- Added CSRF exemption to all JWT-authenticated API endpoints
- API routes use JWT tokens, not session cookies, so CSRF protection is not needed

- Change import to from flask_wtf.csrf import csrf_exempt
- Replace @csrf.exempt with @csrf_exempt decorators

- Initialize CSRFProtect in app/__init__.py
- Update import in app/upload/routes.py from flask_wtf.csrf to flask_wtf
- Maintain existing @csrf.exempt decorators

- Improved FileLike class with proper file handling and close() method
- Added better error handling and validation for JSON input
- Added try/finally block to ensure file handles are closed
- Added detailed error logging with traceback for debugging
- Ensures server always returns JSON instead of HTML error pages

- Error message now shows correct maximum file size from database setting
- Consistent with other validation functions using the same setting

- validate_file_size() now uses database setting instead of MAX_CONTENT_LENGTH
- detect_malicious_content() uses database setting for size limits
- Both functions now respect the configurable max_upload_size_mb (default 2048MB = 2GB)

- Explicitly set MAX_CONTENT_LENGTH in Flask app config during initialization
- Add logging to verify MAX_CONTENT_LENGTH is set correctly
- Fixes 'File too large' error for files over 500MB (now supports 5GB)

- Add seek(), tell(), read() methods to FileLike class
- Add content_type attribute for validation
- Fixes 'FileLike object has no attribute seek' error in chunked uploads

- Fix FileLike object to have proper filename attribute for validation
- Implement parallel chunk uploading (3 concurrent chunks) to speed up uploads
- Update all templates with improved chunking logic
- Fixes validation error and slow upload performance

- Add chunking JavaScript to fixture_detail.html for individual match uploads
- Add chunking JavaScript to fixture_detail.html for fixture-level bulk uploads
- Add chunking JavaScript to match_detail.html for match ZIP uploads
- All ZIP uploads now use 1MB chunks instead of uploading entire files at once
- Fixes issue where large ZIP files would fail due to memory/timeouts

- Add Migration_007_AddDoneToStatusEnum class
- Safely adds 'done' to existing status ENUM if not present
- Handles databases created before 'done' status was added
- Includes proper rollback support
- Update README and CHANGELOG with migration details

- Updated set_active() method to require status='pending' in addition to ZIP upload completion
- Added comprehensive documentation for new active status criteria
- Updated CHANGELOG.md with version 1.2.3 details
- Enhanced README.md with active status requirements documentation

Active status now requires:
1. ZIP upload status = 'completed'
2. ZIP checksum present
3. Match status = 'pending'

This provides more precise control over match activation workflow.

- Add status column to matches table with 8 enum values (pending, scheduled, bet, ingame, cancelled, failed, paused, done)
- Create Migration_006_AddStatusColumn for database schema updates
- Update Match model to include status field with proper enum validation
- Enhance match detail template to display status information
- Improve configuration auto-migration system for persistent directories
- Update README and CHANGELOG with version 1.2.3 documentation
- Maintain backward compatibility with existing matches

- Add status column to matches table with enum values (pending, scheduled, bet, ingame, cancelled, failed, paused, done)
- Implement database migration 006 for status tracking
- Update Match model with status field and validation
- Enhance match detail template to display status information
- Update documentation (README and CHANGELOG) for v1.2.3
- Enable comprehensive match lifecycle management

Delete prompt.txt

See merge request !1

- Fixed critical bug where both fighter1 and fighter2 were incorrectly sourced from fighter1 column during XLSX uploads
- Enhanced FixtureParser.detect_required_columns() with fighter-specific matching logic in app/upload/fixture_parser.py
- Added proper fighter number detection (1 or 2) to prevent cross-mapping during partial column matching
- Fighter1 columns now correctly map to fighter1 database field, Fighter2 to fighter2 field
- Prevents false positives where 'fighter2' column incorrectly matched 'fighter1' field
- Root cause: Original partial matching used split()[0] causing both 'fighter 1' and 'fighter 2' to become 'fighter'
- Solution: Implemented specific logic checking for both 'fighter' keyword AND number in column names
- Updated documentation (README.md, CHANGELOG.md) with bug fix details and version bump to v1.2.2
- Maintains backward compatibility with existing column naming conventions

- Fixed import error for get_persistent_directories (renamed to get_config_directory)
- Fixed TypeError with classmethod call during class definition
- Added config directory support to directory utilities
- Enhanced configuration loading with proper function structure
- Ensured all persistent directories are created during setup