PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 11:09:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
eb67e6d4993a3b910c4162790fdc2349560d3b57
xamxam/TODO.md
Pontoporeia eb67e6d499 Add src/App.php foundation class and flash-messages partial 
Create the central App helper that eliminates ~170 lines of duplicated
bootstrap/auth/CSRF preamble across 24 page and action handler files.

src/App.php provides:
- boot(): loads Database + ensures CSRF token (public pages)
- adminGuard(): requires AdminAuth login + boot (admin pages)
- verifyCsrf() / rotateCsrf(): centralised CSRF lifecycle
- flash() / consumeFlash(): unified flash messages with legacy key drain
  (error, success, admin_error, admin_success, edit_error, edit_success,
  form_error all consumed transparently for incremental migration)
- redirect(): flash + Location header + exit in one call
- render(): head → header → content → footer pipeline with auto admin
  footer selection

App.php is auto-loaded from config/bootstrap.php so all existing pages
get the class for free without any changes.

templates/partials/flash-messages.php uses App::consumeFlash() to replace
the 5+ copy-pasted flash blocks across admin templates.

All existing tests pass. No existing page files modified — this is a
non-breaking addition that enables incremental controller extraction.
2026-04-01 15:55:12 +02:00

29 lines
2.2 KiB
Markdown
Raw Blame History

# TODO
## In Progress
- [ ] Extract `SearchController` — most complex public page (§2 step 4)
- [ ] Extract `SystemController` — biggest single-file win, 500→8 lines (§2 step 3, §5)
- [ ] Extract `ThesisEditController` — merges edit.php + actions/edit.php, deduplicate jury fieldset (§2 step 5)
- [ ] Extract remaining controllers one by one (§2 step 6)
- [ ] Consolidate action handlers into controller methods (§4)
- [ ] Introduce pagination partial `templates/partials/pagination.php` (§6)
- [ ] Introduce admin form partials: select-field, checkbox-list, jury-fieldset (§6)
- [ ] Unify flash message keys project-wide to `_flash_error` / `_flash_success` (§7)
- [ ] Move OG tag construction into controller logic (§8)
- [ ] Extract inline CSS/JS from `system.php` into separate assets (§5)
## Completed
- [x] Create `src/App.php` — boot, adminGuard, verifyCsrf, rotateCsrf, redirect, flash, consumeFlash, render
- [x] Auto-load `App.php` from `config/bootstrap.php`
- [x] Create `templates/partials/flash-messages.php` — unified flash partial with legacy key drain
- [x] Merge public and admin head/nav templates into unified `templates/head.php` and `templates/header.php`
- `templates/head.php` — outputs `<!DOCTYPE html>…</head><body class="…">`, reads `$bodyClass`, `$isAdmin`; handles admin title suffix, admin.css prepend, and OG tag suppression internally
- `templates/header.php` — outputs `<header>…</header>` with public nav + search bar or admin nav depending on `$isAdmin`
- Deleted: `templates/public/head.php`, `templates/admin/head.php`, `templates/nav.php`, `templates/admin/nav.php`
- All 11 admin pages and 5 public pages updated to set `$bodyClass` / `$isAdmin` and include new templates
- [x] Replace nav/header BEM custom classes with semantic HTML targeting in CSS
- `common.css`: `.site-nav``header nav`, `.site-nav__logo``header nav > a`, etc.
- `admin.css`: `.admin-nav``.admin-body header nav`, logout via `[data-nav-logout]` attribute
- [x] PHP vs Flask architecture analysis (`ANALYSIS_PHP_VS_FLASK.md`)
- [x] Refactoring recommendations for controller/template separation (`REFACTORING_RECOMMENDATIONS.md`)
Reference in New Issue View Git Blame Copy Permalink