refactor: rename database → storage

More semantically accurate: contains SQLite files, schema, fixtures, test data.
Updated all references in code, scripts, docs.

docs/COMPLETE_DEPLOYMENT_GUIDE.md

@@ -188,7 +188,7 @@ curl -I https://posterg.erg.be/
 curl -I https://posterg.erg.be/admin/
 
 # Should be 404 (SECURITY - private files):
-curl -I https://posterg.erg.be/database/test.db
+curl -I https://posterg.erg.be/storage/test.db
 curl -I https://posterg.erg.be/config/bootstrap.php
 curl -I https://posterg.erg.be/includes/header.php
 curl -I https://posterg.erg.be/lib/Database.php
@@ -320,8 +320,8 @@ sudo systemctl reload nginx
 **Fix:**
 ```bash
 ssh posterg
-sudo chown www-data:posterg /var/www/posterg/database/test.db
+sudo chown www-data:posterg /var/www/posterg/storage/test.db
-sudo chmod 660 /var/www/posterg/database/test.db
+sudo chmod 660 /var/www/posterg/storage/test.db
 ```
 
 ### Admin upload errors

docs/DATABASE_CONFIG.md

@@ -23,10 +23,10 @@ The `shared/config.php` file defines:
 
 ```php
 // Test database (development)
-DB_TEST_PATH = '/path/to/database/test.db'
+DB_TEST_PATH = '/path/to/storage/test.db'
 
 // Production database (server)
-DB_PROD_PATH = '/path/to/database/posterg.db'
+DB_PROD_PATH = '/path/to/storage/posterg.db'
 ```
 
 ## How It Works
@@ -35,7 +35,7 @@ DB_PROD_PATH = '/path/to/database/posterg.db'
 
 By default, the system automatically determines which database to use:
 
-1. **If `database/test.db` exists** → Use test database (development mode)
+1. **If `storage/test.db` exists** → Use test database (development mode)
 2. **Otherwise** → Use production database (production mode)
 
 This means:
@@ -123,7 +123,7 @@ just deploy-database
 To test with production data locally:
 ```bash
 # Download production database (optional)
-scp posterg:/var/www/html/database/posterg.db database/
+scp posterg:/var/www/html/storage/posterg.db database/
 
 # Remove test database to force production mode
 rm database/test.db
@@ -177,5 +177,5 @@ if (isTestMode()) {
 - **Explicit test deploy**: Use `just test-deploy` to explicitly deploy test.db when needed
 - **Git ignored**: Test database is in `.gitignore` and never committed
 - **Backups**: Production database should be backed up regularly
-- **Schema**: Both databases use the same schema (`database/schema.sql`)
+- **Schema**: Both databases use the same schema (`storage/schema.sql`)
 - **Verification**: Run `rsync --dry-run` to preview what will be deployed before deploying

docs/DEPLOYMENT_MIGRATION.md

@@ -14,7 +14,7 @@ php -S 127.0.0.1:8000
 
 **Problems:**
 - Serves from project root (all files accessible via web)
-- Exposes sensitive files: `database/`, `tests/`, `vendor/`, config files
+- Exposes sensitive files: `storage/`, `tests/`, `vendor/`, config files
 - Doesn't match production DocumentRoot configuration
 - Security risk: `.env`, database files, source code all accessible
 
@@ -216,7 +216,7 @@ deploy-code:
 ```just
 test-deploy:
     ssh posterg "mkdir -p /var/www/html/database"
-    rsync -vur --progress ./database/test.db posterg:/var/www/html/database/test.db
+    rsync -vur --progress ./storage/test.db posterg:/var/www/html/storage/test.db
 ```
 
 **New:**
@@ -229,9 +229,9 @@ deploy-database:
     echo; \
     if [[ $$REPLY =~ ^[Yy]$$ ]]; then \
         ssh posterg "mkdir -p /var/www/posterg/database" && \
-        rsync -vur --progress ./database/test.db posterg:/var/www/posterg/database/ && \
+        rsync -vur --progress ./storage/test.db posterg:/var/www/posterg/storage/ && \
-        ssh posterg "chown www-data:posterg /var/www/posterg/database/test.db && \
+        ssh posterg "chown www-data:posterg /var/www/posterg/storage/test.db && \
-                     chmod 660 /var/www/posterg/database/test.db" && \
+                     chmod 660 /var/www/posterg/storage/test.db" && \
         echo "✅ Database deployed"; \
     else \
         echo "❌ Cancelled"; \
@@ -241,7 +241,7 @@ deploy-database:
 [group('deploy')]
 backup-remote-db:
     @echo "💾 Backing up remote database..."
-    @ssh posterg "sqlite3 /var/www/posterg/database/test.db .dump" > database/remote_backup_$(date +%Y%m%d_%H%M%S).sql
+    @ssh posterg "sqlite3 /var/www/posterg/storage/test.db .dump" > database/remote_backup_$(date +%Y%m%d_%H%M%S).sql
     @echo "✅ Remote database backed up locally"
 ```
 
@@ -338,7 +338,7 @@ server {
         deny all;
     }
     
-    location ~ /database/ {
+    location ~ /storage/ {
         deny all;
     }
     
