88 lines
2.7 KiB
Markdown
88 lines
2.7 KiB
Markdown
# External Integrations
|
|
|
|
**Analysis Date:** 2026-04-27
|
|
|
|
## APIs & External Services
|
|
|
|
**Email (Transactional):**
|
|
- PHPMailer via mediaflex.pl SMTP — registration confirmation emails, admin notifications
|
|
- SDK/Client: PHPMailer bundled in `_rejestracja/core/lib/`
|
|
- Auth: SMTP credentials in `_rejestracja/core/config/smtp.config.ini` (committed — HIGH RISK)
|
|
- Usage: `IndexController.php` triggers email after successful registration save
|
|
|
|
**Spam Protection:**
|
|
- Google reCAPTCHA v2 — public registration form submission guard
|
|
- Integration: server-side verification via reCAPTCHA API in `IndexController.php`
|
|
- Site key: embedded in `_rejestracja/template/partial/Index/Index.tpl`
|
|
- Secret key: in config file
|
|
|
|
## Data Storage
|
|
|
|
**Databases:**
|
|
- MySQL on mysql7.ceti.pl — primary data store
|
|
- Connection: credentials in `_rejestracja/core/config/db.config.ini` (INI format, committed)
|
|
- Client: custom mysqli-based DAL (`_rejestracja/core/class/DefaultDAL.class.php`)
|
|
- Migrations: manual SQL files in `_rejestracja/sql/`, applied via PHP runner scripts
|
|
|
|
**File Storage:**
|
|
- Local filesystem — file uploads via `move_uploaded_file()`
|
|
- Upload directory: within `_rejestracja/Static/` or server path
|
|
- No cloud storage
|
|
|
|
**Caching:**
|
|
- None — all queries hit MySQL directly, no Redis or Memcached
|
|
|
|
## Authentication & Identity
|
|
|
|
**Admin Auth:**
|
|
- Custom session-based auth — `AuthDAL` + `SessionProxy`
|
|
- Implementation: `_rejestracja/Admin/controller/` calls `$this->RunShared('Auth', $param)` in `preDispatch`
|
|
- Session storage: PHP sessions via `SessionProxy`
|
|
- No external identity provider
|
|
|
|
**Public (Registration) Form:**
|
|
- No user authentication — anonymous submission with reCAPTCHA only
|
|
|
|
## Rich Text Editing
|
|
|
|
**CKEditor:**
|
|
- Admin templates use CKEditor for content editing (`HomeSite` admin area)
|
|
- Bundled in `_rejestracja/Static/` or loaded from CDN
|
|
|
|
## Monitoring & Observability
|
|
|
|
**Error Tracking:**
|
|
- None — no Sentry, no error reporting service
|
|
|
|
**Analytics:**
|
|
- None detected
|
|
|
|
**Logs:**
|
|
- PHP error_log only; no structured logging service
|
|
|
|
## CI/CD & Deployment
|
|
|
|
**Hosting:**
|
|
- Shared hosting: mediaflex.pl / ceti.pl
|
|
- Deployment: manual FTP upload via VS Code FTP Sync extension
|
|
- Config: `.vscode/ftp-kr.sync.cache.json`
|
|
|
|
**CI Pipeline:**
|
|
- None — no GitHub Actions, no automated tests or deployment
|
|
|
|
## Environment Configuration
|
|
|
|
**Development:**
|
|
- Required configs: `db.config.ini` (DB host/user/pass/name), `smtp.config.ini` (SMTP credentials)
|
|
- Both committed to repo — no gitignored secret management
|
|
- Local dev requires matching PHP 5.x + MySQL
|
|
|
|
**Production:**
|
|
- Same config files deployed via FTP
|
|
- No environment-specific config switching
|
|
|
|
---
|
|
|
|
*Integration audit: 2026-04-27*
|
|
*Update when adding/removing external services*
|