Project-Pro/shopPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
308 Commits 1 Branch 52 Tags
0de47f4e62e3f4e7b9ea68bdba328ee653904408
Commit Graph

17 Commits

Author SHA1 Message Date
Jacek
eee22ef1c4 fix: poprawny koszt transportu na /koszyk-podsumowanie 
Na podstronie /koszyk-podsumowanie transport z flaga delivery_free=1
byl pokazywany zawsze za 0,00 zl, niezaleznie od wartosci koszyka.
Teraz kontroler wylicza transport_cost_effective i free_delivery_applies
uwzgledniajac prog settings.free_delivery, a szablon uzywa tych kluczy.

- Nowa chroniona metoda ShopBasketController::calculateTransportCostForSummary
- Dodane 6 testow jednostkowych (ShopBasketControllerSummaryViewTest)
- Suita: 834 testy / 2318 assertions OK

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-04-20 20:50:15 +02:00
Jacek
e7b058c275 fix: Checkout flow — summaryView redirect fix + TTL token + order logging 
- Usunięty błędny guard w summaryView() blokujący kolejne zamówienia
- Token zamówienia z jednorazowego na TTL 30 min (multi-tab safe)
- Logowanie błędów zamówień do logs/logs-order-YYYY-MM-DD.log
- Redirect przy złym tokenie na /koszyk-podsumowanie zamiast /koszyk
- Double-submit guard przeniesiony przed sprawdzenie tokena

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-25 21:32:46 +01:00
Jacek
ae016e362b feat: edycja personalizacji produktu w koszyku 
Nowa metoda basketUpdateCustomFields() w ShopBasketController — AJAX endpoint
z walidacją required fields, przeliczaniem product_code (MD5 hash) i merge
duplikatów. UI: przycisk "Edytuj personalizację" + formularz inline + JS.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-19 19:45:02 +01:00
Jacek
d6842503cb fix: duplikaty zamowien + status COD (is_cod flag) 
- summaryView(): guard — redirect do istniejacego zamowienia gdy ORDER_SUBMIT_LAST_ORDER_ID w sesji
- basketSave(): try-catch wokol createFromBasket(), wyjatki logowane, koszyk zachowany
- OrderRepository: usunieto hardkodowane payment_id == 3, uzywana flaga is_cod
- PaymentMethodRepository: nowe pole is_cod w normalizacji, save() i forTransport() SQL
- ShopPaymentMethodController: switch "Platnosc przy odbiorze" w formularzu edycji
- migrations/0.338.sql: ALTER TABLE pp_shop_payment_methods ADD COLUMN is_cod

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-12 11:00:23 +01:00
Jacek
7c7d587886 security: faza 1 - usuniecie debug logu tpay, naprawa SQL i usun rb.php 
- ShopOrderController: usunieto file_put_contents do tpay.txt (ujawnial dane platnicze)
- ShopOrderController: hardcoded sekret HotPay przeniesiony do stałej HOTPAY_HASH_SEED
- IntegrationsRepository: zastapiono raw SQL query('SELECT * FROM $table') metodą Medoo select()
- index.php + admin/index.php: usunieto RedBeanPHP (rb.php) - biblioteka byla ladowana ale nieuzywana
- libraries/rb.php: usunieto plik (536 KB, zero uzyc w kodzie aplikacji)
- Testy IntegrationsRepository zaktualizowane do nowego API (select zamiast query)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-12 09:18:37 +01:00
Jacek
fe39f49175 feat: ochrona przed podwójnym składaniem zamówienia (order submit token) 
Token CSRF w sesji zapobiega duplikowaniu zamówień przy wielokrotnym
kliknięciu przycisku. Przy duplikacie przekierowanie do istniejącego
zamówienia. JS naprawiony — nasłuch na submit formularza zamiast click.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-10 21:50:21 +01:00
Jacek Pyziak
fdb1423285 ver. 0.305: Fix permutation attribute sorting + free delivery progress bar 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 16:33:30 +01:00
Jacek Pyziak
662c9f63de ver. 0.294: Code review complete — 96/96 classes, 27 fixes across all layers 
Full codebase review of autoload/ directory (96 classes, ~1144 methods).
Fixes: null safety (query/find guards), redundant DI bypass, undefined
variables, missing globals, and Imagick WebP mime type bug in Helpers.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 15:26:07 +01:00
Jacek Pyziak
dd39587f95 ver. 0.293: Code review fixes — 6 repositories, 16 fixes 
- ArticleRepository: SQL injection fix (addslashes→parameterized), DRY refactor topArticles/newsListArticles
- AttributeRepository: dead class_exists('\S') blocking cache/temp clear
- CategoryRepository: dead class_exists('\S') blocking SEO link generation (critical)
- BannerRepository: parameterize $today in SQL + null guard on query()
- BasketCalculator: null guard checkProductQuantityInStock + optional DI params
- PromotionRepository: null guard on $basket (production fatal)
- OrderRepository/ShopBasketController/ajax.php: explicit DI in BasketCalculator callers

