Журнал изменений

Completes the multi-batch schema modernization: all SQL column references in PHP have been updated to match the new normalized table.sql schema, and a one-time migration script has been added for existing installations.

Core changes:

1. _users / _users_temp (Batch L) — modules/account/{index,admin/index}.php, modules/forum/index.php, admin/index.php:
2. user_id → id, user_name → name, user_rank → rank, user_email → email
3. user_website → website, user_avatar → avatar, user_regdate → regdate
4. user_occ → occ, user_from → origin, user_interests → interest
5. user_sig → sig, user_viewemail → viewmail, user_password → password
6. user_storynum → storynum, user_blockon → blockon, user_block → block
7. user_theme → theme, user_newsletter → newslet, user_fsmail → fsmail
8. user_psmail → psmail, user_lastvisit → lastvis, user_lang → lang
9. user_points → points, user_last_ip → lastip, user_warnings → warnings
10. user_acess → access, user_group → grp, user_birthday → birthday
11. user_gender → gender, user_votes → votes, user_totalvotes → tvotes
12. user_field → field, user_agent → agent, user_network → network
13. check_num → code (users_temp)
14. All other tables (Batches A–K) — 60+ PHP files across admin/, blocks/, core/, modules/, setup/, templates/:
15. _admins: lastvisit → lvisit
16. _auto_links: sitename → title
17. _blocks: bid → id, bposition → bpos, active → status, blanguage → blang, blockfile → bfile
18. _categories: parentid → parent, cstatus → status, lpost_id → lpost
19. _clients/_partners: id_user → uid, id_product → prod, id_partner → part, adres → addr
20. _comment: date → time, host_name → ip
21. _faq/_help/_news/_pages: fid/sid/pid → id, catid → cid, ip_sender → ip
22. _files/_links: lid → id, totalvotes → tvotes, totalcomments → tcom
23. _forum: catid → cid, l_uid/l_name/l_id/l_time → luid/lname/lpost/ltime, e_uid/e_ip_send/e_time → euid/eip/etime
24. _jokes: jokeid → id, cat → cid, joke → hometext, ratingtot → ratetot
25. _media: createdby → author, totalvotes → tvotes, totalcom → tcom
26. _message: mid → id, active → status, mlanguage → lang
27. _order/_privat/_referer/_voting: date → time
28. _products: preis → price, totalvotes → tvotes
29. _rating: host → ip
30. _search: sl_id → id, sl_word → word, sl_modul → modul, sl_time → time, sl_score → score
31. _session: host_addr → ip
32. setup/sql/batch_migrate.sql (new):
33. One-time ALTER TABLE RENAME COLUMN script for all 27 tables
34. Includes RENAME INDEX where index names also changed
35. Special DROP/ADD for _rating UNIQUE KEY (column composition changed)

Benefits: - SQL column names now match table.sql schema exactly across all 65 files - No more legacy user_*/ip_sender/totalvotes/catid/ip_send naming in codebase - Migration script enables clean upgrade path for existing installations

Technical notes: - PHP placeholder names (:user_name, :user_id, etc.) intentionally unchanged - HTML form field names (name="user_name") intentionally unchanged - batch_migrate.sql requires MySQL 8.0+ or MariaDB 10.5+ (RENAME COLUMN support)

Complete overhaul of the search module and admin template covering security hardening, config migration, and the new search admin interface.

Core changes:

1. Search module (modules/search/index.php, config/search.php):
2. Extract getSearchRow() helper to avoid duplicated row-rendering logic
3. Rename search_result() to search() and wrap in switch($op)
4. Fix XSS: escape $cdesc and $ctitle via htmlspecialchars() in all HTML contexts
5. Migrate config key: $conf['search'] string -> $conf['search']['mods'] array
6. Add config/search.php with all search settings moved out of global config
7. Search admin panel (modules/search/admin/):
8. Add new admin interface for search module configuration
9. Include multilingual info files (de, en, fr, pl, ru, uk)
10. Admin template (templates/admin/index.php):
11. Replace opendir/readdir/closedir with scandir(BASE_DIR.'/language')
12. Fix XSS: escape $admin[1] via htmlspecialchars() before use in HTML
13. Fix undefined $cach in setTemplateBlock() static cache on cache miss
14. Replace SELECT * with SELECT 1 LIMIT 1 for admin existence check
15. Add :string return types to all three template functions
16. Remove unused global declarations ($user, $theme, $conf)
17. Replace die() with exit; update copyright year to 2026
18. Convert tabs to 4-space indentation per coding standard
19. Language files (admin/language/*.php):
20. Sync language constants across de, en, fr, pl, ru, uk

21. Core and config (core/admin.php, core/system.php, config/global.php, config/modules.php, admin/modules/config.php, admin/index.php, modules/order/index.php):

22. Various refactors and config key updates aligned with new structure

Benefits: - Eliminates stored XSS vectors in search result rendering - Removes CWD-dependent filesystem path in admin template loader - Static template cache no longer risks undefined-variable TypeError in PHP 8.x - Search config is now isolated in config/search.php

Technical notes: - config/search.php is a new required config file - modules/search/admin/ is a new directory; activate via config/modules.php - No DB schema changes

Three related cleanups applied system-wide. Legacy function names replaced with camelCase equivalents matching project naming conventions. search_color (marked # OLD DELETE) deleted and replaced by an optimised filterTextHighlight. filterTextHighlight rewritten for performance: single combined regex instead of one pass per word, batch str_replace for tag extraction/restoration.