@@ -400,7 +400,7 @@ mv lib src/lib
 just serve
 # Opens http://localhost:8000
 # Verify that sensitive files return 404:
-#   http://localhost:8000/database/test.db  → 404
+#   http://localhost:8000/storage/test.db  → 404
 #   http://localhost:8000/config/          → 404
 #   http://localhost:8000/src/             → 404
 ```
@@ -461,7 +461,7 @@ just server-status
 - [ ] File uploads work (if applicable)
 - [ ] Logs written to `/var/www/posterg/var/logs/`
 - [ ] Sensitive URLs return 404:
-  - https://posterg.erg.be/database/test.db
+  - https://posterg.erg.be/storage/test.db
   - https://posterg.erg.be/config/
   - https://posterg.erg.be/src/
   - https://posterg.erg.be/vendor/
@@ -477,7 +477,7 @@ just server-status
 | Assets | `/assets/` | `/public/assets/` |
 | Config | `/inc/` | `/config/` or `/src/` |
 | Libraries | `/lib/` | `/src/lib/` |
-| Database | `/database/` | `/database/` (stays) |
+| Database | `/storage/` | `/storage/` (stays) |
 | Vendor | `/vendor/` | `/vendor/` (stays) |
 | Tests | `/tests/` | `/tests/` (stays) |
 
@@ -554,7 +554,7 @@ require_once APP_ROOT . '/config/app.php';
 
 ### Issue: Database connection fails
 **Cause:** Path to database file wrong  
-**Fix:** Update path from `database/test.db` to `../database/test.db` (from public/)
+**Fix:** Update path from `storage/test.db` to `../storage/test.db` (from public/)
 
 ### Issue: Can't write to cache/logs
 **Cause:** Wrong permissions on var/ directory  

docs/DEPLOYMENT_STEPS.md

@@ -24,7 +24,7 @@ This deploys all files to `/var/www/posterg/`:
 - `public/` → `/var/www/posterg/public/`
 - `includes/` → `/var/www/posterg/includes/`
 - `config/` → `/var/www/posterg/config/`
-- `database/` → `/var/www/posterg/database/`
+- `storage/` → `/var/www/posterg/storage/`
 - `src/` → `/var/www/posterg/lib/`
 
 ### 3. Update Nginx Configuration
@@ -59,7 +59,7 @@ just server-status
 Check:
 - https://posterg.erg.be/ (should work)
 - https://posterg.erg.be/admin/ (should work)
-- https://posterg.erg.be/database/test.db (should 404 ✅)
+- https://posterg.erg.be/storage/test.db (should 404 ✅)
 
 ---
 
@@ -84,7 +84,7 @@ just deploy-database
 ```
 
 This will:
-1. Upload `database/test.db` to server
+1. Upload `storage/test.db` to server
 2. Set correct permissions
 3. Warn before overwriting
 
@@ -174,7 +174,7 @@ jj edit <previous-change-id>
 - [ ] SSH to server and apply nginx config
 - [ ] `sudo systemctl reload nginx`
 - [ ] Verify site works: https://posterg.erg.be/
-- [ ] Verify security: https://posterg.erg.be/database/test.db → 404
+- [ ] Verify security: https://posterg.erg.be/storage/test.db → 404
 - [ ] Test admin: https://posterg.erg.be/admin/
 - [ ] Deploy database (if needed): `just deploy-database`
 

docs/DEVELOPMENT_GUIDE.md

@@ -186,7 +186,7 @@ include 'inc/header.php';
 
 ### Test Database
 
-Development uses `database/test.db` (gitignored).
+Development uses `storage/test.db` (gitignored).
 
 **Create test database:**
 ```bash
@@ -360,7 +360,7 @@ All will auto-refresh when you save files! ✨
 
 ### Using a Real Test Database
 
-The test database (`database/test.db`) is gitignored. To share test data:
+The test database (`storage/test.db`) is gitignored. To share test data:
 
 ```bash
 # Create fixtures
@@ -479,7 +479,7 @@ just test
 ## 📚 Further Reading
 
 - [Test Documentation](../tests/README.md)
-- [Database Specification](../database/DATABASE_SPECIFICATION.md)
+- [Database Specification](../storage/DATABASE_SPECIFICATION.md)
 - [Migration Guide](../MIGRATION_GUIDE.md)
 - [Deployment Guide](../nginx/DEPLOYMENT_COMPLETE.md)
 

docs/MIGRATION_CHECKLIST.md

@@ -52,7 +52,7 @@ sed -i 's/@php -S 127.0.0.1:8000/@php -S 127.0.0.1:8000 -t public\//' justfile
 # 2. Test new dev server
 just serve
 # Visit http://localhost:8000
-# Verify http://localhost:8000/database/test.db returns 404
+# Verify http://localhost:8000/storage/test.db returns 404
 
 # 3. If it works, you're ready for production migration
 ```
@@ -118,13 +118,13 @@ location ^~ /admin/ {
 3. **Remove/update deny rules** (lines 48-60) - These become redundant!
 ```nginx
 # BEFORE - needed because everything in DocumentRoot
-location ^~ /database/ { deny all; }
+location ^~ /storage/ { deny all; }
 location ^~ /shared/ { deny all; }
 location ^~ /data/ { deny all; }
 
