Project-Pro/shopPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor code structure for improved readability and maintainability

Browse Source
This commit is contained in:
Jacek Pyziak
2025-09-28 18:27:48 +02:00
parent 17d69ac9df
commit d903f9fc55
13 changed files with 228 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
admin/templates/articles/article-edit.php
View File

@@ -4,6 +4,17 @@
<?
global $db;
$upload_token = bin2hex( random_bytes(24) );
$_SESSION['upload_tokens'][$upload_token] = [
'user_id' => $this -> user['id'],
'expires' => time() + 60*20
];
$_SESSION['rfm_akey'] = bin2hex(random_bytes(16));
$_SESSION['rfm_akey_expires'] = time() + 20*60;
$_SESSION['can_use_rfm'] = true;
$rfmAkeyJS = $_SESSION['rfm_akey'];
ob_start();
?>
<div id="settings-tabs">
@@ -95,7 +106,11 @@ ob_start();
$( function() {
$( '#text_<?= $lg['id'];?>, #entry_<?= $lg['id'];?>, #table_of_contents_<?= $lg['id'];?>' ).ckeditor( {
toolbar : 'MyToolbar',
height:'250'
height:'250',
filebrowserBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
filebrowserImageBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
filebrowserUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>',
filebrowserImageUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>'
});
});
</script>
@@ -401,6 +416,9 @@ echo $grid -> draw();
$( "#images-uploader" ).pluploadQueue(
{
multipart_params: {
upload_token: '<?= $upload_token ?>',
},
runtimes: 'html5,flash,html4',
init:
{
@@ -453,6 +471,9 @@ echo $grid -> draw();
$( "#files-uploader" ).pluploadQueue(
{
multipart_params: {
upload_token: '<?= $upload_token ?>',
},
runtimes: 'html5,flash,html4',
init:
{

29
admin/templates/shop-product/product-edit.php
View File

@@ -4,6 +4,17 @@
<?
global $db;
$upload_token = bin2hex( random_bytes(24) );
$_SESSION['upload_tokens'][$upload_token] = [
'user_id' => $this -> user['id'],
'expires' => time() + 60*20
];
$_SESSION['rfm_akey'] = bin2hex(random_bytes(16));
$_SESSION['rfm_akey_expires'] = time() + 20*60;
$_SESSION['can_use_rfm'] = true;
$rfmAkeyJS = $_SESSION['rfm_akey'];
ob_start();
?>
@@ -119,7 +130,11 @@ ob_start();
$(function() {
$('#short_description_<?= $lg['id']; ?>, #description_<?= $lg['id']; ?>').ckeditor({
toolbar: 'MyToolbar',
height: '250'
height: '250',
filebrowserBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
filebrowserImageBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
filebrowserUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>',
filebrowserImageUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>'
});
});
</script>
@@ -208,7 +223,11 @@ ob_start();
$(function() {
$('#tab_description_1_<?= $lg['id']; ?>, #tab_description_2_<?= $lg['id']; ?>').ckeditor({
toolbar: 'MyToolbar',
height: '250'
height: '250',
filebrowserBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
filebrowserImageBrowseUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&akey=<?= $rfmAkeyJS;?>',
filebrowserUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=2&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>',
filebrowserImageUploadUrl: '/libraries/filemanager-9.14.2/dialog.php?type=1&editor=ckeditor&upload=1&akey=<?= $rfmAkeyJS;?>'
});
});
</script>
@@ -826,6 +845,9 @@ echo $grid->draw();
});
$("#images-uploader").pluploadQueue({
multipart_params: {
upload_token: '<?= $upload_token ?>',
},
runtimes: 'html5,flash,html4',
init: {
Refresh: function(up) {
@@ -874,6 +896,9 @@ echo $grid->draw();
});
$("#files-uploader").pluploadQueue({
multipart_params: {
upload_token: '<?= $upload_token ?>',
},
runtimes: 'html5,flash,html4',
init: {
Refresh: function(up) {

