Project-Pro/shopPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
306 Commits 1 Branch 52 Tags
eee22ef1c48bf5ebb35fac1f9aa40d8380ed680f
Commit Graph

4 Commits

Author SHA1 Message Date
Jacek
0677e75b25 security: faza 4 - ochrona CSRF panelu administracyjnego 
- Nowa klasa \Shared\Security\CsrfToken (generate/validate/regenerate)
- Token CSRF we wszystkich formularzach edycji (form-edit.php)
- Walidacja CSRF w FormRequestHandler::handleSubmit()
- Token CSRF w formularzu logowania i formularzach 2FA
- Walidacja CSRF w App::special_actions() dla żądań POST
- Regeneracja tokenu po udanym logowaniu (bezpośrednia i przez 2FA)
- Fix XSS: htmlspecialchars na $alert w unlogged-layout.php
- 7 nowych testów CsrfTokenTest (817 testów łącznie)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-03-12 10:06:40 +01:00
Jacek Pyziak
e1f9b3e517 ver. 0.303: Fix attribute display collision + product preview button 
Fix: product attributes with the same sort order value were overwriting
each other in getProductAttributes(), causing only one attribute to
display on the frontend. Now uses usort() with sequential keys.

New: Preview button in product edit form opens product page in new tab.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-22 15:04:51 +01:00
Jacek Pyziak
319491975d ver. 0.283: Legacy class cleanup — S, Html, Email, Image, Log, Mobile_Detect → Shared namespace 
- Migrate class.S → Shared\Helpers\Helpers (140+ files), remove 12 unused methods
- Migrate class.Html → Shared\Html\Html
- Migrate class.Email → Shared\Email\Email
- Migrate class.Image → Shared\Image\ImageManipulator
- Delete class.Log (unused), class.Mobile_Detect (outdated UA detection)
- Remove grid library loading from admin (index.php, ajax.php)
- Replace gridEdit usage in 10 admin templates with grid-edit-replacement.php
- Fix grid-edit-replacement.php AJAX to send values as JSON (grid.js compat)
- Remove mobile layout conditionals (m_html/m_css/m_js) from Site + LayoutsRepository
- Remove \Log::save_log() calls from OrderAdminService, ShopOrder, Order

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 23:06:06 +01:00
Jacek Pyziak
926b6fcbca Release 0.249: banner edit fixes and thumbnail popup 2026-02-08 17:29:52 +01:00