ver. 0.318: shopPRO export produktów + nowe API endpoints

- NEW: IntegrationsRepository::shopproExportProduct() — eksport produktu do
  zdalnej instancji shopPRO (pola główne, tłumaczenia, custom fields, zdjęcia)
- NEW: sendImageToShopproApi() — wysyłka zdjęć przez API shopPRO (base64 POST)
- REFACTOR: shopproImportProduct() — wydzielono shopproDb() i
  missingShopproSetting(); dodano security_information, producer_id,
  custom fields, alt zdjęcia
- NEW: AttributeRepository::ensureAttributeForApi() i
  ensureAttributeValueForApi() — idempotent find-or-create dla słowników
- NEW: API POST dictionaries/ensure_attribute — utwórz lub znajdź atrybut
- NEW: API POST dictionaries/ensure_attribute_value — utwórz lub znajdź wartość
- NEW: API POST products/upload_image — przyjmuje base64, zapisuje plik i DB
- NEW: IntegrationsController::shoppro_product_export() — akcja admina
- NEW: przycisk "Eksportuj do shopPRO" w liście produktów
- NEW: pole API key w ustawieniach integracji shopPRO

Tests: 765 tests, 2153 assertions — all green

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

CLAUDE.md

@@ -36,7 +36,7 @@ composer test
 
 PHPUnit 9.6 via `phpunit.phar`. Bootstrap: `tests/bootstrap.php`. Config: `phpunit.xml`.
 
-Current suite: **758 tests, 2135 assertions**.
+Current suite: **765 tests, 2153 assertions**.
 
 ### Creating Updates
 See `docs/UPDATE_INSTRUCTIONS.md` for the full procedure. Updates are ZIP packages in `updates/0.XX/`. Never include `*.md` files, `updates/changelog.php`, or root `.htaccess` in update ZIPs.

admin/templates/integrations/shoppro-settings.php

@@ -91,6 +91,20 @@
             </div>
           </div>
         </div>
+        <!-- API key -->
+        <div class="form-group">
+          <label class="col-lg-3 control-label" for="inputDefault">API key</label>
+          <div class="col-lg-9">
+            <div class="bs-component">
+              <div class="input-group">
+                <input class="form-control" type="text" id="api_key" name="api_key" placeholder="" value="<?= $this -> settings['api_key'];?>">
+                <span class="input-group-addon cursor" field-id="api_key">
+                  <i class="fa fa-save"></i>
+                </span>
+              </div>
+            </div>
+          </div>
+        </div>
       </div>
       <div class="col-lg-6">
 
@@ -123,4 +137,4 @@
       });
     })
   });
-</script>
+</script>

api.php

@@ -47,6 +47,43 @@ if ( !$isApiRequest )
   }
 }
 
+// --- API routing (ordersPRO) ---
+if ( $isApiRequest )
+{
+  if ( !headers_sent() )
+    header( 'Content-Type: application/json; charset=utf-8' );
+
+  try
+  {
+    $mdb = new medoo( [
+      'database_type' => 'mysql',
+      'database_name' => $database[ 'name' ],
+      'server'        => $database[ 'host' ],
+      'username'      => $database[ 'user' ],
+      'password'      => $database[ 'password' ],
+      'charset'       => 'utf8'
+    ] );
+
+    $settingsRepo = new \Domain\Settings\SettingsRepository( $mdb );
+    $router = new \api\ApiRouter( $mdb, $settingsRepo );
+    $router->handle();
+  }
+  catch ( \Throwable $e )
+  {
+    if ( !headers_sent() )
+      header( 'Content-Type: application/json; charset=utf-8' );
+
+    http_response_code( 500 );
+    echo json_encode( [
+      'status' => 'error',
+      'code' => 'INTERNAL_ERROR',
+      'message' => 'Internal server error'
+    ], JSON_UNESCAPED_UNICODE );
+  }
+
+  exit;
+}
+
 $mdb = new medoo( [
     'database_type' => 'mysql',
     'database_name' => $database[ 'name' ],
@@ -59,14 +96,6 @@ $mdb = new medoo( [
 $settingsRepo = new \Domain\Settings\SettingsRepository( $mdb );
 $settings = $settingsRepo->allSettings();
 
-// --- API routing (ordersPRO) ---
-if ( $isApiRequest )
-{
-  $router = new \api\ApiRouter( $mdb, $settingsRepo );
-  $router->handle();
-  exit;
-}
-
 // --- Ekomi CSV export ---
 if ( \Shared\Helpers\Helpers::get( 'ekomi_csv' ) )
 {