25
autoload/admin/controls/class.Articles.php
View File

@@ -39,19 +39,24 @@ class Articles
exit;
}
public static function article_edit()
{
public static function article_edit() {
global $user;
if ( !$user ) {
header( 'Location: /admin/' );
exit;
}
\admin\factory\Articles::delete_nonassigned_images();
\admin\factory\Articles::delete_nonassigned_files();
return \admin\view\Articles::article_edit(
\admin\factory\Articles::article_details(
\S::get( 'id' )
),
\admin\factory\Pages::menus_list(),
\admin\factory\Languages::languages_list(),
\admin\factory\Layouts::layouts_list()
);
return \Tpl::view( 'articles/article-edit', [
'article' => \admin\factory\Articles::article_details( (int)\S::get( 'id' ) ),
'menus' => \admin\factory\Pages::menus_list(),
'languages' => \admin\factory\Languages::languages_list(),
'layouts' => \admin\factory\Layouts::layouts_list(),
'user' => $user
] );
}
public static function view_list()

31
autoload/admin/controls/class.ShopProduct.php
View File

@@ -229,22 +229,29 @@ class ShopProduct
}
// edycja produktu
public static function product_edit()
{
public static function product_edit() {
global $user;
if ( !$user ) {
header( 'Location: /admin/' );
exit;
}
\admin\factory\ShopProduct::delete_nonassigned_images();
\admin\factory\ShopProduct::delete_nonassigned_files();
return \Tpl::view( 'shop-product/product-edit', [
'product' => \admin\factory\ShopProduct::product_details( (int) \S::get( 'id' ) ),
'languages' => \admin\factory\Languages::languages_list(),
'categories' => \admin\factory\ShopCategory::subcategories( null ),
'layouts' => \admin\factory\Layouts::layouts_list(),
'products' => \admin\factory\ShopProduct::products_list(),
'dlang' => \front\factory\Languages::default_language(),
'sets' => \shop\ProductSet::sets_list(),
'producers' => \admin\factory\ShopProducer::all(),
'units' => \admin\factory\Dictionaries::all_units()
] );
'product' => \admin\factory\ShopProduct::product_details( (int) \S::get( 'id' ) ),
'languages' => \admin\factory\Languages::languages_list(),
'categories' => \admin\factory\ShopCategory::subcategories( null ),
'layouts' => \admin\factory\Layouts::layouts_list(),
'products' => \admin\factory\ShopProduct::products_list(),
'dlang' => \front\factory\Languages::default_language(),
'sets' => \shop\ProductSet::sets_list(),
'producers' => \admin\factory\ShopProducer::all(),
'units' => \admin\factory\Dictionaries::all_units(),
'user' => $user
] );
}
// ajax_load_products ARCHIVE

14
autoload/admin/view/class.Articles.php
View File

@@ -8,7 +8,7 @@ class Articles
$tpl = new \Tpl;
return $tpl -> render( 'articles/articles-browse-list' );
}
public static function subpages_list( $pages, $article_pages, $parent_id = 0, $step = 1 )
{
$tpl = new \Tpl();
@@ -18,21 +18,11 @@ class Articles
$tpl -> article_pages = $article_pages;
return $tpl -> render( 'articles/subpages-list' );
}
public static function articles_list()
{
$tpl = new \Tpl;
return $tpl -> render( 'articles/articles-list' );
}
public static function article_edit( $article, $menus, $languages, $layouts )
{
$tpl = new \Tpl;
$tpl -> article = $article;
$tpl -> menus = $menus;
$tpl -> languages = $languages;
$tpl -> layouts = $layouts;
return $tpl -> render( 'articles/article-edit' );
}
}
?>

