Журнал изменений

Remove manual CSRF token passing from all admin module actions and forms now that checkSiteToken() auto-reads the token from the request context. Update getHtmlFrag() calls to use renamed fragments and canonical variable keys.

Core changes:

1. CSRF token removal from forms and action guards (admin/modules/*.php):
2. Removed getSiteToken() calls and hidden token inputs from all module forms

3. Removed explicit checkSiteToken(getVar(...)) guards from save/delete handlers * Token validation still occurs inside checkSiteToken() via getRequestToken()

4. Affected modules: admins, categories, comments, database, favorites, fields, groups, lang, messages, modules, newsletter, privat, referers, replace, scheduler, statistic, template, uploads

5. Fragment name updates (admin/modules/*.php, core/admin.php):
6. admin-action-link → comment-action-link
7. admin-action-ajax → comment-action-ajax (via getTplAdminAjaxAction)
8. Added required class/target keys for comment-action-link calls
9. Core admin updates (core/admin.php):
10. getAdminBlockList(): add optional $token string param (unused, reserved)
11. getAdminInfo(): remove manual token check; remove token hidden input from form
12. System bootstrap (core/system.php):
13. Minor alignment/cleanup with no behavioral change

Benefits: - Eliminates 30+ boilerplate token-extract-and-check blocks across modules - CSRF protection remains active via centralized getRequestToken() - Consistent fragment naming across all call sites

Technical notes: - Implicit CSRF validation: token must arrive via header or POST/GET param - No change to token generation or scope logic - admin/index.php: CRLF→LF line ending normalization only

Rename all template variable keys in helper functions to canonical single-word names and eliminate redundant fragment files by merging them into existing general-purpose fragments with conditional params.

Core changes:

1. Helper variable key renames (core/helpers.php):
2. getTplAdminFlagBox: css_class→class, label_text→label
3. getTplAdminNoteLabel: switches to span-btn fragment; label_text→label, title_attr→title
4. getTplAdminTitleTip: switches to title-tip fragment (was admin-title-tip)
5. getTplAdminAjaxAction: switches to comment-action-ajax fragment (was admin-action-ajax)
6. getTplAdminTabOpen: list_class→class, list_id→id
7. getTplAdminTabLink: is_selected→selected, attrs removed (unused)
8. getTplAdminInfoCount: count_text→count, css_class→class
9. getTplAdminTableHead: th-nosort merged into th with nosort=true param
10. Fragment deletions (all four themes: admin, default, lite, simple):
11. Deleted: admin-action-ajax.html (replaced by comment-action-ajax)
12. Deleted: admin-action-link.html (replaced by comment-action-link)
13. Deleted: admin-note-label.html (replaced by span-btn)
14. Deleted: admin-title-tip.html (replaced by title-tip)
15. Deleted: th-nosort.html (merged into th with nosort flag)
16. Updated: th.html to handle nosort conditional rendering
17. Updated: admin-security-*.html to match new variable key names

Benefits: - Fewer fragment files to maintain across themes - Consistent single-word key naming convention throughout helpers - th fragment handles both sort and no-sort columns via one template

Technical notes: - Fragment renames are breaking changes for any direct getHtmlFrag() callers - All call sites in admin modules updated in the following commit - No functional HTML output changes

Extend the CSRF layer with a dedicated token-reader and a smarter checkSiteToken() that auto-resolves the token from the request context, eliminating the need for callers to pass the token explicitly.

Core changes:

1. CSRF token reader (core/security.php):

2. Add getRequestToken(): reads token from X-CSRF-Token header, X-XSRF-Token header, POST param, GET param, $_REQUEST fallback * Priority: header > POST > GET > $_REQUEST * Trims whitespace, returns empty string when absent

3. CSRF validator (core/security.php):

4. Change checkSiteToken() signature: $tok defaults to '' (auto-read) * If $tok is empty, calls getRequestToken() automatically * Adds cross-scope fallback: non-ajax scopes also accept global 'ajax' token

Benefits: - Callers no longer need to extract and pass the token manually - HTMX / fetch requests sending X-CSRF-Token header work out of the box - One central place for all token extraction logic

Technical notes: - Backward compatible: callers that still pass $tok explicitly continue to work - Scope fallback is one-way: ajax-scoped checks do not accept scope-specific tokens

The shared/ fallback mechanism was reverted in the previous session. Physical files were already deleted; this commit syncs git tracking to match the filesystem state.