 # AFTER - can remove! They're already outside public/
 # But keep as defense-in-depth:
-location ^~ /database/ { deny all; }  # Will never match, but safe
+location ^~ /storage/ { deny all; }  # Will never match, but safe
 ```
 
 ### In justfile:
@@ -191,9 +191,9 @@ deploy:
 test-deploy:
     @echo "⚠️  Deploying test database"
     ssh posterg "mkdir -p /var/www/posterg/database"
-    rsync -vur --progress ./database/test.db posterg:/var/www/posterg/database/
+    rsync -vur --progress ./storage/test.db posterg:/var/www/posterg/storage/
-    ssh posterg "chown www-data:posterg /var/www/posterg/database/test.db && \
+    ssh posterg "chown www-data:posterg /var/www/posterg/storage/test.db && \
-                 chmod 660 /var/www/posterg/database/test.db"
+                 chmod 660 /var/www/posterg/storage/test.db"
     @echo "✅ Test database deployed"
 ```
 
@@ -209,7 +209,7 @@ just serve
 # In another terminal:
 curl http://localhost:8000/                    # ✅ Should work
 curl http://localhost:8000/admin/              # ✅ Should work (after moving)
-curl http://localhost:8000/database/test.db    # ❌ Should 404
+curl http://localhost:8000/storage/test.db    # ❌ Should 404
 curl http://localhost:8000/config/             # ❌ Should 404
 curl http://localhost:8000/vendor/             # ❌ Should 404
 ```
@@ -226,7 +226,7 @@ curl http://localhost:8000/admin/              # ✅ works
 curl http://localhost:8000/assets/css/style.css # ✅ works
 
 # Verify old paths don't work
-curl http://localhost:8000/../database/test.db # ❌ 404
+curl http://localhost:8000/../storage/test.db # ❌ 404
 curl http://localhost:8000/../config/          # ❌ 404
 ```
 
@@ -238,7 +238,7 @@ just server-status
 # Manual checks
 curl -I https://posterg.erg.be/
 curl -I https://posterg.erg.be/admin/
-curl -I https://posterg.erg.be/database/test.db  # Must be 404!
+curl -I https://posterg.erg.be/storage/test.db  # Must be 404!
 ```
 
 ---
@@ -260,7 +260,7 @@ require_once 'database/test.db';
 <?php
 require_once __DIR__ . '/../config/config.php';
 require_once __DIR__ . '/../src/lib/Database.php';
-$db = new PDO('sqlite:' . __DIR__ . '/../database/test.db');
+$db = new PDO('sqlite:' . __DIR__ . '/../storage/test.db');
 ```
 
 **Or use a bootstrap:**
@@ -272,7 +272,7 @@ require_once __DIR__ . '/../config/bootstrap.php';
 // config/bootstrap.php
 define('APP_ROOT', dirname(__DIR__));
 define('PUBLIC_ROOT', APP_ROOT . '/public');
-define('DATABASE_PATH', APP_ROOT . '/database/test.db');
+define('DATABASE_PATH', APP_ROOT . '/storage/test.db');
 
 require_once APP_ROOT . '/vendor/autoload.php';
 ```

docs/MIGRATION_COMPLETE.md

@@ -66,7 +66,7 @@ posterg-website/
 
 **Before:**
 - ❌ All files in DocumentRoot (/var/www/html/)
-- ❌ Database accessible at /database/test.db
+- ❌ Database accessible at /storage/test.db
 - ❌ Config files accessible
 - ❌ Dev server exposed everything
 - ❌ Relied on nginx deny rules
@@ -88,18 +88,18 @@ just serve
 # Test in browser:
 # - http://localhost:8000/ → Should work
 # - http://localhost:8000/admin/ → Should work
-# - http://localhost:8000/database/test.db → Should 404 ✅
+# - http://localhost:8000/storage/test.db → Should 404 ✅
 # - http://localhost:8000/config/ → Should 404 ✅
-# - http://localhost:8000/../database/test.db → Should 404 ✅
+# - http://localhost:8000/../storage/test.db → Should 404 ✅
 ```
 
 ### Security Verification
 ```bash
 # These should all return 404:
-curl http://localhost:8000/database/test.db
+curl http://localhost:8000/storage/test.db
 curl http://localhost:8000/config/bootstrap.php
 curl http://localhost:8000/vendor/autoload.php
-curl http://localhost:8000/../database/test.db
+curl http://localhost:8000/../storage/test.db
 curl http://localhost:8000/lib/Database.php
 ```
 
@@ -138,7 +138,7 @@ curl http://localhost:8000/lib/Database.php
    just server-status
    curl -I https://posterg.erg.be/
    curl -I https://posterg.erg.be/admin/
-   curl -I https://posterg.erg.be/database/test.db  # Must 404!
+   curl -I https://posterg.erg.be/storage/test.db  # Must 404!
    ```
 