autoload/Domain/Attribute/AttributeRepository.php

@@ -655,6 +655,95 @@ class AttributeRepository
         return $result;
     }
 
+    /**
+     * Find existing attribute by name/type or create a new one for API integration.
+     *
+     * @return array{id:int,created:bool}|null
+     */
+    public function ensureAttributeForApi(string $name, int $type = 0, string $langId = 'pl'): ?array
+    {
+        $normalizedName = trim($name);
+        $normalizedLangId = trim($langId) !== '' ? trim($langId) : 'pl';
+        $normalizedType = $this->toTypeValue($type);
+        if ($normalizedName === '') {
+            return null;
+        }
+
+        $existingId = $this->findAttributeIdByNameAndType($normalizedName, $normalizedType);
+        if ($existingId > 0) {
+            return ['id' => $existingId, 'created' => false];
+        }
+
+        $this->db->insert('pp_shop_attributes', [
+            'status' => 1,
+            'type' => $normalizedType,
+            'o' => $this->nextOrder(),
+        ]);
+        $attributeId = (int) $this->db->id();
+        if ($attributeId <= 0) {
+            return null;
+        }
+
+        $this->db->insert('pp_shop_attributes_langs', [
+            'attribute_id' => $attributeId,
+            'lang_id' => $normalizedLangId,
+            'name' => $normalizedName,
+        ]);
+
+        $this->clearTempAndCache();
+        $this->clearFrontCache($attributeId, 'frontAttributeDetails');
+
+        return ['id' => $attributeId, 'created' => true];
+    }
+
+    /**
+     * Find existing value by name within attribute or create a new one for API integration.
+     *
+     * @return array{id:int,created:bool}|null
+     */
+    public function ensureAttributeValueForApi(int $attributeId, string $name, string $langId = 'pl'): ?array
+    {
+        $normalizedName = trim($name);
+        $normalizedLangId = trim($langId) !== '' ? trim($langId) : 'pl';
+        $attributeId = max(0, $attributeId);
+
+        if ($attributeId <= 0 || $normalizedName === '') {
+            return null;
+        }
+
+        $attributeExists = (int) $this->db->count('pp_shop_attributes', ['id' => $attributeId]) > 0;
+        if (!$attributeExists) {
+            return null;
+        }
+
+        $existingId = $this->findAttributeValueIdByName($attributeId, $normalizedName);
+        if ($existingId > 0) {
+            return ['id' => $existingId, 'created' => false];
+        }
+
+        $this->db->insert('pp_shop_attributes_values', [
+            'attribute_id' => $attributeId,
+            'impact_on_the_price' => null,
+            'is_default' => 0,
+        ]);
+        $valueId = (int) $this->db->id();
+        if ($valueId <= 0) {
+            return null;
+        }
+
+        $this->db->insert('pp_shop_attributes_values_langs', [
+            'value_id' => $valueId,
+            'lang_id' => $normalizedLangId,
+            'name' => $normalizedName,
+            'value' => null,
+        ]);
+
+        $this->clearTempAndCache();
+        $this->clearFrontCache($valueId, 'frontValueDetails');
+
+        return ['id' => $valueId, 'created' => true];
+    }
+
     /**
      * @return array{sql: string, params: array<string, mixed>}
      */
@@ -972,6 +1061,52 @@ class AttributeRepository
         return $this->defaultLangId;
     }
 
+    private function findAttributeIdByNameAndType(string $name, int $type): int
+    {
+        $statement = $this->db->query(
+            'SELECT sa.id
+             FROM pp_shop_attributes sa
+             INNER JOIN pp_shop_attributes_langs sal ON sal.attribute_id = sa.id
+             WHERE sa.type = :type
+               AND LOWER(TRIM(sal.name)) = LOWER(TRIM(:name))
+             ORDER BY sa.id ASC
+             LIMIT 1',
+            [
+                ':type' => $type,
+                ':name' => $name,
+            ]
+        );
+        if (!$statement) {
+            return 0;
+        }
+
+        $id = $statement->fetchColumn();
+        return $id === false ? 0 : (int) $id;
+    }
+
+    private function findAttributeValueIdByName(int $attributeId, string $name): int
+    {
+        $statement = $this->db->query(
+            'SELECT sav.id
+             FROM pp_shop_attributes_values sav
+             INNER JOIN pp_shop_attributes_values_langs savl ON savl.value_id = sav.id
+             WHERE sav.attribute_id = :attribute_id
+               AND LOWER(TRIM(savl.name)) = LOWER(TRIM(:name))
+             ORDER BY sav.id ASC
+             LIMIT 1',
+            [
+                ':attribute_id' => $attributeId,
+                ':name' => $name,
+            ]
+        );
+        if (!$statement) {
+            return 0;
+        }
+
+        $id = $statement->fetchColumn();
+        return $id === false ? 0 : (int) $id;
+    }
+
     // ── Frontend methods ──────────────────────────────────────────
 
     public function frontAttributeDetails(int $attributeId, string $langId): array

autoload/Domain/Integrations/IntegrationsRepository.php

@@ -668,15 +668,12 @@ class IntegrationsRepository
     public function shopproImportProduct( int $productId ): array
     {
         $settings = $this->getSettings( 'shoppro' );
+        $missingSetting = $this->missingShopproSetting( $settings, [ 'domain', 'db_name', 'db_host', 'db_user' ] );
+        if ( $missingSetting !== null ) {
+            return [ 'success' => false, 'message' => 'Brakuje konfiguracji shopPRO: ' . $missingSetting . '.' ];
+        }
 
-        $mdb2 = new \medoo( [
-            'database_type' => 'mysql',
-            'database_name' => $settings['db_name'],
-            'server'        => $settings['db_host'],
-            'username'      => $settings['db_user'],
-            'password'      => $settings['db_password'],
-            'charset'       => 'utf8'
-        ] );
+        $mdb2 = $this->shopproDb( $settings );
 
         $product = $mdb2->get( 'pp_shop_products', '*', [ 'id' => $productId ] );
         if ( !$product )
@@ -700,6 +697,7 @@ class IntegrationsRepository
             'additional_message_text'    => $product['additional_message_text'],
             'additional_message_required'=> $product['additional_message_required'],
             'weight'                     => $product['weight'],
+            'producer_id'                => $product['producer_id'] ?? null,
         ] );
 
         $newProductId = $this->db->id();
@@ -729,6 +727,20 @@ class IntegrationsRepository
                     'warehouse_message_nonzero'=> $lang['warehouse_message_nonzero'],
                     'canonical'                => $lang['canonical'],
                     'xml_name'                 => $lang['xml_name'],
+                    'security_information'     => $lang['security_information'] ?? null,
+                ] );
+            }
+        }
+
+        // Import custom fields
+        $customFields = $mdb2->select( 'pp_shop_products_custom_fields', '*', [ 'id_product' => $productId ] );
+        if ( is_array( $customFields ) ) {
+            foreach ( $customFields as $field ) {
+                $this->db->insert( 'pp_shop_products_custom_fields', [
+                    'id_product'   => $newProductId,
+                    'name'         => (string)($field['name'] ?? ''),
+                    'type'         => (string)($field['type'] ?? 'text'),
+                    'is_required'  => !empty( $field['is_required'] ) ? 1 : 0,
                 ] );
             }
         }
@@ -759,6 +771,7 @@ class IntegrationsRepository
                 $this->db->insert( 'pp_shop_products_images', [
                     'product_id' => $newProductId,
                     'src'        => '/upload/product_images/product_' . $newProductId . '/' . $imageName,
+                    'alt'        => $image['alt'] ?? '',
                     'o'          => $image['o'],
                 ] );
             }
@@ -766,4 +779,215 @@ class IntegrationsRepository
 
