Project-Pro/shopPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ver. 0.289: ShopCategory + ShopClient frontend migration to Domain + Views + Controllers

Browse Source 
ShopCategory: 9 frontend methods in CategoryRepository, front\Views\ShopCategory (3 methods),
deleted factory + view, updated 6 callers, +17 tests.

ShopClient: 13 frontend methods in ClientRepository, front\Views\ShopClient (8 methods),
front\Controllers\ShopClientController (15 methods + buildEmailBody helper),
deleted factory + view + controls, updated 7 callers, +36 tests.

Security fix: removed hardcoded password bypass 'Legia1916'.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jacek Pyziak
2026-02-17 10:41:40 +01:00
parent 437d4c78dc
commit d29d396197
34 changed files with 2049 additions and 961 deletions
Download Patch File Download Diff File Expand all files Collapse all files

354
autoload/front/Controllers/ShopClientController.php Normal file
View File

@@ -0,0 +1,354 @@
<?php
namespace front\Controllers;
use Domain\Client\ClientRepository;
class ShopClientController
{
private $clientRepo;
public function __construct(ClientRepository $clientRepo)
{
$this->clientRepo = $clientRepo;
}
public function markAddressAsCurrent()
{
$client = \Shared\Helpers\Helpers::get_session('client');
if (!$client) {
return false;
}
$this->clientRepo->markAddressAsCurrent(
(int)$client['id'],
(int)\Shared\Helpers\Helpers::get('address_id')
);
exit;
}
public function addressDelete()
{
$client = \Shared\Helpers\Helpers::get_session('client');
if (!$client) {
header('Location: /logowanie');
exit;
}
$address = $this->clientRepo->addressDetails((int)\Shared\Helpers\Helpers::get('id'));
if (!$address || $address['client_id'] != $client['id']) {
header('Location: /panel-klienta/adresy');
exit;
}
if ($this->clientRepo->addressDelete((int)\Shared\Helpers\Helpers::get('id'))) {
\Shared\Helpers\Helpers::alert(\Shared\Helpers\Helpers::lang('adres-usuniety-komunikat'));
} else {
\Shared\Helpers\Helpers::error(\Shared\Helpers\Helpers::lang('adres-usuniety-blad'));
}
header('Location: /panel-klienta/adresy');
exit;
}
public function addressEdit()
{
global $page, $settings;
$page['language']['meta_title'] = \Shared\Helpers\Helpers::lang('meta-title-edycja-adresu') . ' | ' . $settings['firm_name'];
$client = \Shared\Helpers\Helpers::get_session('client');
if (!$client) {
header('Location: /logowanie');
exit;
}
$addressId = (int)\Shared\Helpers\Helpers::get('id');
$address = $this->clientRepo->addressDetails($addressId);
if ($address && $address['client_id'] != $client['id']) {
$address = null;
}
return \front\Views\ShopClient::addressEdit([
'address' => $address,
]);
}
public function addressSave()
{
$client = \Shared\Helpers\Helpers::get_session('client');
if (!$client) {
header('Location: /logowanie');
exit;
}
$addressId = (int)\Shared\Helpers\Helpers::get('address_id');
$data = [
'name' => \Shared\Helpers\Helpers::get('name', true),
'surname' => \Shared\Helpers\Helpers::get('surname', true),
'street' => \Shared\Helpers\Helpers::get('street'),
'postal_code' => \Shared\Helpers\Helpers::get('postal_code', true),
'city' => \Shared\Helpers\Helpers::get('city', true),
'phone' => \Shared\Helpers\Helpers::get('phone', true),
];
if ($this->clientRepo->addressSave((int)$client['id'], $addressId ?: null, $data)) {
$msg = $addressId
? \Shared\Helpers\Helpers::lang('zmiana-adresu-sukces')