 ## 📝 Path Reference
@@ -164,7 +164,7 @@ require_once LIB_ROOT . '/Database.php';               // Library
 - `PUBLIC_ROOT` - /path/to/posterg-website/public
 - `CONFIG_ROOT` - /path/to/posterg-website/config
 - `DATABASE_ROOT` - /path/to/posterg-website/database
-- `DATABASE_PATH` - /path/to/posterg-website/database/test.db
+- `DATABASE_PATH` - /path/to/posterg-website/storage/test.db
 - `RESOURCES_ROOT` - /path/to/posterg-website/resources
 - `LIB_ROOT` - /path/to/posterg-website/lib
 - `VAR_ROOT` - /path/to/posterg-website/var

docs/REPOSITORY_STRUCTURE_ANALYSIS.md

@@ -357,10 +357,10 @@ posterg-website/
 
        private function getDatabasePath() {
            // Check environment
-           if (file_exists(__DIR__ . '/../database/test.db')) {
+           if (file_exists(__DIR__ . '/../storage/test.db')) {
-               return __DIR__ . '/../database/test.db';
+               return __DIR__ . '/../storage/test.db';
            }
-           return __DIR__ . '/../database/posterg.db';
+           return __DIR__ . '/../storage/posterg.db';
        }
    }
    ```
@@ -387,7 +387,7 @@ posterg-website/
 
 9. **Update .gitignore**:
    ```
-   /database/*.db
+   /storage/*.db
    /apps/*/cache/
    /shared/cache/
    *.log

docs/SECURITY_ANALYSIS.md

@@ -369,7 +369,7 @@ rest of the codebase which uses `htmlspecialchars()` everywhere.
 **File:** `config/bootstrap.php`
 
 ```php
-define('DATABASE_PATH', APP_ROOT . '/database/test.db');
+define('DATABASE_PATH', APP_ROOT . '/storage/test.db');
 ```
 
 This constant is never used anywhere. `Database.php` uses `getDatabasePath()` from

docs/SERVER_SETUP.md

@@ -113,6 +113,6 @@ sudo chmod 660 database/*.db
 **Fix:**
 ```bash
 ssh posterg
-sudo chown www-data:posterg /var/www/posterg/database/test.db
+sudo chown www-data:posterg /var/www/posterg/storage/test.db
-sudo chmod 660 /var/www/posterg/database/test.db
+sudo chmod 660 /var/www/posterg/storage/test.db
 ```

docs/SIMPLIFICATION.md

@@ -67,7 +67,7 @@ posterg-website/
 define('APP_ROOT', dirname(__DIR__));
 
 // Database path
-define('DATABASE_PATH', APP_ROOT . '/database/test.db');
+define('DATABASE_PATH', APP_ROOT . '/storage/test.db');
 
 // Error reporting (dev vs production)
 if (php_sapi_name() === 'cli-server') {

docs/TEST_CENTRALIZATION.md

@@ -278,7 +278,7 @@ jobs:
 ## 📖 Related Documentation
 
 - [Test README](../tests/README.md) - Complete test documentation
-- [Database Specification](../database/DATABASE_SPECIFICATION.md)
+- [Database Specification](../storage/DATABASE_SPECIFICATION.md)
 - [Security Documentation](SECURITY.md)
 
 ---

justfile

@@ -76,9 +76,9 @@ deploy:
         --exclude '.git*' \
         --exclude '.jj' \
         --exclude '.DS_Store' \
-        --exclude 'database/backup_*' \
+        --exclude 'storage/backup_*' \
-        --exclude 'database/fixtures' \
+        --exclude 'storage/fixtures' \
-        --exclude 'database/docs' \
+        --exclude 'storage/docs' \
         --exclude 'nginx' \
         --exclude 'docs' \
         --exclude 'justfile*' \
@@ -93,8 +93,8 @@ deploy:
                  mkdir -p var/{cache,logs,tmp} && \
                  chown -R www-data:posterg . && \
                  chmod -R 755 . && \
-                 chmod -R 775 var/ database/ && \
+                 chmod -R 775 var/ storage/ && \
-                 chmod 660 database/*.db 2>/dev/null || true"
+                 chmod 660 storage/*.db 2>/dev/null || true"
     @echo ""
     @echo "✅ Deployment complete!"
     @echo ""
@@ -114,9 +114,9 @@ deploy-database:
     @echo "⚠️  Deploying test database (will overwrite remote test.db)"
     @echo "Creating database directory if needed..."
     ssh posterg "mkdir -p /var/www/posterg/database"
-    rsync -vur --progress ./database/test.db posterg:/var/www/posterg/database/test.db
+    rsync -vur --progress ./storage/test.db posterg:/var/www/posterg/storage/test.db
     @echo "Setting correct permissions..."
-    ssh posterg "chown www-data:posterg /var/www/posterg/database /var/www/posterg/database/test.db && chmod 775 /var/www/posterg/database && chmod 660 /var/www/posterg/database/test.db"
+    ssh posterg "chown www-data:posterg /var/www/posterg/database /var/www/posterg/storage/test.db && chmod 775 /var/www/posterg/database && chmod 660 /var/www/posterg/storage/test.db"
     @echo "✅ Test database deployed and configured"
 
