Migrate Editor::getSelect() and all editor drivers to use template fragments and the new getTplTextarea() array API. Parser refactored with private helper methods for image normalization.
Core changes:
- Editor class (core/classes/editor.php):
Editor::getSelect(): removed inline <select>/<option> HTML
- Now uses new/select + new/select-option fragments
- Added $selectAttr parameter for OnChange and other attributes
- Editor drivers (plugins/editors/*/driver.php):
- All drivers: textarea() → getTplTextarea(['id', 'name', ...]) array call
- bbcode/driver.php: removed legacy textarea() call
- ckeditor, codemirror, plain, tinymce, toastui: updated call signatures
- Parser class (core/classes/parser.php):
Extracted getRootPath(), getFallbackImage(), buildImageError(), normalizeImageSource(), normalizeHtmlImages() as private helpers
- checkbox-input fragment used for checklist rendering
Benefits:
- Editor select rendering is now theme-switchable via new/select fragment
- Consistent array API across all driver implementations
- Parser logic split into focused private methods
Technical notes:
- Editor::getSelect() signature: added optional $selectAttr = '' parameter
- All editor drivers call getTplTextarea() — textarea() no longer used
Replace all inline HTML string construction in PHP with $tpl->getHtmlFrag() calls. No HTML is built directly in PHP code anymore — all output is delegated to template fragments.
Core changes:
- HTML-in-PHP removal — standalone helper functions (core/system.php):
- new_graphic(): spans → new/graphic fragment
- user_geo_ip(): img/a → geo-ip-flag + link-btn-blank fragments
- adminblock(): table/hr → admin-block-links fragment
- user_info(): anchor → breadcrumb-link fragment
- warnings(): ol/li → warning-list + action-menu-item fragments
- commentMetaColor/Avatar/RankImage/Signature(): → dedicated fragments
- alphaNavLink/Text(): → alpha-nav-link/text fragments
- naviTabsLink/Content(): → navi-tab-link/content fragments
- pagerDots(): → pager-dots fragment
- categorySubItem(): → category-sub-item fragment
- breadcrumbLink(): → breadcrumb-link fragment
- debugSection(): → debug-section fragment
- ratingWrap(): → rating-wrap fragment
- add_menu(): → editor-action-menu + action-menu-item fragments
- renderFootControls(): → foot-controls fragment
- editorActionMenu/commentActionMenu/votingActionMenu(): li wrapping → action-menu-item
- HTML-in-PHP removal — larger functions (core/system.php):
- encode_php(): table/tr/td/pre/code/div → code-row/table/hljs/block fragments
- render_blocks(): div.sl_center → msg-center fragment
- ashowcom(): form/span/a/div → comment-list-form/date/num-link/text fragments
- updateVotingResult(): meta refresh × 3 → meta-refresh fragment
- API updates (core/admin.php, core/user.php):
- getTplMoveControls(): positional → array call sites updated
- textarea()/getAjaxTextarea() → getTplTextarea/getTplAjaxTextarea array API
- getTplHiddenInput(): legacy positional call → array call
- Editor::getSelect(): + $selectAttr param, inline HTML removed
Benefits:
- Zero inline HTML in core PHP files — full separation of logic and markup
- All rendering is theme-switchable via fragment overrides
- Consistent $tpl->getHtmlFrag() pattern throughout
Technical notes:
- comment-list-form fragment wraps admin bulk-action form
- ashowcom $hclass remains as data attribute string (passed to comment.html)
Migrate all helper functions to uniform array-based parameter API. Add new template helpers, enforce variable naming rules (max 8 chars, lowercase letters only, no snake_case), and remove = alignment padding.
