changelog

Major changes:
• PDO-only architecture (removed mysqli support)
• All SQL queries converted to prepared statements with named placeholders
• Single quotes throughout for performance optimization
• Language files standardized (lang-english.php → en.php)
• PHP 8.1 version check enforced
• sprintf format specifiers fixed (%1$s not %1\$s)
• Dead code elimination:
* Removed buildSelect() function (unused)
* Removed 6 unused dropdown variable assignments
• Code cleanup:
* Extracted checkWritableConfig() helper to reduce duplication
* Improved maintainability and DRY compliance
Security improvements:
• PDO parameter binding prevents SQL injection
• Automatic type handling and escaping

Applied modern file validation pattern to language files, replacing
legacy end_chmod() permission checks with checkConfigFile() helper.
Changes in admin/modules/lang.php:
• Replace end_chmod() with checkConfigFile() for language file validation
• Remove redundant opendir() error handling (relying on checkConfigFile)
• Consistent with config file modernization approach
Updated .
• Renamed section 2.10 to "System File Validation and Config Modernization"
• Added language file example demonstrating checkConfigFile() usage
• Clarified that pattern applies to all editable system files, not just configs
This change extends the modern permission validation pattern established
for config files to language files and any other writable system files,
improving code consistency and maintainability.

Improve the language path helper function to return a complete path
instead of an array of path segments, making the code more intuitive.
## Changes
### Function Signature:
BEFORE:
``php
function lang_get_path(string $mod, string $typ): array {
$mod_dir = $mod ? 'modules/'.$mod.'/' : '';
$lng_wh = $typ ? $typ.'/' : '';
return [$mod_dir, $lng_wh];
}
`
AFTER:
`php
function getLangPath(string $mod = '', string $typ = ''): string {
$base = BASE_DIR;
$module = $mod ? '/modules/'.$mod : '';
$type = $typ ? '/'.$typ : '';
return $base.$module.$type.'/language';
}
`
### Usage Simplification:
BEFORE (complex):
`php
[$mod_dir, $lng_wh] = lang_get_path($mod, $typ);
$lang_path = BASE_DIR.'/'.$mod_dir.$lng_wh.'language';
$lng_src = BASE_DIR.'/'.$mod_dir.$lng_wh.'language/lang-'.$lng_cn[$j].'.php';
`
AFTER (clean):
`php
$lang_path = getLangPath($mod, $typ);
$lng_src = $lang_path.'/lang-'.$lng_cn[$j].'.php';
`
## Benefits
✅ Single source of truth for language directory paths
✅ No array destructuring needed
✅ Follows verbNoun naming convention (getLangPath)
✅ Default parameters allow optional mod/typ
✅ Returns complete path - more intuitive API
✅ Reduced code duplication (3 places simplified)
✅ Easier to understand and maintain
## Files Modified
• admin/modules/lang.php:
- Renamed: lang_get_path() → getLangPath()
- Updated: 3 call sites (lang_file, lang_save)
- Removed: Array destructuring [$mod_dir, $lng_wh]
- Simplified: Path construction logic
## Testing
• Syntax check: ✅ No errors
• Path construction works for:
- System languages: getLangPath() → BASE_DIR/language
- Admin languages: getLangPath('', 'admin') → BASE_DIR/admin/language
- Module languages: getLangPath('news') → BASE_DIR/modules/news/language
- Module admin: getLangPath('news', 'admin') → BASE_DIR/modules/news/admin/language`

