Project-Pro/vidok.com
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cf1a0adb0b04ea3e89f0ac0b3b4aaffb1e4e27b7
vidok.com/.paul/codebase/architecture.md
Jacek Pyziak cf1a0adb0b docs: map existing codebase 
- stack.md (68 lines) - PHP/MySQL/Apache stack, vendored libraries
- architecture.md (131 lines) - Custom MVC CMS, dual-layer (front/admin)
- structure.md (170 lines) - Directory layout and conventions
- conventions.md (98 lines) - PHP snake_case, SCSS $c/$f prefixes, jQuery patterns
- testing.md (49 lines) - No automated tests detected
- integrations.md (111 lines) - Google Maps, PHPMailer, Pixieset, Facebook
- concerns.md (150 lines) - Critical security issues: hardcoded creds, MD5, unserialize
- db_schema.md (260 lines) - ~32 tables with pp_ prefix, inferred from source
- tech_changelog.md (9 lines) - Initial log entry

Co-Authored-By: Claude <noreply@anthropic.com>
2026-05-05 22:02:04 +02:00

6.9 KiB
Raw Blame History

Architecture

Analysis Date: 2026-05-05

Pattern Overview

Overall: Custom MVC CMS (Content Management System) — dual-layer monolith

Key Characteristics:

  • Two distinct application layers: public frontend and admin panel
  • Namespace-based class autoloading (no Composer PSR-4, custom autoloader)
  • Factory (Model) + Controls (Controller) + View separation per layer
  • Medoo ORM for all database operations
  • Apache .htaccess URL rewriting for routing
  • Template engine (Tpl class) for view rendering with PHP template files
  • Plugin hook system for extensibility without modifying core

Layers

Frontend Layer (front namespace):

  • Purpose: Serve public website to visitors
  • Contains: Route handlers, page rendering, form processing
  • Controls: autoload/front/controls/ — URL parsing, request dispatch
  • Factory: autoload/front/factory/ — database queries, data retrieval
  • View: autoload/front/view/ — HTML generation
  • Templates: templates/, templates_user/ (user overrides take precedence)
  • Entry: index.php

Admin Panel Layer (admin namespace):

  • Purpose: CMS content management interface for editors
  • Contains: CRUD operations for all content types, user management
  • Controls: autoload/admin/controls/ — admin action handlers
  • Factory: autoload/admin/factory/ — admin database operations
  • View: autoload/admin/view/ — admin UI rendering
  • Templates: admin/templates/ organized by module (articles, pages, users, etc.)
  • Entry: admin/index.php

Core/Shared Layer (root autoload/):

  • Purpose: Utilities and helpers shared by both layers
  • Key classes:
    • autoload/class.S.php — static helpers (1328 lines): images, cache, sessions, email, DB utils
    • autoload/class.Tpl.php — template engine (loads/renders PHP template files)
    • autoload/class.Cache.php — session-based caching
    • autoload/class.Html.php — HTML generation helpers
    • autoload/class.Image.php — image processing (WebP conversion)

Database Layer:

  • Medoo ORM (libraries/medoo/medoo.php) — all DB access
  • MySQL with pp_ prefixed tables (~32 tables)
  • Configuration in config.php

Data Flow

Frontend Page Request:

  1. HTTP request hits Apache — .htaccess rewrites URL to index.php query params
  2. index.php — initializes autoloader, session, Medoo DB instance, loads config.php
  3. \front\controls\Site::check_url_params() — parses ?a= (action) and ?id= (resource ID)
  4. Language loaded from session (current-lang), global settings from pp_settings
  5. Page determined from pp_pages and pp_layouts tables
  6. \front\view\Site::show() — assembles layout HTML
  7. Layout HTML has placeholders ([MENU:id], [ARTYKULY:id], [KONTENER:id]) replaced at runtime
  8. Tpl::view() renders PHP template files into final HTML
  9. Optional: page-level cache stored/served, WebP images generated

Admin Panel Request:

