# Known Issues

## PHP 8.2 Compatibility

### phpwhois Library Deprecation Warning

**Issue**: The `phpwhois/phpwhois` library (v4.2.5) uses deprecated curly brace array/string syntax that throws a deprecation notice in PHP 8.2:

```
Array and string offset access syntax with curly braces is no longer supported
```

**Impact**: 
- The warning appears in server logs when accessing WHOIS functionality
- Functionality still works but generates notices
- Not production-ready in strict error reporting mode

**Workaround**: 
1. Suppress deprecation notices temporarily:
```php
// In public/index.php
error_reporting(E_ALL & ~E_DEPRECATED);
```

2. Or use PHP 8.1 instead of 8.2

**Permanent Solution**:
- Wait for phpwhois v5.x which will support PHP 8.2+
- Or fork the library and fix the syntax manually
- Or use an alternative WHOIS library

## Database Connection Error Handling

**Issue**: The Database class uses `die()` on connection failure, which is not ideal for production.

**Recommendation**: Implement proper error logging and graceful degradation:

```php
// In config/database.php
catch (PDOException $e) {
    error_log("Database connection failed: " . $e->getMessage());
    if ($_ENV['APP_DEBUG'] === 'true') {
        die("Database connection failed: " . $e->getMessage());
    } else {
        // Show user-friendly error page
        http_response_code(503);
        include __DIR__ . '/../templates/errors/503.tpl';
        exit;
    }
}
```

## Missing Template Views

**Status**: The following template files are planned but not yet implemented:

### Frontend Templates
- `/templates/frontend/barajtheme/products/index.tpl` - Product listing page
- `/templates/frontend/barajtheme/products/detail.tpl` - Product detail page
- `/templates/frontend/barajtheme/cart/index.tpl` - Shopping cart
- `/templates/frontend/barajtheme/checkout/index.tpl` - Checkout page
- `/templates/frontend/barajtheme/domains/index.tpl` - Domain search
- `/templates/frontend/barajtheme/account/*.tpl` - Customer panel pages
- `/templates/frontend/barajtheme/page.tpl` - Content pages

### Admin Templates
- `/templates/admin/barajtheme/products/*.tpl` - Product CRUD
- `/templates/admin/barajtheme/sliders/*.tpl` - Slider management
- `/templates/admin/barajtheme/orders/*.tpl` - Order management
- `/templates/admin/barajtheme/users/*.tpl` - User management
- `/templates/admin/barajtheme/tickets/*.tpl` - Ticket system
- `/templates/admin/barajtheme/settings/*.tpl` - Settings pages

**Note**: Controllers are fully functional. Adding these templates will enable full end-to-end functionality. Each template should follow the existing pattern (Tailwind CSS, Smarty syntax, CSRF tokens in forms).

## Security Enhancements Needed

### Completed
- ✅ CSRF protection on all admin POST routes
- ✅ Input sanitization with htmlspecialchars and filter_var
- ✅ Password hashing with bcrypt
- ✅ PDO prepared statements for SQL injection prevention
- ✅ Session security configuration

### Recommended Additions
- Rate limiting for login attempts
- Two-factor authentication (2FA) for admin users
- File upload validation and scanning
- Content Security Policy (CSP) headers
- Security headers (X-Frame-Options, X-XSS-Protection, etc.)

## Performance Optimizations

### Database
- Add Redis/Memcached for session storage
- Implement query result caching
- Add database connection pooling
- Optimize indexes for frequently queried tables

### Frontend
- Minify CSS/JS assets
- Implement lazy loading for images
- Add CDN support for static assets
- Enable Gzip compression

## Future Enhancements

1. **Real Payment Integration**
   - Complete Stripe, iyzico, PayTR, Papara implementations
   - Add webhook handlers for payment confirmations
   - Implement refund processing

2. **Provisioning Automation**
   - cPanel/WHM API integration
   - Plesk API integration
   - DirectAdmin automation
   - Auto-account creation on order completion

3. **Domain Management**
   - Real registrar API integration (Namecheap, GoDaddy, etc.)
   - WHOIS privacy management
   - DNS zone editor
   - Domain transfer automation

4. **Notification System**
   - SMS integration (NetGSM, Twilio)
   - Push notifications
   - Slack/Discord webhooks for admin alerts

5. **Analytics & Reporting**
   - Sales reports
   - Customer analytics
   - Service usage tracking
   - Financial reporting

---

**Last Updated**: October 2025