Complete the lang.php module refactoring by renaming the config file
and ensuring all admin language files use LF line endings.
## Config File Migration
### Renamed:
• config/config_lang.php → config/lang.php
Rationale:
• Follows new naming convention (remove config_ prefix)
• Consistent with other refactored config files (users.php, fields.php)
• Used by require_once CONFIG_DIR.'/lang.php' in admin/modules/lang.php
Config variable: $confla (unchanged)
Config structure: Same (key, lang, count, per_page)
## Language Files Line Ending Normalization
### Updated to LF (6 files):
• admin/language/lang-english.php
• admin/language/lang-french.php
• admin/language/lang-german.php
• admin/language/lang-polish.php
• admin/language/lang-russian.php
• admin/language/lang-ukrainian.php
Changes:
• CRLF → LF line endings
• All files now comply with .editorconfig (end_of_line = lf)
• Consistent with PSR-12 and SLAED coding standards
## Impact
✅ Config loading works with new path: CONFIG_DIR.'/lang.php'
✅ All admin language files use Unix line endings
✅ Consistent with rest of codebase after LF normalization
✅ No functional changes - only file formatting
## Related Commits
• 3ccf1d5: Normalize line endings to LF (initial CRLF→LF conversion)
• 2a84c79: Refactor lang.php module (config path update)

Modernize language management admin module to PHP 8.4+ standards
and document new refactoring patterns discovered during migration.
## admin/modules/lang.php Changes
### Navigation Function Modernization:
• Replace navi_gen() with getAdminTabs()
• Simplify function signature: remove unused $opt and $legacy parameters
• lang_navi(int $opt, int $tab, int $subtab, int $legacy) → lang_navi(int $tab, int $subtab)
• Update all 5 function calls throughout the module
### Config Include Modernization:
• Replace include('config/config_lang.php') with require_once CONFIG_DIR.'/lang.php'
• Use checkConfigFile('lang.php') instead of end_chmod() for permission checking
• Update config file reference: config_lang.php → lang.php in setConfigFile()
### Error Handling Improvements:
• Remove @ error suppression from opendir() call
• Add explicit false check: if ($dir === false) { ... }
• Proper error handling with early return
### Code Style Improvements:
• Compact one-liners for simple if statements (following 120 char limit):
- if ($file !== '.' && $file !== '...' && is_file(...)) $mod[] = $file;
- if (is_dir(...)) $eadmin = '<a...';
- while (($file = readdir($dir)) !== false) if (preg_match(...)) $lng_cn[] = ...;
- for ($j = 0; $j < $cj; $j++) $cont .= '<input...';
• Improved readability while maintaining consistency
### Language File Generation Fix:
• Remove \r\n (CRLF) → use PHP_EOL (LF) for line endings
• Remove closing ?> tag from generated language files
• Replace double quotes with single quotes: "define(...)" → 'define(...)'
• Generated files now fully comply with PSR-12 and SLAED standards
### Minor Cleanups:
• Remove unnecessary comment "// Redirect back to same page"
• Consistent spacing and formatting
## .
Added three new refactoring patterns based on lang.php migration:
### Section 2.8: Remove Error Suppression Operator (@)
• Never use @ operator - handle errors properly
• Examples: @opendir() → explicit opendir() + if ($dir === false)
• Rule: Remove @ and check return values explicitly
### Section 2.9: Compact Code Style (One-liners)
• For simple conditions, use compact syntax (max 120 chars)
• Examples:
- if (condition) $var = value; (instead of multi-line)
- foreach ($arr as $item) if (check) $result[] = $item;
• Rule: Single-statement conditions can be one-liners
### Section 2.10: Config File Modernization
• Use require_once CONFIG_DIR.'/filename.php' instead of include()
• Use checkConfigFile('filename.php') instead of end_chmod()
• Remove config_ prefix: config_lang.php → lang.php
• Consistent config handling across modules
### Updated Checklist (Section 14):
Added new items to migration checklist:
• [ ] Remove all @ error suppression operators
• [ ] Use compact one-liners for simple if/for/while (max 120 chars)
• [ ] Update config includes to use CONFIG_DIR constant
• [ ] Use checkConfigFile() instead of end_chmod()
• [ ] Rename config files: remove config_ prefix where applicable
## Benefits
✅ Cleaner navigation function signature (2 params instead of 4)
✅ Proper error handling without suppression
✅ Modern config file organization
✅ Generated language files comply with LF line endings
✅ More compact, readable code style
✅ Documented patterns for future refactoring
## Testing
• Syntax check: ✅ No errors (php -l admin/modules/lang.php)
• Config file loading: Uses new CONFIG_DIR constant
• Language file generation: Now creates LF files without closing tag
• All 5 lang_navi() calls updated and working

