# Changelog

All notable changes to NEXERA Africa will be documented in this file.

## [2.0.0] - 2026-07-15 (Security Release)

### 🚨 Critical Security Fixes
- **REMOVED** hardcoded database password from `config/db.php`
- **REMOVED** hardcoded Pi API key from `config/pi.php`  
- **DELETED** `test.php` containing phpinfo() exposure
- **DELETED** `test_db_connection.php` diagnostic file
- **DELETED** `test_pi_backend.php` diagnostic file
- **DELETED** `pi-test-admin.php` test file
- **DELETED** `pi-test-checkout.html` test file
- **REMOVED** validation-key.txt files from web-accessible locations

### 🔒 Security Enhancements
- Added `.htaccess` with comprehensive security rules
- Implemented public/private directory separation
- Added rate limiting on login/register endpoints (5 attempts/5min)
- Implemented session regeneration after login (prevents fixation)
- Changed error messages to generic (no user enumeration)
- Removed admin role from user registration form
- Added Content-Security-Policy headers
- Added X-Frame-Options, X-Content-Type-Options headers
- Added CSRF token meta tag for AJAX requests
- Fixed SQL column name in ban_vendor.php (blocked vs is_banned)
- Password strength indicator added to registration form
- Minimum password length enforced (8 characters)

### 📁 Structural Improvements
- Created proper public/ document root directory
- Moved source code outside web root (src/, config/, templates/)
- Consolidated upload directories into public/uploads/products/
- Created storage/ for logs, cache, sessions (outside web root)
- Organized templates/ for header, footer, error pages
- Added .gitignore for sensitive files
- Added .env.example template for deployment
- Reorganized docs/ for SQL schemas and documentation

### ✅ Code Quality Fixes
- Standardized error handling (no stack traces to users)
- Added input sanitization helpers (sanitize_int, sanitize_email)
- Improved CSRF field helper function
- Enhanced file upload security (MIME validation via finfo)
- Added audit logging for admin actions
- Consistent output encoding (htmlspecialchars) throughout
- Mobile-responsive navigation styles

### 📄 New Files Added
- `.htaccess` - Apache security configuration
- `.gitignore` - Version control exclusions
- `.env.example` - Environment variable template
- `public/.htaccess` - Public directory rules
- `templates/errors/403.html` - Access denied page
- `templates/errors/404.html` - Not found page
- `templates/errors/503.html` - Service unavailable page
- `README.md` - Project documentation
- `CHANGELOG.md` - This file

### 🔄 Modified Files
- `config/database.php` - Removed hardcoded credentials
- `config/env.php` - Cleaned up environment loader
- `config/pi.php` - Removed hardcoded API key
- `login.php` - Added rate limiting, session regeneration
- `register.php` - Removed admin role option, added password strength
- `ban_vendor.php` - Fixed column name, added CSRF
- `unban_vendor.php` - Added CSRF, proper error handling
- `templates/header.php` - Security meta tags, output encoding
- `templates/footer.php` - Consistent footer design
- `src/functions.php` - Rate limiting helpers, secure functions

### ⚠️ Breaking Changes
- Document root must now point to `public/` directory
- Environment variables required (see .env.example)
- Admin role can no longer be self-selected during registration
- Test/diagnostic files removed (use separate dev environment)

---

## [1.0.0] - Initial Release
- Basic marketplace functionality
- Pi Network payment integration
- Multi-language support (EN, FR, RW, SW)
- User/Vendor/Admin role system
- Product listing and management
