Replace 3-section active/at-risk/dormant design with one clear table
showing all members sorted by activity level. Green/yellow/gray bars,
human-readable last login dates, inactive users dimmed.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace single 50-row table with Active/At Risk/Dormant sections.
Remove noisy WoW% column and sparklines, add human-readable last activity.
Score displayed as colored bar instead of abstract number.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Alert improvements:
- "Send welcome email" button on never-logged-in alerts (sends activation
email with 72h reset token)
- "Reset password" button on reset-no-effect and repeat-resets alerts
- Buttons show status: sending → sent/error, prevent double-clicks
- New POST /admin/analytics/send-welcome/<user_id> endpoint
Companies needing attention:
- New section on Overview tab listing active companies with incomplete
profiles (missing description, contact, website, address, logo)
- Sorted by number of issues, shows quality badge and edit link
- Checks logo file existence on disk for webp/svg/png/jpg
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Pass search_query_id to search results template
- Add POST /api/analytics/search-click endpoint to update SearchQuery
with clicked_result_position, clicked_company_id, time_to_click_ms
- Add data-position and data-company-id attributes to company cards
- Add JS using navigator.sendBeacon for non-blocking click tracking
- Fix content engagement labels: "nowych (30 dni)" instead of "opublikowanych"
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Open rate now shows percentage of active members who read at least one
piece of content, capped at 100%. Previously showed inflated numbers
because it counted reads of older content against only recent publications.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Company pages use /company/<id> paths (not slugs). Updated _humanize_path
to try numeric ID lookup first, and fixed company popularity query to
match only /company/<digits> paths.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. Dashboard admin widget: compact KPI cards (active/total members with
progress bar, sessions, security alerts, never-logged users)
2. Overview KPI: first card shows X/Y members with progress bar and %
3. Feature adoption chart: which portal modules are used by what % of
members (NordaGPT, Forum, Search, Calendar, B2B, News, Companies)
4. Event comparison table: views, unique viewers, RSVP count per event
in the last 60 days - helps plan better events
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Event paths like /kalendarz/29 were matched by the /kalendarz/
prefix before reaching the dynamic event title lookup. Reorder
to check dynamic patterns (event ID, company slug) first.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The refactor to _kpi_for_period() removed the local variables but
the return dict still referenced them. Replace with the kpi dict.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1. KPI cards show trend arrows (▲▼ X%) comparing current vs previous period
2. Raw paths replaced with human-readable names throughout Pages and Paths tabs:
- /company/pixlab-sp-z-o-o → PixLab sp. z o.o.
- /kalendarz/45 → Spotkanie z posłami (event title from DB)
- /login → Logowanie, /dashboard → Panel użytkownika etc.
3. Bounce rate threshold adjusted (85%+ warning instead of 70%)
with tooltip explaining 70-85% is normal for membership portals
4. Column headers changed from technical (Ścieżka, Exit rate) to
user-friendly (Strona, Wsp. wyjścia)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add EXCLUDED_PATH_CONTAINS patterns to catch security scanners using
varied paths (.php, .env, wp-includes, aws-config, phpinfo etc.)
that bypass the prefix-based filter.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add KPI stat cards to Overview tab (active users, sessions, pageviews, bounce rate)
- Filter technical paths from Pages and Paths tabs (/sw.js, /robots.txt, /.git/, /.env, etc.)
- Cap time_on_page at 30min to exclude outlier tabs left open
- Format time as human-readable (Xm Ys) instead of raw seconds
- Mask security tokens in unused pages list (/reset-password/*** etc.)
- Fix Polish labels (period display: "7 dni" instead of "week")
- Add percentages to logged/anonymous donut chart legend
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
jsdelivr.net returns 503 from production network (behind FortiGate).
Downloaded Chart.js 4.4.7 UMD bundle locally to eliminate CDN dependency.
Updated all 4 templates that used the CDN link.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Chart.js <script src> was placed between {% endblock %} content and
{% block extra_js %}, causing "Chart is not defined" error. Moved to
{% block head_extra %} so it loads in <head> before the JS code runs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Merged analytics_dashboard, user_insights, and chat_analytics into a
single consolidated view at /admin/analytics with 6 tabs: Overview,
Engagement, Pages, Paths, Problems, Chat & Conversions.
