Skip to content

Improve profile role membership UX and harden stale form/session handling#2074

Open
Rvice wants to merge 10 commits into
Admidio:masterfrom
Rvice:Add_Processing_Info_to_Profile_Role_Changes_for_Slow_Servers
Open

Improve profile role membership UX and harden stale form/session handling#2074
Rvice wants to merge 10 commits into
Admidio:masterfrom
Rvice:Add_Processing_Info_to_Profile_Role_Changes_for_Slow_Servers

Conversation

@Rvice

@Rvice Rvice commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Summary

Improves the profile role membership experience by replacing disruptive reloads with inline updates, preserving in-progress edits more reliably, and fixing several stale token/session edge cases uncovered during testing.

Highlights

  • Update role membership rows inline instead of reloading the full section for common edit and delete actions.
  • Move memberships between Current, Former, and Future sections in place when date changes reclassify them.
  • Keep membership dates, duration badges, and section visibility in sync after inline changes.
  • Refresh profile memberships after changes made in the Change Role Memberships modal.
  • Fix checkbox autosave in the modal after a client-side path regression.
  • Harden membership and login flows against stale form/session state.

User-facing improvements

  • Removing a role membership no longer reloads the full role memberships area.
  • Editing membership dates updates the visible row immediately when possible.
  • Memberships that become former or future memberships move into the correct section without a full refresh.
  • Former and Future sections are shown or hidden correctly when memberships move.
  • Date displays continue to follow the configured system date format.
  • Other unsaved inline membership edits are preserved more reliably during fallback reloads.

Stability fixes

  • Added fallback CSRF handling for inline membership forms and modal-driven membership changes.
  • Improved stale form handling for profile membership updates.
  • Prevented a stale login form/session mismatch from causing a fatal error after redirecting to login.

Internal cleanup

  • Moved profile membership helper logic out of the PHP-generated script block into shared profile JavaScript.
  • Replaced packed row-sort metadata with explicit sortable fields and a clearer client-side comparator.

Testing

Validated with targeted syntax checks on the touched PHP files, including mirrored deployment copies where applicable.

Rvice added 10 commits July 6, 2026 14:52
harden CSRF validation for membership save/stop/remove with fallback token support
include fallback CSRF token in profile membership save and delete requests
improve membership save error handling (JSON/HTML parsing, clearer timeout/cancel feedback)
prevent repeated cancel/reload loops and avoid masking real backend errors
add pending/pending-save label fallbacks for missing translations
scope post-save reloads to affected membership sections only (plus cross-bucket target when needed)
stop global full-role refresh on messagebox close to avoid unnecessary current/former/future reloads
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant