Compare commits
21 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
4b089b4e84
|
|||
|
d78a82c14c
|
|||
|
d504f1d5bb
|
|||
|
5534f10cee
|
|||
|
c1fe1bb0e0
|
|||
|
ee7d9623a3
|
|||
|
ecec258a64
|
|||
|
66040d69db
|
|||
|
fc2de8e1ab
|
|||
6cb90d5ea2
|
|||
|
e67afc401b
|
|||
|
e59d627080
|
|||
|
3acca19d49
|
|||
|
2226b88a88
|
|||
|
8e08b09ae8
|
|||
|
a3bce1f2aa
|
|||
|
a84d3a3976
|
|||
|
7210b24aa3
|
|||
|
2d48f20aed
|
|||
|
ebe1fa2aa6
|
|||
|
bccee89c13
|
@ -1,4 +1,4 @@
|
||||
FROM php:7.4.7-cli-buster
|
||||
FROM php:8.1-cli-bookworm
|
||||
|
||||
RUN apt-get update && apt-get install -y unzip
|
||||
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
|
||||
|
||||
@ -5,12 +5,12 @@
|
||||
"license": "GNU GPL 3.0",
|
||||
"require": {
|
||||
"vlucas/phpdotenv": "^5.5",
|
||||
"symfony/console": "^5.4",
|
||||
"symfony/console": "^6.3",
|
||||
"phpmailer/phpmailer": "^6.8",
|
||||
"cocur/slugify": "^4.3"
|
||||
"cocur/slugify": "^4.5"
|
||||
},
|
||||
"require-dev": {
|
||||
"phpunit/phpunit": "^9.6",
|
||||
"phpunit/phpunit": "^10.3",
|
||||
"phpstan/phpstan": "^1.10"
|
||||
},
|
||||
"autoload": {
|
||||
|
||||
934
composer.lock
generated
934
composer.lock
generated
File diff suppressed because it is too large
Load Diff
@ -4,51 +4,57 @@ use SokoWeb\Interfaces\Database\IConnection;
|
||||
use SokoWeb\Interfaces\Database\IResultSet;
|
||||
use SokoWeb\Interfaces\Database\IStatement;
|
||||
use mysqli;
|
||||
use DateTime;
|
||||
use DateTimeZone;
|
||||
|
||||
class Connection implements IConnection
|
||||
{
|
||||
private mysqli $connection;
|
||||
private string $host;
|
||||
private string $user;
|
||||
private string $password;
|
||||
private string $db;
|
||||
private int $port;
|
||||
private string $socket;
|
||||
private ?mysqli $connection = null;
|
||||
|
||||
public function __construct(string $host, string $user, string $password, string $db, int $port = -1, string $socket = null)
|
||||
{
|
||||
if ($port < 0) {
|
||||
$port = (int) ini_get('mysqli.default_port');
|
||||
}
|
||||
|
||||
if ($socket === null) {
|
||||
$socket = (string) ini_get('mysqli.default_socket');
|
||||
}
|
||||
|
||||
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
|
||||
$this->connection = new mysqli($host, $user, $password, $db, $port, $socket);
|
||||
$this->connection->set_charset('utf8mb4');
|
||||
$this->host = $host;
|
||||
$this->user = $user;
|
||||
$this->password = $password;
|
||||
$this->db = $db;
|
||||
$this->port = $port < 0 ? (int) ini_get('mysqli.default_port') : $port;
|
||||
$this->socket = $socket === null ? (string) ini_get('mysqli.default_socket') : $socket;
|
||||
}
|
||||
|
||||
public function __destruct()
|
||||
{
|
||||
if ($this->connection === null) {
|
||||
return;
|
||||
}
|
||||
$this->connection->close();
|
||||
}
|
||||
|
||||
public function startTransaction(): void
|
||||
{
|
||||
$this->connection->autocommit(false);
|
||||
$this->getConnection()->autocommit(false);
|
||||
}
|
||||
|
||||
public function commit(): void
|
||||
{
|
||||
$this->connection->commit();
|
||||
$this->connection->autocommit(true);
|
||||
$this->getConnection()->commit();
|
||||
$this->getConnection()->autocommit(true);
|
||||
}
|
||||
|
||||
public function rollback(): void
|
||||
{
|
||||
$this->connection->rollback();
|
||||
$this->connection->autocommit(true);
|
||||
