Introduce selectable webhook payload formats and Google Chat rich-card support. NotificationGroupController now reads and validates a webhook_format option (generic, google_chat, simple_text) and logs a warning if Google Chat format is chosen but the URL does not look like chat.googleapis.com. WebhookChannel gains format constants, a payload builder (generic/simple text/Google Chat card), improved Content-Type header, enhanced logging with masked URLs, response truncation, payload previews, and better RequestException handling. Views updated to expose a Webhook Format dropdown, contextual help (including Google Chat setup instructions), dynamic placeholders/help text, and include the selected format when testing/saving webhooks. These changes add format flexibility and improve observability and safety when sending webhook notifications.
Require POST and CSRF verification for destructive endpoints (profile delete, notification delete, clear-all) and update routes accordingly. Replace GET-based delete links with POST forms (including csrf_field()) and add hidden form submission for "clear all" and account deletion via JS. Add server-side request method checks and verifyCsrf() calls in NotificationController and ProfileController. Improve mobile UX: add sidebar overlay, open/close controls (including swipe-to-close), close button, prevent body scroll when sidebar open, responsive search placeholder and adjusted search/top-nav styling, and minor layout tweaks (truncate app name, adjust notification dropdown width). Also minor whitespace/formatting cleanups.
Enhanced error deduplication by matching on type, file, line, and message. Updated error occurrence counting and admin stats to reflect deduplicated errors. Refactored error resolution and deletion to operate on all matching errors. Improved error occurrence display in the admin detail view for clarity and accuracy.
Implemented logic to create in-app (bell icon) notifications for users when domains are expiring or have expired. The notification recipients are determined by the user isolation mode: in isolated mode, only the domain owner (or group owner) is notified; in shared mode, all active users receive the notification. This applies to both the main check and the retry queue.
Added CSRF protection and enforced POST requests for user delete and toggle status actions in UserController. Updated the users index view to use JavaScript for submitting POST forms with CSRF tokens for these actions, improving security and user experience. Also improved login success messages to include the user's full name.
Implements detection of rate limiting in WHOIS and RDAP responses in WhoisService, tracks last error type, and exposes methods to check and clear rate limit errors. Updates check_domains.php to queue domains that fail due to rate limits for retry with exponential backoff, grouped by TLD to avoid repeated rate limiting. Adds statistics and logging for retries and successful retry attempts, and introduces delays between checks and retries to reduce the likelihood of hitting rate limits.
Introduces controller actions and UI modals for admins to edit WHOIS and RDAP servers for TLDs. Updates redirect logic to return users to the correct page after actions. Adds new POST routes for updating WHOIS and RDAP servers. Improves clipboard copy feedback in the debug WHOIS view.
Introduces Pushover as a notification channel with validation and form handling in the group edit view. Also updates the bootstrap script to create and set permissions for the avatar uploads directory.
Introduces Pushover as a new notification channel with priority-based alerts, device targeting, and custom sounds. Enhances domain status detection for .nl and .eu domains, ensuring accurate handling when expiration dates or explicit status flags are missing. Fixes PHP 8.x compatibility issues with null parameters in date functions and improves error handling and logging by replacing error_log() with a centralized Logger service. Updates documentation and migrations for version 1.1.1.
- Add avatar upload with Gravatar fallback and initials
- Fix false "available" detection for registered domains
- Clean up WHOIS status parsing and server display
- Update cron job to sync all WHOIS fields
- Fix TLD cache and .me domain parsing issues
- Add tags and domain_tags tables
- Support tag management
- Support user isolation (global/private tags)
- Add filtering all domain views to operations
- Update all domain views automatically
Enhanced RDAP response handling to better detect domain availability by checking for 'free' and 'available' statuses in DebugController. WhoisService now normalizes 'free' status to 'AVAILABLE' for consistency in output.
Added checks to ensure vCard fields are arrays with at least 4 elements before accessing their values. This prevents potential errors when parsing registrar and abuse contact information from RDAP responses.
Added 'does not exist' and 'queried object does not exist' to the regex for detecting available domains in WHOIS responses, improving coverage for more registrar messages.
Introduces Mattermost as a new notification channel, including backend service integration, controller validation, UI form fields, and updates to channel type enums in the database schema and migrations. This enables users to configure and send notifications via Mattermost webhooks.
Replaced channel toggle and delete links with POST forms including CSRF protection for better security. Added a hidden group_id input to the channel creation form and improved JavaScript to reliably obtain group_id from the form or URL. Also added support for 'webhook' channel type in the testChannel function.
Introduces 'webhook' as a new channel_type option in the notification_channels table to support custom webhook integrations. Updates migration logic and adds a new migration script for this schema change.
Updated all error and warning logging in TldRegistryService to use the injected logger instead of error_log. This improves consistency and allows for better log management and integration with application logging systems.
Updates calls to importLogModel->completeImport in exception handlers to include a 'failed' status parameter, ensuring clearer logging of failed import operations.
Eliminated Brotli compression support checks and related logging from TldRegistryService. All HTTP clients now explicitly use gzip and deflate encodings only, with cURL options set to disable automatic content decoding and restrict accepted encodings. This simplifies the code and avoids Brotli-related compatibility issues.
Enhanced the brotli support check by adding multiple detection methods: encoding field, features bitmask, and minimum version check. The detection results now include detailed checks and a final decision, improving reliability and logging for brotli support detection.
Enhanced Brotli support detection with detailed logging of detection results. Added logHttpRequest method to log HTTP request and response details for debugging, and integrated it into all HTTP client instantiations using the on_stats callback. Improved client creation logging and refactored Accept-Encoding header handling for clarity.
Introduces a static method to check for Brotli compression support and conditionally includes 'br' in the Accept-Encoding header for HTTP requests. Also removes old incremental migration files from the installer controller.
Refactored InstallerController to use a Logger for structured install/update logs and improved migration detection logic to avoid partial table creation on fresh installs. Enhanced migration execution robustness, clarified handling of consolidated schema, and improved error handling and admin notification. Moved user_notifications table creation in the initial schema to follow domains table for correct foreign key references.
Updated controllers and routes to use RESTful resource-based URLs and parameter passing for groups, users, and notification channels. Added user isolation checks for domain and group access, ensuring proper data filtering based on isolation mode. Adjusted views to match new route structure and improved security and maintainability by removing reliance on query parameters for resource identification.
Renamed generic 'stats' variables to more specific names such as 'domainStats', 'errorStats', 'tldStats', and 'importStats' across controllers and views. This improves code readability and reduces ambiguity when handling different types of statistics in the application.
Moved the assignment of the current user ID ($userId) to the beginning of relevant methods instead of inside conditional blocks. This improves code clarity and avoids redundant calls to Auth::id().
