drmaterac.pl/.paul/codebase/integrations.md

External Integrations

Analysis Date: 2026-05-10

APIs & External Services

Payment Gateways

• PayNow (BLIK / bank transfer / card) — modules/paynow/paynow.php (v1.6.35)

  • SDK: pay-now-php-sdk (Guzzle HTTP, PSR-7)
  • Auth: API key / signature (configured in module back-office)
  • Functions: payment authorization, refund, GDPR
  • Webhook: payment status notification with retry/stop logic

• Santander eRaty (installment credit) — modules/santandercredit/santandercredit.php (v5.5)

  • PL-specific Santander Consumer Bank
  • Calculator widget + simulator iframe
  • Hooks: order state confirmation

• Check Payment — modules/ps_checkpayment/

• Wire Transfer — modules/ps_wirepayment/

Marketplace

• Empik Marketplace — modules/empikmarketplace/empikmarketplace.php (v1.6.5)
  • Guzzle HTTP client
  • Symfony DI container
  • Sync orders, products, inventory with Empik.com
  • Cron controllers — modules/empikmarketplace/controllers/cron/

Shipping & Logistics

• DPD Polska — modules/dpdpoland/dpdpoland.php
  • Custom API integration — modules/dpdpoland/config.api.php
  • Manifest, package, pickup webservices
  • PDF label generation

Reviews & Ratings

• Ceneo.pl Trusted Reviews — modules/ceneo_trustedreviews/ceneo_trustedreviews.php (v1.0.1)
• eKomi Ratings & Reviews — modules/ekomiratingsandreviews/ekomiratingsandreviews.php
  • API: https://plugins-dashboard.ekomiapps.de/api/v1/order
  • Validation: https://api.ekomi.de/v3/getSettings
  • Cron-based export
• eKomi SFF (Shop Feedback Form) — modules/ekomiSff/
• PrestaShop Product Comments — modules/productcomments/

Analytics & Tracking

• Google Analytics 4 Pro — modules/pdgoogleanalytycs4pro/pdgoogleanalytycs4pro.php (v1.0.2)

  • SDK: br33f/php-ga4-mp (GA4 Measurement Protocol)
  • Enhanced conversions with phone (uses libphonenumber-for-php)
  • Refund tracking, Google Ads (AW) conversions, Merchant Center

• Google Merchant Center Pro — modules/pdgooglemerchantcenterpro/

• BAE Commerce Tracking — modules/baecommercetracking/baecommercetracking.php (v1.0.6)

  • GA + Google Ads conversion + Facebook Pixel events

• Facebook Conversion Pixel — modules/fbpixel/fbpixel.php (v2.0.2)

  • Purchase event injection at order confirmation

• 20+ PrestaShop stats modules — modules/dash*, modules/stats*

Customer Communication

• Smartsupp Live Chat — modules/smartsupp/smartsupp.php

Spam / Bot Protection

• Google reCAPTCHA — modules/eicaptcha/vendor/google/recaptcha/
  • Also referenced in buy-by-phone.php (key hardcoded — see concerns.md)

Content / SEO

• XML Feeds — modules/xmlfeeds/
• Google Sitemap — modules/gsitemap/
• Advanced SEO Pro — modules/arseopro/
• Link Rewriter — modules/x13linkrewrite/

Product / Content Management

• App Page Builder — modules/appagebuilder/ (CodeMirror editor)
• Cross-Sell Pro (custom) — modules/crosssellpro/
• Image Hover Effects — modules/ybc_productimagehover/
• WebP Optimization — modules/x13webp/ (uses .htaccess rewrite)

GDPR / Security

• GDPR Data Privacy — modules/ps_dataprivacy/
• Cookies Plus — modules/cookiesplus/
• Security Watcher — modules/securitywatcher/

External XML Feed (custom script)

• import-product.php fetches https://amz.com.pl/bazy-produktow-export/produkty-amz.xml for batch product updates

Data Storage

Database:

• MySQL with InnoDB
• Connection: app/config/parameters.php (DB host, name, user, password — currently committed; see concerns.md)
• DB prefix: materac_ (schema admin_drmaterac)
• ORM: PrestaShop ObjectModel (front-office), Doctrine (admin Symfony layer)

File Storage:

• Local filesystem (PrestaShop default)
• Image variants in img/ (PrestaShop core layout)
• WebP variants generated by modules/x13webp/

Caching:

• Memcached configured but disabled — app/config/parameters.php (ps_caching: CacheMemcached, ps_cache_enable: false)
• modules/pagecache/ — page-level cache module (uses override of Hook.php)

Authentication & Identity

Customer auth:

• PrestaShop core (cookies + DB)

Admin auth:

• Symfony Security via iadmin/ AppKernel
• Custom-named admin folder is not a security control (security through obscurity — see concerns.md)

Service auth (per-integration):

• API keys / OAuth tokens stored in PrestaShop Configuration (DB ps_configuration / materac_configuration table) per module

Email / SMTP

• SMTP at 127.0.0.1:25 — app/config/parameters.php
• PrestaShop mail templates: mails/{en,pl}/
• Custom transactional: buy-by-phone.php uses bundled phpmailer/ (with hardcoded SMTP credentials — see concerns.md)

Multi-Domain Routing

• Two domains served from one install — .htaccess
  • drmaterac.pl (primary)
  • lulandia.pl (secondary)
• Per-domain image rewrite + WebP fallback rules

Webhooks

Incoming:

• PayNow payment notifications — modules/paynow/ controllers
• Empik Marketplace cron callbacks — modules/empikmarketplace/controllers/cron/
• eKomi cron-based order export

Outgoing:

• GA4 Measurement Protocol — modules/pdgoogleanalytycs4pro/
• Facebook Pixel events — modules/fbpixel/
• Empik order/inventory sync — modules/empikmarketplace/

Environment Configuration

• All secrets currently in app/config/parameters.php (committed) — DB password, app secret, cookie keys
• No .env / .env.example mechanism in use
• Rotation required for any credential exposed in git history (see concerns.md)

CI/CD & Deployment

• No CI workflows detected (no .github/workflows/, no .gitlab-ci.yml)
• Deploy method appears manual / FTP — daily Polish changelog at changelog/YYYY-MM-DD.md
• iadmin/autoupgrade/ contains prestashop_1.7.5.1.zip — appears to be an upgrade payload left in webroot

---

Integration audit: 2026-05-10 Update when adding/removing external services