18
libraries/filemanager-9.14.2/dialog.php
View File

@@ -1,4 +1,20 @@
<?php
session_start();
$user = $_SESSION['user'];
if ( !$user ) {
header('HTTP/1.1 403 Forbidden');
exit('Access denied');
}
$akey = $_GET['akey'] ?? $_POST['akey'] ?? '';
if (
empty($_SESSION['rfm_akey']) ||
$akey !== $_SESSION['rfm_akey'] ||
(($_SESSION['rfm_akey_expires'] ?? 0) < time())
) {
header('HTTP/1.1 403 Forbidden');
exit('Invalid key');
}
$time = time();
@@ -20,7 +36,7 @@ $_SESSION['RF']["verify"] = "RESPONSIVEfilemanager";
if (!empty($_FILES)) {
$directorio = $config['current_path'];
if (!file_exists($directorio)) {
if (!file_exists($directorio)) {
mkdir($directorio);
}

57
libraries/plupload/upload-articles-files.php
View File

@@ -4,6 +4,21 @@ require_once '../medoo/medoo.php';
date_default_timezone_set( 'Europe/Warsaw' );
session_start();
$upload_token = $_REQUEST['upload_token'] ?? '';
if ( !isset( $_SESSION['upload_tokens'][$upload_token] ) ) {
http_response_code(403);
echo json_encode( ['error' => 'Brak tokenu uploadu'] );
exit;
}
$tokenData = $_SESSION['upload_tokens'][$upload_token];
if ( $tokenData['expires'] < time() ) {
unset( $_SESSION['upload_tokens'][$upload_token] );
http_response_code(403);
echo json_encode( ['error' => 'Token wygasł'] );
exit;
}
$mdb = new medoo( [
'database_type' => 'mysql',
'database_name' => $database['name'],
@@ -34,14 +49,14 @@ $fileName = isset( $_REQUEST["name"] ) ? $_REQUEST["name"] : '';
$fileName = preg_replace( '/[^\w\._]+/', '-', $fileName );
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
{
$ext = strrpos( $fileName, '.' );
$fileName_a = substr( $fileName, 0, $ext );
$fileName_b = substr( $fileName, $ext );
$count = 1;
while ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b ) )
$count++;
@@ -50,9 +65,9 @@ if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
{
while ( ( $file = readdir( $dir ) ) !== false )
while ( ( $file = readdir( $dir ) ) !== false )
{
$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
@@ -62,7 +77,7 @@ if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir )
}
closedir($dir);
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}' );
@@ -72,40 +87,40 @@ if ( isset( $_SERVER["HTTP_CONTENT_TYPE"] ) )
if ( isset( $_SERVER["CONTENT_TYPE"] ) )
$contentType = $_SERVER["CONTENT_TYPE"];
if ( strpos( $contentType, "multipart" ) !== false )
if ( strpos( $contentType, "multipart" ) !== false )
{
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
{
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
if ( $out )
if ( $out )
{
$in = fopen( $_FILES['file']['tmp_name'], "rb" );
if ( $in )
if ( $in )
{
while ( $buff = fread( $in, 4096 ) )
fwrite($out, $buff);
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}' );
fclose( $in );
fclose( $out );
@unlink( $_FILES['file']['tmp_name'] );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}' );
}
else
}
else
{
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
if ( $out )
{
$in = fopen( "php://input", "rb" );
if ( $in )
if ( $in )
{
while ( $buff = fread( $in, 4096 ) )
fwrite( $out, $buff );
@@ -115,22 +130,22 @@ else
fclose( $in );
fclose( $out );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
}
if ( !$chunks || $chunk == $chunks - 1 )
if ( !$chunks || $chunk == $chunks - 1 )
{
rename( "{$filePath}.part", $filePath );
$mdb -> insert( 'pp_articles_files', [
$mdb -> insert( 'pp_articles_files', [
'article_id' => null,
'src' => substr( $filePath, 5, strlen( $filePath ) )
] );
$file_id = $mdb -> id();
$file_name = explode( '/', $filePath );
$file_name = $file_name[ count( $file_name ) - 1 ];
}

