Cleanup: remove dead code, update Bootstrap, fix hardcoded URLs

- Delete internal/thelist.php: unused third-party scraper with hardcoded credentials
- progress.php, payment_request.php: replace Bootstrap 4.1.3 + Popper + jQuery UI stack with Bootstrap Icons 1.13 (Bootstrap 5 bundle already in footer)
- client-brief.php, edit_application.php, contracts-admin.php, letter_authority.php, index.php: replace hardcoded https://modulosdesign.com.au with APP_BASE_URL env var (falls back to production URL if not set); fix logo img src to relative path

APP_BASE_URL added to .env template for per-environment configuration.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

contracts/contracts-admin/contracts-admin.php

@@ -36,7 +36,7 @@ require_once "../../internal/phpmailer/src/Exception.php";
 require_once "../../internal/phpmailer/src/PHPMailer.php";
 require_once "../../internal/phpmailer/src/SMTP.php";
 
-define('BASE_URL', 'https://modulosdesign.com.au/contracts'); // no /contracts-admin here
+define('BASE_URL', rtrim(getenv('APP_BASE_URL') ?: 'https://modulosdesign.com.au', '/') . '/contracts');
 
 /* -------------------------------------------------------------------------- */
 /*                                CONFIGURATION                                */
@@ -83,7 +83,7 @@ if (!defined('MAIL_FROM_NAME')) define('MAIL_FROM_NAME', 'Modulos Design');
 
 // --- LOA (Authorisation) config ---
 if (!defined('LOA_DIR'))         define('LOA_DIR', '../loa'); // sibling to ../contracts
-if (!defined('LOA_BASE_URL'))    define('LOA_BASE_URL', 'https://modulosdesign.com.au/contracts'); // where loa.php lives
+if (!defined('LOA_BASE_URL'))    define('LOA_BASE_URL', rtrim(getenv('APP_BASE_URL') ?: 'https://modulosdesign.com.au', '/') . '/contracts');
 // IMPORTANT: set this to the SAME secret used in loa.php ($CFG['secret'] / APP_HMAC_SECRET)
 if (!defined('LOA_TOKEN_SECRET')) define('LOA_TOKEN_SECRET', $cfg['loa_secret'] ?? getenv('LOA_TOKEN_SECRET') ?: '');
 

contracts/edit_application.php

@@ -63,7 +63,7 @@ if (!is_dir(CORR_UPLOAD_DIR)) @mkdir(CORR_UPLOAD_DIR, 0775, true);
 
 // Where your .md contracts live (adjust if different)
 if (!defined('PROGRESS_BASE_URL')) {
-    define('PROGRESS_BASE_URL', 'https://modulosdesign.com.au/contracts');
+    define('PROGRESS_BASE_URL', rtrim(getenv('APP_BASE_URL') ?: 'https://modulosdesign.com.au', '/') . '/contracts');
 }
 if (!defined('CONTRACTS_DIR')) {
     $contractsDir = realpath(__DIR__ . '/contracts');

contracts/index.php

@@ -1,5 +1,5 @@
 <?php
 // Redirect instantly to another URL
-header("Location: https://modulosdesign.com.au/");
+header("Location: " . (rtrim(getenv('APP_BASE_URL') ?: '', '/') ?: '/'));
 exit; // Make sure to stop execution after redirect
 ?>

contracts/letter_authority.php

@@ -515,7 +515,7 @@ function buildSignedPdfHtml(
     <div class="bg-white p-4 p-md-5 rounded-0 shadow-sm">
       <div class="row align-items-center page-header">
         <div class="col-6 text-start">
-          <img class="img-fluid pt-2 img-logo" src="https://modulosdesign.com.au/internal/images/blueprint-full-logo-medium.png" height="100" alt="Modulos Design">
+          <img class="img-fluid pt-2 img-logo" src="../internal/images/blueprint-full-logo-medium.png" height="100" alt="Modulos Design">
         </div>
         <div class="col-6 text-end pt-3">
           <h3 class="fw-bold mb-1" style="font-weight:bold;">Job: {$safeJob}</h3>

internal/client-brief.php

@@ -41,7 +41,7 @@ if (!defined('SITE_ROOT')) define('SITE_ROOT', dirname(__DIR__));
 if (!defined('CONTRACTS_DIR')) define('CONTRACTS_DIR', SITE_ROOT . '/contracts/contracts');
 // ===== LOA config (must match contracts-admin/loa.php) =====
 if (!defined('LOA_DIR')) define('LOA_DIR', SITE_ROOT . '/contracts/loa');
-if (!defined('LOA_BASE_URL')) define('LOA_BASE_URL', 'https://modulosdesign.com.au/contracts'); // where loa.php lives
+if (!defined('LOA_BASE_URL')) define('LOA_BASE_URL', rtrim(getenv('APP_BASE_URL') ?: 'https://modulosdesign.com.au', '/') . '/contracts');
 if (!defined('LOA_TOKEN_SECRET')) define('LOA_TOKEN_SECRET', getenv('LOA_TOKEN_SECRET') ?: '');
 
 

internal/payment_request.php

@@ -32,15 +32,9 @@ if (!empty($_GET['drg'])) {
         <link href="css/blueprint.css" rel="stylesheet">
         <link href="css/print.css" rel="stylesheet" media="print">
 
-        <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/bootstrap-icons.css">
+        <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.13.1/font/bootstrap-icons.min.css">
 
