Журнал изменений

Routine config regeneration after structural changes to global.php. Fingerprint and sitekey are derived values — no manual logic changed.

Core changes:

1. Config fingerprint (config/local.php):
2. base_fingerprint updated to reflect current global.php hash
3. Global config (config/global.php):
4. sitekey rotated as part of standard config refresh cycle

Benefits: - Config integrity check will pass on next bootstrap - No functional or behavioral change

Technical notes: - Fingerprint is computed automatically by the config management tool - sitekey is used for CSRF token generation

Flash messages generated before the admin module head (e.g. save confirmations) were lost because module-head.html had no render point for them. getTplAdminTabs() now passes flash_html and the partial outputs it directly below the tab bar.

Core changes:

1. Admin tab helper (core/helpers.php):
2. Pass flash_html => getFlashHtml() to module-head partial
3. Module head partial (templates/admin/partials/module-head.html):
4. Render {{{ flash_html }}} below tabs when present
5. System (core/system.php):
6. Extract \$time local var before array_replace for readability
7. Fix DB debug text separator: ". Ø" → "/ Ø" (typographic correction)

Benefits: - Flash messages (save/error notices) now always visible after redirect - DB stats panel separator matches the visual design convention

Technical notes: - getFlashHtml() consumes the flash session entry on first call - Separator change is display-only; no data or logic affected

checkPerms() returns a permission-warning banner that must appear above the form. It was incorrectly assigned to \$body, overwriting the form before it was built. Moving it to \$cont ensures the banner is always rendered in the correct position regardless of form output.

Core changes:

1. Auto Links config (modules/auto_links/admin/index.php):
2. \$body = checkPerms(...) → \$cont .= checkPerms(...)
3. \$body = \$tpl->getHtmlPart('form', ...) stays separate
4. Changelog config (modules/changelog/admin/index.php):
5. Same fix in config() function
6. Also removed stale checkPerms() call from changelog() view
7. Contact config (modules/contact/admin/index.php):
8. Same fix pattern

Benefits: - Permission banners now appear above the form, not silently lost - Consistent output-routing across all module config views - No logic change — only output variable assignment corrected

Technical notes: - \$cont accumulates pre-form output; \$body holds the main form HTML - Pattern now matches all other admin module config functions

Introduce a self-contained demo HTML in the project docs folder that showcases candidate hover treatments for Bootstrap-Icons-based controls. The page is intended as a design reference, not as production code.

Core changes:

1. Demo page (docs/icon-hover-gradient-demo.html):

2. Standalone HTML with inline CSS that compares several icon-hover effects (gradients, glow, scale, shimmer)

3. Pulls the existing Bootstrap Icons stylesheet from templates/admin/assets/vendor so the icons render exactly as they do in the admin theme

4. No JavaScript dependencies; the page is fully static

Benefits: - Provides a visual reference when iterating on admin button or icon hover styles without spinning up the full admin shell - Lives under docs/ so it stays out of any production build pipeline

Technical notes: - Pure documentation asset; not linked from runtime templates - Safe to open directly from disk because all styles are inline and the vendor stylesheet uses a relative path - Can be retired later without affecting any shipped feature

Refresh the _meta.base_fingerprint snapshot stored in config/local.php so it reflects the new defaults bundled in config/global.php (refreshed admin logo and rotated site security key). The fingerprint is the local override layer’s view of the upstream default state and must move forward in lockstep.

Core changes:

1. Local configuration meta (config/local.php):

2. Replace _meta.base_fingerprint with the hash that matches the current config/global.php * Prevents the override layer from flagging the new defaults as

stale on first boot

Benefits: - Configuration loader recognises the new baseline immediately - No spurious "defaults changed" indication after pulling the release

Technical notes: - Pure metadata update; no behavior depends on the literal value - Always lands as the final commit in a config-defaults rotation so it reflects the fully-committed upstream state

Replace the bundled default sitekey with a fresh randomized value to keep the shipped baseline distinct from prior releases. The key seeds internal hashing helpers, so rotating the default is a routine hygiene step before tagging a new build.

Core changes:

1. Default configuration (config/global.php):

2. Update sitekey to a new 25-character random value * Replaces the previous default that had been in place across recent

builds

• Restricted to the _meta-style global default; existing

installations keep their own value because `config/local.php`
overrides take precedence

Benefits: - Fresh shipped value reduces risk of accidental cross-environment fixture overlap - Keeps the bundled defaults aligned with the current release

Technical notes: - This change only touches the default in the repository; deployed systems retain whatever value they had configured via local overrides - No code or schema change accompanies the rotation - The matching configuration fingerprint update lands in the next commit so the local-override snapshot reflects the new defaults

Replace the previous logo set (256x73, 512x148, 1024x297) across all four shipped templates with the redrawn 256x79 / 512x157 / 1024x315 variants, point the configured admin logo to the new filename, and upgrade the logo-folder placeholder redirect to HTTPS.