55
libraries/plupload/upload-articles-images.php
View File

@@ -4,6 +4,21 @@ require_once '../medoo/medoo.php';
date_default_timezone_set( 'Europe/Warsaw' );
session_start();
$upload_token = $_REQUEST['upload_token'] ?? '';
if ( !isset( $_SESSION['upload_tokens'][$upload_token] ) ) {
http_response_code(403);
echo json_encode( ['error' => 'Brak tokenu uploadu'] );
exit;
}
$tokenData = $_SESSION['upload_tokens'][$upload_token];
if ( $tokenData['expires'] < time() ) {
unset( $_SESSION['upload_tokens'][$upload_token] );
http_response_code(403);
echo json_encode( ['error' => 'Token wygasł'] );
exit;
}
$mdb = new medoo( [
'database_type' => 'mysql',
'database_name' => $database['name'],
@@ -34,14 +49,14 @@ $fileName = isset( $_REQUEST["name"] ) ? $_REQUEST["name"] : '';
$fileName = preg_replace( '/[^\w\._]+/', '-', $fileName );
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
{
$ext = strrpos( $fileName, '.' );
$fileName_a = substr( $fileName, 0, $ext );
$fileName_b = substr( $fileName, $ext );
$count = 1;
while ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b ) )
$count++;
@@ -50,9 +65,9 @@ if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
{
while ( ( $file = readdir( $dir ) ) !== false )
while ( ( $file = readdir( $dir ) ) !== false )
{
$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
@@ -62,7 +77,7 @@ if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir )
}
closedir($dir);
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}' );
@@ -72,40 +87,40 @@ if ( isset( $_SERVER["HTTP_CONTENT_TYPE"] ) )
if ( isset( $_SERVER["CONTENT_TYPE"] ) )
$contentType = $_SERVER["CONTENT_TYPE"];
if ( strpos( $contentType, "multipart" ) !== false )
if ( strpos( $contentType, "multipart" ) !== false )
{
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
{
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
if ( $out )
if ( $out )
{
$in = fopen( $_FILES['file']['tmp_name'], "rb" );
if ( $in )
if ( $in )
{
while ( $buff = fread( $in, 4096 ) )
fwrite($out, $buff);
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}' );
fclose( $in );
fclose( $out );
@unlink( $_FILES['file']['tmp_name'] );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}' );
}
else
}
else
{
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
if ( $out )
{
$in = fopen( "php://input", "rb" );
if ( $in )
if ( $in )
{
while ( $buff = fread( $in, 4096 ) )
fwrite( $out, $buff );
@@ -115,18 +130,18 @@ else
fclose( $in );
fclose( $out );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
}
if ( !$chunks || $chunk == $chunks - 1 )
if ( !$chunks || $chunk == $chunks - 1 )
{
rename( "{$filePath}.part", $filePath );
$o = $mdb -> max( 'pp_articles_images', 'o' );
$mdb -> insert( 'pp_articles_images', [
$mdb -> insert( 'pp_articles_images', [
'article_id' => $_POST['article_id'] ? $_POST['article_id'] : null,
'src' => substr( $filePath, 5, strlen( $filePath ) ),
'o' => ++$o