         <script src="https://code.jquery.com/jquery-3.3.1.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script>
-        <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" crossorigin="anonymous"></script>
-        <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy" crossorigin="anonymous"></script>
-        <script type="text/javascript" src="https://use.fontawesome.com/1e2844bb90.js"></script>
-        <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js" integrity="sha256-T0Vest3yCU7pafRw9r+settMBX6JkKN06dqBnpQ8d30=" crossorigin="anonymous"></script>
-
-        <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/jquery.ba-throttle-debounce.min.js" integrity="sha512-JZSo0h5TONFYmyLMqp8k4oPhuo6yNk9mHM+FY50aBjpypfofqtEWsAgRDQm94ImLCzSaHeqNvYuD9382CEn2zw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
 
     </head>
     <body>

internal/progress.php

@@ -29,15 +29,9 @@ if (!empty($_GET['drg'])) {
         <link href="css/blueprint.css" rel="stylesheet">
         <link href="css/print.css" rel="stylesheet" media="print">
 
-        <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/bootstrap-icons.css">
+        <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.13.1/font/bootstrap-icons.min.css">
 
         <script src="https://code.jquery.com/jquery-3.3.1.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script>
-        <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" crossorigin="anonymous"></script>
-        <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy" crossorigin="anonymous"></script>
-        <script type="text/javascript" src="https://use.fontawesome.com/1e2844bb90.js"></script>
-        <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js" integrity="sha256-T0Vest3yCU7pafRw9r+settMBX6JkKN06dqBnpQ8d30=" crossorigin="anonymous"></script>
-
-        <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-throttle-debounce/1.1/jquery.ba-throttle-debounce.min.js" integrity="sha512-JZSo0h5TONFYmyLMqp8k4oPhuo6yNk9mHM+FY50aBjpypfofqtEWsAgRDQm94ImLCzSaHeqNvYuD9382CEn2zw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
 
     </head>
 

internal/thelist.php

@@ -1,93 +0,0 @@
-<?php
-/* 
- * thelist web scraper for Land Title Details
- * Benjamin Harris, last updated 20/12/2021
- * https://sms.bisonconstructions.com.au
-*/
-date_default_timezone_set("Australia/Hobart");
-
-error_reporting(E_ALL);
-ini_set('display_errors', '0');
-ini_set('log_errors', '1');
-//error_reporting(E_ERROR | E_PARSE);
-
-// Function to perform a POST request for login
-function login($username, $password) {
-    $loginUrl = 'https://security.thelist.tas.gov.au/cas/login'; // Updated login URL
-    $loginData = array(
-        'username' => $username,
-        'password' => $password
-    	//'lt' => 'LT-2965-PYQs5SPwZuphpeuhmfQOwvHjfY3KQ6', // these are hidden inputs in the login form.
-        //'execution' => 'e2s1', 
-        //'_eventId' => 'submit' 
-    );
-
-    $ch = curl_init();
-    curl_setopt($ch, CURLOPT_URL, $loginUrl);
-    curl_setopt($ch, CURLOPT_POST, true);
-    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($loginData));
-    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-
-    // Execute the login request
-    $loginResponse = curl_exec($ch);
-
-    // Check for errors and look for the success message
-    if (curl_errno($ch)) {
-        echo 'Error: ' . curl_error($ch);
-    } elseif (strpos($loginResponse, '<div id="msg" class="success">') !== false) {
-        echo 'Logged in successfully.';
-    } else {
-        echo 'Login failed.';
-    }
-
-    curl_close($ch);
-}
-
-// Function to scrape data from the search page
-function scrapeData($username, $password, $streetNumber, $streetName, $streetType, $locality) {
-    // Call the login function to authenticate
-    login($username, $password);
-
-    // URL for the search with parameters
-    $searchUrl = "https://www.thelist.tas.gov.au/app/content/property/property-search?streetNumber=$streetNumber&propertySearchCriteria.streetName=$streetName&propertySearchCriteria.streetType=$streetType&propertySearchCriteria.locality=$locality";
-
-    $ch = curl_init();
-    curl_setopt($ch, CURLOPT_URL, $searchUrl);
-    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-
-    // Execute the search request
-    $searchResponse = curl_exec($ch);
-
-    // Check for errors and parse the HTML response to extract the required data
-    if (curl_errno($ch)) {
-        echo 'Error: ' . curl_error($ch);
-    } else {
-        // Parse the HTML response and extract the required data
-        $doc = new DOMDocument();
-        @$doc->loadHTML($searchResponse); // Suppress errors for invalid HTML
-
-        // Use XPath to extract specific elements
-        $xpath = new DOMXPath($doc);
-        $propertyListTitle = $xpath->query('//td[@aria-describedby="propertyList_title"]')->item(0)->textContent;
-        $propertyListPropertyId = $xpath->query('//td[@aria-describedby="propertyList_propertyId"]')->item(0)->textContent;
-        $propertyList1TName = $xpath->query('//td[@aria-describedby="propertyList_1_t_name"]')->item(0)->textContent;
-
-        echo "propertyList_title: $propertyListTitle\n";
-        echo "propertyList_propertyId: $propertyListPropertyId\n";
-        echo "propertyList_1_t_name: $propertyList1TName\n";
-    }
-
-    curl_close($ch);
-}
-
-// Usage
-$username = 'david@bisonent.com.au';
-$password = 'takecare';
-$streetNumber = '29';
-$streetName = 'ALFRED';
-$streetType = 'ST';
-$locality = 'SCOTTSDALE';
-
-scrapeData($username, $password, $streetNumber, $streetName, $streetType, $locality);
-
-?>