Introduce selectable webhook payload formats and Google Chat rich-card support. NotificationGroupController now reads and validates a webhook_format option (generic, google_chat, simple_text) and logs a warning if Google Chat format is chosen but the URL does not look like chat.googleapis.com. WebhookChannel gains format constants, a payload builder (generic/simple text/Google Chat card), improved Content-Type header, enhanced logging with masked URLs, response truncation, payload previews, and better RequestException handling. Views updated to expose a Webhook Format dropdown, contextual help (including Google Chat setup instructions), dynamic placeholders/help text, and include the selected format when testing/saving webhooks. These changes add format flexibility and improve observability and safety when sending webhook notifications.
Implements detection of rate limiting in WHOIS and RDAP responses in WhoisService, tracks last error type, and exposes methods to check and clear rate limit errors. Updates check_domains.php to queue domains that fail due to rate limits for retry with exponential backoff, grouped by TLD to avoid repeated rate limiting. Adds statistics and logging for retries and successful retry attempts, and introduces delays between checks and retries to reduce the likelihood of hitting rate limits.
Introduces Pushover as a new notification channel with priority-based alerts, device targeting, and custom sounds. Enhances domain status detection for .nl and .eu domains, ensuring accurate handling when expiration dates or explicit status flags are missing. Fixes PHP 8.x compatibility issues with null parameters in date functions and improves error handling and logging by replacing error_log() with a centralized Logger service. Updates documentation and migrations for version 1.1.1.
- Add avatar upload with Gravatar fallback and initials
- Fix false "available" detection for registered domains
- Clean up WHOIS status parsing and server display
- Update cron job to sync all WHOIS fields
- Fix TLD cache and .me domain parsing issues
Enhanced RDAP response handling to better detect domain availability by checking for 'free' and 'available' statuses in DebugController. WhoisService now normalizes 'free' status to 'AVAILABLE' for consistency in output.
Added checks to ensure vCard fields are arrays with at least 4 elements before accessing their values. This prevents potential errors when parsing registrar and abuse contact information from RDAP responses.
Added 'does not exist' and 'queried object does not exist' to the regex for detecting available domains in WHOIS responses, improving coverage for more registrar messages.
Introduces Mattermost as a new notification channel, including backend service integration, controller validation, UI form fields, and updates to channel type enums in the database schema and migrations. This enables users to configure and send notifications via Mattermost webhooks.
Updated all error and warning logging in TldRegistryService to use the injected logger instead of error_log. This improves consistency and allows for better log management and integration with application logging systems.
Updates calls to importLogModel->completeImport in exception handlers to include a 'failed' status parameter, ensuring clearer logging of failed import operations.
Eliminated Brotli compression support checks and related logging from TldRegistryService. All HTTP clients now explicitly use gzip and deflate encodings only, with cURL options set to disable automatic content decoding and restrict accepted encodings. This simplifies the code and avoids Brotli-related compatibility issues.
Enhanced the brotli support check by adding multiple detection methods: encoding field, features bitmask, and minimum version check. The detection results now include detailed checks and a final decision, improving reliability and logging for brotli support detection.
Enhanced Brotli support detection with detailed logging of detection results. Added logHttpRequest method to log HTTP request and response details for debugging, and integrated it into all HTTP client instantiations using the on_stats callback. Improved client creation logging and refactored Accept-Encoding header handling for clarity.
Introduces a static method to check for Brotli compression support and conditionally includes 'br' in the Accept-Encoding header for HTTP requests. Also removes old incremental migration files from the installer controller.
Moved admin/user isolation checks and related methods from Domain and NotificationGroup models to User model for better separation of concerns. Replaced direct database queries in controllers and services with new model methods. Added methods for assigning unassigned domains/groups, searching domains, and clearing old notification logs. Updated views for improved UI consistency.
Replaced error_log calls with structured logging using the Logger class in DiscordChannel, SlackChannel, TelegramChannel, and WebhookChannel. Log success and error cases with relevant context for improved observability and debugging.
Introduces a new 'Webhook (Custom)' notification channel allowing users to send JSON payloads to any HTTP endpoint (e.g., n8n, Zapier, custom APIs). Updates the UI to support webhook configuration, adds backend validation, and implements the WebhookChannel for sending notifications. Documentation is updated with usage instructions and payload examples.
Introduces two-factor authentication (2FA) with TOTP, backup codes, and email codes. Adds controllers, services, views, and migration for 2FA setup, verification, and management. Updates user and settings models, email helper, and relevant controllers to support 2FA policy enforcement, configuration, and user flows. Enhances security by allowing admins to require or disable 2FA, and provides backup code generation and management for account recovery.
Extracted all email sending logic into a new EmailHelper class for centralized management and improved error handling. Updated AuthController, SettingsController, and EmailChannel to use EmailHelper for sending emails and logging. Added auto-detection of SMTP encryption based on port in both backend (SettingsController) and frontend (settings view), improving user experience and reducing misconfiguration. Enhanced logging for email operations and improved UI feedback for encryption selection.
Updated date parsing logic to distinguish between ISO 8601 dates with timezone information and plain database datetimes. Plain datetimes are now explicitly parsed as UTC to ensure consistent handling and comparison.
Refactored error log model and views to use a unified 'notes' field instead of 'resolution_notes'. Added a modal dialog for entering resolution notes when marking errors as resolved in admin views. Improved stack trace handling in ErrorHandler by storing as JSON and formatting for display. Expanded NotificationService to support multi-channel notifications (email, Telegram, Discord, Slack), group notifications, and improved domain expiration alerts.
Updated the assignment of 'registration_date' and 'record_last_updated' fields to use the normalizeDate method, ensuring consistent date formatting in the TldRegistryService output.
Introduces error log tracking with new ErrorLog model, controller, views, and migration. Adds admin UI for viewing, resolving, and deleting errors. Implements bulk actions for users and notification groups, refactors domain filtering/pagination, and centralizes admin access checks using Auth::requireAdmin().
Introduces CSRF protection to all sensitive controller actions, integrates configurable CAPTCHA (reCAPTCHA v2/v3, Turnstile) for authentication and registration flows, and centralizes input validation via a new InputValidator helper. Adds new helpers and services for CSRF and CAPTCHA, updates settings and migration for CAPTCHA configuration, and enhances logging and error handling in TLD registry import processes. Also improves validation for user, domain, group, and profile inputs throughout the application.