 # Legacy alias
@@ -176,18 +176,18 @@ stats:
     @echo "📊 Database Statistics"
     @echo "======================"
     @echo ""
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' total theses' FROM theses;"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' total theses' FROM theses;"
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' published theses' FROM theses WHERE is_published = 1;"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' published theses' FROM theses WHERE is_published = 1;"
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' authors' FROM authors;"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' authors' FROM authors;"
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' supervisors' FROM supervisors;"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' supervisors' FROM supervisors;"
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' keywords' FROM keywords;"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' keywords' FROM keywords;"
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' files uploaded' FROM thesis_files;"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' files uploaded' FROM thesis_files;"
 
 [group('stats')]
 recent:
     @echo "📅 Recent Theses"
     @echo "================"
-    @sqlite3 -column -header database/test.db "SELECT id, title, year, authors FROM v_theses_public ORDER BY year DESC, title LIMIT 10;"
+    @sqlite3 -column -header storage/test.db "SELECT id, title, year, authors FROM v_theses_public ORDER BY year DESC, title LIMIT 10;"
 
 # ============================================================================
 # Database Management
@@ -196,50 +196,50 @@ recent:
 [group('database')]
 init-db:
     @echo "📊 Creating test database from schema..."
-    @sqlite3 database/test.db < database/schema.sql
+    @sqlite3 storage/test.db < storage/schema.sql
     @echo "✓ Test database created"
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' tables created' FROM sqlite_master WHERE type='table';"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' tables created' FROM sqlite_master WHERE type='table';"
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' orientations loaded' FROM orientations;"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' orientations loaded' FROM orientations;"
-    @sqlite3 database/test.db "SELECT COUNT(*) || ' AP programs loaded' FROM ap_programs;"
+    @sqlite3 storage/test.db "SELECT COUNT(*) || ' AP programs loaded' FROM ap_programs;"
 
 [group('database')]
 reset-db:
     @echo "⚠️  Resetting database (will delete all data)..."
-    @rm -f database/test.db
+    @rm -f storage/test.db
     @just init-db
     @echo "✓ Database reset complete"
 
 [group('database')]
 query:
-    @sqlite3 database/test.db
+    @sqlite3 storage/test.db
 
 [group('database')]
 show id:
     @echo "Thesis #{{id}}"
     @echo "=============="
-    @sqlite3 -column -header database/test.db "SELECT * FROM v_theses_full WHERE id = {{id}};"
+    @sqlite3 -column -header storage/test.db "SELECT * FROM v_theses_full WHERE id = {{id}};"
 
 [group('database')]
 backup:
     @echo "💾 Backing up database..."
-    @sqlite3 database/test.db .dump > database/backup_$(date +%Y%m%d_%H%M%S).sql
+    @sqlite3 storage/test.db .dump > storage/backup_$(date +%Y%m%d_%H%M%S).sql
-    @echo "✓ Database dumped to database/backup_$(date +%Y%m%d_%H%M%S).sql"
+    @echo "✓ Database dumped to storage/backup_$(date +%Y%m%d_%H%M%S).sql"
 
 [group('database')]
 fixtures:
     @echo "🎭 Creating test database with fixtures..."
-    @php database/fixtures/CreateTestDatabase.php
+    @php storage/fixtures/CreateTestDatabase.php
 
 [group('database')]
 deploy-test-db:
     @echo "⚠️  Deploying test database to server (will overwrite remote test.db)"
     @echo "Creating database directory if needed..."
     ssh posterg "mkdir -p /var/www/html/database"
-    rsync -vur --progress ./database/test.db posterg:/var/www/html/database/test.db
+    rsync -vur --progress ./storage/test.db posterg:/var/www/html/storage/test.db
     @echo "Setting correct permissions..."
-    ssh posterg "chgrp posterg /var/www/html/database /var/www/html/database/test.db && \
+    ssh posterg "chgrp posterg /var/www/html/database /var/www/html/storage/test.db && \
                  chmod 775 /var/www/html/database && \
-                 chmod 660 /var/www/html/database/test.db"
+                 chmod 660 /var/www/html/storage/test.db"
     @echo "✅ Test database deployed"
 
 # ============================================================================

nginx/DEPLOYMENT_COMPLETE.md

@@ -16,7 +16,7 @@ The Post-ERG website is now successfully deployed with production-ready nginx co
 | **Public Site** | ✅ Working | https://posterg.erg.be/ → 200 OK |
 | **SSL/TLS** | ✅ Working | HTTPS with valid certificate |
 | **Admin Panel** | ✅ Protected | /formulaire/ → 401 (requires password) |
-| **Database Protection** | ✅ Blocked | /database/ → 403 Forbidden |
+| **Database Protection** | ✅ Blocked | /storage/ → 403 Forbidden |
 | **Sensitive Files** | ✅ Blocked | .md, .sql files → 403 Forbidden |
 | **Shared Directory** | ✅ Blocked | /shared/ → 403 Forbidden |
 | **Security Headers** | ✅ Present | X-Frame-Options, CSP, etc. |
@@ -96,7 +96,7 @@ find /var/www/html -type f -exec chmod 640 {} \;
 - Admin panel: 10 requests/minute (burst: 5)
 
