Project-Pro/cmsPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Jacek Pyziak
2026-04-26 01:44:36 +02:00
parent cbc2462ea4
commit 72cb5b8d1d
166 changed files with 2712 additions and 135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
.paul/codebase/README.md
View File

@@ -1,33 +0,0 @@
# Codebase Map — cmsPRO
> Generated: 2026-04-26 | Auto-generated by /paul:map-codebase
## Documents
| File | Contents |
|------|---------|
| [overview.md](overview.md) | Project summary, modules, entry points, refactoring status |
| [stack.md](stack.md) | PHP runtime, database, frontend libs, server config, external services |
| [architecture.md](architecture.md) | Directory map, patterns, routing, caching, namespaces |
| [conventions.md](conventions.md) | Naming, class patterns, PHPDoc, return types, DB access |
| [testing.md](testing.md) | PHPUnit setup, test structure, stubs, adding new tests |
| [integrations.md](integrations.md) | Email, geolocation, analytics, update server, file manager |
| [concerns.md](concerns.md) | Technical debt prioritized CRITICAL → HIGH → MEDIUM → LOW |
## Quick Reference
- **Architecture**: Controls → (deprecated) Factories → Domain Repositories → Medoo/MySQL
- **New code goes in**: `autoload/Domain/{Entity}/{Entity}Repository.php`
- **Tests go in**: `tests/Unit/Domain/{Entity}/{Entity}RepositoryTest.php`
- **Global helper**: `\S::method()` (legacy) or `\Shared\Helpers\Helpers::method()` (preferred)
- **Templates**: `templates/{module}/template.php` (user override: `templates_user/`)
- **CSRF**: `\Shared\Security\CsrfToken::getToken()` / `::validate($token)`
- **Cache**: `\Shared\Cache\CacheHandler::store($key, $data, $ttl)` / `::fetch($key)`
## Top Issues to Fix
1. **CRITICAL**: `unserialize()` on cookie — `admin/ajax/pages.php:36,49`
2. **CRITICAL**: Path traversal in updates — `autoload/admin/factory/class.Update.php:76-80`
3. **HIGH**: Missing input validation everywhere
4. **HIGH**: Password hash in auto-login cookie — `admin/index.php:59-61`
5. **MEDIUM**: God class Helpers.php (1220 lines) — needs splitting

12
.paul/codebase/db_schema.md Normal file
View File

@@ -0,0 +1,12 @@
# Database Schema
> Schemat bazy danych — tabele, kolumny, FK, indeksy.
> Generowany automatycznie przez /paul:map-codebase, aktualizowany przez apply-phase.
## Engine
MySQL — konfiguracja w `config.php`, abstrakcja Medoo 1.7.3 (`libraries/medoo/medoo.php`), prefix tabel: `pp_`
## Tables
> Uruchom `/paul:map-codebase` aby wypełnić ten plik szczegółowym schematem tabel.

54
.paul/codebase/overview.md
View File

@@ -1,54 +0,0 @@
# cmsPRO — Project Overview
> Generated: 2026-04-26 | Milestone: v0.1 Refaktoryzacja
## What is cmsPRO?
cmsPRO is a Polish-language PHP CMS with a **hybrid transitional architecture**. The codebase is actively being refactored from a legacy procedural/OOP mixed approach toward a clean Domain-Driven Design structure with Repository pattern.
## Core Capabilities
| Module | Description |
|--------|-------------|
| Articles | CRUD, multi-language, versioning, scheduling, galleries, tags, SEO |
| Pages | Static pages with layouts, caching, inline editing |
| Newsletter | Subscription, templates, cron-based batch sending |
| Layouts | HTML/CSS template system with Savant3 rendering |
| Users | Admin users, privileges matrix, 2FA support |
| Languages | Multi-language content, URL routing, session caching |
| Banners | Homepage banners with multi-language support |
| Scontainers | Reusable content blocks/widgets |
| Authors | Author management for articles |
| SEO | Meta tags, slugs, noindex, robots.txt, sitemap |
| File Manager | Upload, browse, thumbnail generation |
| Settings | DB-stored site config, WebP toggle, lazy loading |
| Updates | Versioned ZIP updates with license validation |
| Backups | DB backup/restore utilities |
## Entry Points
| File | Purpose |
|------|---------|
| `index.php` | Frontend entry point and router |
| `admin/index.php` | Admin panel entry point |
| `ajax.php` | Frontend AJAX handler |
| `admin/ajax.php` | Admin AJAX handler (routes to `admin/ajax/*.php`) |
| `api.php` | API endpoint |
| `cron.php` | Scheduled tasks (newsletter batch sending) |
| `download.php` | File download handler |
## Current Refactoring Status
The project is in **Phase 5 of Milestone v0.1 Refaktoryzacja**.
Migration pattern:
- **Done**: Domain repositories created for all 10 main entities
- **Done**: Factory classes converted to deprecated wrappers delegating to repositories
- **In progress**: SeoAdditional, Cron, Releases domains
- **Pending**: Remove factory layer, inject repositories directly into controls
## Version
- Current app version: **1.695**
- Update channel: stable/beta via `updates/` ZIP packages
- License validation via `pp_update_licenses` table

4
.paul/codebase/todo.md Normal file
View File

@@ -0,0 +1,4 @@
# TODO
> Luźny parking pomysłów, rzeczy do sprawdzenia, rzeczy które mogą nigdy nie być wdrożone.
> Nie wymaga formalności — wrzucaj co chcesz.