Bitweaver kernel package repository https://git.rdm1.uk/kernel/.git/atom?h=master 2026-06-06T22:35:20Z 2026-06-06T22:35:20Z Lester Caine lester@lsces.co.uk 2026-06-06T22:35:20Z urn:sha1:8a2962f8d9cc5a2160e82d06f2978002003e9694 checkEnvironment() called setConfig() to record site_server_type before mConfig had been loaded from the database. This left mConfig non-empty with only the server-type entry, so the subsequent empty() guard in loadConfig() short-circuited and site_title was never loaded. Result: getSiteCookieName() fell back to 'bit-user-bitweaver' on every request where checkEnvironment() ran first, creating a second spurious cookie alongside the real 'bit-user-<site>' cookie and splitting sessions. Fix: call loadConfig() at the top of checkEnvironment() if mConfig is not yet populated, matching the pattern used elsewhere. The bit-user-bitweaver fallback is now only reached during a genuine cold install. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-06T22:04:38Z Lester Caine lester@lsces.co.uk 2026-06-06T22:04:38Z urn:sha1:88a8fbd1ffca15e0ee6a83fc0cbbf8c7f19464ce The signin/loginfrom session approach didn't work reliably due to session name inconsistency. Revert to original force_installer.tpl display. Use gOverrideLoginFunction for upgrade-time admin access. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-06T21:46:23Z Lester Caine lester@lsces.co.uk 2026-06-06T21:46:23Z urn:sha1:351de64a6e302b566eab1ac2c0c95e011efd86f7 Replace the inline login form (which suffered from session cookie name inconsistency) with a direct redirect to signin.php. The post-login redirect to install.php is now handled by validate.php checking the version mismatch directly, which is session-independent. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-06T21:30:06Z Lester Caine lester@lsces.co.uk 2026-06-06T21:30:06Z urn:sha1:3a9de79726296c7185ca632cc660c5c5750f5bf1 After login via validate.php, redirect back to the installer rather than the site homepage, so the admin can proceed with the upgrade without having to navigate back manually. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-06T19:55:21Z Lester Caine lester@lsces.co.uk 2026-06-06T19:55:21Z urn:sha1:2957fcfd1be9f9cfdfc8329833e048290a556611 SCRIPT_URL is an Apache-only variable — nginx does not set it unless explicitly added to fastcgi_params. When site_closed is active, validate.php needs to bypass the gate so admins can log in, but the SCRIPT_URL check always failed on nginx, making login impossible while the site is closed. Fall back to PHP_SELF (set by nginx) when SCRIPT_URL is absent. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-06T14:18:26Z Lester Caine lester@lsces.co.uk 2026-06-06T14:18:26Z urn:sha1:5ee02bb733a8be57bf918b2384f12d1c47393b6f Covers the six concerns: package registry (registerPackage/scanPackages/ registerAppMenu), configuration (kernel_config, getConfig/storeConfig), display pipeline (display/fatalError/fatalPermission), permissions and access guards, installer schema registration (register* family / verifyInstalledPackages), and utilities (MIME, versioning, date/time, navigation). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-06T14:12:22Z Lester Caine lester@lsces.co.uk 2026-06-06T14:12:22Z urn:sha1:9f5032f301402bfb7dd58dd686a3301a748ff9c4 Covers the four concerns: DB connection, mInfo/mErrors data hash, APCu object caching, and list utilities (prepGetList/postGetList). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-01T16:17:57Z Lester Caine lester@lsces.co.uk 2026-06-01T16:17:57Z urn:sha1:3376557702a90479bb36a7db3eb3d267c26a6fdd Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-01T15:59:50Z Lester Caine lester@lsces.co.uk 2026-06-01T15:59:50Z urn:sha1:ee54c9bd769bb4280452f91d60ca8c1f680dce2f Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-06-01T11:33:40Z Lester Caine lester@lsces.co.uk 2026-06-01T11:33:40Z urn:sha1:6108bc6c952ec0fda11035311502d8690153bf5f Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>