 **Protected Paths:**
-- `/database/` - Database files (403)
+- `/storage/` - Database files (403)
 - `/shared/` - PHP libraries (403)
 - `/data/` - Upload directories (403)
 - `*.db` files - Database files (403)
@@ -174,7 +174,7 @@ curl -I http://localhost/                # Should: 200 OK
 curl -I http://localhost/formulaire/     # Should: 401 Unauthorized
 
 # Test security
-curl -I http://localhost/database/posterg.db   # Should: 403 Forbidden
+curl -I http://localhost/storage/posterg.db   # Should: 403 Forbidden
 curl -I http://localhost/README.md             # Should: 403 Forbidden
 curl -I http://localhost/shared/Database.php   # Should: 403 Forbidden
 ```
@@ -345,7 +345,7 @@ ssh posterg "cd /var/www/html && sed -i \"s|__DIR__ . '/../../shared/|__DIR__ .
 - **Deployment Issues:** Check logs first
 - **Nginx Config:** `/etc/nginx/sites-available/posterg`
 - **PHP Config:** `/etc/php/8.4/fpm/pool.d/www.conf`
-- **Database:** `/var/www/html/database/posterg.db`
+- **Database:** `/var/www/html/storage/posterg.db`
 
 ---
 

nginx/DEPLOY_NOW.md

@@ -80,7 +80,7 @@ The new configuration adds:
 ✅ **File Protection**
 - Database files (`.db`) → 403 Forbidden
 - Sensitive files (`.md`, `.sql`, `.txt`) → 403 Forbidden
-- `/database/` directory → 403 Forbidden
+- `/storage/` directory → 403 Forbidden
 - `/shared/` directory → 403 Forbidden
 - `/data/` directory → 403 Forbidden
 - Hidden files (`.git`, `.env`) → 403 Forbidden
@@ -119,7 +119,7 @@ curl http://localhost/index.php | head -n 20
 curl -I http://localhost/formulaire/
 
 # Database should be blocked (403)
-curl -I http://localhost/database/posterg.db
+curl -I http://localhost/storage/posterg.db
 
 # Sensitive files should be blocked (403)
 curl -I http://localhost/README.md

nginx/PRODUCTION_DEPLOYMENT.md

@@ -88,8 +88,8 @@ sudo chmod 775 /var/www/html/formulaire/data/theses
 sudo chmod 775 /var/www/html/formulaire/data/covers
 
 # Protect database
-sudo chmod 640 /var/www/html/database/posterg.db
+sudo chmod 640 /var/www/html/storage/posterg.db
-sudo chown www-data:posterg /var/www/html/database/posterg.db
+sudo chown www-data:posterg /var/www/html/storage/posterg.db
 ```
 
 ### Step 2: Deploy Nginx Config
@@ -148,7 +148,7 @@ curl -u admin:your_password http://localhost/formulaire/
 
 ```bash
 # These should all return 403 Forbidden
-curl -I http://localhost/database/posterg.db
+curl -I http://localhost/storage/posterg.db
 curl -I http://localhost/README.md
 curl -I http://localhost/shared/Database.php
 curl -I http://localhost/.git/config
@@ -217,9 +217,9 @@ ls -la /etc/nginx/.htpasswd-posterg
 
 **Fix database permissions:**
 ```bash
-sudo chown www-data:posterg /var/www/html/database/posterg.db
+sudo chown www-data:posterg /var/www/html/storage/posterg.db
-sudo chmod 640 /var/www/html/database/posterg.db
+sudo chmod 640 /var/www/html/storage/posterg.db
-sudo chmod 755 /var/www/html/database/
+sudo chmod 755 /var/www/html/storage/
 ```
 
 ### Can't Write Uploaded Files

nginx/QUICK_REFERENCE.md

@@ -122,7 +122,7 @@ done
 
 ```bash
 # Should return 403
-curl -I https://posterg.erg.be/database/posterg.db
+curl -I https://posterg.erg.be/storage/posterg.db
 curl -I https://posterg.erg.be/shared/Database.php
 curl -I https://posterg.erg.be/.env
 ```
@@ -217,7 +217,7 @@ sudo cp /etc/nginx/.htpasswd-posterg /etc/nginx/.htpasswd-posterg.backup.$(date
 
 - [ ] Admin password set: `sudo ls -l /etc/nginx/.htpasswd-posterg`
 - [ ] SSL enabled: `curl -I https://posterg.erg.be/`
-- [ ] Database blocked: `curl -I https://posterg.erg.be/database/posterg.db`
+- [ ] Database blocked: `curl -I https://posterg.erg.be/storage/posterg.db`
 - [ ] Shared directory blocked: `curl -I https://posterg.erg.be/shared/Database.php`
 - [ ] Rate limiting working: Test with curl loop
 - [ ] Security headers present: `curl -I https://posterg.erg.be/ | grep X-`

nginx/README.md

@@ -95,7 +95,7 @@ Test your configuration:
 curl -I https://posterg.erg.be/formulaire/
 
 # Test file protection
-curl -I https://posterg.erg.be/database/posterg.db
+curl -I https://posterg.erg.be/storage/posterg.db
 
 # Test security headers
 curl -I https://posterg.erg.be/ | grep -E "X-|Strict-Transport"

nginx/SETUP.md

@@ -150,8 +150,8 @@ sudo chmod 775 /var/www/html/formulaire/data/theses
 sudo chmod 775 /var/www/html/formulaire/data/covers
 
 # Protect database
-sudo chmod 600 /var/www/html/database/posterg.db
+sudo chmod 600 /var/www/html/storage/posterg.db
-sudo chown www-data:www-data /var/www/html/database/posterg.db
+sudo chown www-data:www-data /var/www/html/storage/posterg.db
 ```
 
