Project-Pro/shopPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security: faza 1 - usuniecie debug logu tpay, naprawa SQL i usun rb.php

Browse Source 
- ShopOrderController: usunieto file_put_contents do tpay.txt (ujawnial dane platnicze)
- ShopOrderController: hardcoded sekret HotPay przeniesiony do stałej HOTPAY_HASH_SEED
- IntegrationsRepository: zastapiono raw SQL query('SELECT * FROM $table') metodą Medoo select()
- index.php + admin/index.php: usunieto RedBeanPHP (rb.php) - biblioteka byla ladowana ale nieuzywana
- libraries/rb.php: usunieto plik (536 KB, zero uzyc w kodzie aplikacji)
- Testy IntegrationsRepository zaktualizowane do nowego API (select zamiast query)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Jacek
2026-03-12 09:18:37 +01:00
parent 55824e7890
commit 7c7d587886
6 changed files with 23 additions and 17546 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
index.php
View File

@@ -22,17 +22,9 @@ date_default_timezone_set( 'Europe/Warsaw' );
require_once 'config.php';
require_once 'libraries/medoo/medoo.php';
require_once 'libraries/rb.php';
require_once 'libraries/phpmailer/class.phpmailer.php';
require_once 'libraries/phpmailer/class.smtp.php';
\R::setup( 'mysql:host=' . $database[ 'host' ] . ';dbname=' . $database[ 'name' ], $database[ 'user' ], $database[ 'password' ] );
\R::ext( 'xdispense', function ( $type )
{
return R::getRedBean() -> dispense( $type );
} );
$pdo = \R::getPDO();
session_start();
if ( !isset( $_SESSION[ 'check' ] ) )