Журнал изменений

Completes path-constant migration across admin modules, core, parser, and front-end modules so all filesystem operations use absolute paths regardless of the working directory. Also rewrites the shop CSV import to eliminate raw SQL string concatenation in favour of getSqlValue() closures.

Core changes:

1. Path constants (admin/modules/, core/system.php, core/admin.php, blocks/img.php):

2. Replace 'blocks/', 'templates/', 'uploads/', 'config/' literals with BASE_DIR, UPLOADS_DIR, CONFIG_DIR throughout scandir/file_exists/include/fopen * blocks.php: scandir, file_get_contents, fopen, file_exists all absolutised * config.php: logo dir scans, is_file checks use BASE_DIR prefix * template.php: all template dir reads use BASE_DIR/templates/ * uploads.php: all upload dir ops use UPLOADS_DIR * core/admin.php: getAdminUploadFiles() separates filesystem path from web URL ($pub) * blocks/img.php: opendir uses UPLOADS_DIR constant

3. Parser (core/classes/parser.php):
4. file_exists/getimagesize/create_img_gd use absolute $path/$tpath
5. mkdir() adds 0777 + recursive flag
6. Web-facing $file/$tfile remain relative for URL output
7. Core system (core/system.php):
8. upload(): normalise $directory to absolute at function entry
9. render_blocks(): include via absolute BASE_DIR path

10. addSitemapTask(): sitemap.xml and sitemap-N.xml use BASE_DIR prefix; addCompress() receives dirname($file); web links use basename() only

11. getImgText(): file_exists check uses absolute path
12. getEditorFileData(): strip BASE_DIR prefix to produce relative web URL
13. getEditorUploadData(): return both 'dir' (relative) and 'path' (absolute)
14. doScript(): config/header.php include uses CONFIG_DIR constant
15. Modules (modules/):
16. account/admin, account: scandir/is_dir use BASE_DIR/templates/
17. clients/admin, clients/index: filemtime/file_exists/addCompress use UPLOADS_DIR
18. files/admin: file_exists/filesize/rename use absolute path helper
19. main, media: file_exists for img check uses BASE_DIR prefix
20. shop/index: CSS existence check uses BASE_DIR/templates/
21. Shop CSV import (modules/shop/admin/index.php):
22. Replace raw string interpolation ('...' = '$data[N]') with getSqlValue() closure
23. Build SET and VALUES as arrays, implode for final query
24. Add continue guard for unrecognised CSV type
25. Guard setRedirect with $idb !== '' check
26. Fix broken © encoding in file header

Benefits: - All filesystem I/O uses absolute paths — no CWD dependency - shop import no longer builds raw SQL strings from CSV data - parser thumbnail creation is race-condition safe (mkdir recursive)

Technical notes: - Web-facing URLs (image src, href, download links) remain relative — only filesystem calls received absolute paths - BASE_DIR/UPLOADS_DIR/CONFIG_DIR defined in core bootstrap (index.php)

Completes the relocation of all runtime-generated data (cache, sitemap, counter) from hardcoded config/ subdirectories to CACHE_DIR, SITEMAP_DIR, COUNTER_DIR constants; adds mkdir() auto-creation guards so placeholder files are no longer needed in the repository.

Core changes:

1. Storage paths (core/system.php, core/user.php):

2. Replace all config/cache/, config/sitemap/ literals with constants * setHead(), setFoot(), doScript(), doCss(), setScript(), setCss() * getOpenXsl() uses SITEMAP_DIR constant

3. Directory auto-creation guards (core/system.php, core/admin.php):
4. setSchedulerState(), addSchedulerHeartbeat(), addSchedulerTrigger(): create LOGS_DIR/scheduler/ if absent
5. addSitemapTask(): create SITEMAP_DIR before file_put_contents; return 'failed' on mkdir error
6. getStatistic(): create COUNTER_DIR/statistic/ before imagepng() write
7. Sitemap module (modules/sitemap/, modules/sitemap/admin/):
8. xslsave(): create SITEMAP_DIR on first XSL save
9. sitemap(): wrap content in block-content fragment; show alert when empty
10. Statistic (core/user.php, admin/modules/statistic.php):
11. Guard file() call with is_file()/is_readable() check on statistic.log
12. Guard scandir() against missing statistic dir
13. Repository cleanup:
14. Delete all tracked runtime data from config/backup/, config/cache/, config/counter/, config/sitemap/
15. Rename config/sitemap/sitemap.xsl -> storage/sitemap/sitemap.xsl
16. Update .gitignore: drop config/cache|counter|logs ignore rules, add !/storage/sitemap/sitemap.xsl exception

