refactor: rename database → storage

More semantically accurate: contains SQLite files, schema, fixtures, test data.
Updated all references in code, scripts, docs.

nginx/DEPLOYMENT_COMPLETE.md

@@ -16,7 +16,7 @@ The Post-ERG website is now successfully deployed with production-ready nginx co
 | **Public Site** | ✅ Working | https://posterg.erg.be/ → 200 OK |
 | **SSL/TLS** | ✅ Working | HTTPS with valid certificate |
 | **Admin Panel** | ✅ Protected | /formulaire/ → 401 (requires password) |
-| **Database Protection** | ✅ Blocked | /database/ → 403 Forbidden |
+| **Database Protection** | ✅ Blocked | /storage/ → 403 Forbidden |
 | **Sensitive Files** | ✅ Blocked | .md, .sql files → 403 Forbidden |
 | **Shared Directory** | ✅ Blocked | /shared/ → 403 Forbidden |
 | **Security Headers** | ✅ Present | X-Frame-Options, CSP, etc. |
@@ -96,7 +96,7 @@ find /var/www/html -type f -exec chmod 640 {} \;
 - Admin panel: 10 requests/minute (burst: 5)
 
 **Protected Paths:**
-- `/database/` - Database files (403)
+- `/storage/` - Database files (403)
 - `/shared/` - PHP libraries (403)
 - `/data/` - Upload directories (403)
 - `*.db` files - Database files (403)
@@ -174,7 +174,7 @@ curl -I http://localhost/                # Should: 200 OK
 curl -I http://localhost/formulaire/     # Should: 401 Unauthorized
 
 # Test security
-curl -I http://localhost/database/posterg.db   # Should: 403 Forbidden
+curl -I http://localhost/storage/posterg.db   # Should: 403 Forbidden
 curl -I http://localhost/README.md             # Should: 403 Forbidden
 curl -I http://localhost/shared/Database.php   # Should: 403 Forbidden
 ```
@@ -345,7 +345,7 @@ ssh posterg "cd /var/www/html && sed -i \"s|__DIR__ . '/../../shared/|__DIR__ .
 - **Deployment Issues:** Check logs first
 - **Nginx Config:** `/etc/nginx/sites-available/posterg`
 - **PHP Config:** `/etc/php/8.4/fpm/pool.d/www.conf`
-- **Database:** `/var/www/html/database/posterg.db`
+- **Database:** `/var/www/html/storage/posterg.db`
 
 ---