Version 4 (Final)

4.08: Added omit_public option for version notes logs so entries can be hidden from the front-end /versions pages without affecting admin. Includes admin edit checkbox (grouped + ungrouped) and front-end filtering (omitted children excluded from release notes/history). 4.08 a: - Added omit_public option for version notes logs so entries can be hidden from the public /versions pages without affecting admin. - Added admin edit checkbox (modal + edit page) to toggle omit. - Added "Omit?" column on the admin Version Notes list. 4.08 a: Admin Version Notes list now shows an Omit? column (Yes/No) so you can quickly see which log entries are hidden from the public /versions pages (omit_public).

Converted From -DevelopersAccess_4.07_a_RoleAfterLoginPath_SafeClamp_CodeOnly.zip — Re-introduce role.after_login_path UI + saving on Role Edit. Add SAFE role-based post-login redirect: uses role override only for redirect, never permissions. Clamp: non-admin/staff users cannot be redirected to /admin even if role path is set. No DB migrations included (roles.after_login_path already exists in 4.07 database.sql). Converted From -DevelopersAccess_4.07_b_RoleLoginPortal_UI_Enforce_CodeOnly.zip — Add Role-level Login Portal setting (Default/Public/Admin) to Roles → Edit. Enforce role login portal at sign-in: roles can require /login or /admin/login (including custom admin login paths). Safety: this does not grant admin access; it only controls which login page a user must use. Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Converted From -DevelopersAccess_4.07_c_RoleLoginPortal_NonNullFix_CodeOnly.zip — Role login_portal selector + enforcement. Role after_login_path fallback with /admin clamp. Fix: never save roles.login_portal as NULL. Converted From -DevelopersAccess_4.07_d_LoggedInHeaderFooterFix_CodeOnly.zip — Fix: Logged-in Header/Footer visibility now respects domains.show_header_auth / show_footer_auth overrides in front layout. No DB changes. Only updates front/layouts/default.blade.php logic to apply *_auth when authenticated and non-null. Converted From -DevelopersAccess_4.07_e_AuthHeaderFooter_AdminPortalFix_CodeOnly.zip — Fix: domain Header/Footer Visibility now respects logged-in overrides (show_header_auth/show_footer_auth) on front layout. Fix: admin/staff accounts can no longer sign in through /login; robust portal detection (path-based) and role login_portal enforcement for non-staff. Converted From -DevelopersAccess_4.07_f_HeaderFooterLoginPortalMerge_CodeOnly.zip — Fix: Logged-in Header/Footer visibility now resolves using Domain::resolveShowHeader/resolveShowFooter (restored from 4.06) with support for both logged-in columns (show_header_logged_in/show_footer_logged_in) and legacy auth columns (show_header_auth/show_footer_auth). Fix: Domain Header & Footer Visibility save endpoint now writes/syncs both logged-in override columns and legacy auth columns when present. Fix: Admin/Staff login portal enforcement hardened — accounts with any admin-only menu items are forced to use /admin/login (or custom admin login path), even if role names are custom (prevents admin signing in via /login). No other behavior changes. Converted From -DevelopersAccess_4.07_g_AuthHeaderFooter_And_LoginPortal_BaselineMerge_CodeOnly.zip — Fix: Logged-in header/footer visibility now respects logged-in overrides (supports both show_*_logged_in and show_*_auth column families). Fix: header.blade.php and footer.blade.php no longer bail early based only on visitor toggles; they call Domain::resolveShowHeader/resolveShowFooter when available. Fix: DomainLayoutSettingsController syncs both logged-in column families when saving. Fix: Admin/Staff portal enforcement treats any user with admin/staff menu access as admin/staff for login portal rules (prevents admin accounts logging in via /login). Converted From -DevelopersAccess_4.07_h_LoginPortalDetectionFix_CodeOnly.zip — Fix: Login portal detection no longer misclassifies /admin/login as the public /login portal (prevents false 'Please sign in at /admin/login' blocks while already on /admin/login). Behavior: Public portal detection is now exact (/login) and is explicitly excluded when the request is on an admin portal route/path. Scope: Code-only patch; only updates AuthenticatedSessionController portal detection logic. Converted From -DevelopersAccess_4.07_i_RoleAfterLoginRedirectFix_CodeOnly.zip — Fix: Role After Login Redirect now works again for ALL role storage styles (Spatie roles, role_id, role_model, legacy users.role). Merge-safe: Keeps v4.07 login portal enforcement (admin/staff must use /admin/login; role login_portal respected). Safety: Redirects into /admin are allowed only for admin/staff OR roles that actually have admin-menu access (menus.is_admin via menu_role). Converted From -DevelopersAccess_4.07_j_AdminLoginPortalDetection_Fix_CodeOnly.zip — Fix login portal detection: do not treat /admin/login as public /login (removes endsWith('/login') false-positive). Keeps admin/staff blocking on /login and allows admin/staff + admin-portal roles to sign in via /admin/login so role after-login redirects can be tested. Converted From -DevelopersAccess_4.07_k_RoleAfterLoginRedirect_AdminPortalIntendedFix_CodeOnly.zip — Fix role after-login redirect not firing when signing in via admin portal: clear the session intended URL if it points to a public page. Rule: when logging in via /admin/* (or for admin/staff, or roles requiring the admin portal), only allow intended redirects under /admin; otherwise redirect to the computed after-login path (user/role/domain). Does not change permissions; it only prevents accidental post-login bounce back to public pages.

Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_26_000001_add_under_construction_and_rightclick_to_pages_table 53ms DONE 2026_01_26_000002_add_welcome_email_fields_to_domains_table ..... 100ms DONE Exit code: 0 Converted From -DevelopersAccess_4.06_w1_a3_UnderConstruction_PreviewOverlay_CodeOnly.zip — Fix: Under Construction overlay now displays on /pages/{slug}/preview so admins can verify it (applies to both normal and custom page views). No other changes. Converted From -DevelopersAccess_4.06_w1_a4_UserImages_PathFix_CodeOnly.zip — Fix: Page content now auto-corrects editor image/link paths that start with 'User Images/...' (no leading slash) so they work on nested URLs like /pages/{slug}/preview. No other changes. Converted From -DevelopersAccess_4.06_w1_a5_UserImages_AliasToUploads_CodeOnly.zip — Fix: 'User Images/...' paths inside page content are now correctly mapped to the public /uploads/users/... URL (elFinder alias), so images load on normal view AND /pages/{slug}/preview. Also URL-encodes each path segment to safely handle spaces. No other changes. Converted From -DevelopersAccess_4.06_w1_a6_CustomView_ParseErrorFix_CodeOnly.zip — Fix ParseError on custom page preview: escape single-quote in User Images regex so Blade/PHP parsing does not break. Keeps User Images alias -> /uploads/users conversion so Under Construction image paths render correctly on /pages/{slug}/preview. Converted From -DevelopersAccess_4.06_w1_a7_UnderConstruction_ImageOverlay_CodeOnly.zip — Under Construction overlay now displays the configured image (defaulting to User Images/administrator-1/TlNOXtSH77SP6c1VT5VA.png) and maps the elFinder 'User Images' alias to the public /uploads/users path. Keeps prior behavior: overlay shows on /pages/{slug}/preview even for admin/staff so it can be verified. Converted From -DevelopersAccess_4.06_w1_a8_UnderConstruction_FullscreenImageOverlay_CodeOnly.zip — Under Construction overlay now uses the under-construction image as a full-screen background (closer to the login example). Preview route (/pages/{slug}/preview) still shows the overlay even for admin/staff so you can verify it. Converted From -DevelopersAccess_4.06_w1_a9_UnderConstruction_Transparency_NoMessageCard_CodeOnly.zip — Pages: add per-page 'Transparent Overlay' toggle for Under Construction overlay (stored in pages.under_construction_transparent). Under Construction overlay: veil opacity becomes lighter when 'Transparent Overlay' is ON. Under Construction overlay: if under_construction_message is blank, the message card is not rendered (image overlay only). Migration: adds pages.under_construction_transparent boolean (default false). Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_27_000001_add_under_construction_transparent_to_pages_table 76ms DONE Exit code: 0 Converted From -DevelopersAccess_4.06_w1_a10_UCTransparencyToggle_RoleTooltips_LoginPortalEnforce_CodeOnly.zip — Pages: Under Construction Overlay toggle now saves OFF correctly (hidden input fix). Pages: Added Under Construction Overlay Transparency slider (0–100%) + new pages.under_construction_transparency column (migration included). Front overlay: Uses requested User Images/administrator-1/TlNOXtSH77SP6c1VT5VA.png fullscreen background; veil opacity driven by transparency %. Front overlay: If Under Construction message is blank, only the overlay renders (no message card). Roles: Restored hover tooltip on user-count badge (shows assigned users). Roles: Role edit now receives and displays users assigned to the role. Roles: login_portal now stores 'public'/'admin' correctly (was saving 0/1). Auth: Enforced role block_login + login_portal at login (both legacy and LoginRequest flows). Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_27_000001_add_under_construction_transparency_to_pages_table 49ms DONE Exit code: 0 Converted From -DevelopersAccess_4.06_w1_a11_UC_BGandVeil_TransparencyFix_CodeOnly.zip — Under Construction overlay: split transparency controls into two sliders (Background Image Transparency + Overlay Veil Transparency). Fix transparency logic so the slider affects the overlay veil (not the background image), and add separate background image transparency control. Overlay rendering: use layered divs so the background image + veil always cover the full viewport and fully block underlying page interaction. Admin Pages create/edit: repair the Under Construction UI block so sliders render correctly and show their % value. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_27_000002_add_under_construction_background_transparency_to_pages_table 41ms DONE Exit code: 0 Converted From -DevelopersAccess_4.06_w1_a12_UC_VeilOnlyTransparency_CodeOnly.zip — Under Construction overlay: transparency now controls ONLY the dark veil (overlay) — background image stays fully visible. Admin Pages create/edit: removed the extra Background Image Transparency slider and fixed stray characters/braces leaking into the UI. Data normalization: set existing under_construction_transparency values of 0 to 70 so the overlay doesn't appear as a black screen by default. Controller: stop validating/saving background transparency; keep only under_construction_transparency (veil). Converted From -DevelopersAccess_4.06_w1_a13_UC_OverlayTransparency_LinkImageAndVeil_CodeOnly.zip — Fix: Under Construction overlay transparency now controls BOTH the overlay veil tint and the construction background image opacity (0% = full overlay, 100% = show page behind). Fix: Removed the always-opaque black base layer so the page can be seen when transparency is increased. UI: Updated the admin label to clarify the transparency behavior. Converted From -DevelopersAccess_4.06_w1_a14_UC_PreviewDetectFix_CodeOnly.zip — Fix: Under Construction overlay now detects preview URLs reliably (route name variations + /pages/*/preview) so the overlay and transparency apply in preview as expected. Converted From -DevelopersAccess_4.06_w1_a15_UC_RemoveExtraSlider_CodeOnly.zip — Fix: Removed the extra Under Construction transparency slider that had no backing field (it never saved / never changed anything). Fix: Cleaned up the Under Construction admin section markup so no stray braces render in the UI. UI: Keeps a single Overlay Transparency control tied to under_construction_transparency. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_27_000001_add_under_construction_fields_to_pages_table ... 63ms DONE 2026_01_27_000003_set_default_under_construction_transparency_value 31ms DONE Exit code: 0 Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_27_120000_add_under_construction_fields_to_pages_table ... 67ms DONE Exit code: 0 Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_28_000001_repair_under_construction_fields_on_pages_table 121ms DONE Exit code: 0

Converted From -developersaccess_v4.05_a_patch_codeonly.zip — Hardened public/guest entry points (Option 1): removed unsafe duplicate /notes routes that were reachable by guests but required auth (prevented guest crashes + accidental exposure of auth-only endpoints). Created centralized gate helper: app/Support/PublicFormGate.php (single source of truth for per-domain public form toggles + visitor-only notes bypass). Refactored DomainPublicFormGate middleware to use the centralized helper. Added belt-and-suspenders enforcement in public form controllers (Contact/Suggestions/Username Unlock) so POSTs stay blocked even if a route ever gets miswired. Converted From -developersaccess_v4.05_b_patch_codeonly.zip — Fix browser tab titles to use the active domain brand_name/site_name instead of the global default (admin + custom 404 + Breeze-style layouts). Admin pages now show the visited domain name in the tab bar. Custom 404 (errors.empty) tab title is now domain-aware. Fallback behavior: activeDomain binding -> host lookup -> default domain -> global settings. Converted From -developersaccess_v4.05_c_patch_codeonly.zip — Roles: added Login Portal switch (Public Login vs Admin Login) Auth: enforced portal rules so Administrator (and any role set to Admin Login) must sign in via /admin/login (or domain custom admin login path) Auth: blocked non-admin roles from using admin login when their role is set to Public Login DB: added roles.login_portal column (public/admin) with safe defaults Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_25_153000_ensure_public_forms_notes_enabled_on_domains_table 10ms DONE 2026_01_25_200000_add_login_portal_to_roles_table ................ 60ms DONE Exit code: 0 Converted From -developersaccess_v4.05_d_patch_codeonly.zip — Role Edit/Create: make Login Portal status text (Admin Login / Public Login) bold and automatically colored using the role’s Role Color. Edit page keeps status color in sync with Role Color picker/textbox (supports #RRGGBB and #RRGGBBAA). Create page status color updates live as the Role Color changes. Converted From -developersaccess_v4.05_e_patch_codeonly.zip — Roles index: make the 'X users' badge clickable to show the actual users assigned to that role. Add admin-only AJAX endpoint /admin/roles/{role}/users that returns users across mixed role storage (Spatie, pivot tables, users.role_id, users.role). Modal lists name + email with quick Edit link to /admin/users/{id}/edit. Converted From -developersaccess_v4.05_g_patch_codeonly.zip — Make Domain Edit header host clickable (opens domain in new tab). Add subtle hover underline + pointer cursor for the host link. Converted From -developersaccess_v4.05_h_patch_codeonly.zip — Fix: Login As (impersonation) no longer 404s under AdminPathGuard/menu gating. AdminPathGuard now allows admin.users.login_as for roles that have Users menu access (or admins). Converted From -developersaccess_v4.05_i_patch_codeonly.zip — Fix: Login As no longer 404s when route names come from legacy admin route files (auto-maps e.g. users.* -> admin.users.* for menu access checks). Fix: Backup Restore no longer throws 'domain_id required' when restoring platform backups (domain_id defaults to 0 when omitted). Converted From -developersaccess_v4.05_j_patch_codeonly.zip — Fix: Login As no longer 404s — custom admin login catch-all no longer hijacks /admin/.../login routes (ex: /admin/users/{id}/login). Fix: Backup Restore AJAX now always sends domain_id (0 = Platform) to satisfy validation and remove the popup error. Converted From -developersaccess_v4.05_k_patch_codeonly.zip — Roles: add per-role After Login Redirect Path field Auth: role after-login redirect takes precedence over domain after_login_path Listener: intended URL seeded from role after-login path when present DB: migration adds roles.after_login_path Converted From -developersaccess_v4.05_l_patch_codeonly.zip — Fix 1 ONLY: Role-based after-login redirect (role homepage for logged-in users). Adds roles.after_login_path column + safe migration (no-op if already present). Adds After-login Redirect Path field to Role Create/Edit. Login redirect precedence: role.after_login_path (when set) > domain.after_login_path > intended/default. Also updates RoleHomepageRedirect + SetIntendedFromDomain to honor role override consistently. Converted From -developersaccess_v4.05_m_patch_codeonly.zip — Restored Role Edit/Create UI for Login Portal (Admin vs Public) without removing other role settings. Added per-role After-login Redirect Path persistence in RoleCrudController (saved to roles.after_login_path). Fixed Role model cast for login_portal to string (was incorrectly cast to boolean). Included safe migrations for roles.login_portal and roles.after_login_path (no-op if columns already exist). Converted From -developersaccess_v4.05_n_patch_codeonly.zip — Fix: remove duplicate 'Login Portal' blocks on Role Edit screen (was rendering twice). Enhancement: render Login Portal label server-side (Admin Login / Public Login) and keep it bold + role-colored. JS: keep portal label synced and ensure fallback color + bold weight. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_25_235500_add_after_login_path_to_roles_table ............ 68ms DONE Exit code: 0 Converted From -developersaccess_v4.05_o_patch_codeonly.zip — Fix after-login redirect precedence: User override > Role override > Domain override > Default. Login now forces redirect to the resolved target (ignores stale intended URLs when overrides are set). Add users.after_login_path (nullable) migration + model fillable. RoleHomepageRedirect now respects per-user after_login_path (highest precedence). Admin UserController accepts after_login_path in update/create payloads. Converted From -developersaccess_v4.05_p_patch_codeonly.zip — Adds per-domain Logged-in Header/Footer overrides (inherit/on/off) and moves header/footer controls to a dedicated accordion section. Front layout now respects Logged-in overrides when authenticated; fallback order is Logged-in override → domain guest toggles → sitewide. Fixes domain favicon/title reliability by preferring active domain favicon_url, then settings.favicon/site_favicon. Adds migration: domains.show_header_auth & domains.show_footer_auth (nullable, NULL=inherit). Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_25_000001_add_after_login_path_to_users_table ............ 44ms DONE 2026_01_25_000002_add_domains_header_footer_auth_overrides ...... 121ms DONE Exit code: 0 Converted From -developersaccess_v4.05_q_patch_codeonly.zip — Front layout: apply domain header/footer visibility to all front pages (including logged-in /notes), with optional logged-in overrides (show_header_auth/show_footer_auth). Login redirect: fix role homepage/role after-login redirect resolution by preferring role_user pivot over legacy users.role; supports roles.after_login_path fallback when role_homepages has no match. Domain model: ensure fillable includes logged-in header/footer override fields. Converted From -developersaccess_v4.05_r_patch_codeonly.zip — Fix login redirect precedence: User after_login_path -> Role after_login_path -> Domain after_login_path -> Sitewide Setting -> /admin/dashboard. Wire domain Header & Footer Visibility for logged-in users using domain overrides (show_header_logged_in/show_footer_logged_in) with inherit/force on/force off. Add domains columns show_header_logged_in/show_footer_logged_in via migration (nullable = inherit). Admin head now uses active domain for title/favicon/cursors to prevent wrong-domain tab/branding bleed. Converted From -developersaccess_v4.05_s_patch_codeonly.zip — Fix: Logged-in Header/Footer overrides now apply on front pages (header/footer includes now use Domain::resolveShowHeader/resolveShowFooter). Fix: Logged-in Header/Footer override save error (added DomainLayoutSettingsController::updateHeaderFooterAuth back-compat endpoint). Fix: Post-login redirect precedence now supports per-user after_login_path as highest priority (before role homepage / role redirect / domain / sitewide). Fix: Remove global forever-caching of get_pages in helper files to avoid cross-domain bleed. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_25_000001_add_logged_in_header_footer_overrides_to_domains 147ms DONE Exit code: 0 Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Converted From -developersaccess_v4.05_u_patch_codeonly.zip — Fix: logged-in header/footer overrides now save (missing controller method) and apply on front pages. Fix: remove accidental Eloquent column query (Setting::get -> Setting::getValue) that caused SQL error for show_footer/show_header. Fix: Domain model now supports both *_logged_in and legacy *_auth columns, keeping them in sync. Fix: Public Forms toggles persist (fillable + casts). Converted From -developersaccess_v4.05_v_patch_codeonly.zip — Fix: show front-site header on public login/registration pages when domain header is enabled. Keeps admin login pages unchanged (still no header/footer). Keeps footer hidden on all auth screens (only header was requested). Converted From -developersaccess_v4.05_w_patch_codeonly.zip — Fix: allow the front-site header to render on /login when the domain has Show Header enabled. Fix: public_forms_username_unlock_enabled can now be saved from Domain Edit (added to Domain::$fillable). Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Converted From -developersaccess_v4.05_y_patch_codeonly.zip — Fix login page header rendering: allow the front-site header to appear on /login when the domain has show_header enabled. Fix critical SQL error: Domain model was calling Setting::get(...) (Eloquent Builder) which tried to SELECT non-existent columns (show_header/show_footer). Now uses Setting::getValue(...) (key/value settings) with safe defaults. Converted From -developersaccess_v4.05_z_patch_codeonly.zip — Fix: 404/error page tab title now uses the active domain name when available (instead of the global site_name). Scope: Only updates resources/views/errors/empty.blade.php. Converted From -developersaccess_v4.05_ab_patch_codeonly.zip — Fix migration parse error: migration had invalid double backslashes in use statements. Fix admin head cursor crash: cursor URLs now safely fall back to sitewide settings when domain cursors are not set. Converted From -developersaccess_v4.05_aa_patch_codeonly.zip — Fix migration parse error: replaced accidental double-backslashes in use statements within 2026_01_25_235500_add_after_login_path_to_roles_table.php so php artisan migrate can run. Converted From -DevelopersAccess_4.05_b_UCOverlay_LoginPortal_RoleTooltips_CodeOnly.zip — Backported to 4.05: Page-level Under Construction overlay (image + optional message + opacity slider) applied to normal pages, preview, and custom page view. Added pages DB columns + migration for under_construction_* fields. Fixed public /login (legacy LoginController) to honor Disabled Role (block_login) and enforce portal rules (Admin/Staff must use admin login URL). Added portal enforcement to AuthenticatedSessionController for Breeze/admin login routes. Restored hover tooltips on Roles list: user count badge shows assigned user names on hover. Converted From -DevelopersAccess_4.05_b_UnderConstructionOverlay_PageUI_CodeOnly.zip — Pages: add Under Construction Overlay toggle to page edit screen. Pages: add single Overlay Transparency slider (0% full overlay → 100% show page) and live percent label. Pages: add optional Under Construction Message field. Frontend: render Under Construction overlay image as a background layer when enabled, respecting transparency. Frontend: show the Under Construction message card only when a message is provided. DB: adds pages.under_construction_overlay, pages.under_construction_overlay_transparency, pages.under_construction_message. (Run: php artisan migrate) Converted From -DevelopersAccess_4.05_d_DomainHeaderFooterVisibilityRestore_CodeOnly.zip — Restored the missing 'Header & Footer Visibility' section on the Domain Edit screen by re-adding it to the accordion (no other admin sections removed/changed). Uses the existing header/footer visibility partial so the controls render and function again. Converted From -DevelopersAccess_4.05_e_UnderConstructionOverlay_AlwaysOnTop_CenteredMessage_CodeOnly.zip — Under Construction overlay now always sits above everything (max z-index) and blocks all clicks/scroll behind it. Under Construction message card is centered on screen; if no message is set, the overlay shows without a card. Adds Page Under Construction fields (enabled, image, opacity, message) with admin create/edit UI, controller handling, and a migration. Converted From -DevelopersAccess_4.05_f_UCOverlay_Fixes_CodeOnly.zip — Restore Domain > Header & Footer Visibility accordion. Pages Edit: bring back Under Construction controls (toggle, transparency slider, optional message) without breaking existing toggles. Front-end: Under Construction overlay is always on top (blocks all clicks) and message card is centered. Prevent crash if the pages table is missing under_construction_* columns (controller guards with Schema::hasColumn). Add safe migration to create pages