|
|
8fde59f411
|
Merge pull request 'fix: CSS sync, sidebar redesign, PWA support, notifications management, admin dashboard' (#94) from fix/policy-container-width into master
Reviewed-on: #94
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 10:16:53 -04:00 |
|
|
|
639af6371e
|
feat: add PWA support - manifest, service worker, offline page, icons
|
2026-06-14 10:15:20 -04:00 |
|
|
|
16979fc8d1
|
Merge pull request 'fix: CSS sync, sidebar redesign, asset versioning, route/auth fixes, admin dashboard, notifications management' (#93) from fix/policy-container-width into master
Reviewed-on: #93
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 10:09:10 -04:00 |
|
|
|
01f1215cef
|
fix: replace confirm() with proper delete confirmation modal
|
2026-06-14 10:07:21 -04:00 |
|
|
|
a25ebdcb75
|
feat: add resend notification action with push
|
2026-06-14 10:05:19 -04:00 |
|
|
|
aea0a4d189
|
feat: add delete notification button with confirmation in admin notifications
|
2026-06-14 10:03:59 -04:00 |
|
|
|
6b2300de07
|
fix: style custom checkbox with checkmark icon, add disabled button colors
|
2026-06-14 09:58:44 -04:00 |
|
|
|
e6a70c427e
|
fix: add terms/privacy checkbox to download modal, button disabled until checked
|
2026-06-14 09:56:43 -04:00 |
|
|
|
448a593423
|
fix: add required permissions section to download modal, use direct download to avoid blob HTTPS warning
|
2026-06-14 09:54:30 -04:00 |
|
|
|
5453a5d856
|
feat: add download modal with app summary and progress bar for APK download
|
2026-06-14 09:52:18 -04:00 |
|
|
|
f48a5a5495
|
feat: improve sidebar design - rounded nav items, gradient header accent, better collapsible, refined sublist
|
2026-06-14 09:48:34 -04:00 |
|
|
|
0b8d9b52c8
|
Merge pull request 'fix: CSS sync, sidebar restore, asset versioning, route/auth fixes, admin dashboard' (#92) from fix/policy-container-width into master
Reviewed-on: #92
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 09:43:43 -04:00 |
|
|
|
f8ce4066fe
|
fix: remove Notifications link from sidebar
|
2026-06-14 09:41:42 -04:00 |
|
|
|
e6017b80da
|
feat: group admin sidebar items into single Administration page with action cards
|
2026-06-14 09:39:33 -04:00 |
|
|
|
36b0d8dfd9
|
fix: close notification dropdown when opening user menu and vice versa
|
2026-06-14 09:36:45 -04:00 |
|
|
|
8fbc0f164a
|
fix: restore profile card layout, simplify user menu to My Account and Log out
|
2026-06-14 09:34:27 -04:00 |
|
|
|
379158ac93
|
fix: center profile page content
|
2026-06-14 09:33:05 -04:00 |
|
|
|
00bad074d3
|
fix: remove notifications link from user menu, add view-all button to notification dropdown, fix admin link
|
2026-06-14 09:31:27 -04:00 |
|
|
|
74cf9739d6
|
refactor: replace sidebar user footer with topbar dropdown menu
|
2026-06-14 09:26:52 -04:00 |
|
|
|
baa9ab4b7b
|
Merge pull request 'fix/policy-container-width' (#91) from fix/policy-container-width into master
Reviewed-on: #91
|
2026-06-14 09:19:33 -04:00 |
|
|
|
b7bd4bfe92
|
fix: append command history row in real-time after execution
|
2026-06-14 09:12:28 -04:00 |
|
|
|
49d724cf9c
|
fix: add Accept: application/json to terminal execute fetch
|
2026-06-14 09:09:40 -04:00 |
|
|
|
7233c224ce
|
fix: set status='active' on command_history insert so history displays
|
2026-06-14 09:07:46 -04:00 |
|
|
|
5c802f9c1e
|
fix: add missing closing brace to TerminalController::execute method
|
2026-06-14 09:05:13 -04:00 |
|
|
|
12ad0e0510
|
fix: cache CSRF token in View to prevent mismatch on multiple renders
|
2026-06-14 09:03:53 -04:00 |
|
|
|
4ce6b27f96
|
fix: use serverId variable and add Accept: application/json to server-show.js fetch calls
|
2026-06-14 09:02:13 -04:00 |
|
|
|
4ee2644be0
|
Merge pull request 'fix: sync CSS with refactored layout, restore sidebar, add asset versioning, fix routes/auth' (#90) from fix/policy-container-width into master
Reviewed-on: #90
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 08:55:35 -04:00 |
|
|
|
d1da560764
|
fix: sync CSS classes with refactored layout, restore missing sidebar items, add asset versioning, fix routes and auth
|
2026-06-14 08:54:37 -04:00 |
|
|
|
08a27fe00e
|
Merge pull request 'fix: correct asset paths - app.css->style.css, favicon.svg->server.svg' (#89) from fix/policy-container-width into master
Reviewed-on: #89
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 08:09:34 -04:00 |
|
|
|
c9ab2ca98b
|
fix: correct asset paths in layout - app.css->style.css, favicon.svg->server.svg
|
2026-06-14 08:09:06 -04:00 |
|
|
|
216a38bc71
|
Merge pull request 'refactor: extract all inline CSS/JS from PHP files into separate asset files' (#88) from fix/policy-container-width into master
