addmail() collided with addMail() (core/security.php) because PHP function names are case-insensitive; renamed to addAdminMail() to follow VerbNoun convention and eliminate the fatal redeclaration error.
Core changes:
- Function declaration (core/system.php):
- addmail() → addAdminMail(); comment updated
- No logic changes, signature unchanged
- Call sites (11 files):
- core/user.php
- modules/news, links, files, media, jokes, faq, pages, help, whois, auto_links
Benefits: - Resolves Fatal error: Cannot redeclare function addMail() - Consistent VerbNoun camelCase naming per SLAED §3-4 - No ambiguity between low-level addMail() and admin-notify addAdminMail()
Technical notes: - addMail() (security.php) queues a single email - addAdminMail() (system.php) dispatches notifications to all subscribed admins - Backward compatibility: internal API only; no external callers
Replaces all remaining legacy function calls that were missed in the previous Refactor commit, ensuring system.php is consistent with the merged isAdmin(bool \$super = false) API in core/security.php.
Core changes:
- Function call replacements (core/system.php):
- is_admin() → isAdmin() (12 occurrences)
- isAdminSuper() → isAdmin(true) (4 occurrences)
Benefits: - No legacy shim required; all call sites now use unified API - Static cache in isAdmin() shared across all 16 call sites per request - One DB query per request regardless of super check
Technical notes: - isAdmin(true) is equivalent to removed isAdminSuper() - isAdmin() is equivalent to removed is_admin() - Backward compatibility: none needed; legacy functions deleted
Migrates remaining save_datetime() calls to the unified getVar() API, and corrects a single-quote style issue in the changelog French language file.
Core changes:
- modules/faq/admin/index.php:
- save_datetime(1, 'time') → getVar('req', 'time', 'time') (×2, add/save)
- modules/changelog/language/fr.php:
- Double to single quote on one define() line
Benefits: - Consistent input handling via getVar() throughout admin modules - No more calls to removed save_datetime() helper
Technical notes: - Behaviour unchanged; getVar 'time' type validates and formats identically
Adapts all test files to the camelCase rename sprint: function calls, helper wrappers and comments updated throughout the Unit and integration test suites.
Core changes:
- tests/Unit/InputFilterTest.php:
- saveText → filterHtml in helper and comments
- tests/Unit/PasswordHashTest.php, TemplateIfTest.php:
- Minor naming alignment
- tests/bootstrap.php:
- Updated function references
- Validation tests (BlockValidationTest, SecurityValidationTest, etc.):
- Updated function name expectations
Benefits: - Test suite reflects current API - No regressions introduced by the rename sprint
Technical notes: - phpunit: all tests expected to pass after rename completion
Updates all user-facing and developer-facing documentation to reflect the camelCase function rename sprint completed in core/security.php.
Core changes:
- CONTRIBUTING.md:
- getVar() type table updated (filterWord, filterHtml, filterFields)
- SECURITY.md:
- New section: renamed security functions reference table (20 entries)
- UPGRADING.md:
- Breaking changes section: full migration table for renamed functions
- Version history updated
- docs/TEMPLATES.md:
- Date updated to 2026
- docs/TESTS.md:
- Function names updated to camelCase equivalents
Benefits: - Developers can look up old names and find new equivalents - Migration path is clearly documented for upgraders
Technical notes: - No code changes; documentation only - Covers all renames tracked in GLOSSARY.md
Completes the security/utility function rename sprint: all legacy snake_case identifiers in core/security.php are replaced with camelCase VerbNoun names per SLAED coding standard §3-4, and every call site across the project is updated accordingly.
