5598888716
- Nowa klasa \Shared\Security\CsrfToken (generate/validate/regenerate) - Token CSRF we wszystkich formularzach edycji (form-edit.php) - Walidacja CSRF w FormRequestHandler::handleSubmit() - Token CSRF w formularzu logowania i formularzach 2FA - Walidacja CSRF w App::special_actions() dla żądań POST - Regeneracja tokenu po udanym logowaniu (bezpośrednia i przez 2FA) - Fix XSS: htmlspecialchars na $alert w unlogged-layout.php - 7 nowych testów CsrfTokenTest (817 testów łącznie) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
84 lines
2.9 KiB
PHP
84 lines
2.9 KiB
PHP
<?php
|
|
/**
|
|
* Bootstrap dla testów PHPUnit
|
|
*/
|
|
|
|
// Załaduj Composer autoloader (jeśli istnieje)
|
|
if (file_exists(__DIR__ . '/../vendor/autoload.php')) {
|
|
require_once __DIR__ . '/../vendor/autoload.php';
|
|
} else {
|
|
// Ręczny autoloader PSR-4 dla autoload/
|
|
spl_autoload_register(function ($class) {
|
|
$prefixes = [
|
|
'Domain\\' => __DIR__ . '/../autoload/Domain/',
|
|
'admin\\Controllers\\' => __DIR__ . '/../autoload/admin/Controllers/',
|
|
'front\\Controllers\\' => __DIR__ . '/../autoload/front/Controllers/',
|
|
'admin\\Support\\Forms\\' => __DIR__ . '/../autoload/admin/Support/Forms/',
|
|
'admin\\ViewModels\\Forms\\' => __DIR__ . '/../autoload/admin/ViewModels/Forms/',
|
|
'admin\\Validation\\' => __DIR__ . '/../autoload/admin/Validation/',
|
|
'api\\' => __DIR__ . '/../autoload/api/',
|
|
'Shared\\Security\\' => __DIR__ . '/../autoload/Shared/Security/',
|
|
];
|
|
|
|
foreach ($prefixes as $prefix => $baseDir) {
|
|
$len = strlen($prefix);
|
|
if (strncmp($prefix, $class, $len) === 0) {
|
|
$relativeClass = substr($class, $len);
|
|
$file = $baseDir . str_replace('\\', '/', $relativeClass) . '.php';
|
|
if (file_exists($file)) {
|
|
require $file;
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
});
|
|
}
|
|
|
|
// Załaduj Medoo
|
|
require_once __DIR__ . '/../libraries/medoo/medoo.php';
|
|
|
|
// Ustaw timezone
|
|
date_default_timezone_set('Europe/Warsaw');
|
|
|
|
// Stuby klas systemowych (nie dostępnych w testach unit)
|
|
if (!class_exists('Shared\\Helpers\\Helpers')) {
|
|
require_once __DIR__ . '/stubs/Helpers.php';
|
|
}
|
|
|
|
if (!class_exists('Shared\\Cache\\RedisConnection')) {
|
|
class RedisConnection {
|
|
private static $instance;
|
|
public static function getInstance() {
|
|
if (!self::$instance) self::$instance = new self();
|
|
return self::$instance;
|
|
}
|
|
public function getConnection() { return null; }
|
|
}
|
|
class_alias('RedisConnection', 'Shared\\Cache\\RedisConnection');
|
|
}
|
|
|
|
if (!class_exists('Redis')) {
|
|
class Redis {
|
|
public function flushAll() { return true; }
|
|
public function get($key) { return null; }
|
|
public function set($key, $value) { return true; }
|
|
public function del($key) { return 1; }
|
|
public function keys($pattern) { return []; }
|
|
}
|
|
}
|
|
|
|
if (!class_exists('Shared\\Cache\\CacheHandler')) {
|
|
class CacheHandler {
|
|
public function get($key) { return null; }
|
|
public function set($key, $value, $ttl = 86400) {}
|
|
public function exists($key) { return false; }
|
|
public function delete($key) {}
|
|
public function deletePattern($pattern) {}
|
|
}
|
|
class_alias('CacheHandler', 'Shared\\Cache\\CacheHandler');
|
|
}
|
|
|
|
if (!class_exists('shop\\Product')) {
|
|
require_once __DIR__ . '/stubs/ShopProduct.php';
|
|
}
|