under_construction_* fields when needed. Converted From -DevelopersAccess_4.05_g_UCOverlay_AlwaysOnTopFix_CodeOnly.zip — Under Construction overlay: appended to <body>, fixed full-screen, and always on top. Overlay blocks all interactions (logout & everything behind it are no longer clickable). Under Construction message is centered on screen. Overlay Transparency slider now affects the whole overlay (image + veil), not the page background. Admin save now guards UC fields behind Schema::hasColumn to prevent Unknown column crashes. Includes prior 4.05 b changes (login portal enforcement + role tooltips + UC edit controls + migration). Converted From -DevelopersAccess_4.05_h_UCOverlay_FatalErrorFix_CodeOnly.zip — Under Construction overlay: appended to <body>, fixed full-screen, and always on top. Overlay blocks all interactions (logout & everything behind it are no longer clickable). Under Construction message is centered on screen. Overlay Transparency slider now affects the whole overlay (image + veil), not the page background. Admin save now guards UC fields behind Schema::hasColumn to prevent Unknown column crashes. Includes prior 4.05 b changes (login portal enforcement + role tooltips + UC edit controls + migration). Fix: removed duplicate Schema facade import in PageController that caused a fatal error. Converted From -DevelopersAccess_4.05_i_UCOverlay_RepairMigration_CodeOnly.zip — Under Construction overlay: fixed full-screen and always on top. Overlay blocks all interactions behind it (nothing underneath is clickable). Under Construction message is centered on screen. Overlay Transparency slider adjusts only overlay visuals (image + veil), while still blocking clicks. Page save logic now checks each Under Construction column independently to avoid crashes when databases are out of sync. Adds a repair migration to re-create missing Under Construction columns after database restores. Locks page scroll while the Under Construction overlay is active. Converted From -DevelopersAccess_4.05_i_UCOverlay_RepairMigration_CodeOnly.zip — Under Construction overlay: fixed full-screen and always on top. Overlay blocks all interactions behind it (nothing underneath is clickable). Under Construction message is centered on screen. Overlay Transparency slider adjusts only overlay visuals (image + veil), while still blocking clicks. Page save logic now checks each Under Construction column independently to avoid crashes when databases are out of sync. Adds a repair migration to re-create missing Under Construction columns after database restores. Locks page scroll while the Under Construction overlay is active. Converted From -DevelopersAccess_4.05_k_DomainHeaderFooterVisibilityControlsRestore_CodeOnly.zip — Restore Domain edit controls for Header & Footer Visibility (visitors vs logged-in users). Adds a dedicated accordion section and safe AJAX save endpoint that updates only existing DB columns. Front-end header/footer visibility now respects per-auth flags when present. Converted From -DevelopersAccess_4.05_l_DomainHeaderFooterVisibility_SideBySideUI_CodeOnly.zip — Domains > Header & Footer Visibility: restore side-by-side (2-column) layout for Visitors vs Logged-in controls on desktop; stacks on mobile. No behavior changes; UI layout only.

Converted From -developersaccess_v4.04 a_patch_menu_bulk_delete_fix_codeonly.zip — Fix Menu bulk Delete Selected reliability. Move CSRF $.ajaxSetup out of CSS stack into JS stack. Add Admin\MenuController::destroySelected() route-compat wrapper and clear get_menu cache after bulk delete. Converted From -developersaccess_v4.04_b_patch_header_footer_switch_alignment_codeonly.zip — UI: Align Domain Edit > Header & Footer Visibility switches with the standard switch-row layout (labels/description left, toggles right). No functional changes. Converted From -developersaccess_v4.04_c_patch_domain_cursors_public_forms_404_codeonly.zip — Fix domain/user custom cursors not applying on public forms (/contact, /suggestions, /username-unlock-request) by making front/includes/head resolve active domain via activeDomain/current_domain and host/primary_host without status filtering. Ensure custom 404 (errors.empty layout) also applies domain/user cursor settings. Converted From -developersaccess_v4.04_d_patch_public_forms_background_url_resolver_codeonly.zip — Fix: Public forms background now resolves stored paths like "uploads/..." into absolute URLs, so /contact, /suggestions, /username-unlock-request correctly show the configured background. Also applies to fallback login background (image/video) when public-forms bg is empty. No DB changes. Converted From -developersaccess_v4.04_e_patch_public_forms_background_zindex_fix_codeonly.zip — Fix public forms background not rendering by changing overlay z-index from -1 to 0 (prevents it from slipping behind root background). Lift .tab_section above the overlay so cards/inputs stay clickable and visible. Keeps URL/path normalization so uploads/domains/... works reliably. Converted From -developersaccess_v4.04_f_patch_public_notes_toggle_visitors_codeonly.zip — Domain Edit → Public Forms Pages: added toggle to enable/disable /notes for visitors (guests). When OFF, guests hitting /notes will receive the domain-aware 404; logged-in users are always allowed. Added domains.public_forms_notes_enabled column + wiring (model/request/controller/routes/middleware). Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_25_120000_add_public_notes_toggle_to_domains_table ...... 110ms DONE Exit code: 0 Converted From -developersaccess_v4.04_g_patch_notes_toggle_visitors_header_footer_global_codeonly.zip — Fix /notes visitors-only toggle: DomainPublicFormGate now supports formKey=notes using domains.public_forms_notes_enabled, and authenticated users bypass the gate as intended. Fix domain header/footer toggles not applying to /notes (and other pages): front.layouts.default now treats show_header/show_footer as global site-chrome controls, not login-only. Converted From -developersaccess_v4.04_h_patch_notes_visitors_toggle_and_theme_codeonly.zip — Fix: /notes visitor toggle now actually enforces when disabled (guest-only) by attaching domain.public_form:notes middleware to top-level notes routes. Fix: /notes now uses the same Domain Edit → Public Forms Background + Card Panel Style when viewed by visitors, matching /contact, /suggestions, /username-unlock-request. Keeps behavior: logged-in users can always access /notes regardless of the visitor toggle. Converted From -developersaccess_v4.04_i_patch_notes_toggle_and_global_header_footer_codeonly.zip — Fix: /notes visitors toggle now works (Domain model fillable + visitor gating in NoteController + DomainPublicFormGate support). Fix: Domain header/footer visibility toggles now apply site-wide (front layout + header/footer includes honor show_header/show_footer). Safety: Added migration that creates domains.public_forms_notes_enabled if missing (defaults to true). Converted From -developersaccess_v4.04_j_patch_notes_toggle_domain_resolve_codeonly.zip — Fix: /notes visitors toggle now resolves the active domain without requiring domains.status=1. Fix: /notes guest gating now uses the same domain resolver as theming, preventing bypass when a domain has status=0/null or when host matching differs. Hardening: also gates create/store for visitors when disabled. Converted From -developersaccess_v4.04_k_patch_public_forms_switch_ui_polish_codeonly.zip — UI polish: make the Public Forms enable/disable switches look more like premium controls (toggle cards + larger switch + ON/OFF chip). Scoped styling to the Public Forms accordion so other admin switches remain unchanged. Applies to Domain Create + Domain Edit screens. Converted From -developersaccess_v4.04_l_patch_restore_notes_toggle_ui_codeonly.zip — Restore /notes (visitors) toggle card in Domain Edit -> Public Forms Background section. Update Public Forms description to include /notes (visitors only) + add helper line. UI-only: no behavior/DB changes. Converted From -developersaccess_v4.04_m_patch_public_forms_toggle_layout_fix_codeonly.zip — Public Forms toggles layout fix: 2x2 grid centered (includes /notes visitors toggle). Removed accidental duplicate /notes toggle rendered in Domain Edit. UI-only change (no behavior/DB changes). Converted From -developersaccess_v4.04_n_patch_public_forms_micro_switches_codeonly.zip — UI: Public Forms toggle cards now use the smaller micro-switch style (matching the rest of the platform) while keeping the 2x2 centered layout. No DB changes.

