Updated static analysis and testing configuration for improved code quality validation.
Core changes:
- PHPStan configuration (phpstan.neon):
Add ignore pattern for sprintf placeholder false positives
- Language constants resolved at runtime
- PHPUnit configuration (phpunit.xml):
- Add Validation test suite alongside Unit tests
- Exclude bootstrap.php from test discovery
- Git attributes (.gitattributes):
- Enforce LF line endings for PHP files
Benefits:
- Cleaner PHPStan output without false positives
- All validation tests run with composer quality
- Consistent line endings across platforms
Technical notes:
- PHPStan level 0 maintained
- PHPUnit 12 compatible configuration
New PHPUnit test suite for validating code quality, security, and consistency across the SLAED CMS codebase.
Core changes:
- BlockValidationTest.php:
- Validates block file syntax and naming
- Checks UTF-8 encoding compliance
- ConfigValidationTest.php:
- Validates configuration file structure
- Checks for required config keys
- InsertValidationTest.php:
- Validates INSERT queries have all required NOT NULL fields
- Parses SQL schema for field requirements
- LanguageValidationTest.php:
- Validates sprintf placeholder syntax
- Checks translation completeness across locales
- ModuleStructureTest.php:
- Validates module directory structure
- Checks for required files (index.php, language/)
- PhpFileFormatTest.php:
- Validates UTF-8 encoding (no BOM)
- Line endings check (skipped, needs project-wide normalization)
- SchemaUpdateValidationTest.php:
- Validates database migration files
- Checks SQL syntax
- SecurityValidationTest.php:
- Detects eval() with user input
- Checks for SQL injection patterns
- SetupFileWarningTest.php:
- Validates setup file warnings
- TemplateValidationTest.php:
- Validates HTML template structure
- Checks conditional syntax
Benefits:
- Automated quality assurance
- Early bug detection
- Consistent code standards enforcement
Technical notes:
- PHPUnit 12 compatible
- 58 tests, 74 assertions
- Integrated with composer quality command
Continued migration of language file naming from verbose format (lang-english.php) to ISO 639-1 codes (en.php) for consistency.
Core changes:
- Module language directories renamed:
- modules/recommend/language/
- modules/rss_info/language/
- modules/search/language/
- modules/shop/admin/language/
- modules/shop/language/
- modules/users/language/
- modules/voting/admin/language/
- modules/whois/admin/language/
- File naming changes:
- lang-english.php -> en.php
- lang-french.php -> fr.php
- lang-german.php -> de.php
- lang-polish.php -> pl.php
- lang-russian.php -> ru.php
- lang-ukrainian.php -> uk.php
Benefits:
- Consistent naming across all modules
- Shorter, standardized file names
- Aligns with ISO 639-1 language codes
Technical notes:
- File content unchanged
- Module loader updated to use new naming
Fixed malformed sprintf placeholders that had spaces between % and position number, causing formatting errors.
Core changes:
- Account module language files:
- modules/account/language/pl.php
modules/account/language/uk.php
- Fixed "% 1\$s" to "%1\$s" pattern
Benefits:
- sprintf() now works correctly with positional arguments
- Proper message formatting in Polish and Ukrainian locales
Technical notes:
- Space between % and position number is invalid
- PHPStan validation now passes for these files
Converted 27 files from Windows-1251 to UTF-8 encoding for consistency across the codebase and proper character display.
Core changes:
- Block files (blocks/*.php):
- block-center.php, block-center_forum.php, block-center_media.php
- block-files.php, block-forum.php, block-ipb_center_forum.php
- block-search.php
- Core files (core/*.php):
- geo_ip.php
- Admin links files (modules/*/admin/links.php):
- auto_links, changelog, clients, contact, content
- faq, files, forum, help, jokes, links, media
- money, news, order, pages, shop, whois
- Module files:
- modules/clients/index.php
Benefits:
- Consistent UTF-8 encoding across project
- Proper Cyrillic character display
- Eliminates encoding-related bugs
Technical notes:
- Converted using iconv from WINDOWS-1251 to UTF-8
- No content changes, only encoding conversion
Security improvement: removed eval() usage that processed template variables, replacing it with safe str_replace() function.
Core changes:
- Billing function (modules/money/admin/index.php):
- Remove eval() template processing
Use str_replace() with explicit variable mapping
- $charset, $theme, $title, $site_logo
- $sitename, $autor, $infos, $num
- $date, $menge, $kurs, $sum
Benefits:
- Eliminates code injection vulnerability
- Explicit variable substitution is more maintainable
- No functional change to template output
Technical notes:
- Template format unchanged (billing.html)
- All template variables mapped explicitly
Registration and content creation were failing due to MySQL strict mode requiring all NOT NULL fields without DEFAULT values to be specified.
Core changes:
- User registration (modules/account/index.php):
Add user_block, user_warnings, user_field, user_network to INSERT
- Email activation registration
- Social network registration
- Admin user creation (admin/index.php):
- Add user_block, user_warnings, user_field to admin INSERT
- Help module (modules/help/admin/index.php):
- Add field column to help INSERT
- News module (modules/news/index.php):
- Add associated column to news INSERT
- Database schema (setup/sql/table*.sql):
- Use CREATE TABLE IF NOT EXISTS for idempotent migrations
Benefits:
- Registration now works with MySQL strict mode
- Consistent INSERT queries across modules
- Idempotent database migrations
Technical notes:
- All new fields initialized with empty strings
- Compatible with existing database schema
Improve code formatting and template structure in the lite theme for better readability and maintainability.
Core changes:
- Template files (templates/lite/):
- index.php: Normalize indentation to spaces
- login.html: Update login form template
- login-logged.html: Update logged-in state template
- login-without.html: Update guest state template
Benefits:
- Consistent code formatting
- Improved template readability
- Better maintainability
Technical notes:
- No functional changes
- Indentation standardized to 4 spaces
Clean up obsolete image module files that are no longer needed.
Core changes:
- Removed files (modules/image/):
- .htaccess
- index.php
Benefits:
- Cleaner module structure
- Remove unused code from repository
Technical notes:
- Image handling now managed elsewhere in the system
Improve template conditional rendering API by using a more descriptive key name that clearly indicates the purpose of boolean flags in templates.
Core changes:
- Template engine (core/template.php):
- Rename array key 'flag' to 'if_flag'
- Maintain full backward compatibility with existing templates
- Documentation (docs/TEMPLATES.md):
- Update all code examples to use new 'if_flag' key
- Clarify conditional rendering usage
Benefits:
- More intuitive and self-documenting API
- Clear distinction between variables and conditional flags
- Consistent naming convention with 'if:' template syntax
Technical notes:
- No breaking changes to template syntax
- Only affects PHP-side array key naming