via token parameter - Route correctly uses the go=5 admin-AJAX block instead of go=1

Technical notes: - getSiteToken() generates the per-session CSRF token used project-wide - No change to the HTML output or polling behavior

Adds the GeoLite2 Country and ASN binary database files to storage/geoip/. These files are read directly by the pure-PHP MMDB parser in core/classes/geoip.php.

Core changes:

1. Country database (storage/geoip/country.mmdb):
2. GeoLite2-Country MMDB, ~8.9 MB
3. ASN database (storage/geoip/asn.mmdb):
4. GeoLite2-ASN MMDB, ~12 MB

Benefits: - GeoIP lookups work out of the box without a separate download step - Both country and ASN resolution available immediately after clone

Technical notes: - Files are binary MMDB format, read via file_get_contents() and cached - Web access blocked by storage/geoip/.htaccess (deny from all) - Database files should be updated periodically from maxmind.com

Updates the two directory protection files in storage/geoip/ to remove trailing newlines and condense index.html to a single-line redirect. Deletes templates/admin/images/misc/sprite.png which is no longer referenced.

Core changes:

1. Storage protection (storage/geoip/.htaccess):
2. Removed trailing newline (content unchanged: deny from all)
3. Storage index (storage/geoip/index.html):
4. Condensed to single-line HTML with meta-refresh redirect to slaed.net
5. Removed multi-line doctype/head/body boilerplate
6. Admin image cleanup (templates/admin/images/misc/sprite.png):
7. Deleted; file is no longer used after icon migration to SVG/Bootstrap-Icons

Benefits: - Consistent with project-wide one-liner protection file convention - Removes orphaned binary asset from admin theme

Technical notes: - No functional changes to directory access control - sprite.png was the last remaining PNG in templates/admin/images/misc/

Removes the legacy user_geo_ip() function from core/system.php and replaces all call sites across admin modules, frontend modules, and core files with the typed Geoip class methods (getIpHtml, getFlagHtml, getCountry, getInfo). Also removes the now-redundant getGeoipInfo() and getGeoipCountry() wrappers.

Core changes:

1. System core (core/system.php):
2. Removed user_geo_ip() function (flag + IP link rendering with legacy $id param)
3. Removed getGeoipInfo() and getGeoipCountry() thin wrapper functions

4. getUserSessionInfo(): replaced user_geo_ip($host, 3) with Geoip::getFlagHtml() * 2 call sites updated (registered user, bot)

5. getUserSessionAdminInfo(): replaced 5 call sites with Geoip::getFlagHtml()
6. ashowcom(): replaced user_geo_ip($com_host, 4) with Geoip::getIpHtml()
7. Core user (core/user.php):
8. getPrivateMessageView(): user_geo_ip($ip_sender, 4) → Geoip::getIpHtml()
9. Frontend entry (index.php):

10. Language auto-detection: replaced user_geo_ip(getIp(), 2) with Geoip::getCountry() using ISO 2-letter code lookup table * Removed string-matching against country names * Added compact array map: ['GB'=>'en','US'=>'en','CA'=>'en','AU'=>'en',

'FR'=>'fr','DE'=>'de','PL'=>'pl','RU'=>'ru','UA'=>'uk']

1. Admin modules (comments, security, config):
2. comments.php: 2 call sites → Geoip::getIpHtml()
3. security.php: 1 call site → Geoip::getIpHtml()
4. config.php: getGeoipRows() calls Geoip::getInfo() directly
5. Frontend/admin modules (13 files):

6. account/admin/index.php, account/index.php, auto_links/admin/index.php, faq/admin/index.php, files/admin/index.php, forum/index.php, help/admin/index.php, jokes/admin/index.php, links/admin/index.php, media/admin/index.php, money/admin/index.php, news/admin/index.php, order/admin/index.php, pages/admin/index.php, users/index.php, whois/admin/index.php

7. All user_geo_ip($ip, 4) → Geoip::getIpHtml($ip)
8. account/index.php: user_geo_ip($ip, 2) → Geoip::getInfo() with country_name

Benefits: - user_geo_ip() fully removed; all IP display goes through the Geoip class - ISO code-based language detection is cleaner and extensible - No functional regression: output HTML shape unchanged

Technical notes: - user_geo_ip() $id param modes (1=ip, 2=country_name, 3=flag, 4=flag+link) replaced by explicit Geoip method names - getip() renamed to getIp() in index.php call (case correction) - All replacements are one-to-one; no logic change in surrounding code

Removes the separate config/geoip.php file and merges GeoIP settings directly into config/global.php as flat top-level keys (geoip_anon, geoip_asn, geoip_cache, geoip_country, geoip_enabled, geoip_store, geoip_test). Aligns config schema with the Geoip class refactor.