  1. Request hits admin/index.php.htaccess routes /admin/module/action/
  2. Session check + optional cookie-based auto-login
  3. \admin\factory\Users::check_privileges() — access control verification
  4. Route parsed: module and action determine which class/method to call
  5. Factory methods perform DB operations (Medoo queries)
  6. Grid library or Tpl::view() renders response

AJAX Request:

  1. ajax.php (frontend) or admin/ajax.php (admin) receives request
  2. ?a=action parameter dispatches to appropriate handler
  3. Returns JSON response
  4. Examples: contact_form, cookie_close, inline-edit-save, pixieset_*

State Management:

  • Session-based: language preference, admin auth, inline-edit mode (front-devel)
  • Database: all persistent content state
  • File cache: WebP images in cache/ directory
  • Session cache: page data via \Cache class

Key Abstractions

Factory (Model):

  • Purpose: Database operations for a content domain
  • Pattern: Static methods on classes (not instantiated)
  • Location: autoload/front/factory/class.*.php, autoload/admin/factory/class.*.php
  • Examples: \admin\factory\Articles, \front\factory\Newsletter
  • Methods: article_details(), articles_list(), article_save(), article_delete()

Controls (Controller):

  • Purpose: Handle requests, validate input, call factories, pass to views
  • Pattern: Static methods, namespaced by layer
  • Location: autoload/front/controls/class.*.php, autoload/admin/controls/class.*.php

View:

  • Purpose: Generate HTML for frontend or admin
  • Pattern: Static methods that load templates via Tpl::view()
  • Location: autoload/front/view/class.*.php, autoload/admin/view/class.*.php

Template System:

  • Tpl::view() — loads PHP template file, passes variables, captures output
  • Fallback: templates_user/ (custom) overrides templates/ (default)
  • Layout placeholders: [MENU:id], [ARTYKULY:id], [KONTENER:id], [BANERY], [NEWSLETTER], [WIDGET_TELEFON], [MAPA]...[/MAPA]

Plugin Hooks:

  • plugins/special-actions.php — early hooks
  • plugins/special-actions-middle.php — contact forms, file uploads, reCAPTCHA
  • plugins/special-actions-end.php — late hooks

Entry Points

Frontend:

  • index.php — primary public entry point; bootstraps app, calls \front\view\Site::show()
  • ajax.php — AJAX handler for contact forms, cookie consent, gallery actions, inline editing

Admin Panel:

  • admin/index.php — admin entry; handles auth, routes to admin controls/views
  • admin/ajax.php — admin AJAX handler

API:

  • api/contact_map.php — JSON API for contact/location map data
  • download.php — secure file download for article attachments
  • get_file.php — PDF/document download wrapper

Error Handling

Strategy: Inconsistent — errors largely suppressed rather than handled

Patterns:

  • error_reporting(0) in admin/ajax.php, admin/index.php — all errors silenced
  • error_reporting(E_ALL ^ E_NOTICE ^ E_STRICT ^ E_WARNING ^ E_DEPRECATED) in frontend entry points
  • No try/catch blocks in most factory methods
  • No global exception handler
  • Failed DB operations silently return null or empty array

Cross-Cutting Concerns

Caching:

  • \Cache::fetch() / \Cache::store() — session-based page data cache
  • \S::delete_cache() — invalidates cache on content changes
  • WebP image generation + file caching in cache/

Multi-language:

  • All content tables have _langs counterpart (e.g., pp_articles_langs, pp_pages_langs)
  • Language ID loaded per request from session and pp_langs table
  • Language strings managed in pp_langs_translations

Inline Editing (Developer Mode):

  • When front-devel session is set, pages render with contenteditable="true"
  • Saves edits back to pp_layouts.html via ajax.php?a=inline-edit-save

Authentication:

  • Admin only — no frontend user auth
  • Session-based with IP validation
  • Cookie-based "remember me" with auto-login
  • Privilege system: pp_users_privileges junction table

Architecture analysis: 2026-05-05 Update when major patterns change

Reference in New Issue View Git Blame Copy Permalink