mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-06 11:09:18 +02:00
eb67e6d499
Create the central App helper that eliminates ~170 lines of duplicated bootstrap/auth/CSRF preamble across 24 page and action handler files. src/App.php provides: - boot(): loads Database + ensures CSRF token (public pages) - adminGuard(): requires AdminAuth login + boot (admin pages) - verifyCsrf() / rotateCsrf(): centralised CSRF lifecycle - flash() / consumeFlash(): unified flash messages with legacy key drain (error, success, admin_error, admin_success, edit_error, edit_success, form_error all consumed transparently for incremental migration) - redirect(): flash + Location header + exit in one call - render(): head → header → content → footer pipeline with auto admin footer selection App.php is auto-loaded from config/bootstrap.php so all existing pages get the class for free without any changes. templates/partials/flash-messages.php uses App::consumeFlash() to replace the 5+ copy-pasted flash blocks across admin templates. All existing tests pass. No existing page files modified — this is a non-breaking addition that enables incremental controller extraction.