database/migrations/README.md

# Database Migrations

## Fresh Installation (v1.1.0+)

For new installations, use the consolidated schema:

- **`000_initial_schema_v1.1.0.sql`** - Complete database schema for v1.1.0

**Install via:** Web installer at `/install`

## Incremental Migrations (v1.0.0 → v1.1.0)

If upgrading from v1.0.0, these incremental migrations will be applied:

- `001_create_tables.sql` - Core tables (domains, groups, channels, logs)
- `002_create_users_table.sql` - Users table
- `003_add_whois_fields.sql` - WHOIS data fields
- `004_create_tld_registry_table.sql` - TLD registry
- `005_update_tld_import_logs.sql` - Import logs updates
- `006_add_complete_workflow_import_type.sql` - Workflow import type
- `007_add_app_and_email_settings.sql` - Application settings
- `008_add_notes_to_domains.sql` - Domain notes field
- `009_add_authentication_features.sql` - Authentication system
- `010_add_app_version_setting.sql` - Version setting
- `011_create_sessions_table.sql` - Session management table
- `012_link_remember_tokens_to_sessions.sql` - Remember token session linking
- `013_create_user_notifications_table.sql` - User notifications table
- `014_add_captcha_settings.sql` - CAPTCHA settings (v2, v3, Turnstile)
- `015_create_error_logs_table.sql` - Error logging and debugging system
- `016_add_tags_to_domains.sql` - Domain tags for organization
- `017_add_two_factor_authentication.sql` - Two-factor authentication (TOTP)
- `018_add_user_isolation.sql` - User isolation mode settings
- `019_add_webhook_channel_type.sql` - Webhook and Mattermost channel support
- `020_create_tags_system.sql` - Advanced tagging system for domains
- `021_add_avatar_field.sql` - User avatar field
- `022_add_pushover_channel_type.sql` - Pushover notification channel support
- `023_update_app_version_to_1.1.1.sql` - Update version to 1.1.1
- `024_add_status_notifications_v1.1.2.sql` - Status notification triggers
- `025_add_update_system_v1.1.3.sql` - In-app update system
- `026_update_app_version_v1.1.4.sql` - Update version to 1.1.4
- `027_add_dns_monitoring.sql` - DNS monitoring tables and settings
- `028_add_ssl_monitoring.sql` - SSL certificate monitoring table, per-domain toggles, timestamps, and cron settings

**Upgrade via:** Web updater at `/install/update`

## Migration System

The installer automatically:
- Detects if this is a fresh install or upgrade
- Uses consolidated schema for fresh installs
- Uses incremental migrations for upgrades
- Tracks executed migrations in `migrations` table
- Prevents re-running completed migrations
Upgraded to 1.1.0 1.1.0 (2025-10-09) - User Notifications System - In-app notification center with 7 notification types, filtering, pagination - Advanced Session Management - Database-backed sessions with geolocation (country, city, ISP) - Remote Session Control - Terminate any device instantly with immediate logout validation - Enhanced Profile Page - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions) - MVC Architecture Refactoring - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views - Geolocation Tracking - IP-based location detection using ip-api.com, country flags with flag-icons - Device Detection - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet) - Auto-Detected Cron Paths - Settings show actual installation paths (thanks @jadeops) - Welcome Notifications - Sent to new users on registration or fresh install - Upgrade Notifications - Admins notified on system updates with version & migration count - Web-Based Installer - Replaces CLI, auto-generates encryption key, one-time password display - Web-Based Updater - `/install/update` for running new migrations with smart detection - User Registration - Full signup flow with email verification, password reset, resend verification - User Management - CRUD for users with filtering, sorting, pagination (admin-only) - Remember Me - 30-day secure tokens linked to sessions, cascade deletion on logout - Session Validator - Middleware validates sessions on every request for instant remote logout - Consistent UI/UX - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry - Smart Migrations - Consolidated schema for fresh installs, incremental for upgrades - XSS Protection - htmlspecialchars() applied across all user-facing data (thanks @jadeops) 2025-10-09 18:02:46 +03:00			`# Database Migrations`