Core changes:
- New functions (core/helpers.php):
- getTplFieldsIn(): new-layout field rows via new/form-field-row fragment
- getTplHiddenInput(): updated to accept 'attr' key
- getTplFormSubmit(): new form submit bar with preview/delete controls
- getTplTextarea(): rich-text editor textarea with upload config
- getTplAjaxTextarea(): inline HTMX edit form with save/back buttons
- Refactored functions (core/helpers.php):
- getTplBbEditor(): parameter $opt → $data
- getTplPager(): $opt → $data, $url_extra → $urlx, = alignment removed
- getTplMoveControls(): positional params → array $data
- getTplUserSearchInput(): $minlength → $mlen
- getTplFieldsIn(): $field_html → $fhtml
- Alignment cleanup (core/helpers.php):
- Removed = padding in getTplFormSubmit, getTplMoveControls, getTplTextarea
- helpers-old.php:
- Migrated getHtmlFrag() calls to new/ fragment namespace
Benefits:
- Consistent array API across all getTpl* helpers
- Variable names comply with .rules/global.md (2–8 chars, lowercase)
- No alignment padding — easier diffs and code review
Technical notes:
- getTplTextarea and getTplAjaxTextarea exist only in helpers.php
- system.php previously had textarea() and getAjaxTextarea() — removed there
Auto-generated base_fingerprint reflects the new template file set introduced by the new/ fragment layer across all three themes.
Core changes:
- config/local.php:
- Updated: base_fingerprint to current codebase state
Benefits:
- Config stays in sync with deployed template files
Technical notes:
- Fingerprint is computed automatically on template structure changes
Replaces legacy content-card/content-view/liste-wrap/liste-basic fragments with new/ layer equivalents. Fixes admin URLs. Adds CSRF token to frontend delete links. Adds refer=2 support to admin actions() so frontend-initiated deletes redirect back to the frontend.
Core changes:
- Card grid view (modules/news/index.php — news()):
- Card: getTplContentCard → $tpl->getHtmlFrag('new/card', ...)
- Fixed: edit URL op=news_add → name=news&op=add
- Fixed: delete URL op=news_admin&typ=d → name=news&op=actions&typ=d
- Added: refer=2 and CSRF token on frontend delete link
- Alert: alert → new/alert
- Liste view (modules/news/index.php — liste()):
- Table: liste-wrap → new/table (5 cols: id/title/cat/poster/date)
- Rows: liste-basic → new/table-row-liste
- Letter nav: extracted from liste-wrap param to standalone output
- Alert: alert → new/alert
- Full view (modules/news/index.php — view()):
- Renderer: getTplContentView → $tpl->getHtmlFrag('new/view', ...)
Removed HTML from PHP: <br><br> separators between hometext, bodytext and fields replaced with direct concatenation
- Fixed: edit URL op=news_add → name=news&op=add
- Fixed: delete URL op=news_admin → name=news&op=actions with token
- Admin actions handler (modules/news/admin/index.php):
- Added: $refer_val to distinguish refer=1 (admin tab) vs refer=2
- refer=1 → admin panel status=1 tab (pending news, unchanged)
- refer=2 → index.php?name=news (frontend list page)
Benefits:
- No HTML strings in PHP — all markup in fragments
- Admin URLs follow consistent name=MODULE&op=ACTION pattern
- Frontend delete secured with CSRF token and refer redirect
Technical notes:
- news/view() fields appended to rawtext (no separate fields param)
- new/card.html reuses all sl-* classes defined in new.css
- new/table-row-liste.html covers 5-column liste layout
Replaces legacy content-list and title fragments with new/ layer equivalents. Fixes admin URLs to match the name=content&op=action pattern. Adds CSRF token to frontend delete links. Fixes refer redirect in the admin delete handler so frontend-initiated deletes return to the frontend, not the admin panel.
Core changes:
- Frontend list view (modules/content/index.php — content()):
- Table: content-list-open → new/table (sortable, col_id/title/func)
- Rows: content-list-basic → new/table-row-content with new/tip
- Pager: setArticleNumbers → getTplPager with prefix new/
- Alert: alert → new/alert
- Removed: body from SELECT (unused in list)
- Fixed: duplicate ?? fallback in config reads
- Frontend view (modules/content/index.php — view()):
- Renderer: title+filterDoc echo → new/view fragment
- Removed HTML from PHP: fields separator moved to template
- Fixed: rss_read result stored in $rss, not $conf['content']
- Added: CSRF token on delete link, is_moder edit/delete nav
- Admin delete handler (modules/content/admin/index.php):
- Added: $refer flag (GET refer=1)
Redirect: refer=1 → index.php?name=content (frontend) otherwise → admin.php?name=content
Benefits:
- No HTML strings in PHP — all markup in fragments
- Admin URLs follow consistent name=MODULE&op=ACTION pattern
- Frontend delete secured with CSRF token
Technical notes:
- new/view.html handles fields via {% if fields %}<br><br>{{{ fields }}}
- Admin refer flag mirrors pattern used in news module (refer=2)
Frontend modules using the new/ template layer need to call pager-link, pager-dots, and pager fragments from the new/ subdirectory. The prefix option allows callers to pass 'new/' and get new-layer fragments without duplicating pager logic.
Core changes:
- getTplPager (core/helpers.php):
- Added: $prefix = (string)($opt['prefix'] ?? '')
- Changed: pager-link, pager-dots, pager fragment calls now use $prefix
- Closure captures $prefix via use() for link rendering
- Added missing space after current page number for consistent spacing
Benefits:
- No duplicate pager code for new/ vs legacy fragment paths
- modules/content/index.php and future modules pass prefix: 'new/'
- Legacy callers unaffected (prefix defaults to empty string)
Technical notes:
- Fragment path: $prefix.'pager-link' resolves to 'new/pager-link'
- Space after current page item aligns with non-current item spacing
The sl-fullview article in new/view.html already renders a <hr> element before the footer buttons, making the CSS border-bottom on .fullview produce a visible double line.
Core changes:
- theme.css — .fullview (templates/default/assets/css/theme.css):
- Removed: border-bottom: 1px solid #ebebee
- Kept: padding-bottom: 25px
- theme.css — .fullview (templates/lite/assets/css/theme.css):
- Same change applied
Benefits:
- Single visual separator (the <hr>) in full article view
- Eliminates visible double-line regression in default and lite themes
Technical notes:
- Legacy .fullview class still used by old content-view.html fragments
- new/view.html uses sl-fullview — border handled by <hr> in markup
Introduces a unified new/ fragment namespace for all frontend modules. All fragments use sl-* CSS class naming (hyphen), defined in new.css alongside the sl_* legacy classes in system.css/theme.css.
Core changes:
- New fragment set (templates/*/fragments/new/):
- alert.html — inline alert block (warn/info variants)
- card.html — article card for grid layouts (sl-post sl-card)
- navi.html — frontend navigation menu (sl-navi-menu)
- pager.html, pager-link.html, pager-dots.html — paginator
- table.html — sortable table wrapper with optional columns
- table-row.html — generic table row wrapper
- table-row-content.html — standard 3-column article row
- table-row-liste.html — 5-column liste row (title/cat/poster/date)
- tip.html — hover tooltip with date and read-count
- view.html — full-page article view (sl-post sl-fullview)
- New CSS layer (templates/*/assets/css/new.css):
- sl-post, sl-card, sl-fullview, sl-title, sl-meta, sl-meta-foot
- sl-entry-content, sl-rate-box, sl-pull-right
- sl-table, sl-table-head, sl-table-body, sl-table-cell, sl-table-col-num
- sl-pager and all pager sub-elements
- sl-navi-menu
- Applied identically to default, lite, and simple themes
Benefits:
- Single source of truth for new-layer class naming across all themes
- No HTML in PHP — all presentation moved to fragments
- Clear separation: sl- (new.css) vs sl_ (legacy)
Technical notes:
- Fragments deployed identically to all three themes (default, lite, simple)
- new.css comments follow admin new.css style (simple slash-star groups)
- Backward compatible: legacy fragments untouched
Adds two new architecture reference documents for subsystems introduced in the editor system migration. These files are referenced in the README documentation table and describe the stable contracts that contributors should follow when extending or integrating editors and the content parser.
Core changes:
- docs/EDITORS.md:
- Describe the pluggable Editor class architecture and manifest.json format
- Document ContentDriver and CodeDriver interfaces
- List bundled drivers and their intended roles
- docs/PARSER.md:
- Describe Parser class and filterContent() API
- Document filterMarkdown() legacy shim and migration path
- Clarify safe vs. unsafe parsing contexts
Benefits:
- New contributors have a single reference for editor and parser integration
- Eliminates undocumented API surface for two actively used subsystems
Technical notes:
- Documents describe current repository state only; no forward-looking promises