Tanggal Update: 21 April 2026
A focused security hardening release that removes exposed secrets handling, restores TLS verification on outbound API calls, and reduces sensitive error leakage.
🔒 Security Improvements:
•Secrets Loader Hardening: Updated `config/database.php` to support environment-based secrets and a safer local override file (`config/secrets.local.php`), reducing reliance on committed plaintext credentials.
•TLS Verification Restored: Re-enabled certificate validation for Gemini, OpenRouter, and Telegram HTTP requests to prevent man-in-the-middle interception.
•Webhook Auth Strengthening: Improved Telegram webhook verification with `hash_equals()` and support for a dedicated `X-Assis10-Webhook-Token` header.
•Error Disclosure Reduction: Replaced raw exception output on API/admin endpoints with generic client-facing messages and server-side logging.
🛠 Stability:
•Safer Failure Modes: Database and API errors now fail closed with cleaner responses instead of exposing internal exception details.
•Utility Script Cleanup: Hardened a few maintenance scripts so they no longer echo raw internal errors to the browser.
Notes:
•Operational Follow-Up: The previously committed `config/secrets.php` still needs credential rotation and migration to environment variables or `config/secrets.local.php` before production rollout.
---
v3.1.0 - "The Infrastructure & Stability Update"
Tanggal Update: 13 April 2026
A massive overhaul of system stability, AI connectivity, and security hardening to prepare for high-volume production use.
🆕 New Features:
•AI Model Upgrade: Switched to Gemini 3 Flash Preview as the primary engine for faster and more accurate transaction parsing.
•AI Model Fallback: Implemented automatic fallback to Gemini 3.1 Flash-Lite Preview to ensure 100% uptime during peak Google API demand.
•GitHub Ready: Implemented a strictly configured `.gitignore` and deployment manifest to protect sensitive API keys and database credentials during cloud deployment.
🛠 Improvements & Security:
•Clean URL Stabilization: Standardized ALL form actions (Login, Register, Affiliate, Users, Finance) to use extensionless URLs for a professional production feel.
•System Hardening: Reinforced `.htaccess` to block unauthorized access to development folders (`scratch/`, `scripts/`) and migration scripts.
•Bot Recovery: Repaired the local polling script (`poll.php`) to correctly handle security tokens and custom development ports (8080).
🐞 Bug Fixes:
•The POST Strip Fix: Resolved a critical `.htaccess` bug where 301 redirects were stripping the POST body data from form submissions. Saving inventory and journals now works perfectly with clean URLs.
---
v3.0.1 - "The Dashboard View Switcher"
Tanggal Update: 12 April 2026
Memisahkan ringkasan Keuangan, Inventori, dan Aset di dashboard dengan kontrol segmen yang konsisten dengan halaman pengaturan keuangan.
🛠 Improvements & UX:
•Segmented tabs di Dashboard: Tombol pill (💰 Keuangan / 📦 Inventori / 🏢 Aset) dengan gaya `bg-slate-100`, tab aktif putih + bayangan halus, meniru pola `finance_settings.php`.
•Deep link & filter: Parameter `view=keuangan|inventory|aset` pada URL; form preset tanggal dan filter mempertahankan tab lewat hidden field `view`.
•Grafik ApexCharts: Inisialisasi chart sesuai tab yang terbuka dan `resize` saat berganti tab agar tidak render di kontainer `hidden` (tinggi nol).
---
v3.0.0 - "The One-Click Onboarding Update"
Tanggal Update: 12 April 2026
A major leap in user convenience, introducing Google Login for seamless authentication and automated account setup.
🆕 New Features:
•Google OAuth2 Integration: Added formal support for "Sign in with Google". Users can now authenticate securely without remembering separate passwords.
•Single-Click Registration: New users signing in with Google are automatically onboarded, receiving a 3-day trial and fully seeded financial structures instantly.
•Unified Identity Linkage: Securely maps Google profiles to existing user accounts via email verification.
---
v2.9.0 - "The Security & Aesthetics Hardening"
Tanggal Update: 12 April 2026
A major structural update focused on deep-level security infrastructure and refined URL aesthetics for a premium enterprise feel.
🆕 New Features:
•Clean Extensionless URLs: Completely removed `.php` from address bar URLs. Implemented internal rewrites and canonical redirects for a modern, sleek navigation experience.
•Centralized Secrets Management: Moved all sensitive API keys (Gemini, Telegram, Mayar, Lynk) from database config to a protected `config/secrets.php` file, secured by `.htaccess`.
•Database Admin Auth: Replaced hardcoded credentials with a secure, table-based authentication system for administrator access using BCRYPT hashing.
•Login Rate Limiting: Implemented automated login blocking (5 failures in 15 mins) to protect against brute-force attacks on the admin panel.
🛠 Improvements & Fixes:
•Session Security Reinforcement: Added `HttpOnly` and `SameSite` flags to session cookies and implemented `session_regenerate_id()` to eliminate Session Fixation risks.
