fix: nested transaction crash and favicon 404

- accounts.php: remove outer beginTransaction() — AccountManager already wraps in its own transaction; nested transactions fail in SQLite with 'already an active transaction'
- accounts.php: on AccountManager failure, manually delete the inserted user row instead
- admin/reseller/user index.php: fix favicon href from /assets/img/favicon.svg to nova-favicon.svg

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01LP9Q4kfCAYAjJnsbHBrViZ

panel/admin/index.php

@@ -8,7 +8,7 @@
 <meta charset="UTF-8">
 <meta name="viewport" content="width=device-width, initial-scale=1">
 <title>NovaCPX Admin</title>
-<link rel="icon" type="image/svg+xml" href="/assets/img/favicon.svg">
+<link rel="icon" type="image/svg+xml" href="/assets/img/nova-favicon.svg">
 <link rel="stylesheet" href="/assets/css/nova.css">
 </head>
 <body>

panel/api/endpoints/accounts.php

@@ -73,26 +73,25 @@ match ($action) {
         if ($db->fetchOne("SELECT id FROM users WHERE email = ?", [$body['email']])) Response::error("Email already in use by another account");
         if ($db->fetchOne("SELECT id FROM users WHERE username = ?", [$body['username']])) Response::error("Username already taken");
 
-        // Wrap user creation + account provisioning in a single transaction
-        $db->beginTransaction();
-        try {
-            $userId = (int)$db->insert(
-                "INSERT INTO users (username, password, email, role, status, reseller_id) VALUES (?,?,?,?,?,?)",
-                [
-                    $body['username'],
-                    password_hash($body['password'], PASSWORD_BCRYPT),
-                    $body['email'],
-                    'user',
-                    'active',
-                    $user['role'] === 'reseller' ? $user['uid'] : null,
-                ]
-            );
-            $body['user_id'] = $userId;
+        // Insert user first — AccountManager::create() wraps everything else in its own transaction
+        $userId = (int)$db->insert(
+            "INSERT INTO users (username, password, email, role, status, reseller_id) VALUES (?,?,?,?,?,?)",
+            [
+                $body['username'],
+                password_hash($body['password'], PASSWORD_BCRYPT),
+                $body['email'],
+                'user',
+                'active',
+                $user['role'] === 'reseller' ? $user['uid'] : null,
+            ]
+        );
+        $body['user_id'] = $userId;
 
+        try {
             $result = AccountManager::create($body);
-            $db->commit();
         } catch (Throwable $e) {
-            $db->rollBack();
+            // Roll back the user insert if account provisioning failed
+            $db->execute("DELETE FROM users WHERE id = ?", [$userId]);
             throw $e;
         }
 

panel/reseller/index.php

@@ -15,7 +15,7 @@ $_pname = novacpx_panel_name('NovaCPX');
 <meta name="keywords" content="reseller hosting panel, reseller control panel, manage hosting clients, white label hosting, NovaCPX reseller">
 <meta name="robots" content="noindex, nofollow">
 <title><?= $_pname ?> — Reseller</title>
-<link rel="icon" type="image/svg+xml" href="/assets/img/favicon.svg">
+<link rel="icon" type="image/svg+xml" href="/assets/img/nova-favicon.svg">
 <link rel="stylesheet" href="/assets/css/nova.css<?= $_v('/assets/css/nova.css') ?>">
 <?php novacpx_branding_head() ?>
 </head>

panel/user/index.php

@@ -15,7 +15,7 @@ $_pname = novacpx_panel_name('NovaCPX');
 <meta name="keywords" content="hosting control panel, manage website, email hosting, domain management, database management, SSL certificate, FTP, web hosting dashboard">
 <meta name="robots" content="noindex, nofollow">
 <title><?= $_pname ?> — My Hosting</title>
-<link rel="icon" type="image/svg+xml" href="/assets/img/favicon.svg">
+<link rel="icon" type="image/svg+xml" href="/assets/img/nova-favicon.svg">
 <link rel="stylesheet" href="/assets/css/nova.css<?= $_v('/assets/css/nova.css') ?>">
 <?php novacpx_branding_head() ?>
 <style>