diff --git a/.htaccess b/.htaccess
new file mode 100644
index 00000000..f38dbabc
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1,2 @@
+# Prevent access to .git, .github, and config.php
+RedirectMatch 404 ^/(\.git|\.github|config\.php)
\ No newline at end of file
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 00000000..dcddde35
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,67 @@
+# Changelog
+
+This file documents all notable changes made to ITFlow.
+
+## [25.01]
+
+### Added / Changed
+- Added support for saving cards in Stripe for automatic invoice payments.
+- Page titles now display detailed information (e.g., page name, client selection, company name, ticket and invoice info) for easier multi-tab navigation.
+- Reintroduced the new admin role-check for admin pages.
+- Admin roles can now be archived.
+- Debug mode now shows the current Git branch.
+- The auto-acknowledgment email for email-parsed tickets now includes a guest link.
+- Recurring tickets no longer require a contact.
+- Stripe online payment setup now prompts you to set the income/expense account.
+- New cron/CLI scripts have been moved to the `/scripts` subfolder — remember to update your cron configurations!
+- Moved modal includes to `/modals` to tidy up the root directory.
+- Moved most include files to `/includes` to improve directory structure.
+- Moved guest pages to `/guest` for better organization.
+- Renamed the include file `pagination.php` to `filter_footer.php`, as it is used in conjunction with `filter_header.php` for page filtering.
+- Guest ticket feedback now shows the ticket prefix and number, not just the ID.
+- Individual POST handler logic pages are no longer directly accessible.
+- Added the ability to delete payments on the Payments and Client Payments pages.
+- Implemented domain history tracking.
+- Added Asset Interface Linking/Connections to show what interface is connected to which interface port of another asset.
+- Added Force Recurring Ticket option in more locations, not just for recurring tickets.
+- Implemented row spanning and centered devices that occupy multiple units in a rack.
+- Added tooltips to main navigation badge counts to clarify what is being counted.
+- Reduced max records per page from 500 to 100 to prevent performance issues.
+- Updated several plugins:
+ - `stripe-php` from 10.5.0 to 16.4.0
+ - `Inputmask` from 5.0.8 to 5.0.9
+ - `DataTables` from 2.1.8 to 2.2.1
+ - `pdfmake` from 0.2.8 to 0.2.18
+ - `php-mime-mail-parser` to 9.0.1
+ - `TinyMCE` from 7.5.1 to 7.6.1
+- Removed unused libraries from the vendor folder and moved Stripe to the plugins folder, eliminating the vendor folder.
+- Merged the MFA TOTP functionality files `base32static.php` and `rfc6238.php` into a single file (`totp`) and moved it to the plugins folder.
+- No longer need to pass the DB connection (`$mysqli`) to the `addToMailQueue` function.
+- Disabled HTML Purifier caching.
+- Replaced the `nullable_htmlentities` function with `htmlspecialchars`.
+- Updated filter variable naming.
+- Implemented other minor UI updates, performance optimizations, and directory cleanups.
+
+### Fixed
+- Fixed an issue where the ticket edit modal didn't show multi-client or no-client projects.
+- Fixed asset interface losing DHCP settings.
+- Fixed a 500 error when creating or editing recurring expenses due to an incorrect variable name.
+- Fixed tickets created via the portal/email not being marked as billable.
+- Fixed issues with editing recurring expenses.
+- Resolved a regression where the TinyMCE editor didn’t display when adding or editing ticket templates.
+- Fixed a TinyMCE license issue.
+
+### Removed / Deprecated
+- Deprecated the cron scripts in the root directory. Cron jobs should now use the ones in the `/scripts` subfolder, which no longer require a cron key and must be run via CLI.
+
+### BREAKING CHANGES
+- The client portal has been moved from `/portal` to `/client`:
+ - Links in previous emails will be broken.
+ - The Azure Entra ID SSO Redirect URI needs to be updated to `/client`.
+ - You may need to update other links (e.g., website, support page).
+- Guest links have been moved from `/` to `/guest`. Previous links will be broken.
+
+## [24.12]
+
+### Added / Changed
+- Introduced versioned releases for the first time!
\ No newline at end of file
diff --git a/README.md b/README.md
index 6c1791cc..4863620d 100644
--- a/README.md
+++ b/README.md
@@ -3,15 +3,10 @@
[![Contributors][contributors-shield]][contributors-url]
[![Stargazers][stars-shield]][stars-url]
-[![Issues][issues-shield]][issues-url]
[![Commits][commit-shield]][commit-url]
[![GPL License][license-shield]][license-url]
-
+
+
+
+
+ Save card details
+ In order to set up automatic payments, you must create a customer record in Stripe.
+ First, you must authorize Stripe to store your card details for the purpose of automatic payment.
+
+
+
+
+
+
+
+ elseif (empty($stripe_pm)) { ?>
+
+ Save card details
+ Please add the payment details you would like to save.
+ By adding payment details here, you grant consent for future automatic payments of invoices.
+ 1) {
+ // If your data might have multiple devices in the same row,
+ // you have to decide how to handle them.
+ // For now, we can fallback to older logic or display them all in one cell, etc.
+ ?>
+