Convert all project files from CRLF (Windows) to LF (Unix) line endings
for better cross-platform compatibility and adherence to PHP standards.
## Line Endings Normalization
### Changed:
• Converted 470+ PHP files from CRLF to LF
• Converted all JS, CSS, HTML, JSON, MD, XML files to LF
• Converted configuration files (.htaccess, .editorconfig, .gitignore) to LF
• Created .gitattributes to enforce LF line endings in repository
### Rationale:
• PHP standard (PSR-12) recommends LF line endings
• Production servers run Linux (native LF)
• Reduces Git diff noise and merge conflicts
• Consistent across all platforms (Windows/Linux/Mac)
• Smaller file sizes (LF = 1 byte vs CRLF = 2 bytes)
## Documentation Updates
### .
• Merged migration-patterns.md into refactoring-rules.md
• Added real-world migration examples (Section 10)
• Added quote style consistency rules (Section 2.3)
• Added array syntax modernization (Section 2.4)
• Expanded input validation with getVar() examples (Section 2.6)
• Added complete migration checklist (Section 14)
• Added performance considerations (Section 15)
• Document now 1030+ lines comprehensive
### .
• Created detailed migration progress article for website
• User-friendly explanation of 6.2 → 6.3 changes
• Security improvements documentation
• Performance benefits explanation
• FAQ section for end users
• 400+ lines ready for publication
### .gitignore:
• Added .
• Added nul file (Windows artifact)
• Prevents IDE-specific files from entering repository
### .gitattributes (NEW):
• Enforces LF line endings for all text files
• Declares binary file types explicitly
• Ensures consistent behavior across platforms
• Auto-normalizes files on checkout/commit
## Technical Details
Files affected: 470+ PHP files, 100+ other text files
Line ending change: CRLF → LF throughout entire codebase
Impact: All modified files show as changed due to line ending normalization
Tool used: dos2unix for safe conversion
Compatibility: No functional changes, only line ending formatting
## Benefits
✅ PHP 8.4 standard compliance (PSR-12)
✅ Linux production server compatibility
✅ Reduced Git conflicts in team environment
✅ Smaller file sizes
✅ Consistent IDE behavior across platforms
✅ Better integration with CI/CD pipelines

Created detailed refactoring documentation to prevent AI hallucinations
and ensure consistent PHP 8.4+ modernization approach.
New documentation:
• .
- Safety principles and anti-hallucination rules
- PHP 8.4+ migration patterns with examples
- Database best practices (MySQL 8.0+/MariaDB 10+)
- Security hardening guidelines
- Function naming conventions
- Step-by-step refactoring workflow
- Common patterns with before/after examples
- Testing and validation procedures
- Git commit strategies
- Complete checklist for each refactoring
Updated coding rules:
• .
- Explicitly forbid func_get_args() usage (outdated since PHP 5.6)
- Promote spread operator for variadic functions
- Provide examples: explicit parameters vs variadic
- Show when to use spread operator appropriately
Key improvements:
• Clear distinction between preferred (explicit params) and variadic approaches
• Type-safe variadic functions: function sum(int ...$nums): int
• Examples demonstrating modern PHP patterns
• Guidance on when spread operator is truly needed
Anti-hallucination measures:
• Never invent functions that don't exist
• Always verify before modifying
• Search for usage before renaming
• Check constants in language files
• Document breaking changes
• Ask developer when in doubt
Benefits:
• Consistent refactoring across entire codebase
• Reduced errors from AI misunderstandings
• Clear guidelines prevent code quality regression
• Systematic approach ensures nothing is missed
• Complete audit trail with detailed commits
Impact:
• Establishes foundation for systematic PHP 8.4 migration
• Prevents common refactoring mistakes
• Ensures security and type safety throughout
• Improves long-term code maintainability
Files modified:
• .
• .

