Project-Pro/shopPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
265 Commits 1 Branch 52 Tags
0677e75b2598500da008d11612d0cf1b7d652b72
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jacek 0677e75b25 security: faza 4 - ochrona CSRF panelu administracyjnego 
- Nowa klasa \Shared\Security\CsrfToken (generate/validate/regenerate)
- Token CSRF we wszystkich formularzach edycji (form-edit.php)
- Walidacja CSRF w FormRequestHandler::handleSubmit()
- Token CSRF w formularzu logowania i formularzach 2FA
- Walidacja CSRF w App::special_actions() dla żądań POST
- Regeneracja tokenu po udanym logowaniu (bezpośrednia i przez 2FA)
- Fix XSS: htmlspecialchars na $alert w unlogged-layout.php
- 7 nowych testów CsrfTokenTest (817 testów łącznie)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-12 10:06:40 +01:00
.claude
feat: update workflow documentation and add release process steps
2026-03-10 23:33:52 +01:00
.serena
feat: update workflow documentation and add release process steps
2026-03-10 23:33:52 +01:00
.vscode
feat: Implement cron job queue system based on database
2026-02-23 15:22:41 +01:00
admin
security: faza 4 - ochrona CSRF panelu administracyjnego
2026-03-12 10:06:40 +01:00
api/v1
Zaktualizowano zapytanie o obraz produktu, aby sortować wyniki według kolejności.
2025-04-09 23:44:07 +02:00
api-docs
feat(api): Introduce shopPRO API documentation and endpoints
2026-03-08 10:29:06 +01:00
autoload
security: faza 4 - ochrona CSRF panelu administracyjnego
2026-03-12 10:06:40 +01:00
cron
ver. 0.280: Articles frontend migration, class.Article removal, Settings facade cleanup
2026-02-16 15:52:03 +01:00
docs
security: faza 4 - ochrona CSRF panelu administracyjnego
2026-03-12 10:06:40 +01:00
images/system
first commit
2024-10-23 13:44:50 +02:00
layout
ver. 0.305: Fix permutation attribute sorting + free delivery progress bar
2026-02-22 16:33:30 +01:00
libraries
security: faza 1 - usuniecie debug logu tpay, naprawa SQL i usun rb.php
2026-03-12 09:18:37 +01:00
migrations
feat: eliminate htaccess.conf, move all URL routes to pp_routes (v0.329-0.330)
2026-02-27 22:06:33 +01:00
plugins
Add two-factor authentication fields to pp_users table and update .htaccess for security
2025-12-11 23:57:22 +01:00
templates
security: faza 2 - safeUnlink() i escaping XSS w szablonach artykulow
2026-03-12 09:22:32 +01:00
tests
security: faza 4 - ochrona CSRF panelu administracyjnego
2026-03-12 10:06:40 +01:00
updates
build: ver_0.336 - error handling, try-catch Apilo, E_WARNING cron
2026-03-12 09:31:17 +01:00
upload
Dodano obsługę plików PDF w regułach dostępu w pliku .htaccess
2026-01-17 21:30:48 +01:00
.gitignore
first commit
2024-10-23 13:44:50 +02:00
.htaccess
update
2026-02-27 23:42:35 +01:00
.phpunit.result.cache
feat: ochrona przed podwójnym składaniem zamówienia (order submit token)
2026-03-10 21:50:21 +01:00
.updateignore
build: update package v0.326 — API categories/list endpoint
2026-02-27 20:17:14 +01:00
AGENTS.md
feat: update workflow documentation and add release process steps
2026-03-10 23:33:52 +01:00
ajax.php
ver. 0.293: Code review fixes — 6 repositories, 16 fixes
2026-02-19 01:07:39 +01:00
api.php
ver. 0.317: klucz API — przycisk generowania + fix zapisu
2026-02-23 23:30:41 +01:00
apilo.js
feat: enhance image preview functionality with improved event handling and state management
2026-02-09 18:23:49 +01:00
build-update.ps1
fix: broken SQL in update manifests — line-by-line instead of complete statements
2026-02-27 14:48:08 +01:00
CLAUDE.md
security: faza 4 - ochrona CSRF panelu administracyjnego
2026-03-12 10:06:40 +01:00
composer.json
feat: update PHPUnit commands in composer.json and improve update instructions format
2026-02-08 02:00:02 +01:00
composer.lock
Add new version 0.238 zip file containing updated ProductRepository and Product class files
2026-02-05 01:53:28 +01:00
config.php
Add configuration for cron key and document code style conventions
2026-02-27 14:57:02 +01:00
cron-turstmate.php
ver. 0.294: Remove all 12 legacy autoload/shop/ classes (~2363 lines)
2026-02-18 02:05:39 +01:00
cron.php
security: faza 3 - error handling w krytycznych sciezkach
2026-03-12 09:30:23 +01:00
devel.html
update
2025-08-12 23:40:25 +02:00
download.php
ver. 0.283: Legacy class cleanup — S, Html, Email, Image, Log, Mobile_Detect → Shared namespace
2026-02-16 23:06:06 +01:00
google-feed.xml
first commit
2024-10-23 13:44:50 +02:00
index.php
security: faza 1 - usuniecie debug logu tpay, naprawa SQL i usun rb.php
2026-03-12 09:18:37 +01:00
output.txt
first commit
2024-10-23 13:44:50 +02:00
phpunit.phar
Add new version 0.238 zip file containing updated ProductRepository and Product class files
2026-02-05 01:53:28 +01:00
phpunit.xml
Add new version 0.238 zip file containing updated ProductRepository and Product class files
2026-02-05 01:53:28 +01:00
product-img-save.php
Update structure
2026-01-15 13:51:21 +01:00
product-img-upl.php
Update structure
2026-01-15 13:51:21 +01:00
robots.txt
first commit
2024-10-23 13:44:50 +02:00
sitemap.xml
first commit
2024-10-23 13:44:50 +02:00
Description
No description provided
95 MiB
Languages
JavaScript 44.9%
PHP 31.9%
CSS 10.9%
Less 7.1%
HTML 2.6%
Other 2.5%