Core changes:

1. Helper function renames (core/system.php + 24 call sites):
2. defconst() → getConst()
3. deflmconst() → getModuleName() (strtr replaced by array lookup $map[$k] ?? $k)

4. deflang() → getLangName() (same) Callers updated in: core/admin.php, core/user.php, admin/modules/,

blocks/block-{languages,modules}.php, templates/*/index.php,
modules/{account,search,voting/admin}/index.php

1. filterTextHighlight() rewrite (core/system.php:1674):
2. array_unique + sort words by length desc before building pattern
3. preg_quote per word; all words joined into one alternation regex
4. Tag placeholders switched to \x00TAGn\x00 (no risk of HTML collision)
5. Batch str_replace(array, array) for tag extraction and restoration
6. search_color() removed (core/system.php):
7. Was marked # OLD DELETE; fully superseded by filterTextHighlight()

8. All 18 call sites migrated: modules/{content,forum,files,faq,search, auto_links,links,jokes,shop,pages,media,help,news}/index.php, modules/shop/admin/index.php

Benefits: - Consistent camelCase naming across all helper functions - filterTextHighlight: O(1) regex passes regardless of word count - No dead code (search_color deleted) - Safer tag placeholder avoids numeric pseudo-tags <1>, <2>

Split changelog language constants into user/admin scopes — user files now contain only what index.php needs, admin-only constants moved to the admin/language layer. Adds page title to setHead() in changelog/index.php. Removes two redundant require_once calls for config files already loaded automatically by getConfig() via glob in core/system.php.

Core changes:

1. Language constants (modules/changelog/language/*.php):

2. Removed 19 admin-only constants from user language files (all 6 locales) * Kept: filter/search UI, date labels, error messages * Removed: source config, export, cache TTL, stats, GitHub API fields

3. Admin language files (modules/changelog/admin/language/*.php):
4. Added as new tracked files (were untracked)
5. Removed one dead constant (_CHLOG_ERR_GH_API_JSON) unused anywhere
6. Module entry point (modules/changelog/index.php):
7. setHead() now receives ['title' => _CHANGELOG]
8. System entry point (index.php):
9. Removed require_once CONFIG_DIR.'/shop.php' (go==2 block)
10. Removed require_once CONFIG_DIR.'/uploads.php' (go==4 block)
11. Both configs are already merged by getConfig() on startup

Benefits: - Admin-only constants no longer loaded for regular users - No dead constants in language files - Page title set correctly in changelog module - Cleaner index.php without redundant file loads

This commit completes the current legacy text refactor by renaming the old replacement helper to filterReplaceText, migrating bb_decode call sites to filterMarkdown(..., false), and removing redundant wrapper experiments. It also includes the monitor fix, client archive flow updates, template style updates, and rule documentation needed to keep future refactors consistent.

Core changes:

1. Legacy text pipeline (core/system.php):
2. Renamed search_replace() to filterReplaceText()
3. Migrated bb_decode()-based output paths to filterMarkdown(..., false)
4. Removed redundant wrapper indirection and kept direct behavior-preserving calls
5. Frontend and admin modules (modules/, admin/modules/, blocks/*):
6. Updated legacy content rendering call sites to the new helper/parser naming
7. Switched client archive generation away from PclZip to the core compression flow
8. Fixed monitor database size handling to stop undefined array key warnings
9. Project guidance and templates (.rules/, .agents/, templates/*):
10. Added explicit migration guidance for rename-vs-wrapper decisions
11. Synced architecture notes for parser and replacement helper migrations
12. Adjusted template system styles alongside the current refactor batch

Benefits: - Lower maintenance cost by reducing legacy naming drift and wrapper noise - Better reliability through the monitor fix and centralized archive handling - Clearer project rules for future refactors with minimal behavior change

Technical notes: - Legacy content still uses filterMarkdown(..., false) where raw HTML passthrough is required - filterReplaceText() is now the canonical replacement helper name in the codebase - Backward compatibility is preserved at runtime, but old helper names were intentionally removed from the code

Normalize optional profile birthday values before passing them into the legacy datetime helper and apply a safe fallback for the account style class. This prevents runtime warnings and type errors on profile-related screens without changing user-visible behavior.