Major refactoring of admin panel modules and core functions to improve
type safety, security, and code quality with PHP 8.4 strict types.
Admin Module Improvements:
• Refactored lang.php: Modernized language editor with strict typing
- Added type hints for all functions (int, string, array returns)
- Improved navigation with lang_navi() parameter typing
- Better path handling with lang_get_path() helper
- Enhanced bracket notation support in getVar() for arrays
• Refactored users.php: Complete rewrite with modern practices
- Replaced func_get_args() with explicit typed parameters
- Improved user management functions with strict types
- Better security validation and input filtering
• Refactored groups.php: Enhanced group management
- Added strict type declarations throughout
- Improved permission handling logic
- Better error handling and validation
• Refactored fields.php: Custom fields management improvements
- Type-safe field processing
- Enhanced validation and sanitization
• Added changelog.php: New changelog management module
- Git commit history viewer and analyzer
- Export functionality (TXT, Markdown formats)
- Filtering by author, date, files, search
- Pagination and statistics display
• Enhanced database.php: Database management improvements
- Better query optimization tracking
- Improved backup functionality
• Updated admins.php, blocks.php, comments.php, sitemap.php:
- Copyright year updates (2005-2026)
- Minor code quality improvements
Core System Enhancements:
• core.php: Modernized core functions
- setArticleNumbers(): Full parameter typing, removed func_get_args()
- Improved category-based pagination with proper type casting
- Better SQL query building with parameter support
- Enhanced fields_in() and fields_out() with new config paths
• security.php: Major security improvements
- Enhanced getVar() with bracket notation support for arrays
- field[0]: Get specific array index
- field[]: Get entire filtered array
- Array filtering with element-level validation
- Improved type validation for num, let, word, name, title, text
- Better URL and boolean filtering
- More secure input handling
Configuration Changes:
• Renamed config_fields.php → fields.php (shorter, cleaner)
• Renamed config_users.php → users.php (consistency)
• Added changelog.php: Changelog module configuration
• Updated config_lang.php: Language settings improvements
• Updated all includes to use new config file names
Frontend/JavaScript:
• Updated jquery.slaed.js: Code formatting and optimization
- Better readability and structure
- Maintained backward compatibility
Technical Details:
Modified files:
• admin/links/links.admin.php: Minor improvements
• admin/modules/admins.php: Copyright update
• admin/modules/blocks.php: Code quality
• admin/modules/comments.php: Type safety
• admin/modules/database.php: +205 lines (new features)
• admin/modules/fields.php: Refactored 216 lines
• admin/modules/groups.php: Refactored 352 lines
• admin/modules/lang.php: Refactored 522 lines (major rewrite)
• admin/modules/sitemap.php: Minor update
• admin/modules/users.php: Refactored 1048 lines (complete rewrite)
• core/core.php: Enhanced 29 lines
• core/security.php: Enhanced 94 lines
• plugins/jquery/jquery.slaed.js: Refactored 366 lines
New files:
• admin/modules/changelog.php: New module for Git history
• config/changelog.php: Module configuration
Renamed files:
• config/config_fields.php → config/fields.php
• config/config_users.php → config/users.php
Impact:
• Better type safety reduces runtime errors
• Improved security through enhanced input validation
• Easier maintenance with cleaner, typed functions
• New changelog module improves development workflow
• Full PHP 8.4 compatibility maintained
• No breaking changes for existing functionality
Breaking changes: None (backward compatible)

Extended coding rules with comprehensive Git commit standards:
• Enforce English language for all commit messages
• Define detailed commit structure with multiple sections
• Include example of well-formatted commit message
• Add commit message requirements to AI checklist
Guidelines include:
• Brief summary line (50-72 characters)
• Detailed description of changes and reasoning
• Technical details section (files, functions, database)
• Impact analysis (performance, security, breaking changes)
• Mandatory detailed commits (no "fix bug" or "update code")
Benefits:
• Improved project history readability
• Better understanding of changes over time
• Easier debugging and rollback procedures
• International team compatibility
• Professional standard alignment
Updated files:
• .
• .
This ensures all future commits follow professional standards with
comprehensive documentation of what, why, where, and impact of changes.