614 tests, 1821 assertions (+4 new)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 01:07:39 +01:00
Jacek Pyziak
e1cb421aaf ver. 0.294: Remove all 12 legacy autoload/shop/ classes (~2363 lines) 
Complete Domain-Driven Architecture migration:
- Phase 1-4: Transport, ProductSet, Coupon, Shop, Search, Basket,
  ProductCustomField, Category, ProductAttribute, Promotion
- Phase 5: Order (~562 lines) + Product (~952 lines)
- ~20 Product methods migrated to ProductRepository
- Apilo sync migrated to OrderAdminService
- Production hotfixes: stale Redis cache (prices 0.00), unqualified
  Product:: refs in LayoutEngine, object->array template conversion
- AttributeRepository::getAttributeValueById() Redis cache added

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-18 02:05:39 +01:00
Jacek Pyziak
d14018a5f3 ver. 0.292: ShopProduct + ShopPaymentMethod + ShopPromotion + ShopStatuses + ShopTransport frontend migration to Domain 
Full migration of front\factory\ — entire directory removed (all 20 classes migrated).
ProductRepository +20 frontend methods, PromotionRepository +5 applyType methods,
TransportRepository +4 cached methods, PaymentMethodRepository +cached frontend methods.
Fix: broken transports_list() in ajax.php replaced with forPaymentMethod().

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 21:55:16 +01:00
Jacek Pyziak
6181ef958d ver. 0.291: ShopProducer frontend migration to Domain + Controllers 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 20:32:07 +01:00
Jacek Pyziak
1ba0c12327 ver. 0.290: ShopCoupon + ShopOrder frontend migration to Domain + Controllers 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 19:54:21 +01:00
Jacek Pyziak
e671142cee ver. 0.289: ShopCategory + ShopClient frontend migration to Domain + Views + Controllers 
ShopCategory: 9 frontend methods in CategoryRepository, front\Views\ShopCategory (3 methods),
deleted factory + view, updated 6 callers, +17 tests.

ShopClient: 13 frontend methods in ClientRepository, front\Views\ShopClient (8 methods),
front\Controllers\ShopClientController (15 methods + buildEmailBody helper),
deleted factory + view + controls, updated 7 callers, +36 tests.

Security fix: removed hardcoded password bypass 'Legia1916'.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 10:41:40 +01:00
Jacek Pyziak
25348797da ver. 0.288: BasketCalculator + ShopBasketController migration, cms\Layout removal 
- Migrate front\factory\ShopBasket → Domain\Basket\BasketCalculator (4 static methods, 18 callers updated)
- Migrate front\controls\ShopBasket → front\Controllers\ShopBasketController (camelCase, instance methods)
- Add snake_case→camelCase action dispatch for new controllers in Site::route()
- Update title()/page_title() to check front\Controllers\ before fallback
- Remove cms\Layout class (replaced by $layoutsRepo->find())
- Add 8 tests for BasketCalculator (484 tests, 1528 assertions)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 09:38:45 +01:00
Jacek Pyziak
319491975d ver. 0.283: Legacy class cleanup — S, Html, Email, Image, Log, Mobile_Detect → Shared namespace 
- Migrate class.S → Shared\Helpers\Helpers (140+ files), remove 12 unused methods
- Migrate class.Html → Shared\Html\Html
- Migrate class.Email → Shared\Email\Email
- Migrate class.Image → Shared\Image\ImageManipulator
- Delete class.Log (unused), class.Mobile_Detect (outdated UA detection)
- Remove grid library loading from admin (index.php, ajax.php)
- Replace gridEdit usage in 10 admin templates with grid-edit-replacement.php
- Fix grid-edit-replacement.php AJAX to send values as JSON (grid.js compat)
- Remove mobile layout conditionals (m_html/m_css/m_js) from Site + LayoutsRepository
- Remove \Log::save_log() calls from OrderAdminService, ShopOrder, Order

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 23:06:06 +01:00
Jacek Pyziak
3b32ea0b9b ver. 0.279: Newsletter frontend migration, Languages facade elimination, bug fix newsletter_unsubscribe 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 15:11:38 +01:00