Converted From -developersaccess_patch_4.03_a_login-access-cachebust+custom-admin-path+temp-off_manifest_codeonly.zip — Fix: domain login switches and custom admin login path were behaving 'stuck' due to stale host-scoped caches (active_domain/domain_id_for_host/tenant.by_host). Domain saves now bust those caches for both old and new hosts. Add: optional per-domain custom admin login prefix (domains.admin_login_custom_path) -> /{prefix}/login. Default /admin/login redirects to it. Add: middleware guard for the broad custom login route to ensure only the saved prefix is accepted. Fix: implement Login Temp Off in auth/login view (background-only mode). When on with panel enabled, shows Under Construction panel; when panel disabled, renders background only. Add: temporary Domain Login Settings Debug block on Admin → Domains → Login Access so we can see current values and cache keys instantly. Converted From -developersaccess_patch_4.03_b_admin-login-404_manifest_codeonly.zip — Fix: restore expected behavior for the domain 'Allow admin /admin/login' toggle — when disabled, /admin/login now returns a true 404 (instead of redirecting to /). This allows domains to fully hide the default admin login while using a custom admin login prefix. Converted From -developersaccess_patch_4.03_c_custom-admin-login-redirect-fix_manifest_codeonly.zip — Fix custom admin login redirect: /admin/login now redirects to /{custom}/login (not just /{custom}). If the custom prefix is visited without /login (ex: /login/admin), redirect to /login/admin/login. If Allow admin /admin/login is OFF for the domain, /admin/login returns 404 (custom path still works). Converted From -developersaccess_patch_4.03_a_captcha-public-forms-domain_manifest_codeonly.zip — Public forms now use domain-controlled captcha (Domain Edit → Captcha) for /contact, /suggestions, and /username-unlock-request. POST routes for those forms now run the domain.captcha middleware so verification is enforced server-side. Captcha rendering is domain-first (supports Turnstile / hCaptcha / reCAPTCHA v2/v3). Legacy global reCAPTCHA v2 settings remain as a fallback if a domain has no captcha configured. Fixed reCAPTCHA v3 field name to submit as g-recaptcha-response (matches server verification). Converted From -developersaccess_patch_4.03_b_public-forms-domain-theme-backgrounds_manifest_codeonly.zip — Public form pages (/contact, /suggestions, /username-unlock-request) now respect domain header/footer toggles (same behavior as auth-like screens). Added domain-level background override fields for those three public form pages (image/video path + upload + remove). Overlay rendering for public forms is now domain-aware: if an override is set, it is used instead of the global site overlay image. Admin Domain Create/Edit now includes a Public Forms Backgrounds accordion section to manage these overrides. Added a migration to add the new domains columns: contact_overlay_image_path, suggestions_overlay_image_path, username_unlock_overlay_image_path. Converted From -developersaccess_patch_4.03_d_public-forms-domain-theme-bulk-delete_manifest_codeonly.zip — Public /contact, /suggestions, /username-unlock-request now render as auth-style screens so domain header/footer toggles apply. Added per-domain Public Forms Background fields (image/video + CSS controls) under Domain Edit/Create -> Public Forms Background. Added domains table columns for public_forms_bg_* (migration included). Public forms background renderer falls back to domain login background when public forms background is empty. Captcha on public form POSTs is now enforced via domain.captcha middleware (domain-controlled) instead of hard-coded controller validation. Updated front.includes.captcha to delegate to domain-aware partials/captcha. Fixed Admin -> Menu: Delete Selected button now prevents default navigation, validates selection, and uses DataTables Select API for reliable bulk deletes. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_23_000001_add_admin_custom_login_path_to_domains ......... 15ms DONE 2026_01_24_220000_add_public_forms_bg_fields_to_domains_table ... 119ms DONE Exit code: 0 Converted From -developersaccess_patch_4.03_e_contact-parseerror-fix_manifest_codeonly.zip — Fix /contact ParseError (unexpected token '@') by eliminating inline @php(...) usage. Set $__treatAsAuthScreen flag inside the existing @php block so Blade compiles cleanly. Converted From -developersaccess_patch_4.03_f_public-forms-bg-fix-other-pages_manifest_codeonly.zip — Fix: public forms background now displays on /suggestions and /username-unlock-request (same as /contact) Fix: ensure tab_section/container backgrounds are transparent for guests so the fixed domain overlay is visible Change: use safe @php ... @endphp flag assignment for $__treatAsAuthScreen Converted From -developersaccess_patch_4.03_g_public-forms-card-style-controls_manifest_codeonly.zip — Added per-domain controls for the public forms card panel (background color + opacity, border color + opacity + width, blur). Domain Edit/Create now has a Card Panel Style section under Public Forms Background. Contact, Suggestions, and Username Unlock pages now read the domain card style settings via a shared include (falls back to legacy defaults if unset). Converted From -developersaccess_patch_4.03_g_public-forms-card-style-controls_manifest_codeonly.zip — Added per-domain controls for the public forms card panel (background color + opacity, border color + opacity + width, blur). Domain Edit/Create now has a Card Panel Style section under Public Forms Background. Contact, Suggestions, and Username Unlock pages now read the domain card style settings via a shared include (falls back to legacy defaults if unset). Converted From -developersaccess_patch_4.03_h_public-forms-page-toggles_manifest_codeonly.zip — Added per-domain on/off toggles for /contact, /suggestions, and /username-unlock-request. When a public form page is disabled, requests return the domain-aware 404 (errors.404) instead of a plain abort. Added a Domain Edit/Create UI block under Public Forms Background for the three page toggles. Includes a new middleware (domain.public_form) and a domains-table migration with defaults enabled. Converted From -developersaccess_patch_4.03_i_public-forms-migration-fix_manifest_codeonly.zip — Fix: migration failed due to missing domains.public_forms_card_blur referenced by an AFTER() clause. Adds defensive migration to create missing public_forms_* columns (background + card style + per-page toggles) if absent. Converted From -developersaccess_patch_4.03_j_public-forms-toggles-preview-ui-fix_manifest_codeonly.zip — Fix: Public Forms page switches (contact/suggestions/username-unlock-request) now save OFF correctly (hidden inputs + controller persistence). Fix: Public Forms background preview now renders correctly in Domain Edit/Create (relative uploads paths are normalized to absolute URLs). UI: Added padding so the toggle row isn’t flush against the left edge. Model: Added boolean casts for public_forms_*_enabled columns. Converted From -developersaccess_patch_4.03_k_public-forms-migration-order-fix_manifest_codeonly.zip — Fix migration failure for public forms page toggles by removing hard dependency on domains.public_forms_card_blur column. Allows pending migrations to run in timestamp order (toggles first, card-style columns later) without SQLSTATE[42S22] unknown column errors. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_24_120000_add_public_forms_page_toggles_to_domains_table 104ms DONE 2026_01_24_230000_add_public_forms_card_style_to_domains_table .. 102ms DONE 2026_01_24_234900_public_forms_prereq_columns_to_domains_table .. 118ms DONE Exit code: 0 Converted From -developersaccess_patch_4.03_l_public-forms-page-toggle-save-fix_manifest_codeonly.zip — Fix: Public Forms page enable/disable switches now actually save OFF. Previously DomainController used request->has(...) which was always true because hidden 0 inputs are present, so toggles were stuck ON. Update uses request->boolean(...) so OFF persists correctly for /contact, /suggestions, /username-unlock-request. Converted From -developersaccess_patch_4.03_m_public-forms-domain-fillable-fix_manifest_codeonly.zip — Fix: Public Forms page toggles and card/background controls were not saving because the new domains columns were not mass-assignable. Update: Added public_forms_* fields to Domain model fillable + casts so the Domain Edit screen can persist enable/disable toggles and style settings. Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Converted From -developersaccess_patch_4.03_n_domaincontroller-restore-toggle-off-fix_manifest_codeonly.zip — Fix: restore full Admin DomainController (previous patch accidentally overwrote and removed edit method). Fix: public form page toggles now save OFF correctly (use exists()+boolean() instead of has()). Fix: keep html_previews_enabled checkbox behavior (explicit 0 when not present). Converted From -developersaccess_patch_4.03_o_domaincontroller-publicforms-save-fix_manifest_codeonly.zip — Fix: restore full Admin DomainController (edit/update/destroy) so /admin/domains/{id}/edit works again. Fix: Public Forms page toggles + background/card fields now validate and save correctly. Adds: DomainRequest rules for public_forms_* fields and boolean casting. Adds: Domain model fillable includes public_forms_* columns. Converted From -developersaccess_patch_4.03_p_public-forms-toggle-off-fix_manifest_codeonly.zip — Fix: Public Forms page toggles can now be turned OFF (checkboxes were always saving as ON due to request->has() + hidden fallback inputs). Fix: Restores a full, valid DomainController to eliminate the /admin/domains/{id}/edit errors caused by prior partial controller overwrites. No DB changes. Upload as code-only patch, then run Optimize Clear (or your main clear bundle). Converted From -developersaccess_patch_4.03_q_domainrequest-prepareforvalidation-fix_manifest_codeonly.zip — Fix DomainRequest prepareForValidation TypeError (Cannot access offset of type array on array) when saving Domain Edit. Removes accidental validation-rule arrays from the boolean-toggle foreach so only string keys are normalized.