         return [ 'success' => true, 'message' => 'Produkt został zaimportowany.' ];
     }
+
+    // ── ShopPRO export ──────────────────────────────────────────
+
+    public function shopproExportProduct( int $productId ): array
+    {
+        $settings = $this->getSettings( 'shoppro' );
+        $missingSetting = $this->missingShopproSetting( $settings, [ 'db_name', 'db_host', 'db_user' ] );
+        if ( $missingSetting !== null ) {
+            return [ 'success' => false, 'message' => 'Brakuje konfiguracji shopPRO: ' . $missingSetting . '.' ];
+        }
+
+        $product = $this->db->get( 'pp_shop_products', '*', [ 'id' => $productId ] );
+        if ( !$product ) {
+            return [ 'success' => false, 'message' => 'Nie znaleziono produktu do eksportu.' ];
+        }
+
+        $mdb2 = $this->shopproDb( $settings );
+
+        $mdb2->insert( 'pp_shop_products', [
+            'price_netto'                => $product['price_netto'] ?? null,
+            'price_brutto'               => $product['price_brutto'] ?? null,
+            'vat'                        => $product['vat'] ?? null,
+            'stock_0_buy'                => $product['stock_0_buy'] ?? 0,
+            'quantity'                   => $product['quantity'] ?? 0,
+            'wp'                         => $product['wp'] ?? null,
+            'sku'                        => $product['sku'] ?? '',
+            'ean'                        => $product['ean'] ?? '',
+            'custom_label_0'             => $product['custom_label_0'] ?? null,
+            'custom_label_1'             => $product['custom_label_1'] ?? null,
+            'custom_label_2'             => $product['custom_label_2'] ?? null,
+            'custom_label_3'             => $product['custom_label_3'] ?? null,
+            'custom_label_4'             => $product['custom_label_4'] ?? null,
+            'additional_message'         => $product['additional_message'] ?? 0,
+            'additional_message_text'    => $product['additional_message_text'] ?? null,
+            'additional_message_required'=> $product['additional_message_required'] ?? 0,
+            'weight'                     => $product['weight'] ?? null,
+            'producer_id'                => $product['producer_id'] ?? null,
+        ] );
+
+        $newProductId = (int) $mdb2->id();
+        if ( $newProductId <= 0 ) {
+            return [ 'success' => false, 'message' => 'Podczas eksportowania produktu wystąpił błąd.' ];
+        }
+
+        $languages = $this->db->select( 'pp_shop_products_langs', '*', [ 'product_id' => $productId ] );
+        if ( is_array( $languages ) ) {
+            foreach ( $languages as $lang ) {
+                $mdb2->insert( 'pp_shop_products_langs', [
+                    'product_id'               => $newProductId,
+                    'lang_id'                  => $lang['lang_id'] ?? '',
+                    'name'                     => $lang['name'] ?? '',
+                    'short_description'        => $lang['short_description'] ?? null,
+                    'description'              => $lang['description'] ?? null,
+                    'tab_name_1'               => $lang['tab_name_1'] ?? null,
+                    'tab_description_1'        => $lang['tab_description_1'] ?? null,
+                    'tab_name_2'               => $lang['tab_name_2'] ?? null,
+                    'tab_description_2'        => $lang['tab_description_2'] ?? null,
+                    'meta_title'               => $lang['meta_title'] ?? null,
+                    'meta_description'         => $lang['meta_description'] ?? null,
+                    'meta_keywords'            => $lang['meta_keywords'] ?? null,
+                    'seo_link'                 => $lang['seo_link'] ?? null,
+                    'copy_from'                => $lang['copy_from'] ?? null,
+                    'warehouse_message_zero'   => $lang['warehouse_message_zero'] ?? null,
+                    'warehouse_message_nonzero'=> $lang['warehouse_message_nonzero'] ?? null,
+                    'canonical'                => $lang['canonical'] ?? null,
+                    'xml_name'                 => $lang['xml_name'] ?? null,
+                    'security_information'     => $lang['security_information'] ?? null,
+                ] );
+            }
+        }
+
+        $customFields = $this->db->select( 'pp_shop_products_custom_fields', '*', [ 'id_product' => $productId ] );
+        if ( is_array( $customFields ) ) {
+            foreach ( $customFields as $field ) {
+                $mdb2->insert( 'pp_shop_products_custom_fields', [
+                    'id_product'   => $newProductId,
+                    'name'         => (string)($field['name'] ?? ''),
+                    'type'         => (string)($field['type'] ?? 'text'),
+                    'is_required'  => !empty( $field['is_required'] ) ? 1 : 0,
+                ] );
+            }
+        }
+
+        $images = $this->db->select( 'pp_shop_products_images', '*', [ 'product_id' => $productId ] );
+        if ( is_array( $images ) && count( $images ) > 0 ) {
+            $missingImageApiSetting = $this->missingShopproSetting( $settings, [ 'domain', 'api_key' ] );
+            if ( $missingImageApiSetting !== null ) {
+                return [ 'success' => false, 'message' => 'Brakuje konfiguracji shopPRO dla wysylki zdjec: ' . $missingImageApiSetting . '.' ];
+            }
+        }
+
+        if ( is_array( $images ) ) {
+            foreach ( $images as $image ) {
+                $remoteImageSrc = $this->sendImageToShopproApi(
+                    (string)($image['src'] ?? ''),
+                    (int)$newProductId,
+                    (string)($settings['domain'] ?? ''),
+                    (string)($settings['api_key'] ?? ''),
+                    (string)($image['alt'] ?? ''),
+                    (int)($image['o'] ?? 0)
+                );
+                if ( $remoteImageSrc === '' ) {
+                    return [ 'success' => false, 'message' => 'Nie udalo sie wyslac zdjec produktu przez API shopPRO.' ];
+                }
+            }
+        }
+
+        return [
+            'success' => true,
+            'message' => 'Produkt został wyeksportowany (ID: ' . $newProductId . ').',
+        ];
+    }
+
+    private function missingShopproSetting( array $settings, array $requiredKeys ): ?string
+    {
+        foreach ( $requiredKeys as $requiredKey ) {
+            if ( trim( (string)($settings[$requiredKey] ?? '') ) === '' ) {
+                return $requiredKey;
+            }
+        }
+
+        return null;
+    }
+
+    private function shopproDb( array $settings ): \medoo
+    {
+        return new \medoo( [
+            'database_type' => 'mysql',
+            'database_name' => $settings['db_name'],
+            'server'        => $settings['db_host'],
+            'username'      => $settings['db_user'],
+            'password'      => $settings['db_password'] ?? '',
+            'charset'       => 'utf8'
+        ] );
+    }
+
+    private function sendImageToShopproApi(
+        string $src,
+        int $remoteProductId,
+        string $remoteDomain,
+        string $apiKey,
+        string $alt,
+        int $position
+    ): string
+    {
+        $src = trim( $src );
+        if ( $src === '' ) {
+            return '';
+        }
+
+        $localSourcePath = '..' . $src;
+        if ( !is_file( $localSourcePath ) ) {
+            return '';
+        }
+
+        $content = @file_get_contents( $localSourcePath );
+        if ( $content === false ) {
+            return '';
+        }
+
+        $remoteDomain = trim( $remoteDomain );
+        if ( $remoteDomain === '' ) {
+            return '';
+        }
+
+        if ( strpos( $remoteDomain, 'http://' ) !== 0 && strpos( $remoteDomain, 'https://' ) !== 0 ) {
+            $remoteDomain = 'https://' . $remoteDomain;
+        }
+        $remoteDomain = rtrim( $remoteDomain, '/' );
+
+        $url = $remoteDomain . '/api.php?endpoint=products&action=upload_image';
+        $payload = [
+            'id'              => $remoteProductId,
+            'file_name'       => basename( $src ),
+            'content_base64'  => base64_encode( $content ),
+            'alt'             => $alt,
+            'o'               => $position,
+        ];
+
+        $ch = curl_init( $url );
+        curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
+        curl_setopt( $ch, CURLOPT_POST, true );
+        curl_setopt( $ch, CURLOPT_POSTFIELDS, json_encode( $payload, JSON_UNESCAPED_UNICODE ) );
+        curl_setopt( $ch, CURLOPT_HTTPHEADER, [
+            'Content-Type: application/json',
+            'Accept: application/json',
+            'X-Api-Key: ' . $apiKey,
+        ] );
+        curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
+        curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false );
+        $response = curl_exec( $ch );
+
+        if ( curl_errno( $ch ) ) {
+            curl_close( $ch );
+            return '';
+        }
+
+        $httpCode = (int) curl_getinfo( $ch, CURLINFO_HTTP_CODE );
+        curl_close( $ch );
+
+        if ( $httpCode >= 400 || $response === false ) {
+            return '';
+        }
+
+        $responseData = json_decode( (string) $response, true );
+        if ( !is_array( $responseData ) || ( $responseData['status'] ?? '' ) !== 'ok' ) {
+            return '';
+        }
+
+        return (string)($responseData['data']['src'] ?? '');
+    }
 }

