# CLAUDE.md Obecna wersja PHP na serwerze to 7.4 i należy to uwzględnij podczas pisania kodu. This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. ## Project Overview CRM PRO is a Polish-language CRM application for task/project management, client management, finances, and work time tracking. Built with PHP + MySQL, Bootstrap, jQuery, and PHP templating. ## Running the Application - **Web entry point:** `index.php` — routes via `?module=&action=` query params - **AJAX endpoint:** `ajax.php` - **REST API:** `api.php` - **Background jobs:** `cron.php` (email import, recursive tasks, reminders) - **Tests:** `php tests/run.php` (custom lightweight test runner, no PHPUnit) - **SCSS:** compiled via VS Code Live Sass Compile extension ## Architecture ### Layered structure with ongoing DDD migration ``` autoload/ ├── Controllers/ # NEW: PSR-4 namespaced, camelCase methods ├── controls/ # LEGACY: snake_case methods, being gradually replaced ├── factory/ # Data access + business logic (legacy, being replaced by Domain) ├── Domain/ # NEW: Repository pattern, single-responsibility classes │ ├── Tasks/ # WorkTimeRepository, TaskAttachmentRepository, MailToTaskImporter │ ├── Crm/ # ClientRepository │ ├── Finances/ # FinanceRepository │ └── Users/ # UserRepository ├── view/ # View rendering layer ├── class.S.php # Global static utility (sessions, request params, email, hashing) ├── class.Tpl.php # Template engine: Tpl::view('path', $data) ├── class.DbModel.php # Simple ActiveRecord wrapper └── class.Html.php # HTML form helper components templates/ # PHP templates organized by module templates_user/ # Custom user template overrides ``` ### Routing (`controls\Site::route()`) 1. Takes `module` and `action` GET params 2. Tries `\Controllers\{Module}Controller::{camelCaseAction}()` first 3. Falls back to `\controls\{Module}::{snake_case_action}()` ### Autoloading Custom `spl_autoload_register` in `index.php`: maps `Namespace\Class` → `autoload/Namespace/Class.php`, falling back to `autoload/Namespace/class.Class.php`. ### Database access - **Medoo** (`$mdb` global) — primary query builder for SELECT/INSERT/UPDATE/DELETE - **RedBean** (`\R`) — ORM used for some entity operations - Both configured in `index.php` from `config.php` credentials ### Key globals - `$mdb` — Medoo database instance - `$user` — current session user array (`\S::get_session('user')`) - `$settings` — merged app settings from `config.php` + DB `settings` table - `\S::get('param')` — safe request parameter access ## Refactoring Status (see REFACTORING_PLAN.md) - **Stage 1 (DONE):** Tasks/WorkTime migrated to `Domain\Tasks\WorkTimeRepository` - **Stage 2 (IN PROGRESS):** Controller standardization — `TasksController` partially migrated - **Stage 3 (DONE):** UI cleanup for work time billing - **Stage 4 (NEXT):** Finance domain extraction - **Stage 5 (NEXT):** View layer standardization ### Migration rules - No big-bang rewrites — one functional area per commit - New code goes in `Domain/` (repositories) and `Controllers/` (camelCase) - Legacy `controls/` and `factory/` kept as adapters until full migration - Every migrated method must have at least one test in `tests/` ## Coding Conventions - **New controllers:** `Controllers\{Module}Controller` with camelCase methods - **New domain code:** `Domain\{Module}\{Name}Repository` with constructor-injected `$mdb` - **Legacy code:** `controls\{Module}` and `factory\{Module}` with snake_case methods - **Templates:** rendered via `\Tpl::view('module/template', $data_array)`, XSS protection via `\Tpl::secureHTML()` - **UI language:** Polish (labels, comments, database content) - **File naming:** new classes `ClassName.php`, legacy classes `class.ClassName.php` ## Key Database Tables - `tasks`, `tasks_work`, `tasks_attachments`, `task_user`, `task_action` — task management - `crm_client` — client records - `finance_operations`, `finance_categories` — finances - `users`, `users_permissions` — auth and RBAC - `tasks_filtrs` — saved user filters ## Authentication - Email + password with PHP sessions, IP validation, cookie-based remember-me - Permission checks via `\controls\Users::permissions($user_id, $module)` - Admin (user ID 1) can impersonate other users