$this->getConnection()->rollback();
|
||||
$this->getConnection()->autocommit(true);
|
||||
}
|
||||
|
||||
public function query(string $query): ?IResultSet
|
||||
{
|
||||
$result = $this->connection->query($query);
|
||||
$result = $this->getConnection()->query($query);
|
||||
|
||||
if ($result !== true) {
|
||||
return new ResultSet($result);
|
||||
@ -59,36 +65,62 @@ class Connection implements IConnection
|
||||
|
||||
public function multiQuery(string $query): array
|
||||
{
|
||||
$this->connection->multi_query($query);
|
||||
$this->getConnection()->multi_query($query);
|
||||
|
||||
$ret = [];
|
||||
do {
|
||||
if ($result = $this->connection->store_result()) {
|
||||
if ($result = $this->getConnection()->store_result()) {
|
||||
$ret[] = new ResultSet($result);
|
||||
} else {
|
||||
$ret[] = null;
|
||||
}
|
||||
|
||||
$this->connection->more_results();
|
||||
} while ($this->connection->next_result());
|
||||
$this->getConnection()->more_results();
|
||||
} while ($this->getConnection()->next_result());
|
||||
|
||||
return $ret;
|
||||
}
|
||||
|
||||
public function prepare(string $query): IStatement
|
||||
{
|
||||
$stmt = $this->connection->prepare($query);
|
||||
$stmt = $this->getConnection()->prepare($query);
|
||||
|
||||
return new Statement($stmt);
|
||||
}
|
||||
|
||||
public function lastId(): int
|
||||
{
|
||||
return $this->connection->insert_id;
|
||||
return $this->getConnection()->insert_id;
|
||||
}
|
||||
|
||||
public function getAffectedRows(): int
|
||||
{
|
||||
return $this->connection->affected_rows;
|
||||
return $this->getConnection()->affected_rows;
|
||||
}
|
||||
|
||||
private function getConnection(): mysqli
|
||||
{
|
||||
if ($this->connection === null) {
|
||||
$this->createConnection();
|
||||
}
|
||||
return $this->connection;
|
||||
}
|
||||
|
||||
private function createConnection(): void
|
||||
{
|
||||
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
|
||||
$this->connection = new mysqli($this->host, $this->user, $this->password, $this->db, $this->port, $this->socket);
|
||||
$this->connection->set_charset('utf8mb4');
|
||||
$this->connection->query('SET time_zone = \'' . $this->getTimeZone() . '\'');
|
||||
}
|
||||
|
||||
private function getTimeZone(): string {
|
||||
$tz = new DateTimeZone(date_default_timezone_get());
|
||||
$offset = $tz->getOffset(new DateTime('now', new DateTimeZone('UTC')));
|
||||
|
||||
$hours = intdiv($offset, 3600);
|
||||
$minutes = abs(($offset % 3600) / 60);
|
||||
|
||||
return sprintf("%+03d:%02d", $hours, $minutes);
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,13 +7,15 @@ class Request implements IRequest
|
||||
{
|
||||
private string $url;
|
||||
|
||||
private int $method;
|
||||
private ?string $method = null;
|
||||
|
||||
private string $query = '';
|
||||
|
||||
private ?string $body = null;
|
||||
|
||||
private array $headers = [];
|
||||
|
||||
public function __construct(string $url = '', int $method = self::HTTP_GET)
|
||||
public function __construct(string $url = '', ?string $method = null)
|
||||
{
|
||||
$this->url = $url;
|
||||
$this->method = $method;
|
||||
@ -24,7 +26,7 @@ class Request implements IRequest
|
||||
$this->url = $url;
|
||||
}
|
||||
|
||||
public function setMethod(int $method): void
|
||||
public function setMethod(string $method): void
|
||||
{
|
||||