: \Shared\Helpers\Helpers::lang('dodawanie-nowego-adresu-sukces');
\Shared\Helpers\Helpers::alert($msg);
} else {
$msg = $addressId
? \Shared\Helpers\Helpers::lang('zmiana-adresu-blad')
: \Shared\Helpers\Helpers::lang('dodawanie-nowego-adresu-blad');
\Shared\Helpers\Helpers::error($msg);
}
header('Location: /panel-klienta/adresy');
exit;
}
public function clientAddresses()
{
global $page, $settings;
$page['language']['meta_title'] = \Shared\Helpers\Helpers::lang('meta-title-lista-adresow') . ' | ' . $settings['firm_name'];
$client = \Shared\Helpers\Helpers::get_session('client');
if (!$client) {
header('Location: /logowanie');
exit;
}
return \front\Views\ShopClient::clientAddresses([
'client' => $client,
'addresses' => $this->clientRepo->clientAddresses((int)$client['id']),
]);
}
public function clientOrders()
{
global $page, $settings;
$page['language']['meta_title'] = \Shared\Helpers\Helpers::lang('meta-title-historia-zamowien') . ' | ' . $settings['firm_name'];
$client = \Shared\Helpers\Helpers::get_session('client');
if (!$client) {
header('Location: /logowanie');
exit;
}
return \front\Views\ShopClient::clientOrders([
'client' => $client,
'orders' => $this->clientRepo->clientOrders((int)$client['id']),
'statuses' => \shop\Order::order_statuses(),
]);
}
public function newPassword()
{
$result = $this->clientRepo->generateNewPassword(
(string)\Shared\Helpers\Helpers::get('hash')
);
if ($result) {
$text = $this->buildEmailBody('#nowe-haslo', [
'[HASLO]' => $result['password'],
]);
\Shared\Helpers\Helpers::send_email(
$result['email'],
\Shared\Helpers\Helpers::lang('nowe-haslo-w-sklepie'),
$text
);
\Shared\Helpers\Helpers::alert(\Shared\Helpers\Helpers::lang('nowe-haslo-zostalo-wyslane-na-twoj-adres-email'));
}
header('Location: /logowanie');
exit;
}
public function sendEmailPasswordRecovery()
{
$hash = $this->clientRepo->initiatePasswordRecovery(
(string)\Shared\Helpers\Helpers::get('email')
);
if ($hash) {
$text = $this->buildEmailBody('#odzyskiwanie-hasla-link', [
'[LINK]' => '/shopClient/new_password/hash=' . $hash,
]);
\Shared\Helpers\Helpers::send_email(
(string)\Shared\Helpers\Helpers::get('email'),
\Shared\Helpers\Helpers::lang('generowanie-nowego-hasla-w-sklepie'),
$text
);
\Shared\Helpers\Helpers::alert(\Shared\Helpers\Helpers::lang('odzyskiwanie-hasla-link-komunikat'));
} else {
\Shared\Helpers\Helpers::alert(\Shared\Helpers\Helpers::lang('odzyskiwanie-hasla-blad'));
}
header('Location: /logowanie');
exit;
}
public function recoverPassword()
{
global $page, $settings;
$page['language']['meta_title'] = \Shared\Helpers\Helpers::lang('meta-title-odzyskiwanie-hasla') . ' | ' . $settings['firm_name'];
return \front\Views\ShopClient::recoverPassword();
}
public function logout()
{
\Shared\Helpers\Helpers::delete_session('client');
header('Location: /');
exit;
}
public function login()
{
$result = $this->clientRepo->authenticate(
(string)\Shared\Helpers\Helpers::get('email'),
(string)\Shared\Helpers\Helpers::get('password')
);
if ($result['status'] === 'inactive') {
$link = '<a href="/ponowna-aktywacja/' . $result['hash'] . '/">'
. ucfirst(\Shared\Helpers\Helpers::lang('wyslij-link-ponownie')) . '</a>';
\Shared\Helpers\Helpers::alert(
str_replace('[LINK]', $link, \Shared\Helpers\Helpers::lang('logowanie-blad-nieaktywne-konto'))
);
header('Location: /logowanie');
exit;
}
if ($result['status'] !== 'ok') {
\Shared\Helpers\Helpers::alert(\Shared\Helpers\Helpers::lang($result['code']));
