PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 11:09:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
eb67e6d4993a3b910c4162790fdc2349560d3b57
xamxam/TODO.md
Pontoporeia eb67e6d499 Add src/App.php foundation class and flash-messages partial 
Create the central App helper that eliminates ~170 lines of duplicated
bootstrap/auth/CSRF preamble across 24 page and action handler files.

src/App.php provides:
- boot(): loads Database + ensures CSRF token (public pages)
- adminGuard(): requires AdminAuth login + boot (admin pages)
- verifyCsrf() / rotateCsrf(): centralised CSRF lifecycle
- flash() / consumeFlash(): unified flash messages with legacy key drain
  (error, success, admin_error, admin_success, edit_error, edit_success,
  form_error all consumed transparently for incremental migration)
- redirect(): flash + Location header + exit in one call
- render(): head → header → content → footer pipeline with auto admin
  footer selection

App.php is auto-loaded from config/bootstrap.php so all existing pages
get the class for free without any changes.

templates/partials/flash-messages.php uses App::consumeFlash() to replace
the 5+ copy-pasted flash blocks across admin templates.

All existing tests pass. No existing page files modified — this is a
non-breaking addition that enables incremental controller extraction.
2026-04-01 15:55:12 +02:00

2.2 KiB
Raw Blame History

TODO

In Progress

  • Extract SearchController — most complex public page (§2 step 4)
  • Extract SystemController — biggest single-file win, 500→8 lines (§2 step 3, §5)
  • Extract ThesisEditController — merges edit.php + actions/edit.php, deduplicate jury fieldset (§2 step 5)
  • Extract remaining controllers one by one (§2 step 6)
  • Consolidate action handlers into controller methods (§4)
  • Introduce pagination partial templates/partials/pagination.php (§6)
  • Introduce admin form partials: select-field, checkbox-list, jury-fieldset (§6)
  • Unify flash message keys project-wide to _flash_error / _flash_success (§7)
  • Move OG tag construction into controller logic (§8)
  • Extract inline CSS/JS from system.php into separate assets (§5)

Completed

  • Create src/App.php — boot, adminGuard, verifyCsrf, rotateCsrf, redirect, flash, consumeFlash, render
  • Auto-load App.php from config/bootstrap.php
  • Create templates/partials/flash-messages.php — unified flash partial with legacy key drain
  • Merge public and admin head/nav templates into unified templates/head.php and templates/header.php
    • templates/head.php — outputs <!DOCTYPE html>…</head><body class="…">, reads $bodyClass, $isAdmin; handles admin title suffix, admin.css prepend, and OG tag suppression internally
    • templates/header.php — outputs <header>…</header> with public nav + search bar or admin nav depending on $isAdmin
    • Deleted: templates/public/head.php, templates/admin/head.php, templates/nav.php, templates/admin/nav.php
    • All 11 admin pages and 5 public pages updated to set $bodyClass / $isAdmin and include new templates
  • Replace nav/header BEM custom classes with semantic HTML targeting in CSS
    • common.css: .site-navheader nav, .site-nav__logoheader nav > a, etc.
    • admin.css: .admin-nav.admin-body header nav, logout via [data-nav-logout] attribute
  • PHP vs Flask architecture analysis (ANALYSIS_PHP_VS_FLASK.md)
  • Refactoring recommendations for controller/template separation (REFACTORING_RECOMMENDATIONS.md)
Reference in New Issue View Git Blame Copy Permalink