autoload/Domain/Product/ProductRepository.php

@@ -1239,7 +1239,7 @@ class ProductRepository
 
         $productData = [
             'date_modify' => date( 'Y-m-d H:i:s' ),
-            'modify_by' => $userId,
+            'modify_by' => $userId !== null ? (int) $userId : 0,
             'status' => ( $d['status'] ?? '' ) === 'on' ? 1 : 0,
             'price_netto' => $this->nullIfEmpty( $d['price_netto'] ?? null ),
             'price_brutto' => $this->nullIfEmpty( $d['price_brutto'] ?? null ),

autoload/Domain/Settings/SettingsRepository.php

@@ -71,6 +71,7 @@ class SettingsRepository
             'infinitescroll' => $this->isEnabled($values['infinitescroll'] ?? null) ? 1 : 0,
             'own_gtm_js' => $values['own_gtm_js'] ?? '',
             'own_gtm_html' => $values['own_gtm_html'] ?? '',
+            'api_key' => $values['api_key'] ?? '',
         ];
 
         $warehouseMessageZero = $values['warehouse_message_zero'] ?? [];

autoload/admin/Controllers/IntegrationsController.php

@@ -265,6 +265,16 @@ class IntegrationsController
         exit;
     }
 
+    public function shoppro_product_export(): void
+    {
+        $productId = (int) \Shared\Helpers\Helpers::get( 'product_id' );
+        $result = $this->repository->shopproExportProduct( $productId );
+
+        \Shared\Helpers\Helpers::alert( (string)($result['message'] ?? 'Wystapil blad podczas eksportu produktu.') );
+        header( 'Location: /admin/shop_product/view_list/' );
+        exit;
+    }
+
     private function fetchApiloListWithFeedback( string $type, string $label ): void
     {
         $result = $this->repository->apiloFetchListResult( $type );

autoload/admin/Controllers/SettingsController.php

@@ -471,8 +471,7 @@ class SettingsController
                 'label' => 'Htaccess cache',
                 'tab' => 'system',
             ]),
-            FormField::text('api_key', [
-                'label' => 'Klucz API (ordersPRO)',
+            FormField::custom('api_key', $this->renderApiKeyField($data['api_key'] ?? ''), [
                 'tab' => 'system',
             ]),
 