57
libraries/plupload/upload-product-files.php
View File

@@ -4,6 +4,21 @@ require_once '../medoo/medoo.php';
date_default_timezone_set( 'Europe/Warsaw' );
session_start();
$upload_token = $_REQUEST['upload_token'] ?? '';
if ( !isset( $_SESSION['upload_tokens'][$upload_token] ) ) {
http_response_code(403);
echo json_encode( ['error' => 'Brak tokenu uploadu'] );
exit;
}
$tokenData = $_SESSION['upload_tokens'][$upload_token];
if ( $tokenData['expires'] < time() ) {
unset( $_SESSION['upload_tokens'][$upload_token] );
http_response_code(403);
echo json_encode( ['error' => 'Token wygasł'] );
exit;
}
$mdb = new medoo( [
'database_type' => 'mysql',
'database_name' => $database['name'],
@@ -34,14 +49,14 @@ $fileName = isset( $_REQUEST["name"] ) ? $_REQUEST["name"] : '';
$fileName = preg_replace( '/[^\w\._]+/', '-', $fileName );
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
{
$ext = strrpos( $fileName, '.' );
$fileName_a = substr( $fileName, 0, $ext );
$fileName_b = substr( $fileName, $ext );
$count = 1;
while ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b ) )
$count++;
@@ -50,9 +65,9 @@ if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
{
while ( ( $file = readdir( $dir ) ) !== false )
while ( ( $file = readdir( $dir ) ) !== false )
{
$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
@@ -62,7 +77,7 @@ if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir )
}
closedir($dir);
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}' );
@@ -72,40 +87,40 @@ if ( isset( $_SERVER["HTTP_CONTENT_TYPE"] ) )
if ( isset( $_SERVER["CONTENT_TYPE"] ) )
$contentType = $_SERVER["CONTENT_TYPE"];
if ( strpos( $contentType, "multipart" ) !== false )
if ( strpos( $contentType, "multipart" ) !== false )
{
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
{
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
if ( $out )
if ( $out )
{
$in = fopen( $_FILES['file']['tmp_name'], "rb" );
if ( $in )
if ( $in )
{
while ( $buff = fread( $in, 4096 ) )
fwrite($out, $buff);
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}' );
fclose( $in );
fclose( $out );
@unlink( $_FILES['file']['tmp_name'] );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}' );
}
else
}
else
{
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
if ( $out )
{
$in = fopen( "php://input", "rb" );
if ( $in )
if ( $in )
{
while ( $buff = fread( $in, 4096 ) )
fwrite( $out, $buff );
@@ -115,22 +130,22 @@ else
fclose( $in );
fclose( $out );
}
}
else
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
}
if ( !$chunks || $chunk == $chunks - 1 )
if ( !$chunks || $chunk == $chunks - 1 )
{
rename( "{$filePath}.part", $filePath );
$mdb -> insert( 'pp_shop_products_files', [
$mdb -> insert( 'pp_shop_products_files', [
'product_id' => null,
'src' => substr( $filePath, 5, strlen( $filePath ) )
] );
$file_id = $mdb -> id();
$file_name = explode( '/', $filePath );
$file_name = $file_name[ count( $file_name ) - 1 ];
}

15
libraries/plupload/upload-product-images.php
View File

@@ -4,6 +4,21 @@ require_once '../medoo/medoo.php';
date_default_timezone_set( 'Europe/Warsaw' );
session_start();
$upload_token = $_REQUEST['upload_token'] ?? '';
if ( !isset( $_SESSION['upload_tokens'][$upload_token] ) ) {
http_response_code(403);
echo json_encode( ['error' => 'Brak tokenu uploadu'] );
exit;
}
$tokenData = $_SESSION['upload_tokens'][$upload_token];
if ( $tokenData['expires'] < time() ) {
unset( $_SESSION['upload_tokens'][$upload_token] );
http_response_code(403);
echo json_encode( ['error' => 'Token wygasł'] );
exit;
}
$mdb = new medoo( [
'database_type' => 'mysql',
'database_name' => $database['name'],

BIN
updates/0.20/ver_0.230.zip Normal file
View File

Binary file not shown.

3
updates/changelog.php
View File

@@ -1,3 +1,6 @@
<b>ver. 0.230</b><br />
- FIX - poprawki bezpieczeństwa
<hr>
<b>ver. 0.229</b><br />
- NEW - pola dodatkowe z opcją wymagane/niewymagane
<hr>

2
updates/versions.php
View File

@@ -1,5 +1,5 @@
<?
$current_ver = 229;
$current_ver = 230;
for ($i = 1; $i <= $current_ver; $i++)
{