Prophet731
1ab2ef42a5
chore: full project audit cleanup, dead code removal, and documentation update
...
Dead code removed:
- Module.php: remove assignBackupPlan(), getSelfServiceCurrencies() (no callers)
- Cache.php: remove forgetPattern() (no callers, no-op on filesystem)
- module.js: remove vfLoadSelfServiceReport() (no UI trigger)
Stale files removed:
- .releaserc.json (orphaned, conflicts with tag-based workflow)
- .github/workflows/api-sync-check.yml (baseline never populated)
- docs/openapi-baseline.yaml (placeholder stub)
- scripts/generate-endpoint-doc.sh (broken grep patterns)
Security fixes:
- AdminHTML: cast $serverId to (int), cast $serviceId to (int)
- admin.php: add explicit break after every output() call, sanitize error msgs
File hygiene:
- Move modify.sql into modules/servers/VirtFusionDirect/ (matches README docs)
- Fix CHANGELOG.md: remove duplicate 1.0.0 entry, clean up mixed git host URLs
Documentation:
- CLAUDE.md: full rewrite with current architecture, Cache class, development
rules (try/catch, ownership validation, HTTP methods, caching policy)
- README.md: remove stale IPv4 removal references, add new features (traffic,
backups, VNC toggle, password reset, OS gallery, copy buttons), add Cache.php
to file structure, remove "Primary IPv4 Protection" known issue
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-19 14:28:58 -05:00
Prophet731
d3d75b4752
fix: remove dead code, update stale versions, tag-based release workflow
...
Dead code removed:
- Module.php: remove addIPv4() method (no endpoint, feature removed per CLAUDE.md)
- Curl.php: remove useCookies(), setLog() (security risk — wrote tokens to
web-accessible CURL.log), head(), getHeadersData() — all unused
- module.css: remove .vf-button, .vf-button-small (never referenced in DOM)
- module.css: remove vestigial #vf-data-server-traffic-sep rule
- module.css: merge duplicate #vf-server-info-error declarations
- publish-release.yml: remove dead version.json generation step (nothing reads it)
Fixes:
- AdminHTML.php: update stale cache version strings 20260207 → 20260319
- hooks.php: update stale keygen.js version string
- hooks.php: remove unused `use WHMCS\User\User` import
- ConfigureService.php: remove unused `use JsonException` import
- module.css: fix .vf-os-details class selector → #vf-os-details ID selector
- client.php + admin.php: reuse existing $vf instead of new Module()
- Module.php: use Cache::forget() instead of forgetPattern() for known key
(forgetPattern is a no-op on filesystem cache fallback)
Workflow:
- Rewrite publish-release.yml: tag-based triggers only (no automatic releases)
- Triggers on push of v* tags, creates GitHub release with auto-generated notes
- Uses softprops/action-gh-release@v2 — compatible with both Gitea and GitHub
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-19 13:59:28 -05:00
EZSCALE
49fdd9e49b
fix: add null/false guards, proper error handling, and VNC popup fix
...
- Add isset() guards before count() on ipv4/ipv6 arrays in ServerResource
to prevent PHP 8.0+ TypeError
- Add null checks after getWhmcsService() and getCP() in 18 Module methods
and 5 ModuleFunctions methods to prevent fatal null dereference errors
- Add null guards for $whmcsService and $cp in admin.php impersonateServerOwner
- Fix HTTP status codes throughout admin.php (404, 400, 500, 502 instead of 200)
- Guard ConfigureService methods against $this->cp === false
- Use null coalescing for customfields access in initServerBuild
- Check API response code in initServerBuild instead of always returning true
- Replace exit() with RuntimeException in Curl.php
- Change catch(Exception) to catch(Throwable) in hooks.php for PHP 8.0+
- Open VNC window before AJAX call to avoid popup blocker
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com >
2026-02-07 13:49:12 -06:00
