Последнии сообщения форума
Drop open.html and close.html from both themes and remove all setTemplateBasic('open') / setTemplateBasic('close') call sites across 11 modules and core/user.php
Add setModuleNavi() to core/system.php: centralized nav builder with rate/canadd logic, defaults from $conf[module], any key overridable
Extend setTemplateIf() in core/template.php: add {%if !flag%}, {%elseif flag%}, and non-empty var check via $vars parameter
Update navi.html (default + lite): Variant A — full <a> tags from data vars, {%if var%} guards for optional items
Add form-add.html (default + lite): universal add-form template with {%if%} blocks for all optional field groups
Migrate 12 modules: remove local navigate()/getNewsNavi(), replace all call sites with setModuleNavi(); add module constants where needed (HELP_NAVI, JOKES_NAVI, SHOP_NAVI, WHOIS_NAVI, AUTO_LINKS_NAVI)
- Migrate add() in news, pages, help, links, files to form-add template
Core changes:
- config/search.php, config/security.php:
- Replace (c) with © in copyright header
- sitemap.xml:
- Update lastmod dates to 2026-03-17
Benefits: - Consistent copyright notation across all files - Sitemap reflects current modification dates
Technical notes: - No functional changes
Constants verified unused across all PHP files outside lang directories. Removed from all six locales simultaneously.
Core changes:
- lang/*.php (de, en, fr, pl, ru, uk):
- Remove _ACTIV (replaced by _ACTIVATE / _ACTIVATE2 in admin)
- modules/forum/lang/*.php (de, en, fr, pl, ru, uk):
- Remove _THANK (thank-you button feature removed)
- Remove _WARNM (moderator report feature removed)
Benefits: - Smaller lang files, no dead definitions - Prevents accidental reuse of removed feature constants
Technical notes: - Verified with grep: no usage outside define() lines
Replace direct counter/backup.log file read with getSchedulerState('dbbackup') so the last backup timestamp comes from the same source as the scheduler UI.
Core changes:
- getLastBackupRunLabel (admin/modules/monitor.php):
- Remove backup.log file read
- Use getSchedulerState('dbbackup')['last_success'] instead
- Keep BACKUP_DIR mtime fallback unchanged
Benefits: - Single source of truth for backup timestamps - No dependency on a separate counter file
Technical notes: - backup.log is no longer read by monitor; file can be removed from disk
Remove the separate $ext map and hardcode .log extension throughout, since all log files now share the same format. Add dump_skip path sanitization on save. Restore sess_d, sess_b, log_b and log_d fields to the conf form and confsave handler.
Core changes:
- Log file listing (admin/modules/security.php):
- Remove $ext map; all log files are .log
- Replace whitelist skip array with preg_match on .log extension
- Remove database, dump_map and monitor entries from $labels
- dump_skip sanitization (admin/modules/security.php):
- Normalize line endings, strip leading ./, collapse slashes
- Reject lines containing .. (path traversal)
- Ensure each entry ends with /; deduplicate
- Conf form + confsave (admin/modules/security.php):
- Add sess_d, sess_b, log_b to conf form output
- Add log_d field and restore _SEC_LOG_D row
- Save sess_d, sess_b, log_b, log_d in confsave handler
Benefits: - No more silent loss of sess_d/sess_b/log_b/log_d on settings save - dump_skip entries are normalized before storage - Log list does not depend on a manually maintained extension map
Technical notes: - $ext variable removed; fileview/down/del now always use .log - Copyright header encoding fixed (© instead of ©)
Consolidate getSchedulerNextTime and getSchedulerPlannedTime into a single function to eliminate the redundant two-step call chain. Simplify the boot sequence in system.php by replacing inline conditional blocks with a direct require_once of the common includes.
