E.Noorlander/CodePress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
72 Commits 2 Branches 2 Tags
Commit Graph

9 Commits

Author SHA1 Message Date
Edwin Noorlander
bfd6989060 Add comprehensive security hardening and penetration testing suite 
- Fix XSS vulnerability in language parameter with whitelist validation
- Add input sanitization for page parameters (HTML escaping, path traversal protection)
- Implement security headers (CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy)
- Block PHP execution in content directory via router protection
- Add parameter length limits (255 chars max)
- Remove X-Powered-By header to prevent version disclosure
- Include automated penetration test suite (40+ security tests)
- Add comprehensive security documentation and test reports

Security improvements protect against XSS, path traversal, code injection,
command injection, template injection, and information disclosure attacks.
All 30 penetration tests pass with 100/100 security score.
 2025-11-24 16:03:22 +01:00
Edwin Noorlander
863661612a ## Major CodePress CMS Enhancement 
### 🚀 New Features
- **League CommonMark Integration**: Replaced basic Markdown parser with full CommonMark 2.7 support
- **Bootstrap Sass Architecture**: Modern SCSS build system with Bootstrap 5.3.8
- **Enhanced Navigation**: Uses filenames instead of H1 titles for consistency
- **Improved Styling**: Transparent navigation backgrounds, no rounded corners

### 🎨 UI/UX Improvements
- Navigation items now use formatted filenames (e.g., "kennis-boven-aantallen" → "Kennis Boven Aantallen")
- Transparent navigation backgrounds with subtle hover effects
- Removed rounded corners from first-level navigation
- 50% opacity navigation background using Bootstrap variables

### 🔧 Technical Improvements
- **Class Organization**: Extracted CodePressCMS and SimpleTemplate to separate files
- **Full PHPDoc Documentation**: Complete documentation for all methods
- **Modern Build Process**: npm scripts for SCSS compilation
- **Enhanced Markdown Support**: Tables, strikethrough, task lists, autolinks
- **Security**: Proper HTML sanitization with CommonMark

### 📦 Dependencies
- Added `league/commonmark` for professional Markdown parsing
- Added `bootstrap` for SCSS-based styling
- Updated `sass` build process

### 🐛 Bug Fixes
- Fixed content directory path configuration
- Resolved navigation title inconsistencies
- Improved Markdown bold/italic formatting
- Fixed homepage 404 issues

### 🔄 Migration Notes
- Content directory moved from `content/` to `public/content/`
- Navigation now displays filenames instead of content H1 titles
- CSS now compiled from SCSS source files

The CMS now provides a professional, modern experience with robust Markdown support and clean, maintainable code architecture.
 2025-11-21 20:23:20 +01:00
Edwin Noorlander
a86809c243 Refactor: Replace sidebar with horizontal navigation bar 
- Remove sidebar and toggle functionality
- Add Bootstrap navbar with dropdown menus
- Move navigation to top between header and content
- Update menu rendering for Bootstrap dropdowns
- Clean up unused files (header.mustache, sidebar.mustache, sidebar.js)
- Add guide link with book icon in footer
- Simplify layout structure
- Remove duplicate code and fix syntax errors
- Add .gitignore for node_modules and other temp files
 2025-11-21 14:23:41 +01:00
Edwin Noorlander
0f1c7234b8 Implement modern sidebar navigation with hamburger menu 
- Add responsive sidebar with hamburger toggle functionality
- Implement dual toggle buttons (inner/outer) for better UX
- Fix sidebar positioning to not overlap header and footer
- Add sticky footer with proper z-index layering
- Download and integrate Bootstrap source maps locally
- Optimize toggle icons: smaller, cleaner, no button styling
- Ensure sidebar respects footer boundaries
- Add smooth transitions and hover effects
- Fix active page highlighting and folder auto-expansion
- Create professional W3Schools-style navigation
- Maintain full offline capability with local assets
 2025-11-19 18:02:48 +01:00
Edwin Noorlander
494ae7dc3b Restructure project for security and offline capability 
- Move content outside public web root for security
- Consolidate all code and assets in engine/ directory
- Download Bootstrap locally for offline functionality
- Update public/ to contain only entry point files
- Add router.php for PHP development server security
- Update README.md with new structure and setup instructions
- Block direct access to content files via URL
- Maintain clean separation between content and code
 2025-11-19 17:05:25 +01:00
Edwin Noorlander
277f86346d Enhance directory listing with article previews 
- Replaced simple list with card-based layout
- Added article previews (title + excerpt)
- Removed rounded corners (rounded-0)
- Added 'Lees meer' button
- Improved visual hierarchy for folders vs files
 2025-11-19 16:05:24 +01:00
Edwin Noorlander
8e781fcdc4 Enable directory browsing and clickable breadcrumbs 
- Made all breadcrumb items clickable
- Added automatic directory listing generation for folders without index files
- Folders now show a list of their contents instead of 404
- Improved navigation UX by allowing browsing through folder structure
 2025-11-19 16:02:18 +01:00
Edwin Noorlander
231c73c5af Fix breadcrumb navigation for directories 
- Breadcrumb items for directories are now only clickable if an index file exists
- Prevents 404 errors when clicking on folder names in breadcrumb
- Non-clickable directory items are shown as active text
- Improves navigation UX and prevents broken links
 2025-11-19 14:55:33 +01:00
Edwin Noorlander
8a01d0bc99 Fix e.noorlander branch - add missing PHP files to public 
- Copied index.php, config.php, and templates to public/
- e.noorlander branch now works correctly
- Personal blog content accessible again
- All branches now have proper public directory structure
 2025-11-19 14:12:43 +01:00