$this->method = $method;
|
||||
}
|
||||
@ -38,6 +40,11 @@ class Request implements IRequest
|
||||
}
|
||||
}
|
||||
|
||||
public function setBody(string $body): void
|
||||
{
|
||||
$this->body = $body;
|
||||
}
|
||||
|
||||
public function setHeaders(array $headers): void
|
||||
{
|
||||
$this->headers = array_merge($this->headers, $headers);
|
||||
@ -47,13 +54,20 @@ class Request implements IRequest
|
||||
{
|
||||
$ch = curl_init();
|
||||
|
||||
if ($this->method === self::HTTP_POST) {
|
||||
$url = $this->url;
|
||||
$url = $this->url . '?' . $this->query;
|
||||
|
||||
curl_setopt($ch, CURLOPT_POST, 1);
|
||||
curl_setopt($ch, CURLOPT_POSTFIELDS, $this->query);
|
||||
} else {
|
||||
$url = $this->url . '?' . $this->query;
|
||||
if ($this->body !== null) {
|
||||
if ($this->method === null) {
|
||||
$this->method = self::HTTP_POST;
|
||||
}
|
||||
|
||||
if ($this->method === self::HTTP_POST) {
|
||||
curl_setopt($ch, CURLOPT_POST, 1);
|
||||
} else {
|
||||
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $this->method);
|
||||
}
|
||||
|
||||
curl_setopt($ch, CURLOPT_POSTFIELDS, $this->body);
|
||||
}
|
||||
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
|
||||
@ -2,16 +2,24 @@
|
||||
|
||||
interface IRequest
|
||||
{
|
||||
const HTTP_GET = 0;
|
||||
const HTTP_GET = 'GET';
|
||||
|
||||
const HTTP_POST = 1;
|
||||
const HTTP_POST = 'POST';
|
||||
|
||||
const HTTP_PUT = 'PUT';
|
||||
|
||||
const HTTP_PATCH = 'PATCH';
|
||||
|
||||
const HTTP_DELETE = 'DELETE';
|
||||
|
||||
public function setUrl(string $url): void;
|
||||
|
||||
public function setMethod(int $method): void;
|
||||
public function setMethod(string $method): void;
|
||||
|
||||
public function setQuery($query): void;
|
||||
|
||||
public function setBody(string $body): void;
|
||||
|
||||
public function setHeaders(array $headers): void;
|
||||
|
||||
public function send(): IResponse;
|
||||
|
||||
@ -29,13 +29,6 @@ class Mail
|
||||
{
|
||||
$this->body = file_get_contents(ROOT . '/mail/' . $template . '.html');
|
||||
|
||||
$baseParameters = [
|
||||
'APP_NAME' => $_ENV['APP_NAME'],
|
||||
'BASE_URL' => $_ENV['APP_URL'],
|
||||
];
|
||||
|
||||
$params = array_merge($baseParameters, $params);
|
||||
|
||||
foreach ($params as $key => $param) {
|
||||
$this->body = str_replace('{{' . $key . '}}', $param, $this->body);
|
||||
}
|
||||
@ -51,8 +44,10 @@ class Mail
|
||||
if (!empty($_ENV['MAIL_HOST'])) {
|
||||
$mailer->Mailer = 'smtp';
|
||||
$mailer->Host = $_ENV['MAIL_HOST'];
|
||||
$mailer->Port = !empty($_ENV['MAIL_PORT']) ? $_ENV['MAIL_PORT'] : 25;
|
||||
$mailer->SMTPSecure = !empty($_ENV['MAIL_SECURE']) ? $_ENV['MAIL_SECURE'] : '';
|
||||
$mailer->Port = !empty($_ENV['MAIL_PORT']) ? $_ENV['MAIL_PORT'] : 587;
|
||||
|
||||
$secureMaping = ['none' => '', 'starttls' => PHPMailer::ENCRYPTION_STARTTLS, 'smtps' => PHPMailer::ENCRYPTION_SMTPS];
|
||||
$mailer->SMTPSecure = !empty($_ENV['MAIL_SECURE']) ? $secureMaping[$_ENV['MAIL_SECURE']] : '';
|
||||
|
||||
if (!empty($_ENV['MAIL_USER'])) {
|
||||
$mailer->SMTPAuth = true;
|
||||
|
||||
@ -6,12 +6,12 @@ use SokoWeb\Interfaces\Response\IRedirect;
|
||||
use SokoWeb\Interfaces\Response\IContent;
|
||||
use SokoWeb\Interfaces\Authentication\IAuthenticationRequired;
|
||||
use SokoWeb\Interfaces\Authorization\ISecured;
|
||||
use SokoWeb\Interfaces\Routing\IRouteCollection;
