fix: codebase audit fixes — indexes, daily_rate, anomaly key, CSRF, chat pruning, shopping_name

## v1.7.6 - DB: fix shopping_name Pi→Piadina, Grana→Formaggio, Prosciutto cotto→Affettato, Panna acida→Panna - DB: composite indexes idx_transactions_type_date + idx_transactions_pid_type_undone (+ migration) - PHP: daily_rate uses first_in→last_activity window (not first_in→now) - PHP: anomaly dismiss key uses product_id+direction (stable, not product_id+round(expected)) - PHP: smart shopping — products exhausted within 14 days bypass token/family suppression - PHP: chat pruning — DELETE messages beyond 200 after each chatSave() - PHP: getStats() — 5 queries → 1 consolidated query with subselects - PHP: bringCleanupObsolete — 300ms delay between bulk removals - PHP: CSRF guard — POST write actions require X-EverShelf-Request:1 or Content-Type:application/json - JS: api() — sends X-EverShelf-Request:1 on all POST requests - JS: _opLog — prunes entries older than 30 days in addition to 200-entry cap
2026-05-10 11:26:10 +00:00
parent f65fb4365c
commit ed447d5811
6 changed files with 106 additions and 20 deletions
@@ -67,7 +67,7 @@
        <!-- Title — left-aligned; grows to fill space -->
        <div class="header-title-wrap">
            <h1 class="header-title" onclick="showPage('dashboard')">
-                <img src="assets/img/logo/logo_icon.png" alt="" class="header-logo-icon" aria-hidden="true" /><span data-i18n="nav.title">EverShelf</span><span class="header-version">v1.7.5</span>
+                <img src="assets/img/logo/logo_icon.png" alt="" class="header-logo-icon" aria-hidden="true" /><span data-i18n="nav.title">EverShelf</span><span class="header-version">v1.7.6</span>
            </h1>
            <!-- Update badge — shown alongside title, never replaces it -->
            <span class="header-update-badge" id="header-update-badge" style="display:none"></span>