Benefits: - All runtime data behind constants — no hardcoded paths remain - Directories created on-demand; no empty placeholder files needed - Prevents fatal errors on clean installs where storage dirs are absent

Technical notes: - mkdir() pattern: !is_dir($d) && !mkdir($d, 0777, true) && !is_dir($d) — race-condition safe - sitemap.xsl retained as tracked file via .gitignore exception - Backward-compatible: CACHE_DIR/SITEMAP_DIR/COUNTER_DIR already defined in core bootstrap

Resolves dynamic var() references in admin base.css to concrete hex values for changelog, hover, vote-meter and progress tokens, avoiding cascading failures if source vars are absent. Standardises section comment headers in admin and lite theme CSS to a consistent English 'Category: description' format, replacing Russian and German inline headers.

Core changes:

1. Admin base tokens (templates/admin/assets/css/base.css):

2. Replaced var(--sl-color-*) with concrete hex for changelog, hover, vote-meter, and progress token groups

3. Admin theme comments (templates/admin/assets/css/theme.css):
4. Standardised section headers to 'Category: description' format
5. Lite base (templates/lite/assets/css/base.css):
6. Removed blank lines after section comment headers
7. Lite theme comments (templates/lite/assets/css/theme.css):
8. Translated Russian/German section headers to English
9. Merged redundant split comment blocks into single descriptive headers

Benefits: - Admin tokens no longer depend on var() resolution order - Consistent English comment style across admin and lite templates

Updates global.php to disable dev_mode for production and rotates the sitekey. Regenerates local.php as a full runtime cache in the new format (_meta + _config) reflecting the current merged source config state.

Core changes:

1. Config cache (config/local.php):

2. Expanded from minimal _meta stub to full _meta + _config snapshot * _meta: updated base_fingerprint, cache_version = 1, generated_at timestamp * _config: complete merged configuration for all active modules

3. Global settings (config/global.php):
4. dev_mode: '1' -> '0'
5. sitekey: rotated to new value

Benefits: - Runtime config is pre-built; no rebuild overhead on first cold request - dev_mode off prevents automatic fingerprint updates in production

Technical notes: - local.php is auto-regenerated by getConfig() on any cache miss

Replaces the previous four-function approach (getConfig + filterConfigMerge + getConfigFingerprint + setConfigFingerprint) with a single getConfig that either returns the cached _config from local.php on a cache hit, or rebuilds and writes the full cache on a miss.

Core changes:

1. Config loader (core/system.php):

2. Replaced runtime merge of local.php overrides with cache-first read * Returns _config directly when cache_version sentinel matches * Rebuilds full local.php cache on miss, then returns $conf

3. Removed filterConfigMerge, getConfigFingerprint, setConfigFingerprint helpers
4. Renamed $exp -> $export closure in setConfigFile for consistency

Benefits: - Eliminates repeated filesystem glob and array merge on every request - Simplifies config flow: one path to load, one path to rebuild - local.php is now the authoritative runtime snapshot, not an override layer

Technical notes: - local.php now stores _meta.cache_version = 1 as cache sentinel - Cache invalidated automatically when any source config file changes - Backward-compatible: falls back to full rebuild if local.php is absent

Separates lite template CSS into base.css (element styles only) and theme.css (all .sl-* component classes). Removes retired templates/default and templates/simple directories. Switches active theme to 'lite'.

Core changes:

1. CSS architecture (templates/lite/assets/css/):
2. Created base.css with @font-face, :root vars, CSS reset and element styles only
3. Moved all .sl-* component classes from old base.css into theme.css
4. Deleted new.css and system.css (intentionally unused)
5. Applied Prettier formatting across both files
6. Admin CSS (templates/admin/assets/css/):
7. Moved .bi { font-size: var(--sl-size-icon); } from base.css to theme.css
8. Applied Prettier formatting across base.css and theme.css
9. Template cleanup:
10. Removed templates/default/ entirely (retired template)
11. Removed templates/simple/ entirely (retired template)
12. Renamed block-languages to sl-block-languages in lite/partials/form-wrap.html
13. Renamed admin-searchbox to sl-admin-searchbox in lite/partials/searchbox.html
14. Config (config/global.php):
15. Switched active theme from 'default' to 'lite'
16. Updated sitekey and base_fingerprint