			`## Fresh Installation (v1.1.0+)`

			`For new installations, use the consolidated schema:`

			- `000_initial_schema_v1.1.0.sql` - Complete database schema for v1.1.0

			Install via: Web installer at `/install`

			`## Incremental Migrations (v1.0.0 → v1.1.0)`

			`If upgrading from v1.0.0, these incremental migrations will be applied:`

			- `001_create_tables.sql` - Core tables (domains, groups, channels, logs)
			- `002_create_users_table.sql` - Users table
			- `003_add_whois_fields.sql` - WHOIS data fields
			- `004_create_tld_registry_table.sql` - TLD registry
			- `005_update_tld_import_logs.sql` - Import logs updates
			- `006_add_complete_workflow_import_type.sql` - Workflow import type
			- `007_add_app_and_email_settings.sql` - Application settings
			- `008_add_notes_to_domains.sql` - Domain notes field
			- `009_add_authentication_features.sql` - Authentication system
			- `010_add_app_version_setting.sql` - Version setting
Add CSRF, CAPTCHA, and input validation improvements Introduces CSRF protection to all sensitive controller actions, integrates configurable CAPTCHA (reCAPTCHA v2/v3, Turnstile) for authentication and registration flows, and centralizes input validation via a new InputValidator helper. Adds new helpers and services for CSRF and CAPTCHA, updates settings and migration for CAPTCHA configuration, and enhances logging and error handling in TLD registry import processes. Also improves validation for user, domain, group, and profile inputs throughout the application. 2025-10-10 00:04:12 +03:00			- `011_create_sessions_table.sql` - Session management table
			- `012_link_remember_tokens_to_sessions.sql` - Remember token session linking
			- `013_create_user_notifications_table.sql` - User notifications table
			- `014_add_captcha_settings.sql` - CAPTCHA settings (v2, v3, Turnstile)
Add error log management and bulk admin actions Introduces error log tracking with new ErrorLog model, controller, views, and migration. Adds admin UI for viewing, resolving, and deleting errors. Implements bulk actions for users and notification groups, refactors domain filtering/pagination, and centralizes admin access checks using Auth::requireAdmin(). 2025-10-10 14:01:19 +03:00			- `015_create_error_logs_table.sql` - Error logging and debugging system
Add tags support for domains with filtering and bulk actions Introduces a 'tags' field to the domains table and UI, allowing users to organize domains with custom tags. Adds tag input and display to create, edit, bulk-add, and view pages, as well as tag-based filtering and bulk tag management (add/remove) in the domain list. Updates backend validation, controller logic, and migrations to support tags, including a new migration and index for efficient tag searches. 2025-10-12 12:46:16 +03:00			- `016_add_tags_to_domains.sql` - Domain tags for organization
Add Pushover notification channel and improve status detection Introduces Pushover as a new notification channel with priority-based alerts, device targeting, and custom sounds. Enhances domain status detection for .nl and .eu domains, ensuring accurate handling when expiration dates or explicit status flags are missing. Fixes PHP 8.x compatibility issues with null parameters in date functions and improves error handling and logging by replacing error_log() with a centralized Logger service. Updates documentation and migrations for version 1.1.1. 2025-11-18 13:22:49 +02:00			- `017_add_two_factor_authentication.sql` - Two-factor authentication (TOTP)
			- `018_add_user_isolation.sql` - User isolation mode settings
			- `019_add_webhook_channel_type.sql` - Webhook and Mattermost channel support
			- `020_create_tags_system.sql` - Advanced tagging system for domains
			- `021_add_avatar_field.sql` - User avatar field
			- `022_add_pushover_channel_type.sql` - Pushover notification channel support
			- `023_update_app_version_to_1.1.1.sql` - Update version to 1.1.1
Add SSL monitoring (Svc, model, cron, UI) Introduce SSL certificate monitoring: add SslService for fetching/parsing certs and parsing monitor targets, SslCertificate model for storing snapshots and managing monitored targets, and cron/check_ssl.php for scheduled checks. Extend DomainController with many SSL endpoints and helpers (add/refresh/bulk refresh/delete/bulk delete, snapshot handling, formatting, stats, safety checks) and surface SSL data in domain views. Add NotificationService helpers to create/send SSL alerts, update Installer to include new migration, add migration 028 to create ssl_certificates table, bump app version default to 1.1.5, update changelog, and modify routes and templates to include SSL tab and related UI. Logs and basic validation/error handling are included to surface SSL issues and protect default root-target behavior. 2026-03-08 21:12:09 +02:00			- `024_add_status_notifications_v1.1.2.sql` - Status notification triggers
			- `025_add_update_system_v1.1.3.sql` - In-app update system
			- `026_update_app_version_v1.1.4.sql` - Update version to 1.1.4
			- `027_add_dns_monitoring.sql` - DNS monitoring tables and settings
			- `028_add_ssl_monitoring.sql` - SSL certificate monitoring table, per-domain toggles, timestamps, and cron settings
Upgraded to 1.1.0 1.1.0 (2025-10-09) - User Notifications System - In-app notification center with 7 notification types, filtering, pagination - Advanced Session Management - Database-backed sessions with geolocation (country, city, ISP) - Remote Session Control - Terminate any device instantly with immediate logout validation - Enhanced Profile Page - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions) - MVC Architecture Refactoring - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views - Geolocation Tracking - IP-based location detection using ip-api.com, country flags with flag-icons - Device Detection - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet) - Auto-Detected Cron Paths - Settings show actual installation paths (thanks @jadeops) - Welcome Notifications - Sent to new users on registration or fresh install - Upgrade Notifications - Admins notified on system updates with version & migration count - Web-Based Installer - Replaces CLI, auto-generates encryption key, one-time password display - Web-Based Updater - `/install/update` for running new migrations with smart detection - User Registration - Full signup flow with email verification, password reset, resend verification - User Management - CRUD for users with filtering, sorting, pagination (admin-only) - Remember Me - 30-day secure tokens linked to sessions, cascade deletion on logout - Session Validator - Middleware validates sessions on every request for instant remote logout - Consistent UI/UX - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry - Smart Migrations - Consolidated schema for fresh installs, incremental for upgrades - XSS Protection - htmlspecialchars() applied across all user-facing data (thanks @jadeops) 2025-10-09 18:02:46 +03:00
			Upgrade via: Web updater at `/install/update`

			`## Migration System`

			`The installer automatically:`
			`- Detects if this is a fresh install or upgrade`
			`- Uses consolidated schema for fresh installs`
			`- Uses incremental migrations for upgrades`
			- Tracks executed migrations in `migrations` table
			`- Prevents re-running completed migrations`