 ## Security Features Implemented
@@ -216,7 +216,7 @@ for i in {1..50}; do curl -I https://posterg.erg.be/ 2>&1 | grep HTTP; done
 
 ```bash
 # Should return 403 Forbidden
-curl -I https://posterg.erg.be/database/posterg.db
+curl -I https://posterg.erg.be/storage/posterg.db
 curl -I https://posterg.erg.be/shared/Database.php
 curl -I https://posterg.erg.be/README.md
 ```

nginx/TEST_DATABASE_SETUP.md

@@ -11,7 +11,7 @@ just test-deploy
 ```
 
 This automatically:
-1. ✅ Creates `/var/www/html/database/` directory
+1. ✅ Creates `/var/www/html/storage/` directory
 2. ✅ Uploads `test.db` to the server
 3. ✅ Sets correct group ownership (`posterg`)
 4. ✅ Sets correct permissions (775 for dir, 660 for file)
@@ -100,8 +100,8 @@ php -r "require_once '/var/www/html/shared/Database.php'; echo 'Using: ' . Datab
 ```
 
 Output will be:
-- `/var/www/html/database/test.db` (test mode)
+- `/var/www/html/storage/test.db` (test mode)
-- `/var/www/html/database/posterg.db` (production mode)
+- `/var/www/html/storage/posterg.db` (production mode)
 
 ### 5. Switch Back to Production
 
@@ -109,7 +109,7 @@ Simply remove the test database:
 
 ```bash
 ssh posterg
-rm /var/www/html/database/test.db
+rm /var/www/html/storage/test.db
 ```
 
 The site automatically switches to production database.
@@ -121,7 +121,7 @@ The site automatically switches to production database.
 ### Directory Permissions
 
 ```
-drwxrwxr-x  theophile posterg  /var/www/html/database/
+drwxrwxr-x  theophile posterg  /var/www/html/storage/
 ```
 
 - **775**: Owner and group can read/write/execute, others can read/execute
@@ -165,11 +165,11 @@ sudo systemctl restart php8.4-fpm
 ```bash
 ssh posterg
 # Fix group ownership
-chgrp posterg /var/www/html/database /var/www/html/database/test.db
+chgrp posterg /var/www/html/database /var/www/html/storage/test.db
 
 # Fix permissions
 chmod 775 /var/www/html/database
-chmod 660 /var/www/html/database/test.db
+chmod 660 /var/www/html/storage/test.db
 ```
 
 ### "SQLSTATE[HY000]: General error: 8 attempt to write a readonly database"
@@ -185,9 +185,9 @@ chmod 775 /var/www/html/database
 **Clear SQLite cache:**
 ```bash
 ssh posterg
-rm -f /var/www/html/database/test.db-journal
+rm -f /var/www/html/storage/test.db-journal
-rm -f /var/www/html/database/test.db-shm
+rm -f /var/www/html/storage/test.db-shm
-rm -f /var/www/html/database/test.db-wal
+rm -f /var/www/html/storage/test.db-wal
 ```
 
 Then redeploy:
@@ -239,7 +239,7 @@ just test-deploy
 
 ```bash
 ssh posterg
-sqlite3 /var/www/html/database/test.db
+sqlite3 /var/www/html/storage/test.db
 # ... make changes ...
 ```
 
@@ -281,7 +281,7 @@ Before deploying test database, backup production if needed:
 
 ```bash
 ssh posterg
-cp /var/www/html/database/posterg.db /var/www/html/database/posterg.db.backup.$(date +%Y%m%d)
+cp /var/www/html/storage/posterg.db /var/www/html/storage/posterg.db.backup.$(date +%Y%m%d)
 ```
 
 ---
@@ -325,7 +325,7 @@ cp /var/www/html/database/posterg.db /var/www/html/database/posterg.db.backup.$(
 
 After running `just test-deploy`, verify:
 
-- [ ] Database file exists: `ssh posterg "ls -la /var/www/html/database/test.db"`
+- [ ] Database file exists: `ssh posterg "ls -la /var/www/html/storage/test.db"`
 - [ ] Correct permissions: `-rw-rw---- theophile posterg`
 - [ ] Directory writable: `drwxrwxr-x theophile posterg`
 - [ ] Site loads: Visit https://posterg.erg.be/
@@ -346,7 +346,7 @@ When working correctly:
 
 To switch back to production, just:
 ```bash
-ssh posterg "rm /var/www/html/database/test.db"
+ssh posterg "rm /var/www/html/storage/test.db"
 ```
 