Core changes:

1. Account profile form (modules/account/index.php):

2. Normalized user_birthday to a validated string before rendering the date picker * Empty and invalid values now fall back safely instead of reaching datetime() as null

3. Added a safe sl_account fallback when $conf['style'] is missing or empty
4. User messaging view (core/user.php):
5. Replaced direct $conf['style'] access with a guarded fallback
6. Preserved the existing account style default for account-context rendering

Benefits: - Prevents datetime(): Argument #3 ($time) must be of type string, null given - Removes Undefined array key "style" warnings in account flows - Keeps legacy helpers working without widening the change scope

Technical notes: - The legacy datetime() helper signature was not changed - No database schema, routing, or template contracts were modified

Move all _CHLOG_* constants to module-local changelog language files and remove the duplicated global definitions. This eliminates repeated constant redefinition warnings while preserving public and admin changelog translations.

Core changes:

1. Changelog module languages (modules/changelog/language/*.php):

2. Added the full _CHLOG_* constant set required by both frontend and admin changelog screens * Included export, source, GitHub, cache, stats, and token-related strings * Kept module-local translations as the single source of truth

3. Preserved existing localized wording where available
4. Global languages (language/*.php):
5. Removed duplicated _CHLOG_* constants from the shared language files
6. Prevented global language loading from colliding with module language loading

Benefits: - Eliminates changelog constant redefinition warnings in PHP logs - Reduces translation duplication across the codebase - Keeps changelog localization scoped to the module that owns it

Technical notes: - No routing or template behavior was changed - Backward compatibility is preserved for changelog pages and admin screens

Harden the admin monitor module output and refresh paths while bringing the file closer to the local SLAED coding rules. Also add repository text-format defaults so editors and Git keep UTF-8 and LF consistently.

Core changes:

1. Monitor admin module (admin/modules/monitor.php):

2. Harden request, server, and database diagnostic output before it reaches the admin template * Keep inline HTML escaping at the output boundary * Replace SHOW TABLE STATUS with an information_schema query

3. Reduce refresh overhead and align the file with local style rules * Add short-lived caching for expensive monitor probes * Remove unnecessary Linux shell fallbacks and normalize comments, guards, and names

4. Repository text settings (.editorconfig, .gitignore):
5. Add shared UTF-8 and LF defaults for editor saves
6. Stop ignoring tracked project meta files that must stay under version control

Benefits: - Improves admin-side XSS resistance for diagnostic values - Reduces monitor refresh cost on repeated polling - Aligns the module and repository text handling with project rules

Technical notes: - Existing monitor routes and template structure are preserved - Line ending policy is now enforced through repository metadata - Backward compatibility is preserved for the current admin workflow

Restore .gitmessage as a persistent commit message template instead of a concrete commit message file. This keeps the Git workflow aligned with the current SLAED rules and prevents the template from being overwritten again.

Core changes:

1. Git workflow template (.gitmessage):
2. Restore the placeholder-based permanent commit template
3. Remove the previous concrete commit content from the template file

Benefits: - Keeps commit preparation consistent across future tasks - Prevents accidental reuse of an old concrete commit message - Aligns repository workflow with the current SLAED Git rules

Technical notes: - No code behavior changes - No API or routing changes - Backward compatibility is unchanged

Consolidate changelog loading, rendering, localization, and export behavior across public and admin code paths. Modernize monitor and editor admin modules to align them with the current SLAED routing and input rules.

Core changes:

1. Changelog module (modules/changelog/*.php, templates/admin/basic-changelog*.html):

2. Introduce shared changelog core logic in modules/changelog/common.php * Unify GitHub/local source loading, cache handling, pagination, and export helpers * Remove active GraphQL usage and count available commits from loaded data

3. Refactor admin and public changelog handlers to use shared loaders and render helpers
4. Localize admin changelog UI and refresh related module language files
5. Admin tools (admin/modules/monitor.php, admin/modules/editor.php):

6. Simplify monitor controller flow and centralize runtime snapshot handling * Reduce duplicated disk/runtime logic and remove external admin template dependency

7. Refactor editor input handling to use shared helpers and SLAED raw input access
8. Language and template alignment (language/*.php, templates/admin/*.html):
9. Add missing monitor and changelog language constants across six languages
10. Update admin templates to match the new changelog and monitor behavior

Benefits: - Better maintainability through shared changelog logic and reduced duplication - Cleaner admin behavior aligned with current SLAED rules for input and routing - More consistent localization and admin rendering across modules

Technical notes: - modules/changelog/common.php is a new shared module file - Commit counting now reflects available loaded/cached commits instead of GraphQL totals - Backward compatibility is preserved for existing changelog routes and admin operations