•Webhook Token Verification: Added `WEBHOOK_SECRET_TOKEN` validation to the Telegram webhook to prevent unauthorized command execution from third-party sources.
•PII Log Masking: Implemented a global PII masking helper to automatically censor emails and phone numbers in `debug.log`, protecting user privacy.
Tanggal Update: 12 April 2026
A massive functional boost to the Finance Settings architecture, introducing interactive emoji selection and full management flexibility across all financial containers.
🆕 New Features:
•Interactive Emoji Picker: Transformed the static category icon field into a high-density, interactive emoji picker using `emoji-picker-element`.
•Full Edit CRUD (Settings): Users can now fully edit their Categories, Workspaces, and Wallets. This includes renaming containers and re-assigning wallets to different workspaces without data loss.
•Improved Workspace/Wallet UX: Added hover-triggered edit/delete icons and descriptive tooltips to maintain a high-density, clean professional interface.
🛠 Improvements & Fixes:
•Critical Plan Limit Fix: Resolved a logic bug that incorrectly restricted Pro Yearly (Plan ID 5) users to Basic tier limits (1 Workspace / 2 Wallets). They now correctly receive Pro tier access.
•Local Database Sync: Standardized `config/database.php` for local development environments on `localhost` with the `assis10_fix` schema.
•UI Interaction Fixes: Resolved custom event handling issues for the emoji picker and fixed modal clipping bugs.
---
v2.7.2 - "The Professional Referral Update"
Tanggal Update: 10 April 2026
A major enhancement to the affiliate ecosystem, replacing numeric IDs with professional alphanumeric codes and streamlining the registration referral process.
🆕 New Features:
•Alphanumeric Affiliate Codes: Every user now has a unique, professional brand code (e.g., `AS10-XyZ123`) for sharing. Links now support the `?ref=CODE` parameter.
•Registration Referral Input: Added a dedicated "Kode Referal" field in the signup form, allowing users to manually enter codes for proper attribution.
•Smart Referral Resolution: The system intelligently prioritizes manual input codes over browser cookies to ensure the correct affiliate gets credited.
•Unified Referral Dashboard: The affiliate page now displays the new branded link and automatically uses the secure alphanumeric format.
🛠 Improvements & Fixes:
•Fatal Error Fix: Resolved a critical "undefined function" error in the Finance Settings module.
•UI Integrity: Fixed and cleaned up the registration form structure to ensure consistent layout across all devices.
---
v2.7.0 - "The Multi-Platform Trust Update"
Tanggal Update: 10 April 2026
A visual and strategic update focused on building user trust through transparency, multi-device representation (Laptop & Mobile), and simplified value messaging.
🆕 New Features:
•Realistic Laptop Hero Mockup: Merombak visual utama Hero dengan mockup laptop statis 3D yang dilengkapi detail keyboard base, memberikan kesan platform yang kokoh dan profesional.
•Asymmetrical Floating Ecosystem: Menampilkan ekosistem perangkat (Mobile Dashboard, Mobile Sidebar, Desktop Analytics) yang melayang secara asimetris dengan animasi unik untuk menonjolkan fleksibilitas penggunaan.
•High-Conversion Emotional CTA: Menambahkan seksi "Investasi Rp 900,-/hari" yang sangat visual di bawah tabel harga, menggunakan narasi psikologis untuk menonjolkan nilai perlindungan bisnis yang tak ternilai.
•Mobile Optimized Showcase: Mengintegrasikan aset tangkapan layar mobile asli (Dashboard, Wallet, Sidebar, AI Chat) ke dalam komposisi visual landing page untuk membuktikan responsivitas platform.
---
v2.6.0 - "The Eireine AI Persona & Landing Page Overhaul"
---
v2.5.0 - "The Command Center & Visual Analytics Update"
Tanggal Update: 10 April 2026
A major structural and visual evolution focusing on high-density oversight, logical grouping, and powerful data visualization.
🆕 New Features:
•Wallet-to-Wallet Transfer: Seamlessly move funds between wallets with atomic double-entry journal logs.
•Inventory & Asset Democracy (Basic Unlock): Complete Inventory Management and Asset Management modules are now accessible for all Basic tier users across all platforms.
•Visual Analytics Suite: Implemented daily bar charts for Inventory Movements (In vs Out) and Cumulative Asset Valuation (Portfolio Growth).
•Thematic Command Center: Reorganized the dashboard into logical zones: Keuangan, Aset & Inventaris, and Transaksi Terbaru.
•Raised Sidebar UX: AI Assistant Chat is now a "raised button" premium feature at the bottom of the sidebar for better accessibility.
---
v2.4.0 - "The Multi-Pocket Update"
Tanggal Update: 10 April 2026
A major structural evolution, allowing users to separate their finances into Workspaces (e.g. Personal/Business) and Wallets (e.g. Cash/Bank).
