Require POST and CSRF verification for destructive endpoints (profile delete, notification delete, clear-all) and update routes accordingly. Replace GET-based delete links with POST forms (including csrf_field()) and add hidden form submission for "clear all" and account deletion via JS. Add server-side request method checks and verifyCsrf() calls in NotificationController and ProfileController. Improve mobile UX: add sidebar overlay, open/close controls (including swipe-to-close), close button, prevent body scroll when sidebar open, responsive search placeholder and adjusted search/top-nav styling, and minor layout tweaks (truncate app name, adjust notification dropdown width). Also minor whitespace/formatting cleanups.
- Add tags and domain_tags tables
- Support tag management
- Support user isolation (global/private tags)
- Add filtering all domain views to operations
- Update all domain views automatically
Renamed generic 'stats' variables to more specific names such as 'domainStats', 'errorStats', 'tldStats', and 'importStats' across controllers and views. This improves code readability and reduces ambiguity when handling different types of statistics in the application.
Moved global stats logic from LayoutHelper to Domain model and updated views/controllers to use the new stats structure. Replaced direct $_SESSION['user_id'] access with Core\Auth::id() for consistency. Cleaned up redundant code and improved isolation mode handling for statistics.
Updated footer sections across multiple views to include a link to the Domain Monitor GitHub repository. This provides users with easy access to the project's source code and additional information.
Introduces error log tracking with new ErrorLog model, controller, views, and migration. Adds admin UI for viewing, resolving, and deleting errors. Implements bulk actions for users and notification groups, refactors domain filtering/pagination, and centralizes admin access checks using Auth::requireAdmin().