Core changes:
- Scheduler time resolution (core/system.php):
Remove getSchedulerConfig, getSchedulerDir, getSchedulerFile, getSchedulerBeat, getSchedulerBase, getSchedulerJob, getSchedulerSettings (moved to dedicated scheduler core)
Merge getSchedulerNextTime into getSchedulerPlannedTime * Now computes next run directly from last_run state * Removes unused $from parameter
- Boot sequence (core/system.php):
- Replace scattered require logic with require_once for security, user/admin and template
Benefits: - Fewer function calls per scheduler dispatch cycle - Simpler call site in scheduler.php (one function instead of two) - Boot sequence is now linear and readable
Technical notes: - getSchedulerPlannedTime signature unchanged (array $job, array $state) - Removed functions were unused outside core; no external API break
Rename all SCHEDULER* constants exceeding 18-char limit to comply with the updated constants.md naming rule (max 18 chars for lang constants). Add two new warning constants with a direct link to Security settings.
Core changes: - _SCHEDULER_NEXT_RUN → _SCHEDULER_NEXTRUN - _SCHEDULER_LAST_RUN → _SCHEDULER_LASTRUN - _SCHEDULER_DURATION → _SCHEDULER_RUNTIME - _SCHEDULER_SCHEDULE → _SCHEDULER_SCHED - _SCHEDULER_PRIORITY → _SCHEDULER_PRIO - _SCHEDULER_PRIORITY_INFO → _SCHEDULER_PRIOTIP - _SCHEDULER_PRIORITY_DUP → _SCHEDULER_PRIODUP - _SCHEDULER_UNLOCKED → _SCHEDULER_UNLOCKD - _SCHEDULER_URL_INFO → _SCHEDULER_URLINFO - _SCHEDULER_SYSTEM_INFO → _SCHEDULER_SYSINFO - _SCHEDULER_SCHEDULE_INFO → _SCHEDULER_CRONFMT - _SCHEDULER_WARN_DMAP → _SCHEDULER_WARNLOG - Add _SCHEDULER_WARN_DB, _SCHEDULER_WARNLOG, _SCHEDULER_WARN_GO (all 6 locales) - scheduler.php: show config warnings when log_b/log_d disabled, link to security settings
Benefits: - All SCHEDULER* constants now ≤18 chars (rule compliant) - Warnings inform admin where to enable the feature
Technical notes: - Updated in all 6 locales simultaneously (de, en, fr, pl, ru, uk) - Warning text uses correct semantic mapping: log_b=DB backup, log_d=file scan
File is runtime state and already covered by .gitignore (/storage/counter/*). Was tracked only because it existed in the index before the ignore rule.
Replace string-based function_exists() dispatch and four wrapper functions with a typed match dispatcher. System jobs are now identified by a fixed 'system' key in config instead of a callable handler string. Sitemap admin trigger is routed through the scheduler flow.
Core changes:
- Dispatcher (core/system.php):
Add addSchedulerSystemJob() with match on 'backup'/'filescan'/'sitemap'/'newsletter' * Replaces dynamic function_exists($handler) call * Unknown system key returns failed status with explicit message
Remove addSchedulerBackup(), addSchedulerFilescan(), addSitemapTask() wrappers * Renamed doSitemap() to addSitemapTask() for naming consistency
- Update addSchedulerRun() dispatch to call addSchedulerSystemJob()
- Update getSchedulerJob() to normalize 'system' field instead of 'handler'
- Update getSchedulerNextJob() validity checks to use type + system
- Config (config/scheduler.php):
Replace 'handler' field with 'system' in all 4 system jobs * dbbackup -> system: backup * filescan -> system: filescan * newsletter -> system: newsletter * sitemap -> system: sitemap
- Admin UI (admin/modules/scheduler.php):
- Show 'system' value (readonly) instead of handler string
- save() persists 'system' field instead of 'handler'
- Remove 'handler' key from default new custom job
- Sitemap admin (modules/sitemap/admin/index.php):
Replace direct doSitemap() call with addSchedulerRun('sitemap', 'manual') * Uses lock mechanism, prevents race conditions
Benefits: - Eliminates dynamic function dispatch via string from config (security improvement) - Single dispatch point for all system jobs - Consistent naming: addBackupTask, addFilescanTask, addSitemapTask
Technical notes: - BREAKING CHANGE: 'handler' field is no longer read at runtime - Existing configs without 'system' field will treat jobs as invalid - doSitemap() renamed to addSitemapTask(); all call sites updated - Verified: dbbackup, filescan, sitemap manual run successful; error logs clean
