Add CSV/JSON export and import endpoints and UI for the TLD registry, plus a manual Create TLD modal and drag-and-drop import UX. Standardize import/export logging by adding Logger('import'/'export') calls to Domains, Tags, Notification Groups and TLD flows. Add TldRegistry model helpers (findByTld, getAll) used for deduplication and exports. Update routes for /tld-registry export/import/create and add a migration to bump app_version to 1.1.4. Also update default app_version, enhance WhoisService parsing (registrar regex and ISO-8601 date handling), and adjust the TLD registry index view to include IANA and Export dropdowns, import modal, create modal, and related JS behavior.
Implement CSV/JSON import and export for domains, notification groups and tags (with masking for sensitive channel data), including size/format validation, in-memory CSV building, and logging. Add tag transfer and bulk transfer actions (admin-only). Introduce a new update system: Add UpdateController and UpdateService, migration 025_add_update_system_v1.1.3.sql, and installer changes to include the new migration and version handling; provide endpoints to check, apply, rollback and configure updates. Update helpers and UI bits: add getUpdateBadgeInfo in LayoutHelper, update notification icons/redirects, and add getMaxUploadSize in ViewHelper. Misc: add NotificationGroup::findByName, tweak .gitignore backups path, and update related views and routes.
Introduce a user profile page and expand dashboard insights/UI. Added UserController::show and a new users/show view with user stats, domains, tags and groups; updated users index to include a "view profile" link and changed edit form action to /users/{id}/update. Enhanced DashboardController to compute registrar distribution, notification coverage, channel totals and dashboard tag usage; updated dashboard/index.php to show system status, expiring list, registrar/tag widgets and notification coverage panels. Minor controller hardening: DomainController now returns a permission message when a domain is inaccessible, and TagController enforces isolation-mode access checks. UI/JS improvements: add a Quick Actions dropdown in top-nav, refactor dropdown toggle/close logic in layout/base.php, and small notification markup tweak. Routes were adjusted to expose the new user profile endpoints.
Introduce richer notifications and domain status handling across the app.
- NotificationService: Add domain status alert formatting/sending, in-app notifications for available/registered/redemption/pending_delete, richer session_new and session_failed notifications (geolocation + UA parsing) and helpers for human-readable status labels.
- Auth/TwoFactor: Emit notifications for successful logins (including remember-me and 2FA) and failed login attempts; update last-login timestamp on various flows.
- DomainController: Wrap bulk domain create in try/catch to handle duplicate race conditions and log failures.
- WhoisService: Detect redemption_period and pending_delete statuses from WHOIS/EPP statuses.
- Settings/Setting: Add settings support for notification status triggers and bump default app_version to 1.1.2; persist/update status trigger values.
- Views/Layout/View helpers: Add parsing/formatting for login notification data, add new status labels/classes (available, redemption_period, pending_delete), update notification icons/colors mapping.
- Top-nav & Notifications UI: Enhance dropdown with rich login/failed-login display (flags, device icons), clickable domain redirects when marking read, badge IDs for dynamic updates.
- Error admin UI: Add copy error report button with robust clipboard fallback and toast UI reused from messages; improved copy UX in admin index/detail.
- Installer: Add new migration 024 to installer migration lists and adjust detected toVersion to 1.1.2.
- DB: Add migration file 024_add_status_notifications_v1.1.2.sql (new file).
These changes add user-facing alerts for domain lifecycle events and stronger login/security notifications while improving UI feedback and robustness during bulk operations.
Introduces Pushover as a new notification channel with priority-based alerts, device targeting, and custom sounds. Enhances domain status detection for .nl and .eu domains, ensuring accurate handling when expiration dates or explicit status flags are missing. Fixes PHP 8.x compatibility issues with null parameters in date functions and improves error handling and logging by replacing error_log() with a centralized Logger service. Updates documentation and migrations for version 1.1.1.
- Add tags and domain_tags tables
- Support tag management
- Support user isolation (global/private tags)
- Add filtering all domain views to operations
- Update all domain views automatically
Updated controllers and routes to use RESTful resource-based URLs and parameter passing for groups, users, and notification channels. Added user isolation checks for domain and group access, ensuring proper data filtering based on isolation mode. Adjusted views to match new route structure and improved security and maintainability by removing reliance on query parameters for resource identification.
Moved the assignment of the current user ID ($userId) to the beginning of relevant methods instead of inside conditional blocks. This improves code clarity and avoids redundant calls to Auth::id().
Implemented validation to restrict domain assignment to notification groups owned by the user when isolation mode is enabled. Added logging for domain creation, bulk domain addition, and notification group creation, update, and deletion to improve auditability and traceability.
Updated DomainController to fetch groups using getAllWithChannelCount, passing the user ID when user isolation mode is set to 'isolated'. This ensures group listings are filtered per user when isolation is enabled, improving data separation and security.
Updated DashboardController, DomainController, and NotificationGroupController to conditionally fetch user-specific or global data based on the 'user_isolation_mode' setting. This ensures that data visibility aligns with the configured isolation mode, improving multi-user support and data segregation.
Refactored controllers and models to always filter data by user ID, removing admin bypass logic. This ensures all statistics, groups, domains, and tags are user-specific regardless of isolation mode, improving data isolation and security.
Introduces bulk transfer for domains and groups, available only to admins. Refactors admin checks to use isAdmin(), adds user selection for transfers, and updates views to include transfer buttons and modals for domain transfers.
Introduces user isolation mode, allowing domains, groups, and tags to be visible only to their owners when enabled. Adds user_id fields to domains and notification_groups, updates models and controllers for isolation-aware queries, and provides admin UI and endpoints for transferring domains and groups between users (single and bulk). Includes migration, settings UI, and routes for toggling isolation mode and handling data migration.
Introduces a 'tags' field to the domains table and UI, allowing users to organize domains with custom tags. Adds tag input and display to create, edit, bulk-add, and view pages, as well as tag-based filtering and bulk tag management (add/remove) in the domain list. Updates backend validation, controller logic, and migrations to support tags, including a new migration and index for efficient tag searches.
Introduces error log tracking with new ErrorLog model, controller, views, and migration. Adds admin UI for viewing, resolving, and deleting errors. Implements bulk actions for users and notification groups, refactors domain filtering/pagination, and centralizes admin access checks using Auth::requireAdmin().
Introduces CSRF protection to all sensitive controller actions, integrates configurable CAPTCHA (reCAPTCHA v2/v3, Turnstile) for authentication and registration flows, and centralizes input validation via a new InputValidator helper. Adds new helpers and services for CSRF and CAPTCHA, updates settings and migration for CAPTCHA configuration, and enhances logging and error handling in TLD registry import processes. Also improves validation for user, domain, group, and profile inputs throughout the application.
