The three reserved config stubs (system.php, header.php, chmod.php) previously returned null to signal they are not config arrays. Replace with an explicit die() guard consistent with other protected system files, and add the standard SLAED copyright header.

Core changes:

1. config/system.php, config/header.php, config/chmod.php:
2. Add copyright header (Author, Copyright, License, Website)
3. Replace 'return null' with: if (!defined('FUNC_FILE')) die('Illegal file access')

Benefits:

• Consistent access protection across all restricted files
• Standard SLAED file header present in all config stubs

Technical notes:

• Files remain excluded from getConfig() merge via skip list in core/system.php
• die() guard prevents direct HTTP access if .htaccess rules are misconfigured

The rewrite.php file contained regex-based URL transformation rules managed through the admin editor. This functionality has been superseded: URL rewriting is now controlled exclusively by $conf['rewrite'] and server-level .htaccess rules. All include() calls and the rewrite() function were removed from the codebase in a prior cleanup.

Core changes:

1. config/rewrite.php:
2. File deleted (122 lines of legacy regex rewrite rules)
3. admin/info/editor-*.html (6 language files):
4. Remove "System SEF" tab description (referencing config/rewrite.php)
5. Rename "Server SEF" tab to "Apache rules" for clarity

Benefits:

• Removes dead code with no callers
• Admin editor UI reflects the actual available tabs
• Reduces confusion between PHP-level and server-level URL rewriting

Technical notes:

• $conf['rewrite'] config key is preserved; controls mod_rewrite behavior
• .htaccess-based rewriting remains fully functional

Remove the configurable anonymous user name ($confu['anonym']) and replace it with the static language constant _ANONYM defined in all six root language files. This eliminates a config option that had no practical need for per-site customization.

Core changes:

1. Language files (language/*.php — 6 files):

2. Add define("_ANONYM", "...") between _AND and _ANSWER in all 6 languages

   • en: "Guest", ru: "Гость", de: "Gast", fr: "Invité", pl: "Gość", uk: "Гість"
3. Admin language files (admin/language/*.php — 6 files):
4. Remove define("_ANONYMOUSNAME", "...") from all 6 files
5. Config and core (config/users.php, core/admin.php, core/security.php, core/user.php):
6. Remove 'anonym' key from config/users.php
7. Replace all $confu['anonym'] with _ANONYM
8. Admin modules (modules/*/admin/index.php — 10 modules + account):
9. Remove anonym form field from modules/account/admin/index.php
10. Replace $confu['anonym'] with _ANONYM in 10 module admin files
11. Block (blocks/block-user_info.php):
12. Replace $confu['anonym'] with _ANONYM

Benefits:

• Simplifies configuration (removes non-essential option)
• Consistent anonymous name via i18n constant system
• _ANONYM resides in language/*.php (globally loaded, not admin-only)

Technical notes:

• _ANONYM is defined in language/.php, not admin/language/.php
• core/security.php: collapsed $anon initialization into substr(_ANONYM, 0, 25)

Complete the head()/foot() → setHead()/setFoot() migration for the last nine front-end modules, and update both basic.html templates to render the article title as <h1> when in single-view mode and <h3> in list mode.

Core changes:

1. pages/index.php → setHead(seo); setFoot()
2. recommend/index.php → setHead(); setFoot()
3. rss/index.php → setHead(); setFoot()
4. search/index.php → setHead(); setFoot()

5. shop/index.php → setHead(seo); setFoot()

   • Pass title, desc, img, time, ctitle, author
6. sitemap/index.php → setHead(); setFoot()
7. users/index.php → setHead(); setFoot()
8. voting/index.php → setHead(seo); setFoot()
9. whois/index.php → setHead(); setFoot()
10. templates/default/basic.html and templates/lite/basic.html:

11. Wrap title in {%if is_view%}<h1>…</h1>{%else%}<h3>…</h3>{%endif%}

    • Single-article view uses semantically correct <h1> for SEO
    • List views retain <h3> for visual hierarchy

Benefits:

• All front-end modules now use the unified SEO-aware setHead() API

• Templates emit correct heading hierarchy — <h1> on detail pages improves Schema.org headline alignment and core-web-vitals LCP

Technical notes:

• head()/foot() aliases can be removed in a future cleanup pass
• {%if is_view%} is evaluated by the template engine; no PHP changes needed
• Backward compatible: basic.html change is purely additive

Migrate eight front-end module index files from head()/foot() to setHead()/setFoot(), use \$conf['users'] instead of the \$confu alias, and fix raw SQL string interpolation to use prepared statements with named placeholders where applicable.

Core changes:

1. account/index.php:
2. head() → setHead(); foot() → setFoot()
3. \$confu['…'] → \$conf['users']['…'] throughout
4. SQL queries for user_name/user_email use named placeholders
5. Remove unused \$confn/\$confrs globals
6. auto_links/index.php:
7. head() → setHead(); foot() → setFoot()
8. Minor getVar() and SQL cleanup
9. changelog/index.php:
10. head() → setHead(); foot() → setFoot()
11. clients/index.php:
12. head() → setHead(); foot() → setFoot()
13. Prepared statements for client queries
14. contact/index.php:
15. head() → setHead(); foot() → setFoot()
16. content/index.php:
17. head() → setHead(); foot() → setFoot()
18. Pass SEO fields (title, desc, img, time, ctitle, author) to setHead()
19. faq/index.php:
20. head() → setHead(); foot() → setFoot()
21. files/index.php:
22. head() → setHead(); foot() → setFoot()

Benefits:

• Modules now pass structured SEO data to setHead() instead of setting globals
• Prepared statements eliminate raw string interpolation in SQL
• Removed dependency on legacy \$confu alias

Technical notes:

• \$conf['users'] array was always available; \$confu was an alias
• setHead() / setFoot() are backward compatible with empty-array calls