Flatboard 3.7: SHIKOKU

Fred Sunday 31st August 2025, 23:02:17

Dont forget to backup first and update!
=== 3.7 - Release date: 2025-09-01 ===

Enhanced PRO plugins

All plugins in the PRO version have been updated and enhanced with additional options.
Social Share
Reaction
Page for Premium

Enhanced CAPTCHA System

The CAPTCHA has been enhanced with added noise and more characters to improve security.

Enhanced Login System Improvements

Here are the key improvements made to the login system:

Secure session_start() Configuration:

Used ini_set() to enforce secure session settings (e.g., session.cookie_httponly, session.cookie_secure).
Ensured sessions are configured to prevent common vulnerabilities.

Removed Unnecessary Cookie:

Eliminated redundant cookies by storing all session data server-side.
Improved security by reducing client-side exposure.

Session Binding to IP/User-Agent:

Added validation to tie sessions to the user's IP address and User-Agent.
Prevents session hijacking by ensuring consistency between requests.

Session Timeout:

Implemented a 30-minute inactivity timeout.
Automatically logs out users after the specified period.

Failed Login Attempt Logs:

Added logging for failed login attempts (IP, timestamp, username).
Enhances security monitoring and intrusion detection.

Session ID Regeneration on Logout:

Regenerates the session ID upon logout to prevent session fixation.
Ensures a clean state for subsequent logins.

Comprehensive PHPDoc Documentation:

Added detailed PHPDoc comments in French for all modified classes/methods.
Improves code maintainability and developer understanding.

Enhanced Login System Improvements
PHP Version Compatibility:

These changes are backward-compatible with PHP versions prior to 8.4, as the ?array syntax for nullable types has been supported since PHP 7.1. After making these changes, the code should work without warnings in PHP 8.4 and later, while remaining compatible with older versions.

RSS/ATOM FIX Applied

1. Object-Oriented Structure

Created AtomFeedGenerator class that encapsulates all logic
Separated responsibilities with specialized methods
Better code reusability and maintainability

2. Performance Improvements

Result Limitation: Added default limit of 20 entries to prevent feed overload
HTTP Caching: Added cache headers (5 minutes) to reduce server load
Loop Optimization: Used array_slice() to limit processing

3. Enhanced Security

Improved XML Escaping: Using ENT_XML1 | ENT_QUOTES for better security
Error Handling: Added global try-catch with error logging
Data Validation: Additional checks before processing

4. Readability and Maintenance

Constants: Defined constants for repeated values
Short Methods: Split into specialized methods under 20 lines
Explicit Naming: More descriptive method and variable names
Documentation: PHPDoc comments for each method

5. Specific Optimizations

XML Generation: Used heredoc for better readability
Reduced DB Calls: Cached results in local variables
Empty Case Handling: Specialized methods for empty feeds

6. Robustness

Null Checks: Systematic validation before using data
Error Management: Default return values in case of issues
Logging: Error recording for debugging purposes

Last modified by Fred on Saturday 29th November 2025, 20:21:00

Before ask a question, read the documentation.

🎉 Featured as #1 product of the day on Product Hunt

Please like in alternativeto.net 👍🏻

╰☆╮Flatboard╰☆╮ is a open source and community contributions are essential to project success!

<TextField>, my new CMS project designed by a passionate developer, for developers!

My last project Fast⚡︎CMS, a Flat-File cms.

I am currently busy 😫.