Removes the explicit horizontal overflow behavior from the admin table shell. The table minimum width rule remains in place while the surrounding layout can control overflow naturally.
Core changes:
- Admin theme stylesheet (templates/admin/assets/css/theme.css):
Removed the .sl-table-shell overflow rule
- Drops forced horizontal scrolling on the shell
- Keeps table min-width behavior unchanged
Benefits:
- Reduces redundant admin table styling
- Lets parent layouts control scrolling behavior
- Keeps the stylesheet slightly simpler
Technical notes:
- No template or JavaScript changes
- No runtime behavior changes outside CSS layout
- Backward compatibility depends on existing parent layout overflow handling
Moves changelog JSON cache files into a dedicated cache subdirectory. This keeps module data separate from page and asset cache files.
Core changes:
- Changelog cache storage (modules/changelog/common.php):
Reads cache entries from storage/cache/changelog
- Keeps the existing sha1 key format
- Preserves TTL and payload validation behavior
Writes cache entries into the changelog namespace
- Creates the module cache directory when needed
- Keeps atomic temp-file writes unchanged
Benefits:
- Reduces cache root clutter
- Aligns module cache data with the namespaced cache layout
- Makes admin cache reporting easier to understand
Technical notes:
- Existing root-level changelog JSON files are not migrated
- Cache keys and response metadata format are unchanged
- No database schema changes
Adds admin-facing controls and documentation for the namespaced cache layout. The configuration screen can now report cache files by namespace and clear the full cache tree through an explicit action.
Core changes:
- Cache configuration admin (admin/modules/config.php):
Added detailed cache directory counts and total size reporting
- Skips protected .htaccess and index.html marker files
- Shows namespace-level cache distribution
Added a CSRF-protected clear-cache action
- Uses Cache::deleteAll() for full cache tree cleanup
- Keeps the action visible only on the optimization tab
- Scheduler and help text (config/scheduler.php, admin/info/.md, admin/lang/.php):
- Registered a disabled Page cache cleanup system job
- Updated cache labels and Russian help documentation for the new cache layout
- Added translations for the clear-cache action
- Admin tabs (templates/admin/assets/js/tabs.js):
- Supports tab-scoped auxiliary action visibility
- Keeps the cache clear button tied to the optimization tab
Benefits:
- Makes cache storage and cleanup visible from admin tools
- Enables scheduled cache cleanup without custom code
- Keeps destructive cache actions scoped and explicit
Technical notes:
- The scheduler job is disabled by default
- Protected marker files are not counted or deleted
- No database schema changes
Introduces a dedicated Cache class and migrates frontend cache delivery away from legacy helpers. Page HTML and asset bundles now use namespaced cache paths and the new validated asset route.
Core changes:
- Cache class (core/classes/cache.php):
Added path, hash, freshness, body, cleanup, and header helpers
- Validates cache type, extension, and hex hash inputs
- Writes cache files atomically with LOCK_EX and rename
- Centralized public/no-store response headers
- Runtime cache flow (core/system.php, index.php, admin/index.php):
Replaced setCache(), setCss(), and setScript() usage
- Adds page cache eligibility and theme/language-aware page hashes
- Stores HTML under storage/cache/pages/html
Migrated CSS and JS bundles to storage/cache/pages/assets
- Delivers bundles through index.php?go=asset&file=<hash>&type=css|js
- Preserves config/header.php script injection behavior
Benefits:
- Separates HTML and asset cache storage by namespace
- Removes legacy md5 text cache delivery routes
- Improves reliability with atomic writes and stricter asset validation
Technical notes:
- Old go=css and go=script routes are removed
- Direct storage/cache web access remains blocked
- Backward compatibility with old storage/cache/*.txt is intentionally not provided
Refactors the voting view renderer and keeps moderator actions separate from poll result items. This prevents the admin action menu from replacing the visible voting options or result rows.
Core changes:
- Voting view renderer (core/system.php):
Simplified voting query and early-return flow
- Keeps multilingual and forced-result behavior explicit
- Preserves existing voting alerts and widget template usage
Separates poll item rendering from moderator action links
- Avoids overwriting the rendered voting item list
- Keeps result, vote, poll, and comment controls intact
Benefits:
- Restores visible voting results for moderator/admin views
- Improves maintainability of the voting renderer
- Reduces branching without changing the public widget contract
Technical notes:
- No database schema changes
- No template key changes
- Backward compatibility preserved for positional calls to getVotingView()
Complete the performance/debug panel styling across admin and lite, unify the lite spacing scale through tokens, and remove unused CSS classes and custom properties. These edits are interleaved within the shared theme/base stylesheets and form one cohesive CSS housekeeping pass.
Core changes:
- Debug panel (theme.css, base.css, debug-section.html):
- Colored section tones, bug icons before error lines, progress-bar parity
- Tokenized legend/fieldset padding/margin/border for admin and lite
- Render tone class in the lite debug-section fragment
- Lite spacing tokenization (lite/theme.css):
Map padding/margin/gap 4/6/8/12px to --sl-space-xs/sm/md/lg
- Negative values and non-scale lengths left intact
- Aligns the lite spacing scale with admin
- Dead CSS removal (admin/lite theme.css and base.css):
- Drop unused classes .sl-bbup-panel and .sl-forum-table-head
Drop unused custom properties (accent-soft, changelog-bg, monitor-*, loading-center, hover--down, admin-tight-, shadow duplicates)
Benefits:
- Consistent admin/lite debug panel and spacing scale
- Less redundancy, smaller stylesheets
Technical notes:
- Presentation only, no markup contract changes
- Verified: no unused --sl-space tokens remain, brace balance intact
Render each recent error time in getDebugErrors() via date_create()->format(_TIMESTRING) instead of the raw stored string, so the debug panel shows dates in the configured system format and keeps the embedded timezone offset.
Core changes:
- Debug error list (system.php):
Parse row time with date_create() and format with _TIMESTRING
- Guard empty time values so no stray leading space is emitted
- Keep channel, message and optional URL layout unchanged
Benefits:
- Consistent, localized timestamps in the performance/debug panel
- Avoids timezone shift from re-parsing with the server default
Technical notes:
- Presentation only, no storage/format change
- Backward compatible
Lay out the four system-performance metrics like the voting result rows: label on the left, value on the right, on one line above a full-width progress bar, in both the admin and frontend themes.
Core changes:
- Debug stats fragment (templates/{admin,lite}/fragments/debug-stats.html):
- Move the value next to the label inside the <dt> header; <dd> holds only the bar
- Theme styles (templates/{admin,lite}/assets/css/theme.css):
- Replace the two-column grid with a flex header (space-between) and a full-width bar
- Drop the trailing colon after the label
Benefits:
- Clearer, consistent performance panel matching the voting result layout
Technical notes:
- Template/CSS only; no PHP change; data keys and value strings unchanged
The index.php CSRF gate read an upload_token request param that no client
ever sends (uploads, the editor and forms all use token or the
X-CSRF-Token header), so the fallback was unreachable.
Core changes:
- Entry point (index.php):
- Drop the unreachable upload_token branch from the token resolution chain
Benefits:
- Removes dead code from the security gate
Technical notes:
- Behavior-preserving: the token param and X-CSRF-Token header remain