Converted From -developersaccess_patch_4.02_a_admin-login-custom-temp-off_manifest_codeonly.zip — Reset baseline: built cleanly on 4.01 (no stacked 4.01+ patches). Domains → Login Access: added Custom Admin Login Path (admin_login_custom_path). Custom admin login URL is served at /{admin_login_custom_path}/login (example: bbc/admin → /bbc/admin/login). Domains → Login Access: added switches: Redirect /admin/login → custom, and Make /admin/login return 404. Safety: /admin/login 404 will auto-disable itself if no custom path is set (prevents lockout). Login page: implemented Login Temp Off (hide login form, keep background). Optional white Under Construction panel with title/body. Login page: Zoom controls are now hidden when Login Temp Off is enabled or when Hide Zoom Controls is enabled. Cache busting: expanded domain cache clears to include active_domain, domain_id_for_host, tenant.by_host when saving a domain. Migration: adds domains.admin_login_custom_path, domains.admin_login_redirect_to_custom, domains.admin_login_disable_default (idempotent). Converted From -developersaccess_patch_4.02_b_login-redirect-loop-404-temp-off-fix_manifest_codeonly.zip — Fix infinite redirect loops when Public /login is disabled by returning 404 instead of redirecting to /. Fix admin/custom admin login flow to POST back to the same URL (admin/custom) instead of POSTing to /login. Add POST routes for /admin/login and /{custom}/login using Breeze AuthenticatedSessionController@store. Fix background-only Login Temp Off mode to render only background/overlays (no card/footer/announcements). When admin login is disabled, return 404 instead of redirecting to / (prevents loops). Converted From -developersaccess_patch_4.02_c_admin-login-guard-404-temp-off-default_manifest_codeonly.zip — Fix /admin/login not honoring 404/redirect rules by exempting it from global AdminPathGuard (it was redirecting guests to public /login). Guests accessing /admin/* are now redirected to /admin/login (or the per-domain custom admin login path when configured), avoiding loops when public /login is disabled. Login Temp Off: default is now background-only unless the domain explicitly enables the Under Construction panel. Converted From -developersaccess_patch_4.02_d_admin-login-404-public-login-404_manifest_codeonly.zip — AdminPathGuard now honors domain settings for /admin/login (404 or redirect-to-custom) before redirecting guests. Public /login disabled now returns 404 (no redirect loops); admin login can stay enabled. Domain login gates resolve by host or primary_host (active only) and never fatal when domain is missing. Converted From -developersaccess_patch_4.02_e_domain-resolve-is_active-fix_manifest_codeonly.zip — Fix domain resolution to use is_active (when present) instead of status, preventing the wrong tenant from being bound. Align auth-screen fallbacks (login/layout/head/overlay) to avoid status-based tenant mismatches. Custom admin login path gate now also respects is_active when resolving the host. Converted From -developersaccess_patch_4.02_f_login-404-visible-temp-off-save_manifest_codeonly.zip — Login gates now return a plain 404 response body instead of the domain-custom 404 view, so disabled /login and /admin/login actually *look* like 404s (no more empty blue screen confusion). Domain save now persists Login Temp Off + Under Construction panel fields (previously not wired into DomainController, causing toggles/fields to not stick). Fix: 'Show Under Construction panel' switch now defaults OFF when the domain value is null (was defaulting ON). Converted From -developersaccess_patch_4.02_g_domain-404-fallback_manifest_codeonly.zip — Fix 404 visibility: if domain 404 Custom Styles RAW is enabled but RAW HTML is empty, fall back to the standard 404 view instead of returning a blank response. Fix 404 visibility: if domain 404 is enabled but content is blank, show a minimal fallback 404 message so disabled /login and /admin/login don’t appear as an empty/blue screen. Converted From -developersaccess_patch_4.02_h_domain-404-render-fix_manifest_codeonly.zip — Fix domain 404 rendering for login-gated routes: stop forcing blank 404 when custom-styles RAW is empty. Update the domain 404 view so enabled-but-empty content still shows a default 404 message (instead of a white/minimal or blank screen). Converted From -developersaccess_patch_4.02_i_domain-404-styled-fallback_manifest_codeonly.zip — Fix: domain 404 no longer renders blank when domain 404 is enabled but content is empty (falls back to styled default 404). Fix: login gating (public /login + /admin/login) now returns the styled domain 404 view instead of a plain 'Not Found' response. Fix: Exception handler only outputs RAW 404 HTML when it actually exists; otherwise normal 404 rendering applies. Converted From -developersaccess_patch_4.02_j_domain-404-handler-fix_manifest_codeonly.zip — Fix domain 404 rendering: remove Handler.php override that could return blank 404 bodies when page_404_custom_styles is on. Update errors/404.blade.php to always show a fallback 404 message when domain 404 content is empty (never render a blank page). Result: /admin/login and /login 404s should render using the domain 404 view/styling instead of a plain/blank 'Not Found' page. Converted From -developersaccess_patch_4.02_k_domain-404-force-render_manifest_codeonly.zip — Fix: always render the domain-aware 404 Blade view (prevents the plain framework 'Not Found' page on /admin/login and other 404s). Fix: 404 page no longer renders blank when domain 404 custom styles are enabled but content is empty — it now shows a clean default 404 message. No behavior change for domains that provide custom 404 HTML/CSS; raw content still renders as-is. Converted From -developersaccess_patch_4.02_l_login-domain-404-render_manifest_codeonly.zip — Fix: blocked /login and /admin/login (and custom admin login paths) now render the full domain-aware 404 page instead of returning a plain "Not Found" white screen. Change: login gating middlewares return response()->view('errors.404', [], 404) instead of abort(404) so domain 404 branding/content always applies.