 Site automatically uses `posterg.db` again! 🚀

nginx/deploy-production-new.sh

@@ -42,9 +42,9 @@ if [ -d "/var/www/posterg/database" ]; then
 fi
 
 # Fix database file permissions
-if [ -f "/var/www/posterg/database/test.db" ]; then
+if [ -f "/var/www/posterg/storage/test.db" ]; then
-    chmod 660 /var/www/posterg/database/test.db
+    chmod 660 /var/www/posterg/storage/test.db
-    chown www-data:posterg /var/www/posterg/database/test.db
+    chown www-data:posterg /var/www/posterg/storage/test.db
     echo "✓ Fixed database file permissions (660)"
 fi
 
@@ -102,4 +102,4 @@ echo ""
 echo "After reload, verify:"
 echo "  • https://posterg.erg.be/"
 echo "  • https://posterg.erg.be/admin/"
-echo "  • https://posterg.erg.be/database/test.db (should 404)"
+echo "  • https://posterg.erg.be/storage/test.db (should 404)"

nginx/deploy-production.sh

@@ -42,9 +42,9 @@ if [ -d "/var/www/html/formulaire/data/theses" ]; then
 fi
 
 # Protect database if it exists
-if [ -f "/var/www/html/database/posterg.db" ]; then
+if [ -f "/var/www/html/storage/posterg.db" ]; then
-    chmod 660 /var/www/html/database/posterg.db
+    chmod 660 /var/www/html/storage/posterg.db
-    chown www-data:posterg /var/www/html/database/posterg.db
+    chown www-data:posterg /var/www/html/storage/posterg.db
     echo "✓ Protected database file"
 fi
 
@@ -174,7 +174,7 @@ echo "  • Access log:  tail -f /var/log/nginx/posterg_access.log"
 echo "  • Error log:   tail -f /var/log/nginx/posterg_error.log"
 echo ""
 echo "🔒 Security Checks:"
-echo "  • Database blocked:  curl -I http://localhost/database/posterg.db"
+echo "  • Database blocked:  curl -I http://localhost/storage/posterg.db"
 echo "  • MD files blocked:  curl -I http://localhost/README.md"
 echo "  • Shared blocked:    curl -I http://localhost/shared/Database.php"
 echo ""

scripts/deploy-production.sh

@@ -42,9 +42,9 @@ if [ -d "/var/www/html/formulaire/data/theses" ]; then
 fi
 
 # Protect database if it exists
-if [ -f "/var/www/html/database/posterg.db" ]; then
+if [ -f "/var/www/html/storage/posterg.db" ]; then
-    chmod 660 /var/www/html/database/posterg.db
+    chmod 660 /var/www/html/storage/posterg.db
-    chown www-data:posterg /var/www/html/database/posterg.db
+    chown www-data:posterg /var/www/html/storage/posterg.db
     echo "✓ Protected database file"
 fi
 
@@ -174,7 +174,7 @@ echo "  • Access log:  tail -f /var/log/nginx/posterg_access.log"
 echo "  • Error log:   tail -f /var/log/nginx/posterg_error.log"
 echo ""
 echo "🔒 Security Checks:"
-echo "  • Database blocked:  curl -I http://localhost/database/posterg.db"
+echo "  • Database blocked:  curl -I http://localhost/storage/posterg.db"
 echo "  • MD files blocked:  curl -I http://localhost/README.md"
 echo "  • Shared blocked:    curl -I http://localhost/shared/Database.php"
 echo ""

scripts/migrate-structure.sh

@@ -164,6 +164,6 @@ echo "  admin/            - Admin panel"
 echo "  lib/              - Shared libraries"
 echo "  assets/           - Static files"
 echo "  inc/              - Templates"
-echo "  database/         - Database files"
+echo "  storage/         - Database files"
 echo "  vendor/           - Third-party (gitignored)"
 echo ""

scripts/setup-dev.sh

@@ -35,10 +35,10 @@ else
 fi
 
 # Create test database if needed
-if [ ! -f "database/test.db" ]; then
+if [ ! -f "storage/test.db" ]; then
     echo ""
     echo "📊 Creating test database..."
-    sqlite3 database/test.db < database/schema.sql
+    sqlite3 storage/test.db < storage/schema.sql
     echo "✓ Created test database"
 fi
 

src/cache/rate_limit/ad921d60486366258809553a3db49a4a.json

@@ -1 +1 @@
-[1770894664]
+[1770894771]

src/config.php

@@ -9,10 +9,10 @@
 define('DB_ROOT', __DIR__ . '/..');
 
 // Test database (used in development)
-define('DB_TEST_PATH', DB_ROOT . '/database/test.db');
+define('DB_TEST_PATH', DB_ROOT . '/storage/test.db');
 
 // Production database (used on server)
-define('DB_PROD_PATH', DB_ROOT . '/database/posterg.db');
+define('DB_PROD_PATH', DB_ROOT . '/storage/posterg.db');
 
 /**
  * Determine which database to use

tests/README.md

@@ -225,7 +225,7 @@ php tests/run-tests.php
 
 ## 📚 Related Documentation
 
-- [Database Specification](../database/DATABASE_SPECIFICATION.md)
+- [Database Specification](../storage/DATABASE_SPECIFICATION.md)
 - [Security Documentation](../docs/SECURITY.md)
 - [Development Guide](../MIGRATION_GUIDE.md)