@@ -560,4 +559,23 @@ class SettingsController
 
         return $data;
     }
+
+    private function renderApiKeyField(string $value): string
+    {
+        $escaped = htmlspecialchars($value, ENT_QUOTES, 'UTF-8');
+
+        $js = "var c='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',"
+            . "k='';for(var i=0;i<32;i++){k+=c.charAt(Math.floor(Math.random()*c.length));}"
+            . "document.getElementById('api_key').value=k;";
+
+        return '<div class="form-group row">'
+            . '<label class="col-lg-4 control-label">Klucz API:</label>'
+            . '<div class="col-lg-8">'
+            . '<div class="input-group">'
+            . '<input type="text" id="api_key" class="form-control" name="api_key" value="' . $escaped . '" />'
+            . '<span class="input-group-addon btn btn-info" onclick="' . htmlspecialchars($js, ENT_QUOTES, 'UTF-8') . '">Generuj</span>'
+            . '</div>'
+            . '</div>'
+            . '</div>';
+    }
 }

autoload/admin/Controllers/ShopProductController.php

@@ -140,6 +140,15 @@ class ShopProductController
                 }
             }
 
+            if ( $shopproEnabled ) {
+                $row['_actions'][] = [
+                    'label'   => 'Eksportuj do shopPRO',
+                    'url'     => '/admin/integrations/shoppro_product_export/product_id=' . $id,
+                    'class'   => 'btn btn-xs btn-system',
+                    'confirm' => 'Na pewno chcesz wyeksportowac ten produkt do shopPRO?',
+                ];
+            }
+
             $rows[] = $row;
         }
 

autoload/api/ApiRouter.php

@@ -46,7 +46,7 @@ class ApiRouter
             }
 
             $controller->$action();
-        } catch (\Exception $e) {
+        } catch (\Throwable $e) {
             self::sendError('INTERNAL_ERROR', 'Internal server error', 500);
         }
     }

autoload/api/Controllers/DictionariesApiController.php

@@ -94,4 +94,81 @@ class DictionariesApiController
 
         ApiRouter::sendSuccess($attributes);
     }
+
+    public function ensure_attribute(): void
+    {
+        if (!ApiRouter::requireMethod('POST')) {
+            return;
+        }
+
+        $body = ApiRouter::getJsonBody();
+        if (!is_array($body)) {
+            ApiRouter::sendError('BAD_REQUEST', 'Missing or invalid JSON body', 400);
+            return;
+        }
+
+        $name = trim((string) ($body['name'] ?? ''));
+        if ($name === '') {
+            ApiRouter::sendError('BAD_REQUEST', 'Missing name', 400);
+            return;
+        }
+
+        $type = (int) ($body['type'] ?? 0);
+        $lang = trim((string) ($body['lang'] ?? 'pl'));
+        if ($lang === '') {
+            $lang = 'pl';
+        }
+
+        $result = $this->attrRepo->ensureAttributeForApi($name, $type, $lang);
+        if (!is_array($result) || (int) ($result['id'] ?? 0) <= 0) {
+            ApiRouter::sendError('INTERNAL_ERROR', 'Failed to ensure attribute', 500);
+            return;
+        }
+
+        ApiRouter::sendSuccess([
+            'id' => (int) ($result['id'] ?? 0),
+            'created' => !empty($result['created']),
+        ]);
+    }
+
+    public function ensure_attribute_value(): void
+    {
+        if (!ApiRouter::requireMethod('POST')) {
+            return;
+        }
+
+        $body = ApiRouter::getJsonBody();
+        if (!is_array($body)) {
+            ApiRouter::sendError('BAD_REQUEST', 'Missing or invalid JSON body', 400);
+            return;
+        }
+
+        $attributeId = (int) ($body['attribute_id'] ?? 0);
+        if ($attributeId <= 0) {
+            ApiRouter::sendError('BAD_REQUEST', 'Missing or invalid attribute_id', 400);
+            return;
+        }
+
+        $name = trim((string) ($body['name'] ?? ''));
+        if ($name === '') {
+            ApiRouter::sendError('BAD_REQUEST', 'Missing name', 400);
+            return;
+        }
+
+        $lang = trim((string) ($body['lang'] ?? 'pl'));
+        if ($lang === '') {
+            $lang = 'pl';
+        }
+
+        $result = $this->attrRepo->ensureAttributeValueForApi($attributeId, $name, $lang);
+        if (!is_array($result) || (int) ($result['id'] ?? 0) <= 0) {
+            ApiRouter::sendError('INTERNAL_ERROR', 'Failed to ensure attribute value', 500);
+            return;
+        }
+
+        ApiRouter::sendSuccess([
+            'id' => (int) ($result['id'] ?? 0),
+            'created' => !empty($result['created']),
+        ]);
+    }
 }

autoload/api/Controllers/ProductsApiController.php

@@ -296,6 +296,95 @@ class ProductsApiController
         ApiRouter::sendSuccess(['id' => $variantId, 'deleted' => true]);
     }
 