Converted From -developersaccess_patch_4.01_a_books-metadata-goodreads_manifest_codeonly.zip — Books: Goodreads metadata fetch now pulls page_count, categories/genres, language, and publisher more reliably by parsing JSON-LD + improved fallbacks. Books: Create form Goodreads autofill now also fills page_count. Books: Admin Edit 'Fetch Metadata' button works again (title-based Google Books/OpenLibrary) and can also handle wrapped responses without breaking. No UI/theme changes beyond the above book metadata fixes. Book info Updates to retrieve pages, etc. Converted From -developersaccess_patch_4.01_b_books-goodreads-publisher-format-fallback_manifest_codeonly.zip — Books: Goodreads metadata - if publisher is missing for a given edition, fall back to the edition format/binding text (e.g., 'Mass Market Paperback') and store it in Publisher. No DB changes; service-layer parse only. Converted From -developersaccess_patch_4.01_c_books-goodreads-refetch+publisher_manifest_codeonly.zip — Books: Goodreads fetch now back-fills Publisher from edition format text when Publisher is missing (handles comma/middot/bullet separators; also reads JSON-LD bookFormat when present). Books: Edit page now includes 'Fetch from Goodreads (preferred)' so you can re-fetch/refresh metadata after the book has been saved. Books: Edit-page Goodreads fetch supports both response shapes: {ok:true,data:{...}} and legacy plain-object JSON; updates cover preview and Open Goodreads link. Converted From -developersaccess_patch_4.01_d_books-published-date-no-time_manifest_codeonly.zip — Books: remove time from Published Date displays (admin create/edit + public listing/show). Admin Published Date input now shows a friendly date (e.g., January 15, 1985) instead of YYYY-MM-DD 00:00:00. Converted From -developersaccess_patch_4.01_e_books-edit-goodreads-refetch-restore_manifest_codeonly.zip — Books: restore Goodreads re-fetch button on Edit page (same behavior as Create) Books: Edit page now formats Published Date without time (e.g., January 15, 1985) Books: Edit Goodreads re-fetch fills page_count and refreshes cover preview Converted From -developersaccess_patch_4.01_f_books-booktype+publisher-separation_manifest_codeonly.zip — Add separate Book Type (format) field; keep Publisher for actual publisher. Goodreads metadata: map binding/format to book_type (Paperback/Hardcover/Kindle Edition/etc) and stop stuffing it into publisher. Admin book create/edit: add Book Type field with suggestions; Goodreads fetch fills book_type + page_count + other fields. Front book listing: display Book Type on index and show pages. DB: add books.book_type column (idempotent migration). Fix Blade parse error on Add Book page by replacing unsupported inline @php(...) with @php ... @endphp. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_21_000001_add_book_type_to_books_table ................... 43ms DONE Exit code: 0 Converted From -developersaccess_patch_4.01_h_amazon-buy-link+login-temp-off-fix_manifest_codeonly.zip — Login Temp Off now actually hides the login form (and also hides text-size controls while temp-off is enabled). Under-Construction panel now shows on the login page when Login Temp Off + panel toggle are enabled. Books: added Amazon URL support (DB migration + admin create/edit field + public Buy on Amazon button). Admin book create: added Open Amazon helper button (shows when a URL is present). BookController validation updated for amazon_url. Converted From -developersaccess_patch_4.01_i_login-temp-off-bodytext-fix_manifest_codeonly.zip — Fix Login Temp Off under-construction panel: body text now reads Domain.login_temp_off_body (fallback to legacy login_temp_off_body_text). Default login_temp_off_show_construction to 1 when null so panel can render by default when enabled. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_21_000002_add_amazon_url_to_books_table .................. 33ms DONE Exit code: 0 Converted From -developersaccess_patch_4.01_j_books-amazon-fetch-buttons_manifest_codeonly.zip — Books: add separate ‘Fetch from Amazon (PA-API)’ button alongside Goodreads on Edit screen; include optional Amazon ASIN field. Books: wire Amazon fetch button JS to call admin.book.fetch_amazon and populate fields (title/author/isbn/publisher/book_type/etc). Books: fix BookController::fetchAmazonMetadata to call AmazonPaApiService::fetchByAsin and unwrap its {ok,data} response. Books: compute Amazon-enabled state via AmazonPaApiService->enabled() (not just config flag), disabling the button when not configured. Converted From -developersaccess_patch_4.01_l_admin-login-custom-path+admin-login-loop-fix_manifest_codeonly.zip — Fix: /admin/login redirect loop by allowing unauthenticated access to the admin login route in AdminPathGuard and redirecting other /admin/* guests to admin.login (not public /login). Add: Per-domain Custom Admin Login Path. You can set a custom path (e.g. /secret-admin) and optionally auto-redirect /admin/login to the custom path. Add: domains.admin_login_path (string) + domains.admin_login_disable_default (boolean) + DomainRequest normalization. Add: Global middleware that rewrites the custom path to /admin/login and handles /admin/login redirect when disabled-by-domain. UI: Domain Edit → Login Access now includes the new custom admin login controls. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_21_120000_add_admin_login_custom_path_to_domains ........ 106ms DONE Exit code: 0 Converted From -developersaccess_patch_4.01_m_admin-login-custompath-global+disable-default-404_manifest_codeonly.zip — Admin login custom path now works even when no route exists by running CustomAdminLoginPath as global middleware before routing. Option now disables /admin/login with a 404 (no redirect) so the admin login URL can be different. AdminPathGuard redirects guests to the custom admin login path when /admin/login is disabled. Domain Edit copy updated for the new behavior. Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Converted From -developersaccess_patch_4.01_n_admin-custom-loginpath-alias+disable-default-fix404_manifest_codeonly.zip — Fix: custom per-domain admin login path (e.g. /bbc/admin) no longer 404s — served via global middleware rewrite to /admin/login (no browser redirect). New per-domain options: Redirect /admin/login to custom path, or Disable /admin/login (404) while keeping custom path working. Fix: AdminPathGuard now sends logged-out /admin* requests to the domain’s custom admin login path when set, and never blocks /admin/login itself. DB: migration adds admin_login_custom_path + redirect/disable toggles (idempotent column checks). Converted From -developersaccess_patch_4.01_o_admin-custom-loginpath-save+alias-fix_manifest_codeonly.zip — Fix: Custom admin login path now saves reliably (adds missing domains columns if needed; controller persists values). Fix: Custom admin login path no longer 404s — pre-routing middleware now resolves domain by host/primary_host/domain and rewrites the request to /admin/login. Keeps existing options: redirect /admin/login to custom path, or disable default /admin/login with a 404. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_21_000000_add_admin_login_custom_path_to_domains ......... 88ms DONE 2026_01_21_200000_add_admin_login_custom_path_to_domains .......... 8ms DONE Exit code: 0 Converted From -developersaccess_patch_4.01_p_admin-custom-loginpath-save-hardfix_manifest_codeonly.zip — Hard-fix: custom admin login path fields now persist reliably on Domain update via explicit forceFill after column filtering. Prevents cases where the UI shows the field but saves as blank/null even though migrations ran. Converted From -developersaccess_patch_4.01_q_admin-custom-loginpath-host-variants-fix_manifest_codeonly.zip — Fix: custom admin login path now resolves the current Domain more reliably by checking common host variants (www/no-www) so the alias rewrite runs instead of falling through to the public 404. No DB changes. Converted From -developersaccess_patch_4.01_r_admin-custom-loginpath-login-post-fix_manifest_codeonly.zip — Fix custom admin login path login flow: admin login form now posts back to the current admin-login URL (custom alias or /admin/login) and includes a hidden _admin_login flag. Added POST admin/login route (protected by domain.login.admin + domain.captcha + throttle:login) so admin login works even when public /login is disabled. Updated AuthenticatedSessionController: passes isAdminLogin into the login view and redirects successful admin logins to /admin/dashboard. Updated DomainAdminLoginGate: allows admin login via custom alias even if the domain has Allow admin /admin/login turned off (matches the UI meaning: disable default path without killing the custom one). Converted From -developersaccess_patch_4.01_s_admin-custom-loginpath-post+redirect-fix_manifest_codeonly.zip — Admin custom login path: keep the POST on the alias URL (so /admin/login can be disabled without breaking logins). Added POST /admin/login route (domain.login.admin + domain.captcha) so rewritten alias POSTs have a real endpoint. When logging in from admin login (or alias), redirect into /admin/dashboard instead of domain after_login_path (/home).

