Project-Pro/vidok.com
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
vidok.com/.paul/codebase/integrations.md
Jacek Pyziak cf1a0adb0b docs: map existing codebase 
- stack.md (68 lines) - PHP/MySQL/Apache stack, vendored libraries
- architecture.md (131 lines) - Custom MVC CMS, dual-layer (front/admin)
- structure.md (170 lines) - Directory layout and conventions
- conventions.md (98 lines) - PHP snake_case, SCSS $c/$f prefixes, jQuery patterns
- testing.md (49 lines) - No automated tests detected
- integrations.md (111 lines) - Google Maps, PHPMailer, Pixieset, Facebook
- concerns.md (150 lines) - Critical security issues: hardcoded creds, MD5, unserialize
- db_schema.md (260 lines) - ~32 tables with pp_ prefix, inferred from source
- tech_changelog.md (9 lines) - Initial log entry

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-05 22:02:04 +02:00

145 lines
5.0 KiB
Markdown
Raw Permalink Blame History

# External Integrations
**Analysis Date:** 2026-05-05
## APIs & External Services
**Maps & Geolocation:**
- Google Maps API — interactive contact/location maps on frontend
- Integration: JavaScript API via `https://maps.googleapis.com/maps/api/js?key=<key>`
- Auth: API key stored in `pp_settings` table as `google_map_key`
- Toggle: `google_maps` setting in admin settings
- Files: `templates/site/contact.php`, `admin/templates/settings/settings.php`
- geoPlugin IP Geolocation — visitor IP-to-location lookup with currency detection
- Service URL: `http://www.geoplugin.net/php.gp?ip={IP}&base_currency={CURRENCY}`
- Library: `autoload/class.geoplugin.php`
- No API key required (free service)
**Fonts & CDN Resources:**
- Google Fonts — `https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700`
- File: `admin/templates/site/main-layout.php`
- Google AJAX CDN — jQuery loaded from `//ajax.googleapis.com/ajax/libs/jquery/2.1.4/`
- File: `admin/templates/site/unlogged-layout.php`
**Social Media:**
- Facebook Likebox widget — fixed sidebar widget showing Facebook feed
- App ID: `194295077275888` (hardcoded in iframe)
- File: `templates/site/facebook.php`
**Gallery:**
- Pixieset — external photo gallery service integration
- Features: ZIP download of gallery images, mark favorites
- AJAX endpoints: `ajax.php?a=pixieset_*`
- Files: `templates/articles/article-gallery.php`, `ajax.php`
## Data Storage
**Databases:**
- MySQL 5.7+ — primary data store for all CMS content
- Connection: credentials hardcoded in `config.php` (host, user, password, dbname)
- Client: Medoo ORM (`libraries/medoo/medoo.php`)
- Table prefix: `pp_` (~32 tables)
- Migrations: None detected — schema managed manually
**File Storage:**
- Local filesystem — all user uploads stored on server
- Images: `images/` directory
- Uploads: `upload/` directory
- Temp files: `admin/temp/`
- Cache/WebP: `cache/` directory
- No cloud storage (no AWS S3, no CDN)
**Caching:**
- Session-based cache via `\Cache` class (`autoload/class.Cache.php`)
- Keys pattern: `page_details:lang:id`
- File-based WebP image cache: `cache/` directory
## Authentication & Identity
**Auth Provider:**
- Custom session-based authentication — no OAuth provider
- Implementation: `admin/index.php` (session check + cookie auto-login)
- Password storage: MD5 hashing (insecure — see concerns.md)
- Session security: IP address validation stored in `$_SESSION`
- Files: `autoload/admin/factory/class.Users.php`, `autoload/admin/class.Site.php`
**OAuth Integrations:**
- None detected
## Email & Messaging
**SMTP Mail:**
- PHPMailer — SMTP-based transactional email
- Library: `libraries/phpmailer/class.phpmailer.php`, `libraries/phpmailer/class.smtp.php`
- Config: host, port, login, password stored in `pp_settings` table
- Settings keys: `email_host`, `email_port`, `email_login`, `email_password`
- Function: `\S::send_email()` in `autoload/class.S.php`
- Used for: contact forms, newsletter delivery
**Newsletter:**
- Custom database-driven newsletter system (no Mailchimp/SendGrid)
- Templates: `pp_newsletter_templates` table
- Subscribers: `pp_newsletter` table
- Send log: `pp_newsletter_send` table
- Files: `autoload/front/factory/class.Newsletter.php`
## Analytics & Tracking
**Analytics:**
- Custom code injection — third-party analytics configured via admin settings
- Setting key: `statistic_code` (stored in `pp_settings`)
- Injection point: before `</head>` in `index.php`
- Supports: Google Analytics, Matomo, or any snippet
**Error Tracking:**
- None detected — no Sentry, Rollbar, or similar
## Security
**CAPTCHA:**
- Custom JavaScript captcha for contact forms
- Library: `libraries/jquery/captcha.js`, `libraries/jquery/captcha.css`
- Toggle: `contact_form_captcha` setting
- File: `templates/site/contact.php`
- Google reCAPTCHA — used in some contact form variants
- Secret key hardcoded in `plugins/special-actions-middle.php` (8 locations — see concerns.md)
## CI/CD & Deployment
**Hosting:**
- Shared hosting at `serwer1574995.home.pl`
- Deployment: FTP via VS Code extension (`.vscode/sftp.json`, `.vscode/ftp-kr.json`)
- No automated deployment pipeline
**CI Pipeline:**
- None detected — no GitHub Actions, no CI configuration
## Environment Configuration
**Development:**
- Required config: Database credentials in `config.php`
- No `.env` or `.env.example` — all config hardcoded
- FTP settings: `.vscode/sftp.json`
**Production:**
- Same `config.php` used for production (no environment separation)
- No staging environment detected
## Not Detected
- ❌ Payment gateways (Stripe, PayPal, Przelewy24)
- ❌ SMS services (Twilio, SMSAPI)
- ❌ Cloud storage (AWS S3, Google Cloud Storage)
- ❌ Error tracking (Sentry, Rollbar)
- ❌ OAuth / SSO providers
- ❌ Redis / Memcached
- ❌ CDN (no Cloudflare, no CloudFront)
- ❌ Webhooks (incoming or outgoing)
---
*Integration audit: 2026-05-05*
*Update when adding/removing external services*
Reference in New Issue View Git Blame Copy Permalink