+    public function upload_image(): void
+    {
+        if (!ApiRouter::requireMethod('POST')) {
+            return;
+        }
+
+        $body = ApiRouter::getJsonBody();
+        if ($body === null) {
+            ApiRouter::sendError('BAD_REQUEST', 'Missing or invalid JSON body', 400);
+            return;
+        }
+
+        $productId = (int)($body['id'] ?? 0);
+        if ($productId <= 0) {
+            ApiRouter::sendError('BAD_REQUEST', 'Missing or invalid product id', 400);
+            return;
+        }
+
+        $product = $this->productRepo->find($productId);
+        if ($product === null) {
+            ApiRouter::sendError('NOT_FOUND', 'Product not found', 404);
+            return;
+        }
+
+        $fileName = trim((string)($body['file_name'] ?? ''));
+        $base64 = (string)($body['content_base64'] ?? '');
+        if ($fileName === '' || $base64 === '') {
+            ApiRouter::sendError('BAD_REQUEST', 'Missing file_name or content_base64', 400);
+            return;
+        }
+
+        $binary = base64_decode($base64, true);
+        if ($binary === false) {
+            ApiRouter::sendError('BAD_REQUEST', 'Invalid content_base64 payload', 400);
+            return;
+        }
+
+        $safeName = preg_replace('/[^a-zA-Z0-9._-]/', '_', basename($fileName));
+        if ($safeName === '' || $safeName === null) {
+            $safeName = 'image_' . md5((string)microtime(true)) . '.jpg';
+        }
+
+        $baseDir = '../upload/product_images/product_' . $productId;
+        if (!is_dir($baseDir) && !mkdir($baseDir, 0775, true) && !is_dir($baseDir)) {
+            ApiRouter::sendError('INTERNAL_ERROR', 'Failed to create target directory', 500);
+            return;
+        }
+
+        $targetPath = $baseDir . '/' . $safeName;
+        if (is_file($targetPath)) {
+            $name = pathinfo($safeName, PATHINFO_FILENAME);
+            $ext = pathinfo($safeName, PATHINFO_EXTENSION);
+            $targetPath = $baseDir . '/' . $name . '_' . substr(md5($safeName . microtime(true)), 0, 8) . ($ext !== '' ? '.' . $ext : '');
+        }
+
+        if (file_put_contents($targetPath, $binary) === false) {
+            ApiRouter::sendError('INTERNAL_ERROR', 'Failed to save image file', 500);
+            return;
+        }
+
+        $src = '/upload/product_images/product_' . $productId . '/' . basename($targetPath);
+        $alt = (string)($body['alt'] ?? '');
+        $position = isset($body['o']) ? (int)$body['o'] : null;
+
+        $db = $GLOBALS['mdb'] ?? null;
+        if (!$db) {
+            ApiRouter::sendError('INTERNAL_ERROR', 'Database not available', 500);
+            return;
+        }
+
+        if ($position === null) {
+            $max = $db->max('pp_shop_products_images', 'o', ['product_id' => $productId]);
+            $position = (int)$max + 1;
+        }
+
+        $db->insert('pp_shop_products_images', [
+            'product_id' => $productId,
+            'src' => $src,
+            'alt' => $alt,
+            'o' => $position,
+        ]);
+
+        ApiRouter::sendSuccess([
+            'src' => $src,
+            'alt' => $alt,
+            'o' => $position,
+        ]);
+    }
+
     /**
      * Mapuje dane z JSON API na format oczekiwany przez saveProduct().
      *
@@ -339,6 +428,11 @@ class ProductsApiController
             }
         }
 
+        // saveProduct() traktuje float 0.00 jako "puste", ale cena 0 musi pozostać jawnie ustawiona.
+        if (isset($d['price_brutto']) && is_numeric($d['price_brutto']) && (float)$d['price_brutto'] === 0.0) {
+            $d['price_brutto'] = '0';
+        }
+
         // String fields — direct mapping
         $stringFields = [
             'sku', 'ean', 'custom_label_0', 'custom_label_1', 'custom_label_2',

build-update.ps1

@@ -262,6 +262,10 @@ if (Test-Path $tempDir) {
     Remove-Item -Recurse -Force $tempDir
 }
 
+if (-not (Test-Path $tempDir)) {
+    New-Item -ItemType Directory -Path $tempDir -Force | Out-Null
+}
+
 foreach ($f in $filesToPack) {
     $destPath = Join-Path $tempDir $f
     $destDir = Split-Path $destPath -Parent
@@ -295,7 +299,16 @@ if (Test-Path $zipPath) {
 # Pakuj zawartosc temp dir (bez folderu temp/)
 $originalLocation = Get-Location
 Set-Location $tempDir
-Compress-Archive -Path '*' -DestinationPath "../../$zipPath" -Force
+$tempItems = Get-ChildItem -Force
+if ($tempItems) {
+    Compress-Archive -Path '*' -DestinationPath "../../$zipPath" -Force
+} else {
+    # SQL-only update: create minimal ZIP with empty placeholder
+    $placeholderPath = "_sql_only_update.txt"
+    Set-Content -Path $placeholderPath -Value "SQL-only update $versionNumber"
+    Compress-Archive -Path $placeholderPath -DestinationPath "../../$zipPath" -Force
+    Remove-Item $placeholderPath -Force
+}
 Set-Location $originalLocation
 
 Write-Ok "Utworzono ZIP: $zipPath"

docs/CHANGELOG.md

@@ -4,6 +4,36 @@ Logi zmian z migracji na Domain-Driven Architecture. Najnowsze na gorze.
 
