Fix parsing errors in public/src/signin.php and harden sign-in flow

[Kvnbbg]

Motivation

• Remove accidental injected DOCIFY markers and fix malformed code in public/src/signin.php that caused PHP parse failures and prevented the sign-in endpoint from running.
• Harden the sign-in flow to reduce runtime errors and improve basic input validation and error handling for the legacy PHP endpoint.

Description

• Removed injected DOCIFY artifact blocks and corrected a broken statement preparation ($stmt - ... -> $stmt = ...) and other malformed identifiers in public/src/signin.php.
• Added declare(strict_types=1);, typed helper function signatures (logAttempt(mysqli,string,string): void, sendAlert(string,string): void), and cleaned up variable names for clarity.
• Added input presence validation for email and password, explicit checks for failed prepare() with proper HTTP responses, and safer control flow with early exits.
• Kept existing behavior for credential verification, login-attempt logging, admin alerts, and appropriate HTTP response codes on success/unauthorized/method-not-allowed; the change set is limited to public/src/signin.php.

Testing

• Ran PHP syntax checks across backend files with for f in $(rg --files public/src src tests | rg '\.php$'); do php -l "$f" ...; done and for f in $(rg --files | rg '\.php$' | rg -v '^node_modules/|^DATA/node_modules/'); do php -l "$f" ...; done, both completed with no parse errors.
• Confirmed the updated public/src/signin.php lints clean with php -l and is staged/committed in this change.
• Attempted to run PHPUnit (phpunit --testsuite unit) but phpunit/vendor test binary is not available in this environment, so unit test execution could not be performed here.

---

Codex Task

[vercel]

Deployment failed with the following error:

Hobby accounts are limited to daily cron jobs. This cron expression (0 * * * *) would run more than once per day. Upgrade to the Pro plan to unlock all Cron Jobs features on Vercel.

Learn More: https://vercel.link/3Fpeeb1