v2.2.0

🧱 Brickheadz Tracker

The ultimate tool for managing your LEGO® Brickheadz collection

Released: 18 oktober 2025

297
Brickheadz
174
Unique Sets
36
Series
780
Images
1
Collectors
🔒 100% Secure - CSRF Protected • Rate Limited • SQL Injection Proof

✨ Features

📦

Collection Management

Manage your complete Brickheadz collection with one click. Mark sets as 'owned' or add them to your wishlist.

🔍

Search & Filter

Quickly find what you're looking for with powerful search and filter functionality. Sort by number, name, series or year.

📝

Personal Notes

Add notes to each set: where purchased, price paid, box condition, etc.

🎁

Gift Tracking

Share your wishlist and let friends/family mark items as gifts. Prevents duplicate purchases!

🔗

Share with Privacy

Share your collection with friends via a secure link. Choose what you share.

📱

QR Code

Generate a QR code for your wishlist. Perfect for sharing with family!

📊

Statistics

Get insights into your collection: how many sets, which series, completion percentage, and more.

💡

Ideas Board

Vote on feature requests, share your ideas and see which features are planned. Community-driven development!

🌍

Multilingual

Full support for Dutch and English. Switch between languages with one click.

🛠️ Tech Stack

PHP 8.2 MariaDB 11.4 Google OAuth Vanilla JavaScript CSS Grid/Flexbox CSRF Protection Rate Limiting Input Validation Error Handling Prepared Statements

📋 Changelog

Changelog is maintained in English for technical accuracy

Version 2.2.0 - Multilingual Support & Ideas Board (October 18, 2025) 🌍

✨ Internationalization

  • Full Dutch/English Support: Complete translation system with 400+ keys across 10+ pages
  • Language Switcher: Flag icons in header (🇳🇱 / 🇬🇧) with instant switching
  • Cookie Persistence: Language choice saved for 365 days
  • Smart Translations: Parameter replacement, plural handling, date localization
  • Translated Pages: Homepage, collection, profile, ideas, news, about, footer

💡 Ideas Board System

  • Public Ideas Board: Community feature suggestions with voting system
  • Vote System: Upvote/downvote ideas (1 vote per user)
  • Comments: Threaded discussions on each idea
  • Status Tracking: Pending → In Progress → Completed/Rejected
  • Search & Filter: Find ideas by keyword, status, and sort options
  • Admin Management: Complete CRUD interface with status management
  • Archive System: Active/Archive tabs for lifecycle management

🎨 UX Improvements

  • Translation-aware features with plural handling
  • Color-coded status badges for ideas
  • Empty states with helpful CTAs
  • Loading states for AJAX actions
  • Smooth transitions and animations

🔒 Security

  • CSRF protection on all ideas forms
  • Vote manipulation prevention (1 vote per user)
  • Comment editing restricted to author + admin
  • Secure language cookie (HttpOnly, SameSite=Lax)

Version 2.1.0 - News & Blog Functionality (October 18, 2025) 📰

✨ News/Blog System

  • Admin News Management: Complete CRUD interface for news articles with modal popup
  • Quill WYSIWYG Editor: Rich text formatting (bold, italic, headers, lists, colors, links, images)
  • Featured Images: Upload main image per article (jpg, jpeg, png, gif, webp)
  • Publication Planning: Schedule articles for the future or publish immediately
  • URL-friendly Slugs: Automatic slug generation with timestamp for uniqueness
  • News Overview: Public page (/nieuws) with pagination (5 items per page)
  • Detail Pages: Clean URLs for each article (/nieuws/article-slug)
  • Homepage Integration: Featured card with latest news item on homepage
  • Dynamic Sitemap: Automatic SEO optimization with sitemap.xml generator
  • Toast Notifications: Modern notifications instead of browser alerts

🗄️ Database & Performance

  • New news table with featured_image, slug, excerpt, publish status
  • Foreign key constraint removed for better INSERT performance (indexes retained)
  • Timestamp-based slug generation prevents database loops
  • NULL-safe published_at queries for draft articles

🎨 UX Improvements

  • News added to main menu (for all users)
  • Card layout with featured images and excerpts
  • Localized date formatting
  • Responsive design (mobile-first)
  • Hover animations and visual feedback

🐛 Bug Fixes

  • Session management conflict on homepage resolved (session_status check)
  • Database.php lastInsertId() method added
  • Published query bug: NULL dates now correctly displayed
  • URL rewriting works correctly for news and sitemap.xml

Version 2.0.0 - Security & Infrastructure Update (October 4, 2025)

🔒 Major Security Overhaul

  • CSRF Protection: All forms and API endpoints fully protected against CSRF attacks
  • Rate Limiting: Database-backed rate limiting on all critical endpoints (10-100 req/min)
  • Input Validation: Server-side validation with 10+ rules on all user input
  • Error Handling: Centralized error handler with file-based logging
  • SQL Injection Audit: 100% prepared statements, complete security audit performed
  • User-friendly Error Pages: 403, 429, and 500 error pages

🐛 Bug Fixes

  • Stats tile "Still to Find" now updates correctly on collection changes
  • CSRF validation now works correctly with JSON API requests
  • Validator method signatures corrected in all API endpoints

📁 Code Cleanup

  • Removed: old/duplicate scripts (generate_brickheadz_data.php, download_images.php, check_sets.php)
  • Kept: only current, useful scripts
  • Documentation: SECURITY_AUDIT.md added, CHANGELOG updated

Version 1.9.0 - Sharing & Privacy (October 4, 2025)

  • Secure Share Tokens: 64-character tokens for profile sharing (prevents predictable URLs)
  • QR Code Generation: Download and print QR codes for your wishlist
  • Granular Privacy: Choose what to share: collection, wishlist, notes, profile photo
  • Notes Functionality: Add personal notes to each set
  • Quick Navigation: Smooth scroll to collection and wishlist sections

Version 1.8.0 - Search & Statistics (October 4, 2025)

  • Live Search: Debounced search with results counter
  • Statistics Page: Dedicated stats with series completion percentages
  • UI Compaction: 20-40% vertical space savings through smarter design
  • Search on Public Profiles: Full search and filter functionality on shared profiles

Version 1.7.0 - Box Numbers & Sorting (Earlier 2025)

  • Box Number Support: Box numbers from CandidBricks (288 sets)
  • Advanced Sorting: Sort by number, name, series, year, box number
  • Image Slider: Multiple images per set with navigation
  • Lightbox: Click on image for fullscreen view

Version 1.0.0 - Initial Release

  • Google OAuth Login: Secure login with your Google account
  • Collection Management: Mark sets as 'owned' or 'wanted'
  • Brickheadz Database: 290+ sets from all series (2017-2024)
  • Responsive Design: Works perfectly on desktop, tablet, and mobile
  • Series Filtering: Filter by DC, Marvel, Disney, Star Wars, etc.

❤️ Credits

Built with ❤️ for LEGO® Brickheadz collectors

LEGO® is a trademark of the LEGO Group.
This website is not affiliated with or endorsed by the LEGO Group.