|
||||
use SokoWeb\Interfaces\Database\IConnection;
|
||||
use SokoWeb\Interfaces\Request\IRequest;
|
||||
use SokoWeb\Response\Redirect;
|
||||
use SokoWeb\Response\HtmlContent;
|
||||
use SokoWeb\Response\JsonContent;
|
||||
use SokoWeb\Routing\RouteCollection;
|
||||
|
||||
class HttpResponse
|
||||
{
|
||||
@ -19,7 +19,7 @@ class HttpResponse
|
||||
|
||||
private IConnection $dbConnection;
|
||||
|
||||
private RouteCollection $routeCollection;
|
||||
private IRouteCollection $routeCollection;
|
||||
|
||||
private array $appConfig;
|
||||
|
||||
@ -32,7 +32,7 @@ class HttpResponse
|
||||
public function __construct(
|
||||
IRequest $request,
|
||||
IConnection $dbConnection,
|
||||
RouteCollection $routeCollection,
|
||||
IRouteCollection $routeCollection,
|
||||
array $appConfig,
|
||||
string $requestMethod,
|
||||
string $requestUrl
|
||||
@ -55,6 +55,11 @@ class HttpResponse
|
||||
|
||||
public function render(): void
|
||||
{
|
||||
$this->handleCors();
|
||||
if ($this->method === 'options') {
|
||||
return;
|
||||
}
|
||||
|
||||
$match = $this->routeCollection->match($this->method, $this->parsedUrl['path']);
|
||||
if ($match === null) {
|
||||
$this->render404();
|
||||
@ -94,6 +99,7 @@ class HttpResponse
|
||||
$response = call_user_func([$controller, $handler[1]]);
|
||||
} catch (Exception $exception) {
|
||||
$this->dbConnection->rollback();
|
||||
error_log($exception);
|
||||
$this->render500($exception);
|
||||
return;
|
||||
}
|
||||
@ -109,10 +115,63 @@ class HttpResponse
|
||||
}
|
||||
}
|
||||
|
||||
private function handleCors(): void
|
||||
{
|
||||
$origin = $this->request->header('Origin');
|
||||
if (!$origin) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (isset($this->appConfig['cors']['allow_origins'])) {
|
||||
if (in_array($origin, $this->appConfig['cors']['allow_origins']) || in_array('*', $this->appConfig['cors']['allow_origins'])) {
|
||||
header("Access-Control-Allow-Origin: {$origin}");
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($this->appConfig['cors']['allow_credentials'])) {
|
||||
header('Access-Control-Allow-Credentials: true');
|
||||
}
|
||||
|
||||
if ($this->method !== 'options') {
|
||||
return;
|
||||
}
|
||||
|
||||
if (isset($this->appConfig['cors']['allow_headers'])) {
|
||||
$headers = explode(',', $this->request->header('Access-Control-Request-Headers'));
|
||||
if (in_array('*', $this->appConfig['cors']['allow_headers'])) {
|
||||
$allow_headers = $headers;
|
||||
} else {
|
||||
$allow_headers = array_intersect($this->appConfig['cors']['allow_headers'], $headers);
|
||||
}
|
||||
|
||||
if (count($allow_headers) > 0) {
|
||||
header('Access-Control-Allow-Headers: ' . join(', ', $allow_headers));
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($this->appConfig['cors']['allow_methods'])) {
|
||||
if (in_array('*', $this->appConfig['cors']['allow_methods'])) {
|
||||
$allow_methods = ['DELETE', 'GET', 'HEAD', 'OPTIONS', 'PATCH', 'POST', 'PUT'];
|
||||
} else {
|
||||
$allow_methods = $this->appConfig['cors']['allow_methods'];
|
||||
}
|
||||
|
||||
if (count($allow_methods) > 0) {
|
||||
header('Access-Control-Allow-Methods: ' . join(', ', $allow_methods));
|
||||
}
|
||||
}
|
||||
|
||||
$max_age = $this->appConfig['cors']['max_age'] ?? 600;
|
||||
header("Access-Control-Max-Age: {$max_age}");
|
||||
}
|
||||
|
||||
private function redirectToLogin(): void
|
||||
{
|
||||
$this->request->session()->set('redirect_after_login', $this->rawUrl);
|
||||
$response = new Redirect($this->routeCollection->getRoute($this->appConfig['loginRouteId'])->generateLink(), IRedirect::TEMPORARY);
|
||||
$response = new Redirect(
|
||||
$this->routeCollection->getRoute($this->appConfig['loginRouteId'])
|
||||
->generateLink(['redirect_after_login' => $this->rawUrl]),
|
||||
IRedirect::TEMPORARY);
|
||||
header('Location: ' . $this->getRedirectUrl($response), true, $response->getHttpCode());
|
||||
}
|
||||
|
||||
|
||||
@ -34,7 +34,7 @@ class Route implements IRoute
|
||||
foreach ($this->pattern as $fragment) {
|
||||
if (preg_match('/^{(\\w+)(\\?)?}$/', $fragment, $matches) === 1) {
|
||||
if (isset($parameters[$matches[1]])) {
|
||||
$link[] = $parameters[$matches[1]];
|
||||
$link[] = rawurlencode($parameters[$matches[1]]);
|
||||
unset($parameters[$matches[1]]);
|
||||
} elseif (!isset($matches[2])) {//TODO: why? parameter not found but not optional
|
||||
$link[] = $fragment;
|
||||
@ -53,7 +53,7 @@ class Route implements IRoute
|
||||
$queryParams[$key] = $value;
|
||||
}
|
||||
|
||||
$query = count($queryParams) > 0 ? '?' . http_build_query($queryParams) : '';
|
||||
$query = count($queryParams) > 0 ? '?' . http_build_query($queryParams, encoding_type: PHP_QUERY_RFC3986) : '';
|
||||
|
||||
return '/' . implode('/', $link) . $query;
|
||||
}
|
||||
@ -64,7 +64,7 @@ class Route implements IRoute
|
||||
|
||||
foreach ($path as $i => $fragment) {
|
||||
if (preg_match('/^{(\\w+)(?:\\?)?}$/', $this->pattern[$i], $matches) === 1) {
|
||||
$parameters[$matches[1]] = $fragment;
|
||||
$parameters[$matches[1]] = rawurldecode($fragment);
|
||||
} elseif ($fragment != $this->pattern[$i]) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -86,12 +86,12 @@ class DatabaseSessionHandler implements ISessionHandler
|
||||
return true;
|
||||
}
|
||||
|
||||
public function gc($maxlifetime): bool
|
||||
public function gc($maxlifetime): int|false
|
||||
{
|
||||
// empty on purpose
|
||||
// old sessions are deleted by MaintainDatabaseCommand
|
||||
|
||||
return true;
|
||||
return 1;
|
||||
}
|
||||
|
||||
public function create_sid(): string
|
||||
|
||||
@ -17,7 +17,7 @@ final class GoogleOAuthTest extends TestCase
|
||||
$redirectUrl = 'http://example.com/oauth';
|
||||
|
||||
$requestMock = $this->getMockBuilder(IRequest::class)
|
||||
->setMethods(['setUrl', 'setMethod', 'setQuery', 'setHeaders', 'send'])
|
||||
->onlyMethods(['setUrl', 'setMethod', 'setQuery', 'setHeaders', 'send'])
|
||||
->getMock();
|
||||
$googleOAuth = new GoogleOAuth($requestMock);
|
||||
|
||||
@ -48,10 +48,10 @@ final class GoogleOAuthTest extends TestCase
|
||||
$redirectUrl = 'http://example.com/oauth';
|
||||
|
||||
$requestMock = $this->getMockBuilder(IRequest::class)
|
||||
->setMethods(['setUrl', 'setMethod', 'setQuery', 'setHeaders', 'send'])
|
||||
->onlyMethods(['setUrl', 'setMethod', 'setQuery', 'setHeaders', 'send'])
|
||||
->getMock();
|
||||
$responseMock = $this->getMockBuilder(IResponse::class)
|
||||
->setMethods(['getBody', 'getHeaders'])
|
||||
->onlyMethods(['getBody', 'getHeaders'])
|
||||
->getMock();
|
||||
$googleOAuth = new GoogleOAuth($requestMock);
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user