docs(codebase): mapa kodu wygenerowana przez /paul:map-codebase

7 dokumentów w .paul/codebase/ — overview, stack, architecture, conventions, testing, integrations, concerns (CRITICAL→LOW). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-26 00:46:01 +02:00
parent cfd2e5fb57
commit bf4b7c6429
8 changed files with 824 additions and 0 deletions
--- a/.paul/codebase/integrations.md
+++ b/.paul/codebase/integrations.md
@@ -0,0 +1,63 @@
+# External Integrations
+
+> Generated: 2026-04-26
+
+## Email — PHPMailer + SMTP
+
+- **Library**: PHPMailer (`libraries/phpmailer/class.phpmailer.php`)
+- **Service class**: `autoload/Shared/Email/Email.php`
+- **Configuration**: stored in `pp_settings` table
+  - Keys: `email_host`, `email_port`, `email_login`, `email_password`, `contact_email`, `firm_name`
+- **Features**: SSL/TLS, self-signed cert support, HTML email, attachments, relative URL conversion
+- **Used by**: Newsletter cron, contact forms, 2FA code sending
+
+## Geolocation — geoPlugin
+
+- **Provider**: geoPlugin (http://www.geoplugin.net/)
+- **Class**: `autoload/class.geoplugin.php`
+- **Features**: IP-to-country, currency detection, exchange rates
+- **Integration**: loaded in frontend via autoloader, used for localization hints
+
+## Analytics
+
+- **Type**: configurable (any script tag)
+- **Storage**: `pp_settings.statistic_code` field
+- **Injection**: `index.php` lines ~121-122 — injected into HTML `<head>` via string replacement
+- **Default**: empty (disabled until configured in admin Settings)
+
+## Updates — cmspro.project-dc.pl
+
+- **Factory**: `autoload/admin/factory/class.Update.php`
+- **Base URL**: `https://www.cmspro.project-dc.pl/updates/` (hardcoded)
+- **Endpoints used**:
+  - `versions.php?key={update_key}` — fetch available versions list
+  - `{dir}/ver_{version}.zip` — download update ZIP
+  - `{dir}/ver_{version}_sql.txt` — legacy SQL migration fallback
+- **Auth**: `update_key` from `pp_settings`, validated on server
+- **License**: `pp_update_licenses` table — `valid_to_date`, `valid_to_version`, `beta` flag
+- **Channels**: stable / beta
+
+**Security note**: `file_get_contents()` over HTTPS, no signature verification, path not sanitized.  
+See `concerns.md` for details.
+
+## File Manager
+
+- **Library**: FileManager 9.14.1 (`libraries/filemanager-9.14.1/`)
+- **API endpoint**: `upload/filemanager/api/`
+- **Features**: file upload, deletion, browsing via AJAX
+- **MIME validation**: JPEG, PNG, GIF, WebP allowed
+- **Organization**: files stored by article ID under `upload/`
+
+## Mobile Detection
+
+- **Library**: Mobile_Detect 2.8.16 (`autoload/class.Mobile_Detect.php`)
+- **Usage**: UA-based device detection for mobile/tablet
+- **Integration**: used in frontend factory to adapt output
+
+## No Payment Integration
+
+No PayPal, Stripe, or other payment processor code detected.
+
+## No CDN
+
+Images served locally. WebP conversion cached in `cache/` directory.