36c488ca1e
Rebuilt embed-example.html with inline, full-screen, and popup examples. Fixed host-page/frame scrolling and contained reply navigation. New logins now transactionally replace prior sessions; displaced clients return to login. Added per-user session/IP locking with automatic SQLite migration. Added modular Spam Control dashboard for locks, honeypot, and CAPTCHA settings. Moved CAPTCHA controls out of Plans & Platform.
159 lines
11 KiB
Markdown
159 lines
11 KiB
Markdown
# Changelog
|
|
|
|
All notable changes to CyberChat are documented here.
|
|
|
|
CyberChat `2.1.0` is the current baseline release. The earlier `2.0.0` commit is retained as the initial repository release. Commit hashes are included for traceability.
|
|
|
|
## [Unreleased]
|
|
|
|
### Added
|
|
|
|
- Added full-screen overlay and popup window examples to `embed-example.html`.
|
|
- Added a Spam Control dashboard for session pinning, IP binding, honeypot, internal CAPTCHA, and Google reCAPTCHA settings.
|
|
- Added per-user account locks tied to an administrator-selected session token and IP.
|
|
|
|
### Changed
|
|
|
|
- Successful logins now silently replace all older sessions for the same account.
|
|
- Moved registration/login CAPTCHA controls out of Plans & Platform and into Spam Control.
|
|
- Scoped full-page layout rules to `index.html` so embedded chat CSS does not alter the host page.
|
|
|
|
### Fixed
|
|
|
|
- Kept message and reply navigation scrolling inside the chat frame instead of moving the surrounding page.
|
|
|
|
## [2.1.0] - 2026-06-09 - Current Baseline Release
|
|
|
|
This release establishes the current product baseline. It includes the account, subscription, archive, administration, polling, mobile audio, and FFmpeg work developed after `2.0.0`.
|
|
|
|
### Added
|
|
|
|
- Added a complete project changelog and expanded feature documentation.
|
|
- Added optional-email registration; users can create free accounts without supplying an email address. (`063b8dc`)
|
|
- Added Mailgun email verification using reusable cURL mail delivery, verification links, and six-digit codes. (`063b8dc`)
|
|
- Added tier-controlled email two-factor authentication and expiring login challenges. (`063b8dc`)
|
|
- Added Stripe Checkout, Billing Portal access, signed webhook handling, subscription synchronization, and end-of-period cancellation. (`063b8dc`)
|
|
- Added verified-email enforcement before premium checkout. (`063b8dc`)
|
|
- Added configurable Free, Plus, and Pro plans with prices, currencies, billing intervals, Stripe Price IDs, active status, ordering, and feature entitlements. (`063b8dc`)
|
|
- Added a global subscription visibility switch that hides new sales while preserving management for existing subscribers. (`063b8dc`)
|
|
- Added administrator subscriber tracking and subscription status data. (`063b8dc`)
|
|
- Added personal authenticated archives with tier-based retention, search, JSON export, CSV export, voice archive access, and voice export access. (`063b8dc`)
|
|
- Added configurable recording-presence sending and viewing. (`063b8dc`)
|
|
- Added configurable automatic voice sending. (`063b8dc`)
|
|
- Added tier-configurable automatic voice playback with a saved browser preference. (`d0e4a87`)
|
|
- Added tier-based custom username colors. (`063b8dc`)
|
|
- Added administrator tier overrides that grant plan features without changing Stripe billing. (`d0e4a87`)
|
|
- Added visitor and feature event statistics using salted IP hashes. (`063b8dc`)
|
|
- Added optional automatic and manual SQLite-to-MySQL/MariaDB mirroring. (`063b8dc`)
|
|
- Added the **Plans & Platform** administrator module for plans, services, subscribers, statistics, and mirroring. (`063b8dc`)
|
|
- Added request timeouts, configurable retry backoff, and a capped rendered-message buffer. (`ef7a9a3`, `ccdbc47`)
|
|
- Added asset cache-busting to deliver frontend fixes immediately. (`d0e4a87`)
|
|
- Added Safari and iPhone recording support using MP4/AAC when WebM is unavailable. WebM/Opus remains the preferred browser format where supported. (`6217a21`)
|
|
- Added upload handling and MIME detection for MP4/M4A and AAC alongside WebM and WAV. (`6217a21`)
|
|
