Reintroduce TFE duration metadata: DB columns, form fields, controllers, views, and migration

Add 'unsafe-eval' to CSP script-src directives (htmx requires Function())

app/public/admin/actions/delete.php

@@ -1,8 +1,6 @@
 <?php
 require_once __DIR__ . '/../../../bootstrap.php';
 require_once __DIR__ . '/../../../src/AdminAuth.php';
-error_log('[delete.php] ENTRY | method=' . $_SERVER['REQUEST_METHOD'] . ' | is_bulk=' . (!empty($_POST['bulk']) ? '1' : '0') . ' | post_keys=' . implode(',', array_keys($_POST)));
-
 AdminAuth::requireLogin();
 
 require_once __DIR__ . '/../../../src/Database.php';