🆕 New Features:
•Workspaces Integration: Users can now manage multiple financial buckets (Pribadi & Bisnis). Basic users get 1, Pro users get 5.
•Multi-Wallet Support: Support for multiple cash/bank accounts (e.g., BCA, Mandiri, Cash). Basic users get 2, Pro users get 5.
•Setting Fitur Keuangan: Unified management hub replacing the old categorization page. Handle Categories, Workspaces, and Wallets in one tabbed view.
•Workspace/Wallet Filters: Dashboard and Journal now support advanced filtering by Workspace and Wallet, with "All" as the default view.
•Telegram Multi-Step Flow: The bot now intelligently asks for Workspace and Wallet during entry, with Smart Skip for users with single defaults.
•AI Keyword Detection: Telegram bot now automatically recognizes wallet keywords (e.g., "pake cash", "transfer via BCA") to reduce selection steps.
🛠 Improvements & Fixes:
•Tiered Limit Enforcement: Implemented hard limits for Workspace and Wallet creation based on user plan (Basic vs Pro).
•Consolidated Seeding: Improved account initialization for new users to include default workspaces and wallets immediately.
•Journal badges: Added high-density badges in the transaction table to quickly identify the source wallet and workspace.
---
v2.3.1 - "The Marketing & Experience Update"
Tanggal Update: 10 April 2026
Enhanced user education, streamlined checkout, and a powerful 'Pro Teaser' dashboard to drive platform growth.
🆕 New Features:
•Dashboard Pro Teaser: Inventory and Asset summaries are now visible to Basic users with a professional 'locked' style (blur/grayscale) to encourage upgrades.
•Improved User Guide: Completely reorganized guide flow with detailed AI inventory commands and premium feature highlighting.
•Mobile Subscription: High-density plan comparison matrix reducing vertical scroll length by 50% on mobile devices.
•Login Persistence: Added a 30-day "Remember Me" feature and full browser Autofill support for a smoother login experience.
🛠 Improvements & Fixes:
•Teaser Labels: Renamed conversion actions to "Unlock Inventory" and "Unlock Assets" for clearer user benefit.
•UI Ergonomics: Adjusted pricing toggles and card padding for better mobile thumb-reach.
---
v2.3.0 - "The Mobile Density Update"
Tanggal Update: 10 April 2026
A major overhaul of the mobile user interface, optimizing information density and touch ergonomics across the core platform.
🆕 New Features:
•Compact Mobile Dashboard: Optimized all statistics and action grids for 2-column layouts on small screens, reducing vertical scrolling by up to 60%.
•High-Density Journal: Redesigned the financial journal with denser table rows and a smarter, multi-column filter grid.
•Optimized Inventory & Assets: Applied similar high-density grid patterns to stock management and asset monitoring.
•Ergonomic Modals: Reduced internal padding for all CRUD modals on mobile, ensuring form fields stay accessible behind the on-screen keyboard.
🛠 Improvements & Fixes:
•Responsive Scaling: Improved chart height dynamics for mobile viewports.
•UI Consistency: Standardized padding and text sizing for high-density views across all responsive breakpoints.
---
v2.2.0 - "The Inventory & UI Revolution"
Tanggal Update: 10 April 2026
Full inventory management via Telegram and a complete overhaul of the AI Chat experience.
🆕 New Features:
•Telegram Inventory CRUD: Full stock management (Add, Update, Check, Delete) directly via Telegram natural language commands.
•AI Chat UI Overhaul: Implemented a modern, full-screen 2-column layout for the web assistant with persistent multi-session history.
•Persistent Message History: AI conversations are now saved to the database, allowing users to return to previous chats.
•Auto-Session Title: AI intelligently names your chat sessions based on the opening context.
🛠 Improvements & Fixes:
•Session Management: Improved state handling for web-based AI interactions.
•Intent Recognition: Refined Gemini prompts for faster and more accurate inventory tool selection.
---
v2.1.0 - "The Analytics & Content Update"
Tanggal Update: 10 April 2026
Powerful data visualization and a professional SEO blog system.
🆕 New Features:
•Advanced Admin Analytics: Overhauled the dashboard with a compact 5-column layout and new data-dense charts (Sales Combo & Product Donut).
•Time-Range Filters: Added quick presets (7d, 30d, Month, Year) and a custom date range picker for the entire admin dashboard.
•SEO Blog Management: Fully functional blog system with categories, SEO meta fields, a rich-text editor (Quill.js), and automated landing page integration.
•Smart Chart Granularity: Dashboards now automatically switch to monthly views when viewing year-long data to ensure readability.
🛠 Improvements & Fixes:
•Auto-Migration Engine: Implemented silent auto-creation of system tables (`activity_logs`, `posts`, `blog_categories`) on first access to prevent SQL errors.
•UI Condensing: Reduced padding and font sizes across the admin panel for higher information density.
•SEO Ready: Added Open Graph tags and JSON-LD structured data to public blog pages.