changelog

Admin Module Updates:
• Modernized categories.php, changelog.php, ratings.php, referers.php
• Applied consistent naming conventions and patterns
• Updated to use modern template functions

Config Restructuring:
• Renamed config files: config_*.php → *.php
• Moved config_ratings.php → ratings.php
• Moved config_referers.php → referers.php
• Moved config_replace.php → replace.php
• Improved config file organization

Core Updates:
• Updated core.php with modern patterns
• Enhanced searchbox template

Impact:
• Better file organization and naming consistency
• Improved maintainability across admin modules
• Cleaner config directory structure

Admin Module Standardization:
• Renamed navigation functions: moduleNavi() → navi()
• Migrated from $admin_file to $aroute global variable
• Added (bool)$subtab type-cast in navi() functions
• Simplified function names: newsletterAdd() → add(), etc.

SQL Security Improvements:
• Converted escaped quotes \'1\' to integer literals 1
• Fixed UPDATE/INSERT queries: send = '0' → send = 0
• All SQL queries use Named Placeholders (:id, :title, etc.)

Code Structure:
• Extracted switch-case inline code into separate functions
• Added exit; after all header() redirects
• Simplified header URLs: removed redundant &op=show parameters
• Switch statements modernized: case 'show' → default

Monitor Module Enhancement:
• Converted 600+ line HTML block to Heredoc syntax
• Pre-calculated all variables before Heredoc block
• Replaced <?php echo $var; ?> with {$var} syntax
• Improved code readability and maintainability

Rules Documentation:
• Updated Section 22: Admin-Module Konventionen
• Documented $aroute usage pattern
• Documented simplified header redirects with exit;
• Documented switch-case extraction pattern

Impact:
• Enhanced security with consistent SQL Prepared Statements
• Improved code consistency across all admin modules
• Better maintainability with standardized patterns
• Reduced code duplication and complexity

Removed obsolete configuration files and templates:
• config/000config.php (legacy configuration)
• config/000config.php.bak (backup file)
• config/000config_global.php (legacy global config)
• config/000license.txt (legacy license file)
• config/changelog.php.example (moved to environment variables)
• config/lang.php.example (moved to environment variables)

Updated README.md:
• Split database badge into separate MariaDB and MySQL badges
• MariaDB: red badge for version 10+
• MySQL: purple badge for version 8.0+
• Improved visual clarity and readability

Impact:
• Cleaner configuration structure
• Removed redundant legacy files
• Better documentation presentation

Enhanced commit message display with basic Markdown support:

Changes:
• Added Markdown formatting for commit bodies
• Bold text: text renders as bold
• Lists: - item or * item renders as bullet points
• Inline code: code renders with gray background
• Automatic line breaks with nl2br()

Technical details:
• Uses htmlspecialchars() with ENT_NOQUOTES
• Regex patterns for Markdown parsing
• Clean, simple implementation
• No external dependencies

Impact:
• Improved readability of commit messages
• Professional changelog display
• Better user experience

Location: admin/modules/changelog.php render() function

Critical security improvement to prevent credential exposure in Git history:
Changes:
• Updated .gitignore to exclude files with secrets:
- /config/changelog.php (GitHub tokens)
- /config/lang.php (Yandex API keys)
- /config/config_lang.php (legacy API keys)
• Removed secret files from Git index (kept locally):
- config/changelog.php
- config/lang.php
• Created template files for developers:
- config/changelog.php.example
- config/lang.php.example
Security benefits:
• Secrets no longer tracked in Git
• Template files show required configuration structure
• Environment variables used for sensitive data
• Safe for public repositories
Setup instructions:
1. Copy .example files to actual config files:
- cp config/changelog.php.example config/changelog.php
- cp config/lang.php.example config/lang.php
2. Set environment variables:
- GITHUB_TOKEN: Your GitHub Personal Access Token
- YANDEX_TRANSLATE_KEY: Your Yandex.Translate API key
Note:
• Original config files remain on local system
• Only templates are committed to repository
• Secrets must be configured via environment variables
Impact:
• Enhanced repository security
• Prevents accidental secret exposure
• Follows industry best practices
• Compliant with GitHub secret scanning

Enhanced three admin modules with SLAED coding standards and modern PHP practices:
admin/modules/fields.php:
• String concatenation without spaces: 'text'.$var (SLAED standard)
• Opening brace on same line: function name(): type {
• Consistent single quotes throughout
• Improved code readability and maintainability
admin/modules/groups.php:
• String concatenation formatting aligned with SLAED standards
• All concatenations updated: removed spaces around . operator
• Consistent code style throughout module
• Better visual consistency
admin/modules/messages.php:
• Modern input validation with getVar() helper
• Replaced isset($_POST) with getVar('post', 'key', 'type')
• Added proper type validation for all user inputs
• String concatenation formatting updated
• Security improvements through proper input filtering
• Types: 'num', 'title', 'text', 'var' for different input types
config/changelog.php:
• Version history updated
README.md:
• Documentation improvements
Technical details:
• All string concatenations: 'text'.$var (no spaces)
• Function braces: function name(): type { (same line)
• Input validation: getVar() with proper type hints
• Security: Proper input filtering and validation
• Code style: Consistent SLAED standards applied
Impact:
• Improved code readability and maintainability
• Enhanced security through proper input validation
• Consistent code style across admin modules
• Better adherence to SLAED coding standards

Code optimizations applied:
• Remove unnecessary empty checks in foreach loops (2 places)
• Simplify complex condition in display logic
• Optimize input validation (combine getVar with ?: operator)
• Change validation type from 'title' to 'var' for better flexibility
• Improve code indentation consistency
Result: -8 lines, better readability, same functionality

Changed last updated date from January 2025 to December 2025

Adjusted bash code block formatting in Installation section:
• Moved code block out of list item indentation for better rendering
• Improved markdown compatibility across different viewers