Core changes:
- Function renames (core/security.php):
- log_report() → addLog()
- is_admin_god() / is_admin() → isAdmin(bool $super = false)
- get_host() → getHost()
- get_referer() → getReferer()
- zip_check() / zip_compress() → checkCompress() / addCompress()
- isVar() / analyze() → filterVar()
- url_filter() → filterUrl()
- num_filter() → filterNum()
- var_filter() → filterWord()
- text_filter() → filterText()
- cutstrc() → filterCut()
- ed2k_link() → getEd2kLink()
- url_clickable() → filterClickable()
- save_text() → filterHtml()
- fields_save() → filterFields()
- display_time() → getDuration()
- rest_time() → getTimeLeft()
- mail_send() → addMail()
- doHackReport() → addHackReport()
- doWarnReport() → addWarnReport()
- error_sql_log() → addSqlLog() (core/classes/pdo.php)
- isAdmin() optimisation (core/security.php):
- Merged isAdminSuper() into isAdmin(bool $super = false)
- Single DB query fills both cache slots (key 0 and key 1)
- hash_equals() for constant-time password comparison
- Strict === throughout; getSqlRow() null-guard added
- Variable renames (core/security.php):
- $ua → $uagt, $ag → $agent, $ipt_base → $iptbase
- $array_index → $arridx, $is_array_all → $allarr
- $date_time → $dtime
- Bug fixes (core/security.php):
- @ suppression removed from $lwrite closure
- getIp() / getAgent() hoisted out of blocker foreach loop
- setCookies() uses implode() instead of fixed $value[0..5] indexing
- getTimeLeft() calls time() once; getHost() has ?: '' fallback
- getSqlRow() null-guard added via ?? ['', '', '']
- Call sites updated across 68 files:
- admin/modules/*.php, modules//index.php, modules//admin/index.php
- core/admin.php, core/system.php, core/user.php, templates/admin/index.php
- core/legacy.php removed (empty guard-only file)
Benefits: - Consistent camelCase API throughout the project - Merged admin-check function reduces DB queries per request - Security hardened: timing-safe comparison, no error suppression
Technical notes: - All renames tracked in .agents/skills/slaed/GLOSSARY.md - php -l: no syntax errors in all changed files - Backward compatible: no public API exposed outside this project
Replaces all double-quoted strings with single quotes in language files, blocks, and plugins to align with SLAED coding standard §17 (always use single quotes for simple strings).
Core changes:
- Language files (language/, admin/language/, modules/*/language/):
- 150+ define() calls: double to single quotes
- Block files (blocks/*.php):
- All string literals converted to single quotes
- Plugin files (plugins/filemanager/**):
- All string literals converted to single quotes
- Template (templates/lite/index.php):
- array() → [] syntax; string literals to single quotes
Benefits: - Consistent code style across the project - Alignment with SLAED coding standard §17
Technical notes: - Behaviour unchanged; purely cosmetic - Applied via php-cs-fixer - Backward compatible
Revert the function extraction introduced in commit 6ec4ea7 due to a production failure. The refactored split (system.php + legacy.php) caused 500 errors on the live server that persisted even after PHP-FPM restart.
Core changes:
- core/system.php:
Restore all legacy functions that were moved to core/legacy.php * Production server failed silently after deployment of the split
- core/legacy.php:
- Remove all functions; restore to stub (guard only)
Benefits: - Production stability restored
Technical notes: - Root cause not yet confirmed; suspected: config file format mismatch between old doConfig() output and new getConfig() reader - Refactor to be re-attempted after diagnosing production config format
Correct over-indented variable declaration in rechn() and remove a redundant setThemeInclude() call that was left after a prior refactor.
Core changes:
- rechn() (modules/money/admin/index.php):
- Fix indentation: $id = getVar(...) was at 8 spaces, corrected to 4
Remove setThemeInclude() call * Function is called by the dispatcher before rechn() is invoked;
calling it again inside the function is redundant and incorrectBenefits: - Consistent indentation aligned with project code style - Eliminates double theme-include side effect
Technical notes: - No behavioral change for normal request flow - setThemeInclude() removal has no visible effect as template is already loaded
Initialize $retcode before pass-by-reference use and fetch $format from GET input to eliminate PHP undefined-variable warnings in the changelog admin module.
Core changes:
- gitfetch() (modules/changelog/admin/index.php):
Add $retcode = 0 before gitexec($cmd, $gitlog, $retcode) * Prevents PHP 8.x warning: undefined variable passed by reference
- export() (modules/changelog/admin/index.php):
Add $format = getVar('get', 'format', 'var', 'txt') at function start * Variable was used on lines 659 and 664 without being declared * Default 'txt'; accepts 'md' for Markdown export
- File header (modules/changelog/admin/index.php):
- Remove UTF-8 BOM () from line 1
Benefits: - Eliminates two PHP undefined-variable warnings - export() correctly handles both txt and md format requests
Technical notes: - $format default 'txt' preserves existing plain-text export behavior - No changes to git log parsing or GitHub fetch logic