Core changes:

1. Logo binaries (templates/{admin,default,lite,simple}/images/logos):

2. Remove old PNGs: slaed_logo_256x73, slaed_logo_512x148, slaed_logo_1024x297

3. Add new PNGs: slaed_logo_256x79, slaed_logo_512x157, slaed_logo_1024x315 * Updated artwork ships with adjusted vertical proportions (79/157/315

instead of 73/148/297) for cleaner header alignment

1. Configuration default (config/global.php):

2. Switch admin_logo default from slaed_logo_256x73.png to slaed_logo_256x79.png so fresh installs pick up the new asset

3. Folder placeholder (templates/{admin,default,lite,simple}/images/logos/index.html):

4. Update the meta-refresh redirect target from http://www.slaed.net to https://slaed.net * Aligns the placeholder with the live HTTPS canonical URL and

avoids an extra redirect hop

Benefits: - Consistent logo geometry across the four bundled themes - New installs render the refreshed logo without manual config edits - Placeholder pages no longer downgrade to plaintext HTTP

Technical notes: - Existing custom installs that pinned the old filename in their local config keep working because the old asset is no longer referenced; set admin_logo to a custom file as before if needed - No layout, CSS, or template structure changes were required to host the slightly taller artwork

Reduce vendor-prefix noise in the admin theme stylesheet and remove properties that no longer carry weight in modern browsers. Behavior is preserved; the change is purely a cleanup to keep the rule blocks tighter.

Core changes:

1. Stylesheet cleanup (templates/admin/assets/css/theme.css):

2. Drop -webkit-font-smoothing: antialiased/`-moz-osx-font-smoothing: grayscale` from the icon font and warn-icon rule blocks * Modern Chromium and Firefox already render the icon font

consistently without the hint, and Safari ignores the override

• Replace display: -webkit-box flexible-line-clamp shim on .sl-menu-grid-link span with display: block * Drops the corresponding -webkit-box-orient: vertical property * Layout in this rule does not rely on multi-line clamping

• Remove the experimental field-sizing: content from .sl-div-actions inputs and .sl-ratings-days * The property is not yet broadly supported and the explicit

width/min-width pair is sufficient

• Add -webkit-user-select: none next to user-select: none on the toggle button so older WebKit picks up the rule

Benefits: - Smaller, easier-to-scan rule blocks - Removes properties that introduced engine-specific edge cases - Keeps cross-browser parity for selection and icon rendering

Technical notes: - No selectors added or removed; only declaration-level changes - Visual output unchanged in current Chromium, Firefox, and WebKit - No compiled assets are vendored, so no rebuild step is required

Introduce an admin-footer toggle that hides or shows the runtime diagnostics block (queries, request variables, errors, system info) and relabel the section titles to read as a focused performance and request panel rather than generic analyzers.

Core changes:

1. Footer controls API (core/system.php):
2. Extend getFootControls() with a new $dbgtog flag

3. Inject a dbglink payload (icon bug, label _DEBUGPANEL) when diagnostics output is present

4. Replace the hard-coded class => sl-slaed-home with a semantic isslaed flag so templates own the CSS class mapping

5. Wire setFoot() to forward $debug !== '' as the toggle signal
6. Link fragment (templates/admin/fragments/link.html):

7. Recognize isdebug and isslaed flags * Map isdebug to sl-debugger-toggle plus

data-sl-toggle-control="sl_debugger" with slide effect (500ms)

• Map isslaed to sl-slaed-home

• Keep the existing class/href contract for all other call sites
• Footer partial (templates/admin/partials/foot-controls.html):
• Render dbglink between the brand link and the upper anchor
• Admin layout (templates/{admin,default,lite,simple}/layouts/admin.html):

• Wrap {{{ debug_html }}} in `<div id="sl_debugger" data-sl-toggle="sl_debugger" data-sl-toggle-default="open">` so the toggle target exists in all four shipped themes

• Render the wrapper only when debug_html is non-empty
• Footer styles (templates/admin/assets/css/theme.css):
• Position .sl-footer span a.sl-debugger-toggle at right: 102px
• Bind it to Bootstrap Icons glyph \f1dc (bug icon)
• Language constants (lang/de|en|fr|pl|ru|uk.php):

• Add new _DEBUGPANEL constant (Diagnostics panel / Панель диагностики and equivalents)

• Refresh four existing constants to clearer wording: * _AQUERY_DB -> Database queries * _AVARIABLES -> Request variables * _ERRLOG -> Errors and warnings * _SYSTEM_INFO -> System performance

Benefits: - One-click hide/show keeps the diagnostics block from crowding the admin canvas while remaining instantly recoverable - Cleaner labels match the actual content of each panel - Templates regain full ownership of the footer-link class mapping

Technical notes: - New parameter on getFootControls() is optional (default false), so existing callers stay source-compatible - Toggle relies on existing data-sl-toggle* runtime; no new JS module - All six bundled language files updated together to avoid mixed labels

Promote unified configuration loading to the same module that owns classes/editor and classes/logger so the boot order is explicit before core/security.php is included. Keeps security.php focused on request hardening and adds a defensive guard for direct/static analysis includes.

Core changes:

1. Configuration bootstrap (core/system.php):

2. Load $conf via getConfig() right after editor and logger are required * Apply admin theme override when ADMIN_FILE is defined * Place the bootstrap above the security.php include so the security

layer can rely on a fully merged $conf

1. Security entrypoint (core/security.php):

2. Replace the prior config bootstrap with a defensive guard * Only call getConfig() when $conf is missing or not an array * Avoids redundant work when system.php has already prepared $conf * Keeps the file safely includable in isolation

Benefits: - Clear ownership: system.php owns boot, security.php owns hardening - Predictable $conf availability for every downstream require - Safer behavior when security.php is analyzed or included directly

Technical notes: - No public API change; getConfig() and $conf shape are unchanged - Backward compatible for all callers that include core/system.php - Direct includes of core/security.php remain functional via the guard