Reviewed-on: #88
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 08:05:52 -04:00 |
|
|
|
88f3c1f964
|
refactor: extract inline CSS/JS from views into separate asset files (20+ files)
Phase A — HTML removed from PHP files:
- RateLimitMiddleware.php: heredoc moved to views/errors/429.php
- public/index.php: inline HTML replaced with View::error()
- AuthMiddleware.php: <script> redirect replaced with <meta refresh>
Phase B — Inline CSS/JS extracted from views:
- CSS: landing.css (459 lines), legal.css (shared by terms+privacy)
- JS: 17 new files extracted from ~20 view files
- main.js (layout sidebar + notifications)
- dashboard-chart.js, server-show.js, server-services.js
- nginx-manager.js, database-manager.js
- terminal.js, team-show.js, team-index.js
- server-list.js, server-permissions.js (shared by edit+create)
- server-ssl.js, server-processes.js, system-users.js
- admin-users.js, audit-log.js, admin-notifications.js, admin-security.js
- notifications.js
Total: -3264 lines from views, +288 lines in new assets
|
2026-06-14 08:04:01 -04:00 |
|
|
|
73d02e8ca4
|
Merge pull request 'feat: redesign 429 Too Many Requests page with live countdown' (#87) from fix/policy-container-width into master
Reviewed-on: #87
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 07:44:56 -04:00 |
|
|
|
142fe304c9
|
feat: redesign 429 Too Many Requests page with live countdown timer
|
2026-06-14 07:44:08 -04:00 |
|
|
|
7c74e2316e
|
Merge pull request 'security: fix auth bypass, XSS, IDOR, command injection, session hardening, rate limiting' (#86) from fix/policy-container-width into master
Reviewed-on: #86
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 07:38:52 -04:00 |
|
|
|
a5eb101d98
|
security: fix auth bypass, XSS, IDOR, command injection, session hardening, rate limiting
- Phase 1: Require authentication for API register endpoint; restrict role creation
- Phase 2: Add $fillable whitelist to Server model to prevent mass assignment
- Phase 3: Fix XSS via escapeHtml in sidebar, JSON_HEX_TAG in script embeds
- Phase 4: Add canView() checks to TerminalController history/clearHistory
- Phase 5: escapeshellarg() on certbot params, sanitize service names, regex-based command blocklist, suppress exception messages
- Phase 6: SESSION_SECURE=true, SameSite=Strict, logout via POST+CSRF, chmod 640 .env
- Phase 7: DB-based rate limiting replacing session-based, applied to API login/register
|
2026-06-14 07:32:18 -04:00 |
|
|
|
40748d7e5f
|
Merge pull request 'fix: hide scroll-indicator on mobile to prevent overlap with hero terminal' (#85) from fix/policy-container-width into master
Reviewed-on: #85
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-14 07:16:45 -04:00 |
|
|
|
c16236314e
|
fix: hide scroll-indicator on mobile to prevent overlap with hero terminal
|
2026-06-14 07:16:04 -04:00 |
|
|
|
471c4a5d49
|
Merge pull request 'fix: widen policy page containers to 85%' (#84) from fix/policy-container-width into master
Reviewed-on: #84
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-13 21:42:46 -04:00 |
|
|
|
fee7f3b24a
|
fix: widen policy page containers to 85% width
|
2026-06-13 21:42:16 -04:00 |
|
|
|
9ef4eb2856
|
Merge pull request 'Privacy Policy, Terms & animated landing page' (#83) from feat/privacy-terms-landing into master
Reviewed-on: #83
Reviewed-by: rafaga21 <rafaelminaya20@hotmail.com>
|
2026-06-13 21:34:46 -04:00 |
|
|
|
b05c1120f0
|
feat: add privacy policy, terms, and animated landing page
|
2026-06-13 21:33:42 -04:00 |
|
|
|
6f0c750703
|
Merge pull request 'fix: remove redundant NotificationPoller to prevent duplicate notifications' (#82) from feat/version-update-notification into master
Reviewed-on: #82
|
2026-06-13 17:51:27 -04:00 |
|
|
|
3639f16757
|
bump to 1.8.5 (versionCode 17)
|
2026-06-13 17:51:03 -04:00 |
|
|
|
52947f7b21
|
fix: filter FCM sends by notifications_enabled preference
|
2026-06-13 17:48:53 -04:00 |
|
|
|
19fc37c1f3
|
fix: remove redundant NotificationPoller to prevent duplicate notifications
|
2026-06-13 17:44:37 -04:00 |
|
|
|
ba3582c77f
|
Merge pull request 'fix: allow toggling notifications without password' (#81) from feat/version-update-notification into master
Reviewed-on: #81
|
2026-06-13 17:38:55 -04:00 |
|
|
|
60e0719eda
|
fix: allow toggling notifications without password
|
2026-06-13 17:37:27 -04:00 |
|
|
|
2864b33dcb
|
Merge pull request 'feat: user notification preference toggle (web + Android)' (#80) from feat/version-update-notification into master
Reviewed-on: #80
|
2026-06-13 17:33:53 -04:00 |
|
|
|
411c16a77d
|
remove plan file
|
2026-06-13 17:31:46 -04:00 |
|