 ---
 
+## ver. 0.318 (2026-02-24) - ShopPRO export produktów + API endpoints
+
+- **NEW**: `IntegrationsRepository::shopproExportProduct()` — eksport produktu do zdalnej instancji shopPRO: pola główne, tłumaczenia, custom fields, zdjęcia przez API (base64)
+- **NEW**: `IntegrationsRepository::sendImageToShopproApi()` — wysyłka zdjęć do remote API shopPRO (endpoint `upload_image`) z base64
+- **REFACTOR**: `shopproImportProduct()` — wydzielono `shopproDb()` i `missingShopproSetting()` jako prywatne helpery; dodano import `security_information`, `producer_id`, custom fields i `alt` zdjęcia
+- **NEW**: `AttributeRepository::ensureAttributeForApi()` i `ensureAttributeValueForApi()` — idempotent find-or-create dla atrybutów i ich wartości (integracje API)
+- **NEW**: API endpoint `POST /api.php?endpoint=dictionaries&action=ensure_attribute` — utwórz lub znajdź atrybut po nazwie i typie
+- **NEW**: API endpoint `POST /api.php?endpoint=dictionaries&action=ensure_attribute_value` — utwórz lub znajdź wartość atrybutu po nazwie
+- **NEW**: API endpoint `POST /api.php?endpoint=products&action=upload_image` — przyjmuje zdjęcie produktu jako base64 JSON, zapisuje plik i rekord w `pp_shop_products_images`
+- **NEW**: `IntegrationsController::shoppro_product_export()` — akcja admina eksportująca produkt do shopPRO
+- **NEW**: Przycisk "Eksportuj do shopPRO" w liście produktów (widoczny gdy shopPRO enabled)
+- **NEW**: Pole "API key" w ustawieniach integracji shopPRO (`shoppro-settings.php`)
+
+---
+
+## ver. 0.317 (2026-02-23) - Klucz API: przycisk generowania + fix zapisu
+
+- **FIX**: `SettingsRepository::saveSettings()` — pole `api_key` brakowało w whiteliście zapisywanych pól, przez co wartość była tracona przy każdym zapisie (TRUNCATE + insert)
+- **NEW**: Pole "Klucz API" w ustawieniach — przycisk "Generuj" do losowego 32-znakowego klucza alfanumerycznego, usunięto "(ordersPRO)" z nazwy
+- **FIX**: `api.php` — routing API przeniesiony przed ładowanie globalnych settings (wczesne wyjście), obsługa błędów przez `\Throwable`
+- **FIX**: `ApiRouter` — catch `\Throwable` zamiast `\Exception` dla pełniejszego łapania błędów
+
+---
+
+## ver. 0.316 (2026-02-23) - Migracja brakującej kolumny type w custom fields
+
+- **FIX**: Dodanie brakującej kolumny `type` w tabeli `pp_shop_products_custom_fields` — kolumna była używana w kodzie od v0.277 ale nigdy nie miała migracji ALTER TABLE, przez co instancje ze starszą bazą dostawały `PDOException: Column not found: 1054 Unknown column 'type'` przy zapisie produktu
+
+---
+
 ## ver. 0.315 (2026-02-23) - Fix listowania atrybutów w admin
 
 - **FIX**: `AttributeRepository::listForAdmin()` — zapytanie COUNT dostawało parametr `:default_lang_id` którego nie miało w SQL, powodując `PDOException: SQLSTATE[HY093]: Invalid parameter number`. Parametr potrzebny tylko w głównym SELECT, nie w COUNT

docs/TESTING.md

@@ -23,10 +23,10 @@ composer test              # standard
 ## Aktualny stan
 
 ```text
-OK (758 tests, 2135 assertions)
+OK (765 tests, 2153 assertions)
 ```
 
-Zweryfikowano: 2026-02-22 (ver. 0.304)
+Zweryfikowano: 2026-02-24 (ver. 0.318)
 
 ## Konfiguracja
 

docs/TODO.md

@@ -0,0 +1 @@
+1. Dodać przycisk kopiowania przy atrybutach produktu w zamówieniu

migrations/0.316.sql

@@ -0,0 +1 @@
+ALTER TABLE `pp_shop_products_custom_fields` ADD COLUMN `type` VARCHAR(30) NOT NULL DEFAULT '' AFTER `name`;

tests/Unit/Domain/Integrations/IntegrationsRepositoryTest.php

@@ -229,7 +229,7 @@ class IntegrationsRepositoryTest extends TestCase
             'linkProduct', 'unlinkProduct',
             'apiloAuthorize', 'apiloGetAccessToken', 'apiloKeepalive', 'apiloIntegrationStatus',
             'apiloFetchList', 'apiloFetchListResult', 'apiloProductSearch', 'apiloCreateProduct',
-            'getProductSku', 'shopproImportProduct',
+            'getProductSku', 'shopproImportProduct', 'shopproExportProduct',
         ];
 
         foreach ($expectedMethods as $method) {

tests/Unit/admin/Controllers/IntegrationsControllerTest.php

@@ -118,6 +118,7 @@ class IntegrationsControllerTest extends TestCase
             'shoppro_settings',
             'shoppro_settings_save',
             'shoppro_product_import',
+            'shoppro_product_export',
         ];
 
         foreach ($methods as $method) {
@@ -157,6 +158,7 @@ class IntegrationsControllerTest extends TestCase
             'apilo_product_select_delete',
             'shoppro_settings_save',
             'shoppro_product_import',
+            'shoppro_product_export',
         ];
 
         foreach ($voidMethods as $method) {

tests/Unit/api/Controllers/DictionariesApiControllerTest.php

@@ -186,4 +186,52 @@ class DictionariesApiControllerTest extends TestCase
 
         $this->assertSame(405, http_response_code());
     }
+
+    public function testEnsureAttributeRejectsGetMethod(): void
+    {
+        $_SERVER['REQUEST_METHOD'] = 'GET';
+
+        ob_start();
+        $this->controller->ensure_attribute();
+        ob_get_clean();
+
+        $this->assertSame(405, http_response_code());
+    }
+
+    public function testEnsureAttributeReturns400WhenNoBody(): void
+    {
+        $_SERVER['REQUEST_METHOD'] = 'POST';
+
+        ob_start();
+        $this->controller->ensure_attribute();
+        $output = ob_get_clean();
+
+        $this->assertSame(400, http_response_code());
+        $json = json_decode($output, true);
+        $this->assertSame('BAD_REQUEST', $json['code']);
+    }
+
+    public function testEnsureAttributeValueRejectsGetMethod(): void
+    {
+        $_SERVER['REQUEST_METHOD'] = 'GET';
+
+        ob_start();
+        $this->controller->ensure_attribute_value();
+        ob_get_clean();
+
+        $this->assertSame(405, http_response_code());
+    }
+
+    public function testEnsureAttributeValueReturns400WhenNoBody(): void
+    {
+        $_SERVER['REQUEST_METHOD'] = 'POST';
+
+        ob_start();
+        $this->controller->ensure_attribute_value();
+        $output = ob_get_clean();
+
+        $this->assertSame(400, http_response_code());
+        $json = json_decode($output, true);
+        $this->assertSame('BAD_REQUEST', $json['code']);
+    }
 }

tests/Unit/api/Controllers/ProductsApiControllerTest.php

@@ -351,6 +351,19 @@ class ProductsApiControllerTest extends TestCase
         $this->assertSame('5901234123457', $result['ean']);
     }
 
