xamxam

PostERG/xamxam

Fork 0

mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 19:19:19 +02:00

Commit Graph

Author	SHA1	Message	Date
Pontoporeia	42af4644c5	perf+a11y: WAL mode for SQLite, skip links, :focus-visible, .sr-only SQLite performance (Database::__construct): - PRAGMA journal_mode = WAL: eliminates full-DB read locks on write, safe for concurrent PHP-FPM workers - PRAGMA synchronous = NORMAL: durable on commit without full fsync per write - PRAGMA cache_size = -8000: ~8 MB page cache per connection Accessibility foundation (WCAG 2.1 AA): - common.css: add .sr-only utility, .skip-link (hidden until focused), global :focus-visible (2px purple outline, 2px offset), prefers-reduced-motion guard; remove bare outline:none from .site-search__input - admin.css: same :focus-visible, skip-link, and motion guard scoped to admin purple; remove outline:none from .admin-input/.admin-select/ .admin-textarea and .admin-filters select (both had :focus border rules already, so focus is still visually communicated) - search.css: remove outline:none from .search-filter-select (already has :focus border-color rule) - All 5 public pages (index, search, tfe, apropos, licence): add <a href="#main-content" class="skip-link"> as first child of <body>; add id="main-content" to <main> - templates/admin/head.php: same skip link; aria-label="Navigation admin" on <nav>; id="main-content" on all 10 admin <main> elements All 4 test suites pass (unit, integration, security, rate-limit).	2026-03-27 13:45:01 +01:00
Pontoporeia	20a633c0e2	Add admin account page for PHP password management Implements the admin user management UI as a self-contained PHP password change/set flow — no SSH or sudo required. - public/admin/account.php: shows auth status (PHP hash present, credentials file path), password change form (requires current password when one exists, min 12 chars, confirm field), and a danger-zone form to delete the credentials file entirely - public/admin/actions/account.php: CSRF-guarded POST handler; verifies current password via AdminAuth::login() before accepting a new one; generates bcrypt (cost 12) hash; writes config/admin_credentials.php atomically via a temp file + rename; regenerates session on success; redirects to /admin/login.php when credentials are deleted - templates/admin/head.php: 'Compte' nav link added (active on account.php) - public/assets/admin.css: .admin-account-status, .admin-section-title, .admin-field-hint, .admin-danger-zone component styles added Note: the nginx htpasswd flow (manage-admin-users.sh) requires root on the server and is intentionally kept as a CLI-only operation.	2026-03-24 15:52:00 +01:00

Author

SHA1

Message

Date

Pontoporeia

42af4644c5

perf+a11y: WAL mode for SQLite, skip links, :focus-visible, .sr-only

SQLite performance (Database::__construct):
- PRAGMA journal_mode = WAL: eliminates full-DB read locks on write, safe
  for concurrent PHP-FPM workers
- PRAGMA synchronous = NORMAL: durable on commit without full fsync per write
- PRAGMA cache_size = -8000: ~8 MB page cache per connection

Accessibility foundation (WCAG 2.1 AA):
- common.css: add .sr-only utility, .skip-link (hidden until focused),
  global :focus-visible (2px purple outline, 2px offset),
  prefers-reduced-motion guard; remove bare outline:none from
  .site-search__input
- admin.css: same :focus-visible, skip-link, and motion guard scoped to
  admin purple; remove outline:none from .admin-input/.admin-select/
  .admin-textarea and .admin-filters select (both had :focus border rules
  already, so focus is still visually communicated)
- search.css: remove outline:none from .search-filter-select (already has
  :focus border-color rule)
- All 5 public pages (index, search, tfe, apropos, licence): add
  <a href="#main-content" class="skip-link"> as first child of <body>;
  add id="main-content" to <main>
- templates/admin/head.php: same skip link; aria-label="Navigation admin"
  on <nav>; id="main-content" on all 10 admin <main> elements

All 4 test suites pass (unit, integration, security, rate-limit).

2026-03-27 13:45:01 +01:00

Pontoporeia

20a633c0e2

Add admin account page for PHP password management

Implements the admin user management UI as a self-contained PHP password
change/set flow — no SSH or sudo required.

- public/admin/account.php: shows auth status (PHP hash present, credentials
  file path), password change form (requires current password when one exists,
  min 12 chars, confirm field), and a danger-zone form to delete the
  credentials file entirely
- public/admin/actions/account.php: CSRF-guarded POST handler; verifies
  current password via AdminAuth::login() before accepting a new one;
  generates bcrypt (cost 12) hash; writes config/admin_credentials.php
  atomically via a temp file + rename; regenerates session on success;
  redirects to /admin/login.php when credentials are deleted
- templates/admin/head.php: 'Compte' nav link added (active on account.php)
- public/assets/admin.css: .admin-account-status, .admin-section-title,
  .admin-field-hint, .admin-danger-zone component styles added

Note: the nginx htpasswd flow (manage-admin-users.sh) requires root on the
server and is intentionally kept as a CLI-only operation.

2026-03-24 15:52:00 +01:00

2 Commits