Core changes:

1. Config migration (config/global.php):
2. Removed legacy geo_ip key
3. Added flat geoip_* keys replacing nested geoip.php structure
4. Config deletion (config/geoip.php):
5. File removed; settings now live in global.php
6. Config fingerprint (config/local.php):
7. Updated base_fingerprint after schema change
8. Admin config panel (admin/modules/config.php):
9. getGeoipPanel(): reads $conf['geoip_*'] flat keys instead of $conf['geoip'][...]
10. getGeoipRows(): calls Geoip::getInfo() directly; removed getGeoipInfo() wrapper
11. Removed checkPerms(CONFIG_DIR.'/geoip.php') call from panel output
12. save(): GeoIP settings now written into global.php via existing setConfigFile()
13. Removed separate setConfigFile('geoip.php', ...) block

14. Redirect simplified: testip param removed from redirect; test IP persisted in geoip_test key of global.php instead

Benefits: - Single config file for all settings; no extra file to manage - Consistent with existing global.php admin save pattern

Technical notes: - Old geo_ip boolean key removed; replaced by geoip_enabled int key - setConfigFile('geoip.php') call and geoip.php file both eliminated - No URL or DB schema changes

Removes the geoip2/geoip2 Composer dependency and replaces the MaxMind PHP SDK reader with a self-contained pure-PHP MMDB binary parser inside the Geoip class. All lookup results and public API shape remain unchanged.

Core changes:

1. Geoip class (core/classes/geoip.php):
2. Removed getReader() which required GeoIp2\Database\Reader
3. Added getMmdb(): loads and caches the raw MMDB binary payload + metadata
4. Added getRecord(): walks the radix search tree to locate a data record

5. Added getMmdbNode(), getMmdbDecode(), getMmdbValue(), getMmdbSize(), getMmdbPointer(), getMmdbUint(): pure-PHP MMDB binary format decoder

6. Extracted getCountryData() and getAsnData() private helpers with own caches
7. Config keys changed from nested $conf['geoip'][...] to flat $conf['geoip_*']
8. Added getFlagHtml(): returns flag <span> HTML for a given IP
9. Added getIpHtml(): returns flag + IP link HTML for admin display
10. getCountry(): now calls getCountryData() directly; avoids full getInfo() cost
11. Composer (composer.json):
12. Removed geoip2/geoip2 ^3.1 requirement

Benefits: - Zero external runtime dependency for GeoIP lookups - Database files read with file_get_contents() and cached in static property - Fully self-contained; works without Composer autoload for GeoIP

Technical notes: - Supports MMDB record sizes 24, 28, and 32 bits - IPv4-in-IPv6 mapping handled via 96-bit prefix traversal - Backward compatible: getInfo(), getCountry(), getEmpty(), getFileInfo() unchanged

Adds 14 new i18n constants for GeoIP UI labels across all six admin language files (de, en, fr, pl, ru, uk) and updates the existing _GEO_IP constant with clearer active-voice phrasing aligned to the new panel.

Core changes:

1. Language files (admin/lang/*.php — all six locales):
2. Updated _GEO_IP to shorter active-voice phrasing
3. Added _GEOLOCATION section heading

4. Added GeoIP-specific constants: _GEOIP_ANON, _GEOIP_ASN, _GEOIP_ASNDB, _GEOIP_CACHE, _GEOIP_CONTINENT, _GEOIP_COUNTRYDB, _GEOIP_COUNTRYNAME, _GEOIP_ORG, _GEOIP_PROVIDER, _GEOIP_STORE, _GEOIP_TESTIP

5. Added generic reusable constants: _FOUND, _NOTFOUND, _PARAMETERS, _VALUE

Benefits: - All GeoIP panel labels are fully localized in six languages - Generic constants (_FOUND, _NOTFOUND, _PARAMETERS, _VALUE) are reusable across other admin modules

Technical notes: - Constants inserted in alphabetical order at the existing _GEO_IP position - No logic changes; pure i18n additions