Remove 52 dead/duplicate fragments from all 3 frontend themes (default, lite, simple) and replace direct getHtmlFrag() calls with canonical helpers where they already exist.

Core changes:

1. Dead fragments removed (templates/default|lite|simple/fragments/):

2. 49 fragments with 0 frontend callers (admin-*, block wrappers, comment-action-delete, editor-files-, navi-tabs-, pager-, rating-, voting-close/open/stat-text, td-check, form-checkall, spoiler, etc.)

3. 2 lite-specific dead fragments: lite-faq-random-link, lite-head-banner
4. 1 duplicate resolved: admin-title-tip (canonical: title-tip)
5. Duplicate fragments resolved:

6. recommend-mail-link → files-external-link (identical content) modules/recommend/index.php updated

7. contact-admin-option → getTplSelectOption() migration modules/contact/index.php updated

8. Direct getHtmlFrag('form-option') → getTplSelectOption() (10 calls):
9. modules/forum/index.php (2 calls, $sel variable removed)
10. modules/pages, files, media, faq, links, news, jokes, help/index.php

Benefits: - Fragment count: 388 → 336 per theme (-52 default/simple, -54 lite) - All direct form-option calls now route through canonical helper - Frontend and admin themes now have consistent, non-overlapping fragment sets

Technical notes: - block-* fragments in blocks/ system kept intact (indirect callers) - files-external-link kept as canonical for generic target=_blank links - form-option fragment kept (still used by getTplSelectOption())

Eliminate duplicate, dead and module-specific admin fragments by migrating all list-head patterns to getTplAdminTableHead() and fixing shared helper canonical fragment references.

Core changes:

1. Admin helpers (core/helpers.php):
2. getTplAdminTableHead(): use th/th-nosort fragments, not inline HTML
3. getTplAdminTableCells(): use td fragment, not inline HTML
4. getTplAdminSection(): use admin-section-heading fragment
5. getTplAdminTabClose(): use admin-tab-list-close fragment
6. getTplAjaxAction(): fix canonical back to comment-action-ajax
7. getTplDeleteAction(): fix canonical to action-delete
8. Admin modules (21 files):
9. Replace getHtmlFrag('admin-*-list-head') with getTplAdminTableHead([])
10. admin/modules/: groups, messages, modules, newsletter, referers, security

11. modules/*/admin/index.php: account, auto_links, clients, content, faq, files, help, jokes, links, media, money, news, order, pages, search, voting

12. Admin fragments (templates/admin/fragments/):
13. Delete 83 dead fragments (list-head, account-*, orphans)

14. Restore incorrectly removed: td, th, th-nosort, admin-section-heading, admin-tab-list-close, admin-admins-permission-empty, comment-action-ajax

Benefits: - Admin fragment count: 569 → 486 (-83) - Single canonical path for all table headers via getTplAdminTableHead() - Shared helpers use correct fragment names for all theme contexts

Technical notes: - comment-action-ajax stays canonical for getTplAjaxAction() (shared, used in frontend) - action-delete is canonical for getTplDeleteAction() (all themes) - admin-whois-list-head.html kept (colspan=2, needs getTplAdminTableHead() extension)

Reverts Phase 2: themes (lite, default, simple, admin) are self-contained and must not depend on a shared/ fallback directory.

Core changes: - templates/shared/: deleted - templates/lite/, default/, simple/: all 388 files restored - templates/admin/fragments/: 113 files restored - core/classes/template.php: removed $shared property, shared fallback in getFile(), and shared path check in checkFile()

Benefits: - Each theme is fully portable and independent - No hidden cross-theme dependencies

Admin Phase 2: remove 113 fragments from templates/admin/ that are byte-identical to templates/shared/ — engine fallback now serves them transparently.

system.php migration: move setModuleNavi, setNaviLower, setPageNumbers, setArticleNumbers from core/system.php to core/helpers.php, establishing helpers.php as the single rendering layer for both frontend and admin.

