Project-Pro/shopPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ver. 0.293: Code review fixes — 6 repositories, 16 fixes

Browse Source 
- ArticleRepository: SQL injection fix (addslashes→parameterized), DRY refactor topArticles/newsListArticles
- AttributeRepository: dead class_exists('\S') blocking cache/temp clear
- CategoryRepository: dead class_exists('\S') blocking SEO link generation (critical)
- BannerRepository: parameterize $today in SQL + null guard on query()
- BasketCalculator: null guard checkProductQuantityInStock + optional DI params
- PromotionRepository: null guard on $basket (production fatal)
- OrderRepository/ShopBasketController/ajax.php: explicit DI in BasketCalculator callers

614 tests, 1821 assertions (+4 new)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jacek Pyziak
2026-02-19 01:07:39 +01:00
parent 29821bccf2
commit 054b1b4a34
19 changed files with 297 additions and 218 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
autoload/Domain/Basket/BasketCalculator.php
View File

@@ -26,22 +26,32 @@ class BasketCalculator
return $count . ' produktów';
}
public static function summaryPrice($basket, $coupon = null)
/**
* @param string|null $langId Language ID (falls back to global $lang_id if null)
* @param \Domain\Product\ProductRepository|null $productRepo (falls back to $GLOBALS['mdb'] if null)
*/
public static function summaryPrice($basket, $coupon = null, $langId = null, $productRepo = null)
{
global $lang_id;
if ($langId === null) {
global $lang_id;
$langId = $lang_id;
}
if ($productRepo === null) {
$productRepo = new \Domain\Product\ProductRepository($GLOBALS['mdb']);
}
$summary = 0;
$productRepo = new \Domain\Product\ProductRepository($GLOBALS['mdb']);
if (is_array($basket)) {
foreach ($basket as $position) {
$product = $productRepo->findCached((int)$position['product-id'], $lang_id);
$product = $productRepo->findCached((int)$position['product-id'], $langId);
$product_price_tmp = self::calculateBasketProductPrice(
(float)($product['price_brutto_promo'] ?? 0),
(float)($product['price_brutto'] ?? 0),
$coupon,
$position
$position,
$productRepo
);
$summary += $product_price_tmp['price_new'] * $position['quantity'];
}
@@ -71,6 +81,9 @@ class BasketCalculator
public static function checkProductQuantityInStock($basket, bool $message = false)
{
if ( !is_array( $basket ) || empty( $basket ) )
return false;
$result = false;
$productRepo = new \Domain\Product\ProductRepository($GLOBALS['mdb']);
@@ -115,9 +128,14 @@ class BasketCalculator
* Calculate product price in basket (with coupon + promotion discounts).
* Migrated from \shop\Product::calculate_basket_product_price()
*/
public static function calculateBasketProductPrice( float $price_brutto_promo, float $price_brutto, $coupon, $basket_position )
/**
* @param \Domain\Product\ProductRepository|null $productRepo (falls back to $GLOBALS['mdb'] if null)
*/
public static function calculateBasketProductPrice( float $price_brutto_promo, float $price_brutto, $coupon, $basket_position, $productRepo = null )
{
$productRepo = new \Domain\Product\ProductRepository($GLOBALS['mdb']);
if ($productRepo === null) {
$productRepo = new \Domain\Product\ProductRepository($GLOBALS['mdb']);
}
// Produkty przecenione
if ( $price_brutto_promo )