Converted From -developersaccess_patch_4.00_a_admin-htmlpreviews-adminroute_manifest_codeonly.zip — Admin: HTML Previews menu now routes to /admin/html-previews (admin.html-previews.index) instead of /public/html-previews. Also updated MenuAccess registry default route for html_previews to admin.html-previews.index (prefix matching unchanged). Fixed Html Previews for Admin to take to Admin Control page over the public Converted From -developersaccess_patch_4.00_b_backups-double-run-submitfix_manifest_codeonly.zip — Fix: Backups 'Create Backup' ran twice because the page intercepted submit with fetch(), then failed JSON parsing and fell back to a normal submit. Fix: Only use the AJAX/progress JSON path for import/restore submits. Create Backup and Direct Download now use standard POST/redirect. No styling/theme changes. Converted From -developersaccess_patch_4.00_c_imports-path-click-reveal_manifest_codeonly.zip — Imports: hide long Path column content by default; show via a View button that opens a modal. Adds Copy Path button in the modal so the full path is still easy to grab when needed. No changes to DataTables/Imports filename click-to-copy or Notes behavior. Converted From -developersaccess_patch_4.00_d_imports-path-view-fix_manifest_codeonly.zip — Imports: Fix Path View button not opening (use delegated click handler + data-path attribute; removes reliance on inline onclick). No changes to filename click-to-copy, Notes modal, or admin theme styling. Converted From -developersaccess_patch_4.00_e_imports-notes-delegated-fix_manifest_codeonly.zip — Imports: Fix Notes button not responding by removing inline onclick and using delegated click handlers. Notes modal Close/Cancel/Save and Path modal Close/Copy now use JS event delegation (works with CSP / no-unsafe-inline). No changes to admin theme styling, filename click-to-copy, or DataTables behavior. Converted From -developersaccess_patch_4.00_f_imports-notes-modal-bigger_manifest_codeonly.zip — Imports: Make Import Notes modal larger and easier to edit (wider panel + taller textarea + monospace editing). Add keyboard shortcuts inside modal: Esc closes, Ctrl/Cmd+Enter saves. No changes to admin theme styling, filename click-to-copy, DataTables behavior, or restore flow. Converted From -developersaccess_patch_4.00_g_imports-notes-view-delegated-merge_manifest_codeonly.zip — Imports: Fix Notes + Path 'View' buttons broken by inline onclick (CSP/no-unsafe-inline) by using delegated event listeners and data-attributes. Keep 4.00 f improvements: larger Import Notes modal, taller textarea, and keyboard shortcuts (Esc closes, Ctrl/Cmd+Enter saves). Preserve filename click-to-copy and restore/import behavior; no admin theme changes. Converted From -developersaccess_patch_4.00_h_notes-attachments-delete-fix_manifest_codeonly.zip — Fix: Note attachment delete (files/images) on public note edit now works for owners regardless of allow_revisions; readers can delete only when allow_revisions is enabled. Improvement: Robust path resolution when deleting (handles /uploads/... vs relative paths) and always removes the DB reference even if the physical file is missing. UX: Added basic AJAX error handling + a #response container on the note edit page so failures are visible instead of silently doing nothing. Converted From -developersaccess_patch_4.00_i_front-notes-delete-route-collision-fix_manifest_codeonly.zip — Fix front note attachment delete: avoid named-route collision with admin routes. Front /notes/{id}/edit now posts directly to /notes/delete-file and /notes/delete-image. No changes to admin routes, revisions behavior, or theme styling. Converted From -developersaccess_patch_4.00_j_notes-attachments-delete-hardfix_manifest_codeonly.zip — Fix front note edit attachment deletion (files/images) that still failed silently. Front edit: use direct POST URLs (/notes/delete-file, /notes/delete-image) to avoid named-route collisions with admin. Front edit: include CSRF token explicitly in AJAX payload + ajaxSetup header; add #response container. Front edit: add robust error reporting (HTTP status) and delegated click handlers. NoteController: owners can always delete attachments; readers only when allow_revisions=1. NoteController: normalize images/files arrays and resolve filesystem paths (public_path/storage_path/url path parsing) before unlink. fixed File Deletion from Note's Converted From -developersaccess_patch_4.00_k_role-homepages-redirect-and-version-nospace_manifest_codeonly.zip — Fix: role homepage redirects now work on login again (do not clear url.intended; use redirect()->intended with domain after_login_path as fallback). Fix: Versions/Version Notes grouping & parsing now supports labels like '3.99b' (no space) as well as '3.99 b'. Change: BackupLogger normalizes version labels so '3.99b' is stored as '3.99 b' for consistency going forward. Fixed Role Homepages to Show for Users base off there Assigned Role Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Converted From -developersaccess_patch_4.00_m_migrations-imports-anchor-fix_manifest_codeonly.zip — Fixes admin migrations failing on some installs with: Unknown column 'filename' in 'imports'. Makes the imports migration resilient by anchoring new columns after the first existing matching column (filename/file_name/path/etc) or appending safely. Prevents hard-fail when older databases have an imports table without a 'filename' column. Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Fixed Migration Issue for missingFilename Column Converted From -developersaccess_patch_4.00_n_domains-export-import_manifest_codeonly.zip — Add Domain Export/Import to move a single domain between installs. Domains index: new Export button per row and Import Domain modal. Export creates a zip with domain.json (domain settings + aliases + role name hint) and bundles any local public assets referenced by the domain (logo, favicon, login bg, cursors, overlay, 404 background) when files exist. Import accepts the export zip, restores settings, re-creates aliases, copies bundled assets into /public, and resolves default_role_id by role name (IDs differ across installs). Safe behavior: if domain already exists, import requires checking Overwrite. Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0 Converted From -developersaccess_patch_4.00_n_domains-export-import_manifest_codeonly (1).zip — Domains: add Export + Import to move a single domain between installs. Export ZIP includes domain.json (settings), domain aliases, and referenced local public assets. Import supports optional overwrite; never imports as Default; maps default role by role name. Converted From -developersaccess_patch_4.00_o_domains-export-import-routefix_manifest_codeonly.zip — Domains: add export/import routes to routes/web.php (admin.domains.export and admin.domains.import). Domains: add DomainController export() + import() to move a single domain config between installs (includes optional local assets). Domains: update Domains index with Import toggle panel and per-row Export button, guarded with Route::has. Converted From -developersaccess_patch_4.00_p_domains-export-import-assets-and-domaindata_manifest_codeonly.zip — Domains export/import: include domain-specific asset files (logo/favicon/login backgrounds/cursors/overlay/404 background), even when stored as full URLs. Domains export/import: include domain-specific Role Homepages (role_homepages) and Domain Homepage mapping (domain_homepages) in domain.json and restore them on import (role/page matched by name/slug). Domains import: rewrite full-URL asset fields to local paths so imported domains don’t keep pointing at the old installation. Converted From -developersaccess_patch_4.00_q_migrations-login-bg-style-columns_manifest_codeonly.zip — Fix Domains save crash on installs missing login background style columns. Adds migration to domains table: login_bg_size, login_bg_attachment, login_bg_repeat, login_bg_position (idempotent). Resolves SQL error: Unknown column 'login_bg_size' in 'field list' when saving domain settings. Admin ran migrations. == migrate (default path) == INFO Running migrations. 2026_01_21_000000_add_login_bg_style_columns_to_domains .......... 29ms DONE Exit code: 0 Converted From -developersaccess_patch_4.00_r_domains-missing-columns-guard-loginbg-migration_manifest_codeonly.zip — Fix Domain edit/save crash on installs missing newer domains columns (e.g., login_bg_size, login_hide_zoom_controls) by filtering update data to existing DB columns and guarding optional forceFill toggles. Add safe migration to create missing login background style columns on the domains table: login_bg_size, login_bg_attachment, login_bg_repeat, login_bg_position, login_hide_zoom_controls. After applying, run your Database Migrations once to actually add the new columns (Backups -> Run Database Migrations). Converted From -developersaccess_patch_4.00_s_admin-role-detection-fix_manifest_codeonly.zip — Fix: roles with names containing the word 'admin' (e.g., 'Admin 2') were being treated as full administrators because User::isAdmin() used a substring check. Change: User::isAdmin() now grants admin only by role_id == roles.admin_id, a legacy users.is_admin flag (if that column exists), or exact role-name matches. Optional: define config('roles.admin_aliases') as an array of additional exact role names that should count as admin on your install. Admin ran migrations. == migrate (default path) == INFO Nothing to migrate. Exit code: 0