Fix admin CSS not loading and quirks mode issues

Fixed multiple issues in admin panel:

1. CSS path: modern-normalize.css → modern-normalize.min.css
   (File is actually named .min.css)

2. Icon path: assets/icon.svg → /assets/admin_favicon.svg
   (Was relative, now absolute; correct filename)

3. Navigation: /admin/list.php → /admin/
   (list.php was renamed to index.php)

4. Short PHP tags: <? → <?php
   (Better compatibility, some servers don't enable short_open_tag)

5. Quirks mode warning was due to CSS not loading, not DOCTYPE
   (DOCTYPE was already present)

Files modified:
- public/admin/inc/head.php (main fixes)
- public/admin/index.php (short tags)
- public/admin/add.php (short tags)
- public/admin/import.php (short tags)

Need to redeploy for production: just deploy

docs/MIGRATION_COMPLETE.md

@@ -0,0 +1,214 @@
+# ✅ Migration to public/ Directory Structure - COMPLETE
+
+## 📊 Summary of Changes
+
+### Directory Structure Created
+```
+posterg-website/
+├── config/                    # ✅ NEW - Configuration files
+│   └── bootstrap.php         # Central path management
+├── public/                    # ✅ NEW - DocumentRoot (web-accessible)
+│   ├── admin/                # Moved from /admin/
+│   ├── assets/               # Moved from /assets/
+│   ├── index.php             # Moved from /index.php
+│   ├── search.php            # Moved from /search.php
+│   └── memoire.php           # Moved from /memoire.php
+├── resources/                 # ✅ NEW - Application resources
+│   └── views/                # Moved from /inc/
+│       ├── header.php
+│       └── footer.php
+├── var/                       # ✅ NEW - Runtime files
+│   ├── cache/
+│   ├── logs/
+│   └── tmp/
+├── database/                  # ✅ KEPT - Now private
+├── lib/                       # ✅ KEPT - Now private
+├── vendor/                    # ✅ KEPT - Now private
+└── tests/                     # ✅ KEPT - Now private
+```
+
+### Files Modified
+
+**1. config/bootstrap.php** (NEW)
+- Central path configuration
+- Defines APP_ROOT, PUBLIC_ROOT, DATABASE_PATH, etc.
+- Helper functions: view(), getDatabase()
+- Environment detection (dev vs production)
+- Error handling configuration
+
+**2. public/*.php** (3 files updated)
+- index.php: Uses bootstrap, updated require paths
+- search.php: Uses bootstrap, updated require paths
+- memoire.php: Uses bootstrap, updated require paths
+- All now use view() helper for header/footer
+
+**3. public/admin/*.php** (7 files updated)
+- add.php, edit.php, formulaire.php, import.php
+- index.php, publish.php, thanks.php
+- All updated to use ../../ paths for lib access
+- Bootstrap added where needed
+
+**4. justfile** (Updated)
+- Dev server: `php -S 127.0.0.1:8000 -t public/`
+- Deploy: Now deploys to `/var/www/posterg/`
+- Database deploy: Updated paths to `/var/www/posterg/`
+- Nginx deploy: Checks for correct DocumentRoot
+
+**5. nginx/posterg.conf** (Updated)
+- DocumentRoot: `/var/www/html` → `/var/www/posterg/public`
+- Admin location: `/formulaire/` → `/admin/`
+
+**6. .gitignore** (Updated)
+- Added var/ directory patterns
+- Keeps .gitkeep files, ignores contents
+
+### Security Improvements
+
+**Before:**
+- ❌ All files in DocumentRoot (/var/www/html/)
+- ❌ Database accessible at /database/test.db
+- ❌ Config files accessible
+- ❌ Dev server exposed everything
+- ❌ Relied on nginx deny rules
+
+**After:**
+- ✅ Only public/ in DocumentRoot
+- ✅ Database physically outside web root
+- ✅ Config files physically private
+- ✅ Dev server matches production security
+- ✅ Physical separation = secure by default
+
+## 🧪 Testing
+
+### Local Development
+```bash
+# Start dev server
+just serve
+