- Added MIME-aware, inline mobile audio playback through `<source>` elements. (`6217a21`)
|
|
- Added optional FFmpeg voice transcoding with dashboard configuration for:
|
|
- Enable or disable
|
|
- Executable name or absolute path
|
|
- AAC bitrate
|
|
- Conversion timeout
|
|
- Original-file fallback
|
|
- M4A/AAC-LC output
|
|
- MP4/H.264 baseline plus AAC-LC output
|
|
- Added `lib/voice_transcoder.php` with process timeout handling, output validation, atomic source replacement, and failure fallback. (`6217a21`)
|
|
- Added Apache and Nginx MIME mappings for WebM, WAV, AAC, M4A, and MP4 voice files. (`6217a21`)
|
|
|
|
### Changed
|
|
|
|
- Raised the documented PHP requirement from 8.0 to 8.1 for the expanded platform. (`063b8dc`)
|
|
- Redirected the public archive browser to the authenticated personal archive experience. (`063b8dc`)
|
|
- Expanded the SQLite schema for plans, plan features, subscriptions, email tokens, login challenges, recording presence, visitor events, and Stripe event deduplication. (`063b8dc`)
|
|
- Reworked the browser application into `cyberchat-v4.js` for account, billing, archive, plan, and voice workflows. (`063b8dc`)
|
|
- Replaced overlapping polling with a single queued cursor worker. (`ccdbc47`)
|
|
- Added immediate catch-up polling, stalled-request cancellation, bounded exponential retry, deduplication, chronological insertion, and capped browser history. (`ccdbc47`)
|
|
- Prevented local sends from advancing the server cursor and skipping interleaved messages. (`ef7a9a3`)
|
|
- Made successful sends request immediate reconciliation while allowing polling to continue after failures. (`ef7a9a3`)
|
|
- Disabled browser caching for API requests. (`ef7a9a3`)
|
|
- Renamed the active browser client from `cyberchat-v4.js` to `cyberchat-app.js` and removed the obsolete original `cyberchat.js`. (`a1971f9`)
|
|
- Added exact `user_id` ownership data to message payloads so sent and received messages can be identified reliably. (`195f3fa`)
|
|
- Changed message ordering to use server timestamps followed by message ID. (`ae0fb45`)
|
|
- Changed message timestamps to be assigned atomically during SQLite insertion. (`ae0fb45`)
|
|
- Expanded `README.md` into a full feature, audio, configuration, deployment, administration, billing, archive, and diagnostics reference. (`5c1d236`)
|
|
- Advanced frontend cache-busting versions through `20260609.3`, `.4`, `.5`, and `.6` as client behavior changed. (`a1971f9`, `195f3fa`, `ae0fb45`, `6217a21`)
|
|
|
|
### Fixed
|
|
|
|
- Fixed incoming voice clips failing to populate on another user's screen. (`d0e4a87`)
|
|
- Fixed polling, unread state, and live membership refresh after group and voice activity. (`d0e4a87`)
|
|
- Fixed polling stopping after voice or text sends. (`ef7a9a3`)
|
|
- Fixed stalled polls by aborting and retrying them automatically. (`ef7a9a3`)
|
|
- Fixed message loss when a local send occurred between server poll results. (`ef7a9a3`)
|
|
- Replaced separate send and poll rendering paths with one ID-keyed message ledger. (`195f3fa`)
|
|
- Removed duplicate message rows and duplicate voice players during DOM reconciliation. (`195f3fa`)
|
|
- Ensured poll cursors advance only from validated server messages. (`195f3fa`)
|
|
- Ensured each newly received voice clip is queued for automatic playback only once. (`195f3fa`)
|
|
- Fixed the remaining send/poll race by waiting for polling to catch up before rendering acknowledged sent messages. (`ae0fb45`)
|
|
- Prevented interleaved messages from appearing above or below the wrong message after incremental refresh. (`ae0fb45`)
|
|
- Kept the latest message at the bottom without requiring a full-page refresh. (`195f3fa`, `ae0fb45`)
|
|
|
|
### Removed
|
|
|
|
- Fully removed groups from homepage navigation, account features, tier settings, APIs, client code, archives, and administrator controls. (`a1971f9`)
|
|
- Added automatic cleanup of legacy group tables, entitlements, messages, voice files, and configuration. (`a1971f9`)
|
|
|
|
### Historical Group Development
|
|
|
|
Groups were developed during the `2.1.0` cycle, then removed before the baseline was finalized. These entries are retained only to preserve project history.