- Menu reduced from 5 to 3 items (Analityka, Monitoring AI, Debug)
- All queries now use bot filtering consistently
- Old URLs redirect to new consolidated view
- Removed 1,380 lines of duplicate templates
- Net reduction: -1,328 lines
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Red UKRYTE badge for admin_only events, amber IZBA badge for
rada_only events. Shown on homepage, calendar list, event detail,
and admin panel.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Changed from single flex row to CSS grid with 2 columns,
allowing 4 events to display in two rows.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Red badge appears next to events and announcements that were
created/published after the user's last login timestamp.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Release notes for Gemini 3.1 migration, rate limiter fix, calendar fix,
lxml parser, and announcements section.
Fix external link button in announcement detail - force white text on
primary background for readability.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move quota file from scripts/ to /tmp/ (writable by gunicorn process).
Add lxml to requirements for faster, more reliable HTML parsing in SEO audits.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Remove google-generativeai==0.8.6 from requirements.txt (no longer imported)
- Remove gemini-2.0-flash alias and pricing (deprecated March 31)
- Update test evaluator to use 3-flash instead of flash-2.0
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Replace gemini-3-pro-preview with gemini-3.1-pro-preview (old deprecated March 9)
- Add gemini-3.1-flash-lite-preview as quality fallback in chain
- Remove last google.generativeai import from zopk_knowledge_service.py
- Update pricing, thinking models, and preview models sets
- Keep '3-pro' alias for backward compatibility across codebase
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add year range validation (2020-2100) on /kalendarz/ to prevent ValueError crash
- Exempt notification/message unread-count endpoints from rate limiting (shared IP via NAT)
- Replace deprecated google.generativeai SDK with google-genai in nordabiz_chat.py
- Remove dead news_service import that logged warnings on every worker startup
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
After user installs the app, a toast notification appears with the app
icon explaining that Norda Biznes is now on their home screen and they
should close the browser and open the app from there.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Adds minimal service worker for PWA installability. On Android Chrome,
the smart banner and install page now trigger the native install dialog
directly instead of showing manual instructions. iOS still shows
step-by-step guide (Apple provides no install API).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Mobile-only install instructions at /zainstaluj-aplikacje with
auto-detected iPhone/Android tabs, CSS UI mockups, and step-by-step
guide. Smart banner appears after 3s on mobile (dismissible via
localStorage), hidden in standalone mode. Footer link and login
page hint also mobile-only.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sends email to admin when a user with last_login=NULL successfully
sets their password via reset link (first-time activation).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Large red/green indicator below confirm field shows match status.
Submit button is visually gray when disabled, turns green with shadow
when all conditions met.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Users couldn't tell why submit button stayed disabled when passwords
didn't match - all other checkboxes were green but no visual feedback
for password confirmation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
linear-gradient not supported in many email clients (Outlook, Apple Mail),
causing white text on transparent background = invisible buttons.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
New email template with friendly tone and green CTA button for first-time
account activation. Script with --dry-run, --test-email, --user-id flags
and 72h token validity.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add frontend button disable on submit and backend duplicate detection
(same user, same content, within 30 seconds).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- New column: users.notify_email_messages (default true)
- Send email via MS Graph when someone receives a private message
- Toggle in /konto/prywatnosc to enable/disable email notifications
- Email includes message preview, sender name, and direct link
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Instead of using stale open_now flag from audit time, opening hours
status is now computed client-side using JavaScript Date and the
periods data from Google Business Profile. Updates every 60 seconds.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
URLs are now linked before being wrapped in <li>/<blockquote>,
and consecutive text lines are joined into paragraphs instead of
getting individual <br> tags.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Normalize \r\n to \n before processing
- Strip leading whitespace from lines (textarea indentation)
- Auto-link bare URLs works correctly inside list items
- Smart <br> insertion: skip block elements (ul, li, blockquote, pre)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Plain https:// URLs are now automatically converted to clickable links.
Markdown [text](url) syntax continues to work without duplication.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Merged three separate v1.36-38 entries for Feb 20 into single v1.36.0.
Renumbered: Feb 21 = v1.37.0, Feb 22 = v1.38.0.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Hovering over a reaction button (👍, ❤️) now shows who reacted.
Names are loaded server-side and updated dynamically after toggling.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
User model has 'name', not 'full_name'. The incorrect attribute caused
every hover tooltip on forum usernames to show an error.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