Benefits: - Clear separation: base.css = element styles only, theme.css = all components - All component classes consistently under sl-* namespace - Codebase free of unused legacy template directories

Technical notes: - Prettier 2-space indent applied; compact CSS expanded to multiline - templates/lite/assets/css/base.css is a new file (previously merged into theme.css)

Document the full performance audit covering frontend and admin paths, measured with Playwright and PHP-side profiling across warm and cold request scenarios.

Core changes:

1. Docs (docs/PERFORMANCE_AUDIT_REPORT.md):
2. Full audit report with measured ms timings per function
3. Frontend findings: getBlocks, setHead, GeoIP, getConfig
4. Admin findings: admininfo, getAdminPanelBlocks, news admin page
5. Prioritized fix targets and bottom-line summary
6. Docs (docs/PERFORMANCE_AUDIT_2026-05-18.md):
7. Browser TTFB measurements (Playwright v1.60)
8. v6.2 vs v6.3 comparison table
9. 50 categorized findings: 17 KRITISCH, 20 MITTEL, 13 GERING
10. Cold-start analysis and top-10 fix priorities
11. Docs (docs/PERFORMANCE_TEMPLATE_IO.md):
12. Template I/O findings from the audit session

Benefits: - Traceable baseline for optimization work - Concrete measured numbers per hotspot - Prioritized fix list with expected ms savings

Rotate the sitekey value and regenerate the base_fingerprint to match the current config state after local testing.

Core changes:

1. Config (config/global.php):
2. Update sitekey to current value
3. Config (config/local.php):
4. Regenerate base_fingerprint

Add npm package with browser-audit scripts and an informational PHPUnit test that scans admin CSS class definitions against template HTML usage.

Core changes:

1. Browser audit tooling (tools/browser-audit.mjs, package.json):
2. Node.js script using chrome-remote-interface / Playwright
3. npm scripts: browser:audit, browser:inspect, browser:attach
4. CSS class audit test (tests/Unit/AdminCssClassUsageTest.php):
5. Scans templates/admin/assets/css/.css for sl- class definitions
6. Cross-references usage in admin fragment/layout/page/partial HTML
7. Informational only — does not fail CI

Benefits: - Enables quick browser-driven audits from the command line - CSS audit test surfaces unused sl-* classes for future cleanup

Technical notes: - Test is informational (assertTrue(true)) — safe to add to CI - browser-audit.mjs requires Node.js and Chrome/Playwright to be available

Move [quote], [hide], and Markdown blockquote/callout output from inline strings in Parser to per-theme blockquote fragment templates, enabling markup customization without touching PHP.

Core changes:

1. Parser blockquote rendering (core/classes/parser.php):

2. [quote] and [hide] tags call tpl->getHtmlFrag('blockquote', [...]) * is_quote / is_hide / is_callout / is_plain variants

3. Markdown blockquote blocks and GitHub callouts use the same fragment
4. Hardcoded HTML fallback preserved when $tpl is unavailable
5. Blockquote fragment templates (templates/*/fragments/blockquote.html):
6. Added to admin, default, lite, simple themes (identical content)
7. callout_type passed through for sl-callout-{type} CSS class
8. Link template refactor (templates/admin/fragments/link.html, core/admin.php):
9. Replaced hardcoded class='sl-admin-language-link' with is_admin_language_link flag
10. CSS class assignment stays in the template layer
11. Language cleanup (lang/*.php — 6 files):
12. Removed unused constants: _EIMG, _MEML, _PLOAD, _RATE3
13. Docs and housekeeping:

14. docs/TEMPLATES.md: document and/or/not operators, dot-path lookups, and no equality/comparison operators in {% if %} expressions

15. templates/admin/partials/basic-monitor.html: BOM character removed

Benefits: - Blockquote markup is now per-theme customizable - Dead lang constants removed from all 6 language files - Admin link CSS class logic fully in template layer

Technical notes: - blockquote fragment is identical across all 4 themes - Fallback HTML matches previous hardcoded output exactly - config/local.php fingerprint updated automatically