header('Location: /logowanie');
exit;
}
\Shared\Helpers\Helpers::set_session('client', $result['client']);
\Shared\Helpers\Helpers::alert(\Shared\Helpers\Helpers::lang('logowanie-udane'));
$redirect = \Shared\Helpers\Helpers::get('redirect');
header('Location: ' . ($redirect ? $redirect : '/panel-klienta'));
exit;
}
public function confirm()
{
$email = $this->clientRepo->confirmRegistration(
(string)\Shared\Helpers\Helpers::get('hash')
);
if ($email) {
$text = $this->buildEmailBody('#potwierdzenie-aktywacji-konta');
\Shared\Helpers\Helpers::send_email(
$email,
\Shared\Helpers\Helpers::lang('potwierdzenie-aktywacji-konta-w-sklepie') . ' ' . \Shared\Helpers\Helpers::lang('#nazwa-serwisu'),
$text
);
\Shared\Helpers\Helpers::alert(\Shared\Helpers\Helpers::lang('rejestracja-potwierdzenie'));
}
header('Location: /logowanie');
exit;
}
public function signup()
{
$email = (string)\Shared\Helpers\Helpers::get('email');
$password = (string)\Shared\Helpers\Helpers::get('password');
$created = $this->clientRepo->createClient(
$email,
$password,
(bool)\Shared\Helpers\Helpers::get('agremment_marketing')
);
if (!$created) {
echo json_encode([
'status' => 'bad',
'msg' => \Shared\Helpers\Helpers::lang('rejestracja-email-zajety'),
]);
exit;
}
$text = $this->buildEmailBody('#potwierdzenie-rejestracji', [
'[LINK]' => '/shopClient/confirm/hash=' . $created['hash'],
]);
\Shared\Helpers\Helpers::send_email(
$email,
\Shared\Helpers\Helpers::lang('potwierdzenie-rejestracji-konta-w-sklepie') . ' ' . \Shared\Helpers\Helpers::lang('#nazwa-serwisu'),
$text
);
echo json_encode([
'status' => 'ok',
'msg' => \Shared\Helpers\Helpers::lang('rejestracja-udana'),
]);
exit;
}
public function loginForm()
{
global $page, $settings;
$page['language']['meta_title'] = \Shared\Helpers\Helpers::lang('meta-title-logowanie') . ' | ' . $settings['firm_name'];
$page['class'] = 'page-login-form';
$client = \Shared\Helpers\Helpers::get_session('client');
if ($client) {
header('Location: /panel-klienta/zamowienia');
exit;
}
return \front\Views\ShopClient::loginForm();
}
public function registerForm()
{
global $page, $settings;
$page['language']['meta_title'] = \Shared\Helpers\Helpers::lang('meta-title-rejestracja') . ' | ' . $settings['firm_name'];
$client = \Shared\Helpers\Helpers::get_session('client');
if ($client) {
header('Location: /panel-klienta/zamowienia');
exit;
}
return \front\Views\ShopClient::registerForm();
}
/**
* Builds email body from newsletter template with URL absolutization.
*
* @param array<string, string> $replacements Placeholders to replace in the template
*/
private function buildEmailBody(string $templateName, array $replacements = []): string
{
$settings = $GLOBALS['settings'];
$text = $settings['newsletter_header'];
$text .= (new \Domain\Newsletter\NewsletterRepository($GLOBALS['mdb']))->templateByName($templateName);
$text .= $settings['newsletter_footer'];
$base = !empty($settings['ssl']) ? 'https' : 'http';
$serverName = $_SERVER['SERVER_NAME'] ?? '';
$regex = "-(<img[^>]+src\s*=\s*['\"])(((?!'|\"|https?://).)*)(['\"][^>]*>)-i";
$text = preg_replace($regex, '$1' . $base . '://' . $serverName . '$2$4', $text);
$regex = "-(<a[^>]+href\s*=\s*['\"])(((?!'|\"|https?://).)*)(['\"][^>]*>)-i";
$text = preg_replace($regex, '$1' . $base . '://' . $serverName . '$2$4', $text);
foreach ($replacements as $placeholder => $value) {
$text = str_replace($placeholder, $value, $text);
}
return $text;
}
}