Журнал изменений

Официальный сайт SLAED CMS

Фильтр и поиск

Всего: 997 Доступных коммитов | Отфильтровано: 997 Коммиты | Страница: 1 / 100
Сегодня (08.07.2026)
Refactor: search module visual redesign
Автор: Eduard Laas | Дата: 16:23 08.07.2026

Query controls move into a single-row .sl-search-panel; results render as a divider list (.sl-search-line) with breadcrumb, title, clamped snippet and meta chips. Adds fragments/search-form.html and a demo/ reference page.

Refactor: single-H1 heading hierarchy and semantic levels
Автор: Eduard Laas | Дата: 16:23 08.07.2026

One H1 per page: page/module titles render H1, de-polluted pager/footer/ sidebar/related/category headings down to their proper level, and view sub-headings normalized. Heading sizes tokenized (--sl-h1..--sl-h4 in base.css) with framework classes wired to them in theme.css; getModuleNavi gains an is_heading flag so view pages do not emit a second H1.

Refactor: extract shared site-header/footer partials
Автор: Eduard Laas | Дата: 16:22 08.07.2026

home.html and app.html were ~98% duplicate; the common chrome moves into partials/site-header.html and partials/site-footer.html, slimming both layouts to include stubs. Footer/admin home links point at "/" instead of "index.php"; app.html marks the content region with a <main> landmark.

SEO: canonical consolidation + optional force-https/force-host redirects
Автор: Eduard Laas | Дата: 16:22 08.07.2026

Portable, PHP-level redirects in core/security.php (proxy-aware via X-Forwarded-Proto, GET-only, default off):

  • bare /index.php -> / (301) to kill the duplicate homepage URL
  • opt-in forcessl (http->https) and forcehost (www->canonical homeurl host)

Admin config SEO tab gains forcessl/forcehost toggles (constants in all 6 languages); getPublicUrl() returns root with trailing slash; help doc admin/info/config/ru.md documents canonical behavior and the new toggles.

Chore: rename Magistral font file to magistral.woff2
Автор: Eduard Laas | Дата: 09:40 08.07.2026

Rename the Magistral webfont from Magistral-Book.woff2 to magistral.woff2 and update the @font-face src plus the PERFORMANCE.md caching example to match. Same binary, lowercase/simpler name.

Core changes:

  1. Font asset (templates/lite/assets/css):
  2. Rename fonts/Magistral-Book.woff2 to fonts/magistral.woff2
  3. base.css @font-face src updated to fonts/magistral.woff2
  4. Docs (docs/PERFORMANCE.md):
  5. Update font caching-caveat example to magistral.woff2

Technical notes:

  • Byte-identical file (26808 bytes); no remaining refs to old name
Refactor: HTMX URL attributes onto clean escape-at-output model
Автор: Eduard Laas | Дата: 09:39 08.07.2026

Move hardcoded &amp; and hand-built HTMX markup out of PHP: URL producers now pass a raw & URL as data, and fragments escape it once at the output boundary via {{ }}. Removes the last inconsistency where URL-bearing HTMX attributes still followed the legacy escape-at-source + markup-in-PHP pattern.

Core changes:

  1. Link/tab/button fragments (templates/{lite,admin}/fragments):
  2. tabs-link.html: add hx_get/hx_target/hx_swap block, URL escaped via {{ }}
  3. button.html: add hx-post block (hx_post/hx_include/hx_target/hx_swap/ hx_on_click/hx_on_after), URL escaped; JS validation stays raw passthrough

  4. link fragment already had is_htmx (hx-get="{{ href }}") — reused as-is
  5. PHP producers now emit data, not markup:
  6. core/admin.php: upload file links use is_htmx + hx_target (drops &amp; blob)
  7. admin/modules/uploads.php: upload tabs pass raw hx_get/hx_target
  8. core/user.php: comment/PM submit forms pass raw hx_post + hx_* fields
  9. Docs:
  10. Remove docs/PROMPT_HREF_AMPERSAND.md (task complete)

Benefits:

  • Single escape at the sink; &amp;amp; structurally impossible
  • Unified hx_* field vocabulary across link/tabs-link/button fragments
  • Removes duplicated URL (href + hand-built hx-get) in upload links

Technical notes:

  • getSafe() = htmlspecialchars(ENT_QUOTES|ENT_SUBSTITUTE, UTF-8)
  • Verified live: comment form, admin upload tabs — single &amp;, zero &amp;amp;
  • Additive change; legacy link_attr/input_attr passthrough kept for other uses
Вчера (07.07.2026)
Chore: add Magistral-Book WOFF2 font asset
Автор: Eduard Laas | Дата: 21:22 07.07.2026

Track the Magistral-Book.woff2 asset referenced by the base.css @font-face declaration, completing the font migration whose base.css update and legacy WOFF2 removal landed in the previous commit.

Refactor: Escape URLs once at the HTML output boundary
Автор: Eduard Laas | Дата: 21:20 07.07.2026

URLs are now treated as data: every producer emits a raw & and the template layer escapes exactly once at the output boundary via {{ href }}. This removes the previous mix of producer-side &amp; encoding and raw {{{ }}} output and eliminates latent single/double-escape inconsistencies across the site.

Core changes:

  1. URL producers to raw & (blocks, modules, admin/modules, core):
  2. Front-end SEO links built via getSeoUrl() (raw &, SEO-friendly URLs under rewrite)
  3. Admin afile.php?..., htmx go=...&op=... tails, absolute/redirect URLs to raw &
  4. getQueryString() always emits raw & (dropped the obsolete $html parameter)
  5. Template output boundaries (81 flips, lite + admin fragments/partials):
  6. href/src/action/hx-get/hx-post URL attributes: {{{ x }}} to {{ x }}
  7. Kept raw ({{{ }}}): _html and _attr blobs, inline-JS onclick (reset_url, reload_query)
  8. Removed runtime URL pre-encoders exposed by the boundary flip:
  9. $alink session-monitor URL, RSS source href, and files-admin download href no longer wrapped in htmlspecialchars() (the boundary now escapes)

  10. domain() html_entity_decode()s stored referer URLs before building the link

Benefits:

  • Single source of truth for escaping; no more &amp;amp; risk
  • Redirects/Location and htmx keep a raw &; HTML output is uniformly &amp;
  • Blocks now honor rewrite / SEO-friendly URLs like the modules do

Technical notes:

  • Left untouched: parser entity decoders, config/* content cache, setup legacy HTML echoes, sitemap XML content encoder

  • Pre-existing/out-of-scope: _referer stores double-encoded anchor data; config.replace link URLs are stored with a bare &

  • Verified: php -l (85 files), phpunit 8/8, guest + admin real-HTTP render with zero app-generated &amp;amp;

Refactor: Bootstrap Icons migration and admin/module normalization
Автор: Eduard Laas | Дата: 16:15 07.07.2026

Remove legacy raster icons from the admin and lite themes in favour of Bootstrap Icons, add the bootstrap-icon fragment, and normalize admin and module handlers, config, and styles across the board.

Docs: Breadcrumb design demos and href-escaping task prompt
Автор: Eduard Laas | Дата: 16:13 07.07.2026

Add the breadcrumb variant galleries under demo/ and a task prompt for the site-wide URL escaping migration (escape at the HTML output boundary, keep getSeoUrl raw).

Всего: 997 на 100 страницах по 10 на каждой странице

Хотите опробовать SLAED CMS в действии?
Идеи и предложения
Обратная связь