Core changes: - templates/admin/fragments/: 347 → 234 files (-113) - core/helpers.php: +4 functions (setModuleNavi, setNaviLower, setPageNumbers, setArticleNumbers) - core/system.php: -4 functions (same, removed)

Benefits: - All fragment-rendering helpers are now in one place (core/helpers.php) - Admin area no longer duplicates shared fragments — maintained in one location - Zero call-site changes required (function names unchanged)

Technical notes: - All 4 migrated functions rely on global $tpl/$db/$conf/$afile — unchanged - setArticleNumbers internally calls setPageNumbers — order preserved in helpers.php - php -l passes on both modified files

Extend the Template engine with a shared/ fallback so theme directories only need to contain files that actually differ per theme. Move 388 files that were byte-identical across all three themes into templates/shared/.

Core changes:

1. Template engine fallback (core/classes/template.php):

2. Add protected string $shared property, initialized in constructor as BASE_DIR/templates/shared

3. Update getFile(): try theme path first, return shared path as fallback (single is_file() check, no extra I/O when theme file exists)

4. Update checkFile(): accept files from either $this->base or $this->shared (realpath-based containment check for both roots)

5. Shared template directory (templates/shared/):
6. Move 374 fragments, 5 partials, 6 pages, 3 layouts from all three themes
7. Source: lite/ (canonical copy), verified identical in default/ and simple/
8. Theme-specific files (~24-34 per theme) remain in their theme directories

Benefits: - Template files: ~1163 -> ~445 (62% reduction) - Theme directories now contain only genuinely theme-specific overrides - Adding a new theme requires only the files that differ from shared/ - Zero change to PHP call sites, helpers, or fragment names

Technical notes: - Theme path takes priority over shared/ (theme-specific override works) - Admin theme is unaffected (uses its own base path, no shared/ fallback) - Cache uses realpath-based hash, works transparently for shared files - Verified: lite, default, simple all resolve fragments via fallback - Verified: admin theme continues to use templates/admin/ exclusively

Eliminate cross-module fragment duplicates in frontend themes by routing all calls through canonical helpers. Add getTplAjaxAction helper and inline all trivial single-tag fragments. Sync all three themes (lite, default, simple) simultaneously since changes are theme-independent.

Core changes:

1. New helper and system.php cleanup (core/helpers.php, core/system.php):
2. Add getTplAjaxAction(target, query, title, label, class) using comment-action-ajax.html

3. Update getEditorAsyncAction, getCommentAsyncAction, getVotingAsyncAction to delegate to getTplAjaxAction instead of direct getHtmlFrag calls

4. Fragment duplicates removed (templates/lite|default|simple/fragments/):

5. Delete action-menu duplicates: admin/comment/voting-action-menu.html (3x3=9 files) canonical: editor-action-menu.html via getTplMenuItems()

6. Delete delete-action duplicates: admin/voting-action-delete.html (2x3=6 files) canonical: comment-action-delete.html via getTplDeleteAction()

7. Delete link-action duplicates: admin/voting-action-link.html (2x3=6 files) canonical: comment-action-link.html via getTplLinkAction()

8. Delete ajax duplicates: admin/editor-action-ajax.html (2x3=6 files) canonical: comment-action-ajax.html via getTplAjaxAction()

9. Delete select-option duplicates: account/rss/whois/media variants (4x3=12 files) canonical: form-option.html via getTplSelectOption()

10. Delete admin-session-box.html from all 3 themes (unused dead fragment)

11. Inline trivial fragments across all themes: br, br-br, tr-open, tr-close, table-close, form-close (6x3=18 files)

12. Call-site updates (modules/*/index.php):

13. Replace duplicate getHtmlFrag() calls with getTplSelectOption() in account, media, rss, whois modules

14. Inline '<br>', '<br><br>', '<tr>', '</tr>', '</tbody></table>', '</form>' directly in account, clients, content, files, forum, help, links, money, news, order, pages, shop, sitemap, users modules

Benefits: - 57 fewer fragment files across 3 frontend themes - getTplAjaxAction provides a named entry point for HTMX GET actions - All fragment calls go through helpers.php (single responsibility) - Themes are now in sync with no redundant copies

Technical notes: - comment-action-ajax.html kept as canonical (supports optional CSS class) - admin-action-link.html kept in admin/ theme (used by admin $tpl only) - All changes verified with php -l