From c03d22ea48363b26eaae9660c6969427f3703e50 Mon Sep 17 00:00:00 2001
From: Cristiano Benassati <cristiano.benassati@gmail.com>
Date: Tue, 17 Feb 2026 18:08:43 +0100
Subject: [PATCH] [FIX] Deploy fixes - Auth header passthrough, dashboard
 query, landing page

- Add Authorization header passthrough in .htaccess for PHP-FPM
- Remove invalid 'severity' column query from DashboardController
- Add landing page (index.html) with feature overview

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 .../controllers/DashboardController.php       |  8 --
 public/.htaccess                              |  4 +
 public/index.html                             | 87 +++++++++++++++++++
 3 files changed, 91 insertions(+), 8 deletions(-)
 create mode 100644 public/index.html

diff --git a/application/controllers/DashboardController.php b/application/controllers/DashboardController.php
index 94c9165..6651aac 100644
--- a/application/controllers/DashboardController.php
+++ b/application/controllers/DashboardController.php
@@ -36,14 +36,6 @@ class DashboardController extends BaseController
         );
 
         // Rischi aperti
-        $openRisks = Database::fetchAll(
-            'SELECT severity, COUNT(*) as count
-             FROM risks
-             WHERE organization_id = ? AND status NOT IN ("closed")
-             GROUP BY FIELD(severity, "critical", "high", "medium", "low") -- non supportato, usiamo ORDER',
-            [$orgId]
-        );
-
         $riskCounts = Database::fetchOne(
             'SELECT
                 SUM(CASE WHEN inherent_risk_score >= 20 THEN 1 ELSE 0 END) as critical_high,
diff --git a/public/.htaccess b/public/.htaccess
index 7f0483f..2f2a4a4 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -1,5 +1,9 @@
 RewriteEngine On
 
+# Pass Authorization header to PHP-FPM
+RewriteCond %{HTTP:Authorization} .+
+RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
+
 # Redirect HTTP to HTTPS (production)
 # RewriteCond %{HTTPS} off
 # RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
diff --git a/public/index.html b/public/index.html
new file mode 100644
index 0000000..615b2d4
--- /dev/null
+++ b/public/index.html
@@ -0,0 +1,87 @@
+<!DOCTYPE html>
+<html lang="it">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>NIS2 Agile - Piattaforma Compliance NIS2</title>
+    <link rel="stylesheet" href="/nis2/css/style.css">
+    <style>
+        .landing { display: flex; flex-direction: column; min-height: 100vh; background: var(--gray-50, #f8fafc); }
+        .landing-header { background: white; border-bottom: 1px solid #e2e8f0; padding: 1rem 2rem; display: flex; justify-content: space-between; align-items: center; }
+        .landing-logo { font-size: 1.5rem; font-weight: 700; color: #1e40af; }
+        .landing-logo span { color: #3b82f6; }
+        .landing-nav a { margin-left: 1rem; padding: 0.5rem 1.25rem; border-radius: 6px; text-decoration: none; font-weight: 500; }
+        .landing-nav .btn-login { color: #1e40af; border: 1px solid #1e40af; }
+        .landing-nav .btn-register { background: #1e40af; color: white; }
+        .hero { flex: 1; display: flex; align-items: center; justify-content: center; padding: 4rem 2rem; text-align: center; }
+        .hero-content { max-width: 700px; }
+        .hero h1 { font-size: 2.5rem; color: #1e293b; margin-bottom: 1rem; line-height: 1.2; }
+        .hero h1 span { color: #1e40af; }
+        .hero p { font-size: 1.15rem; color: #64748b; margin-bottom: 2rem; line-height: 1.6; }
+        .hero .cta { display: inline-block; background: #1e40af; color: white; padding: 0.875rem 2rem; border-radius: 8px; text-decoration: none; font-weight: 600; font-size: 1.1rem; }
+        .hero .cta:hover { background: #1d4ed8; }
+        .features { display: grid; grid-template-columns: repeat(auto-fit, minmax(250px, 1fr)); gap: 1.5rem; padding: 3rem 2rem; max-width: 1100px; margin: 0 auto; }
+        .feature-card { background: white; border-radius: 12px; padding: 1.5rem; border: 1px solid #e2e8f0; }
+        .feature-card h3 { color: #1e293b; margin-bottom: 0.5rem; font-size: 1.1rem; }
+        .feature-card p { color: #64748b; font-size: 0.9rem; line-height: 1.5; }
+        .feature-icon { width: 40px; height: 40px; background: #eff6ff; border-radius: 8px; display: flex; align-items: center; justify-content: center; margin-bottom: 0.75rem; font-size: 1.25rem; }
+        .landing-footer { text-align: center; padding: 1.5rem; color: #94a3b8; font-size: 0.85rem; border-top: 1px solid #e2e8f0; }
+    </style>
+</head>
+<body>
+    <div class="landing">
+        <header class="landing-header">
+            <div class="landing-logo">NIS2 <span>Agile</span></div>
+            <nav class="landing-nav">
+                <a href="/nis2/login.html" class="btn-login">Accedi</a>
+                <a href="/nis2/register.html" class="btn-register">Registrati</a>
+            </nav>
+        </header>
+
+        <section class="hero">
+            <div class="hero-content">
+                <h1>Compliance <span>NIS2</span> semplificata</h1>
+                <p>Piattaforma integrata per guidare la tua azienda alla conformita con la Direttiva NIS2 (EU 2022/2555). Gap analysis, risk assessment, gestione incidenti, policy e formazione - tutto in un unico strumento con AI integrata.</p>
+                <a href="/nis2/register.html" class="cta">Inizia gratuitamente</a>
+            </div>
+        </section>
+
+        <section class="features">
+            <div class="feature-card">
+                <div class="feature-icon">&#128203;</div>
+                <h3>Gap Analysis</h3>
+                <p>Questionario di 80 domande sui 10 ambiti dell'Art. 21, con analisi AI delle lacune e raccomandazioni prioritizzate.</p>
+            </div>
+            <div class="feature-card">
+                <div class="feature-icon">&#9888;&#65039;</div>
+                <h3>Risk Management</h3>
+                <p>Registro rischi con matrice 5x5, piani di trattamento, monitoraggio e suggerimenti AI basati sul settore.</p>
+            </div>
+            <div class="feature-card">
+                <div class="feature-icon">&#128680;</div>
+                <h3>Gestione Incidenti</h3>
+                <p>Workflow completo Art. 23: early warning 24h, notifica 72h, report finale 30g con timeline e scadenze automatiche.</p>
+            </div>
+            <div class="feature-card">
+                <div class="feature-icon">&#128196;</div>
+                <h3>Policy Management</h3>
+                <p>Generazione AI di policy di sicurezza, workflow di approvazione, versioning e revisioni programmate.</p>
+            </div>
+            <div class="feature-card">
+                <div class="feature-icon">&#128279;</div>
+                <h3>Supply Chain</h3>
+                <p>Registro fornitori, valutazione sicurezza, scoring rischio e monitoraggio requisiti contrattuali.</p>
+            </div>
+            <div class="feature-card">
+                <div class="feature-icon">&#127891;</div>
+                <h3>Formazione</h3>
+                <p>Corsi obbligatori Art. 20, assegnazioni per ruolo, tracking completamento e compliance formativa.</p>
+            </div>
+        </section>
+
+        <footer class="landing-footer">
+            NIS2 Agile &copy; 2026 - Piattaforma di compliance per la Direttiva NIS2 (EU 2022/2555)
+        </footer>
+    </div>
+</body>
+</html>