+# Test in browser:
+# - http://localhost:8000/ → Should work
+# - http://localhost:8000/admin/ → Should work
+# - http://localhost:8000/database/test.db → Should 404 ✅
+# - http://localhost:8000/config/ → Should 404 ✅
+# - http://localhost:8000/../database/test.db → Should 404 ✅
+```
+
+### Security Verification
+```bash
+# These should all return 404:
+curl http://localhost:8000/database/test.db
+curl http://localhost:8000/config/bootstrap.php
+curl http://localhost:8000/vendor/autoload.php
+curl http://localhost:8000/../database/test.db
+curl http://localhost:8000/lib/Database.php
+```
+
+### Production Deployment
+
+**BEFORE deploying to production:**
+
+1. **Update nginx config on server:**
+   ```bash
+   # Edit /etc/nginx/sites-available/posterg
+   # Change: root /var/www/html;
+   # To:     root /var/www/posterg/public;
+   ```
+
+2. **Create new directory on server:**
+   ```bash
+   ssh posterg "sudo mkdir -p /var/www/posterg"
+   ```
+
+3. **Deploy application:**
+   ```bash
+   just deploy
+   ```
+
+4. **Deploy nginx config:**
+   ```bash
+   just deploy-nginx
+   # Then on server:
+   ssh posterg
+   sudo bash /tmp/deploy-production.sh
+   sudo systemctl reload nginx
+   ```
+
+5. **Verify:**
+   ```bash
+   just server-status
+   curl -I https://posterg.erg.be/
+   curl -I https://posterg.erg.be/admin/
+   curl -I https://posterg.erg.be/database/test.db  # Must 404!
+   ```
+
+## 📝 Path Reference
+
+### From public/*.php files:
+```php
+<?php
+require_once __DIR__ . '/../config/bootstrap.php';  // Bootstrap
+require_once LIB_ROOT . '/Database.php';             // Library
+$db = getDatabase();                                  // Database
+view('header.php', ['pageTitle' => 'Title']);        // Template
+```
+
+### From public/admin/*.php files:
+```php
+<?php
+require_once __DIR__ . '/../../config/bootstrap.php';  // Bootstrap
+require_once LIB_ROOT . '/Database.php';               // Library
+```
+
+### Available Constants (from bootstrap):
+- `APP_ROOT` - /path/to/posterg-website
+- `PUBLIC_ROOT` - /path/to/posterg-website/public
+- `CONFIG_ROOT` - /path/to/posterg-website/config
+- `DATABASE_ROOT` - /path/to/posterg-website/database
+- `DATABASE_PATH` - /path/to/posterg-website/database/test.db
+- `RESOURCES_ROOT` - /path/to/posterg-website/resources
+- `LIB_ROOT` - /path/to/posterg-website/lib
+- `VAR_ROOT` - /path/to/posterg-website/var
+- `CACHE_ROOT` - /path/to/posterg-website/var/cache
+- `LOGS_ROOT` - /path/to/posterg-website/var/logs
+- `VIEWS_ROOT` - /path/to/posterg-website/resources/views
+
+## 🎯 Next Steps
+
+1. ✅ Migration complete - verify locally
+2. ⏭️ Test dev server: `just serve`
+3. ⏭️ Test all pages work correctly
+4. ⏭️ Update nginx config on production server
+5. ⏭️ Deploy to production: `just deploy`
+6. ⏭️ Deploy nginx config: `just deploy-nginx`
+7. ⏭️ Verify production deployment
+
+## 🔄 Rollback (if needed)
+
+If something goes wrong, jj makes it easy:
+
+```bash
+# View history
+jj log
+
+# Go back to previous state
+jj edit <previous-change-id>
+
+# Or abandon current changes
+jj abandon @
+```
+
+## 📚 Documentation
+
+See also:
+- `DIRECTORY_STRUCTURE.md` - Full structure reference
+- `DEPLOYMENT_MIGRATION.md` - Detailed migration guide
+- `MIGRATION_CHECKLIST.md` - Quick checklist
+
+## ✨ Benefits Achieved
+
+1. **Security**: Private files physically separated from public
+2. **Standards**: Follows PHP-FIG and Standard PHP Package Skeleton
+3. **Development**: Dev server matches production security
+4. **Maintainability**: Clear separation of concerns
+5. **Portability**: Path constants make relocation easy
+6. **Best Practices**: Industry-standard directory structure