+    public function testMapApiToFormDataPreservesZeroBasePriceForSaveProduct(): void
+    {
+        $method = new \ReflectionMethod(ProductsApiController::class, 'mapApiToFormData');
+        $method->setAccessible(true);
+
+        $result = $method->invoke($this->controller, [
+            'price_brutto' => 0.0,
+            'languages' => ['pl' => ['name' => 'Zero']],
+        ]);
+
+        $this->assertSame('0', $result['price_brutto']);
+    }
+
     public function testMapApiToFormDataMapsCategories(): void
     {
         $method = new \ReflectionMethod(ProductsApiController::class, 'mapApiToFormData');

updates/0.30/ver_0.315_manifest.json

@@ -0,0 +1,23 @@
+{
+    "changelog":  "FIX - PDOException w listowaniu atrybutow admin (SQLSTATE HY093)",
+    "version":  "0.315",
+    "files":  {
+                  "added":  [
+
+                            ],
+                  "deleted":  [
+
+                              ],
+                  "modified":  [
+                                   "autoload/Domain/Attribute/AttributeRepository.php"
+                               ]
+              },
+    "checksum_zip":  "sha256:cfe6eb7dfad896c4ea885c2f9a52c6a389d4e38379a0bf64f5d429910d87e55f",
+    "sql":  [
+
+            ],
+    "date":  "2026-02-23",
+    "directories_deleted":  [
+
+                            ]
+}

updates/0.30/ver_0.316_manifest.json

@@ -0,0 +1,23 @@
+{
+    "changelog":  "FIX - migracja brakujacej kolumny type w pp_shop_products_custom_fields",
+    "version":  "0.316",
+    "files":  {
+                  "added":  [
+
+                            ],
+                  "deleted":  [
+
+                              ],
+                  "modified":  [
+
+                               ]
+              },
+    "checksum_zip":  "sha256:654a3683c0add19d0cb2f87db6f6a45cd4ce08799dd3692c6adacc07666f13b1",
+    "sql":  [
+                "ALTER TABLE `pp_shop_products_custom_fields` ADD COLUMN `type` VARCHAR(30) NOT NULL DEFAULT \u0027\u0027 AFTER `name`;"
+            ],
+    "date":  "2026-02-23",
+    "directories_deleted":  [
+
+                            ]
+}

updates/0.30/ver_0.317_manifest.json

@@ -0,0 +1,26 @@
+{
+    "changelog":  "FIX - klucz API: fix zapisu (brakowalo w whiteliście), przycisk Generuj losowy klucz, ulepszony routing API",
+    "version":  "0.317",
+    "files":  {
+                  "added":  [
+
+                            ],
+                  "deleted":  [
+
+                              ],
+                  "modified":  [
+                                   "api.php",
+                                   "autoload/Domain/Settings/SettingsRepository.php",
+                                   "autoload/admin/Controllers/SettingsController.php",
+                                   "autoload/api/ApiRouter.php"
+                               ]
+              },
+    "checksum_zip":  "sha256:130e5f4fd15b635bb277dc639d528e017de866fbaada5db2d08d9426251824b3",
+    "sql":  [
+
+            ],
+    "date":  "2026-02-23",
+    "directories_deleted":  [
+
+                            ]
+}

updates/changelog.php

@@ -1,14 +1,23 @@
+<b>ver. 0.317 - 23.02.2026</b><br />
+FIX - klucz API: fix zapisu (brakowalo w whiteliście), przycisk Generuj losowy klucz, ulepszony routing API
+<hr>
+<b>ver. 0.316 - 23.02.2026</b><br />
+FIX - migracja brakujacej kolumny type w pp_shop_products_custom_fields
+<hr>
+<b>ver. 0.315 - 23.02.2026</b><br />
+FIX - PDOException w listowaniu atrybutow admin (SQLSTATE HY093)
+<hr>
 <b>ver. 0.314 - 23.02.2026</b><br />
-FIX - naprawa globalnej wyszukiwarki admin (Content-Type, Cache-Control, POST, try/catch), NEW - title strony z numerem zamówienia
+FIX - naprawa globalnej wyszukiwarki admin (Content-Type, Cache-Control, POST, try/catch), NEW - title strony z numerem zamĂłwienia
 <hr>
 <b>ver. 0.313 - 23.02.2026</b><br />
-FIX - sync płatności Apilo (int cast na apilo_order_id PPxxxxxx dawał 0) + logowanie decyzji sync do pp_log
+FIX - sync płatności Apilo (int cast na apilo_order_id PPxxxxxx dawał 0) + logowanie decyzji sync do pp_log
 <hr>
 <b>ver. 0.312 - 23.02.2026</b><br />
-FIX - krytyczne bugi integracji Apilo: curl_getinfo po curl_close, nieskończona pętla wysyłki, ceny 0.00 PLN, walidacja cen
+FIX - krytyczne bugi integracji Apilo: curl_getinfo po curl_close, nieskończona pętla wysyłki, ceny 0.00 PLN, walidacja cen
 <hr>
 <b>ver. 0.311 - 23.02.2026</b><br />
-FIX - race condition callback płatności Apilo, persistence filtrów tabel admin, poprawki cen zamówień
+FIX - race condition callback płatności Apilo, persistence filtrów tabel admin, poprawki cen zamówień
 <hr>
 <b>ver. 0.310 - 23.02.2026</b><br />
 NEW - Zakladka Logi w sekcji Integracje (podglad pp_log z paginacja, sortowaniem, filtrami)

updates/versions.php

@@ -1,5 +1,5 @@
 <?
-$current_ver = 315;
+$current_ver = 317;
 
 for ($i = 1; $i <= $current_ver; $i++)
 {