## Hauptänderungen:
### 1. Helper-Funktion zur Code-Deduplizierung
• Neue Funktion lang_get_path() eliminiert doppelte Path-Logik
• Wird in lang_file() und lang_save() verwendet
• Konsistente Path-Konstruktion über beide Funktionen
### 2. URL-Parameter Modernisierung
• Alte Parameter: mod_dir, lng_wh (enthielten volle Pfade)
• Neue Parameter: mod, typ (nur Modulname/Typ)
• Saubere URLs: ?op=lang_file&mod=faq&typ=admin
• Path-Konstruktion erfolgt intern in den Funktionen
### 3. Pagination-System (PHP max_input_vars)
• Problem: 562 Konstanten × 6 Sprachen = 3372+ Felder (> 1000 Limit)
• Lösung: Pagination mit max 100 Konstanten pro Seite (~600 Vars)
• Pagination-Navigation mit Seitenlinks
• Partial Update: Nur bearbeitete Konstanten aktualisieren
• Bestehende Konstanten bleiben beim Speichern erhalten
### 4. Konfigurierbare Pagination
• Neue Einstellung: per_page in lang_conf()
• Speicherung in config/config_lang.php
• Default: 100, Range: 10-500
### 5. Absolute Pfade mit BASE_DIR
• Problem: Relative Pfade führten zu Working-Directory-Fehlern
• Lösung: BASE_DIR für alle Dateizugriffe
• Konsistente Pfade: BASE_DIR.'/modules', BASE_DIR.'/'.$mod_dir
• Eliminiert opendir() Fehler
### 6. Quote-Konsistenz (PHP Best Practice)
• Alle String-Literale: "" → ''
• Schnellere Parsing-Performance
• Keine Interpolation bei statischen Strings
### 7. Regex-Robustheit für Konstanten
• Alt: #define\("(.*)"\s*,\s*"(.*)"\);#
• Neu: #define\(["\']([^"\']+)["\']\s*,\s*["\'](.*)["\']\);#sU
• Erkennt beide: define("NAME","value") und define('NAME','value')
• Korrekte Zählung: 562 statt 560 Konstanten
### 8. Konstanten-Ausgabe mit Single Quotes
• Output-Format: define('NAME','value') statt define("NAME","value")
• Proper Escaping: str_replace("'", "\'", $value)
• Verhindert Syntax-Errors bei Apostrophen im Text
### 9. Variable Optimization
• Removed: $out = []; $out[1] = ...; $out[2] = ...;
• Neu: $cnst und $translations mit direkter Initialisierung
• Beschreibende Namen statt numerische Indices
• Bessere Code-Lesbarkeit
### 10. Dead Code Removal
• Removed: $adm_fl Variable (was never used)
• Cleaner Code without unnötige Variablen
### 11. Modernisierung lang_main()
• scandir() statt opendir()/readdir()
• Array-Initialisierung: $modbase = [], $who_view = []
• isset() Guards gegen undefined index warnings
• Bessere HTML-String-Formatierung
• Ternärer Operator für cleanen Code
### 12. Redirect-Verbesserung
• lang_save() redirected zurück zur gleichen Seite
• Erhält Pagination-State: &page=$page
• Bessere UX beim Speichern
## Technische Details:
• PHP 8.0+ Kompatibilität
• Null Coalescing Operator: ?? 100
• Array Destructuring: [$mod_dir, $lng_wh] = lang_get_path()
• Type Hints: string $mod, string $typ
• Return Types: array