|
|
|
|
- Added private groups with plan-based member limits as part of the platform expansion. (`063b8dc`)
|
|
- Added a global **Group Availability** switch that hid navigation and blocked group APIs without initially deleting stored group data. (`2881a3b`)
|
|
- Added missing global and per-tier group controls to the administrator dashboard. (`de8ec43`)
|
|
- Split tier group configuration into an explicit enable toggle and a separate maximum-members value with a minimum of two, including the owner. (`7214bb6`)
|
|
- Removed group UI, APIs, configuration, tier entitlements, administrator controls, and archive exposure during the polling redesign. Legacy records were initially left inaccessible. (`ccdbc47`)
|
|
- See **Removed** above for the final schema and data purge. (`a1971f9`)
|
|
|
|
## [2.0.0] - 2026-06-08 - Initial Repository Release
|
|
|
|
### Added
|
|
|
|
- Added the self-contained PHP, JavaScript, HTML5, and SQLite chat application. (`33a176f`)
|
|
- Added instant callsign and passphrase registration with bcrypt password hashing. (`33a176f`)
|
|
- Added session login, secure random tokens, IP/cookie restrictions, expiration, and logout. (`33a176f`)
|
|
- Added text chat with configurable length limits and regular HTTP polling. (`33a176f`)
|
|
- Added daily chat rollover and per-day SQLite archives under `archive/{year}/{month}/{day}.sqlite`. (`33a176f`)
|
|
- Added browser voice recording, preview, upload, storage, and queued WAV/WebM playback. (`33a176f`)
|
|
- Added the dark neon cyberpunk interface and saved light-mode toggle. (`33a176f`)
|
|
- Added an embeddable frontend initialized with `CyberChat.init()`. (`33a176f`)
|
|
- Added the administrator dashboard with:
|
|
- System overview
|
|
- Live message search, editing, bulk deletion, and day cleanup
|
|
- Voice clip playback, filtering, archiving, and deletion
|
|
- Archive browsing and moderation
|
|
- User creation and account management
|
|
- Session inspection and termination
|
|
- Live JSON configuration editing
|
|
- Added runtime diagnostics for PHP, SQLite, storage permissions, and sessions. (`33a176f`)
|
|
- Added Apache upload protection and Nginx deployment configuration. (`33a176f`, `2e5c42c`)
|
|
- Corrected the README product title to `CYBERCHAT v2.0`. (`2e5c42c`, `9e3ff61`)
|
|
|
|
## Commit Index
|
|
|
|
| Date | Commit | Summary |
|
|
|---|---|---|
|
|
| 2026-06-08 | `33a176f` | Initial `2.0.0` application |
|
|
| 2026-06-08 | `2e5c42c` | Apache rules and initial README title correction |
|
|
| 2026-06-08 | `9e3ff61` | Finalized the `CYBERCHAT v2.0` README title |
|
|
| 2026-06-08 | `063b8dc` | Major voice, account, plans, Mailgun, Stripe, archive, statistics, and MySQL expansion |
|
|
| 2026-06-08 | `d0e4a87` | Automatic voice play, admin tier overrides, and live refresh fixes |
|
|
| 2026-06-08 | `2881a3b` | Global group availability |
|
|
| 2026-06-08 | `de8ec43` | Restored missing global and tier group controls |
|
|
| 2026-06-08 | `7214bb6` | Explicit group enable toggle and member maximum |
|
|
| 2026-06-08 | `ef7a9a3` | Poll recovery after voice and text sends |
|
|
| 2026-06-08 | `ccdbc47` | Queued polling redesign and initial group removal |
|
|
| 2026-06-09 | `a1971f9` | Complete group removal and legacy cleanup |
|
|
| 2026-06-09 | `195f3fa` | ID-keyed message ledger and duplicate-player cleanup |
|
|
| 2026-06-09 | `ae0fb45` | Final chronological ordering race fix |
|
|
| 2026-06-09 | `6217a21` | Safari/iPhone audio and optional FFmpeg transcoding |
|
|
| 2026-06-09 | `5c1d236` | Comprehensive README documentation |
|
|
|
|
All development after `2.0.0`, together with the changelog and version alignment, comprises the `2.1.0` baseline release.
|