Compare commits
19 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
4b089b4e84
|
|||
|
d78a82c14c
|
|||
|
d504f1d5bb
|
|||
|
5534f10cee
|
|||
|
c1fe1bb0e0
|
|||
|
ee7d9623a3
|
|||
|
ecec258a64
|
|||
|
66040d69db
|
|||
|
fc2de8e1ab
|
|||
6cb90d5ea2
|
|||
|
e67afc401b
|
|||
|
e59d627080
|
|||
|
3acca19d49
|
|||
|
2226b88a88
|
|||
|
8e08b09ae8
|
|||
|
a3bce1f2aa
|
|||
|
a84d3a3976
|
|||
|
7210b24aa3
|
|||
|
2d48f20aed
|
@ -1,4 +1,4 @@
|
|||||||
FROM php:7.4.7-cli-buster
|
FROM php:8.1-cli-bookworm
|
||||||
|
|
||||||
RUN apt-get update && apt-get install -y unzip
|
RUN apt-get update && apt-get install -y unzip
|
||||||
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
|
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
|
||||||
|
|||||||
@ -5,12 +5,12 @@
|
|||||||
"license": "GNU GPL 3.0",
|
"license": "GNU GPL 3.0",
|
||||||
"require": {
|
"require": {
|
||||||
"vlucas/phpdotenv": "^5.5",
|
"vlucas/phpdotenv": "^5.5",
|
||||||
"symfony/console": "^5.4",
|
"symfony/console": "^6.3",
|
||||||
"phpmailer/phpmailer": "^6.8",
|
"phpmailer/phpmailer": "^6.8",
|
||||||
"cocur/slugify": "^4.3"
|
"cocur/slugify": "^4.5"
|
||||||
},
|
},
|
||||||
"require-dev": {
|
"require-dev": {
|
||||||
"phpunit/phpunit": "^9.6",
|
"phpunit/phpunit": "^10.3",
|
||||||
"phpstan/phpstan": "^1.10"
|
"phpstan/phpstan": "^1.10"
|
||||||
},
|
},
|
||||||
"autoload": {
|
"autoload": {
|
||||||
|
|||||||
934
composer.lock
generated
934
composer.lock
generated
File diff suppressed because it is too large
Load Diff
@ -4,6 +4,8 @@ use SokoWeb\Interfaces\Database\IConnection;
|
|||||||
use SokoWeb\Interfaces\Database\IResultSet;
|
use SokoWeb\Interfaces\Database\IResultSet;
|
||||||
use SokoWeb\Interfaces\Database\IStatement;
|
use SokoWeb\Interfaces\Database\IStatement;
|
||||||
use mysqli;
|
use mysqli;
|
||||||
|
use DateTime;
|
||||||
|
use DateTimeZone;
|
||||||
|
|
||||||
class Connection implements IConnection
|
class Connection implements IConnection
|
||||||
{
|
{
|
||||||
@ -109,5 +111,16 @@ class Connection implements IConnection
|
|||||||
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
|
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
|
||||||
$this->connection = new mysqli($this->host, $this->user, $this->password, $this->db, $this->port, $this->socket);
|
$this->connection = new mysqli($this->host, $this->user, $this->password, $this->db, $this->port, $this->socket);
|
||||||
$this->connection->set_charset('utf8mb4');
|
$this->connection->set_charset('utf8mb4');
|
||||||
|
$this->connection->query('SET time_zone = \'' . $this->getTimeZone() . '\'');
|
||||||
|
}
|
||||||
|
|
||||||
|
private function getTimeZone(): string {
|
||||||
|
$tz = new DateTimeZone(date_default_timezone_get());
|
||||||
|
$offset = $tz->getOffset(new DateTime('now', new DateTimeZone('UTC')));
|
||||||
|
|
||||||
|
$hours = intdiv($offset, 3600);
|
||||||
|
$minutes = abs(($offset % 3600) / 60);
|
||||||
|
|
||||||
|
return sprintf("%+03d:%02d", $hours, $minutes);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -7,13 +7,15 @@ class Request implements IRequest
|
|||||||
{
|
{
|
||||||
private string $url;
|
private string $url;
|
||||||
|
|
||||||
private int $method;
|
private ?string $method = null;
|
||||||
|
|
||||||
private string $query = '';
|
private string $query = '';
|
||||||
|
|
||||||
|
private ?string $body = null;
|
||||||
|
|
||||||
private array $headers = [];
|
private array $headers = [];
|
||||||
|
|
||||||
public function __construct(string $url = '', int $method = self::HTTP_GET)
|
public function __construct(string $url = '', ?string $method = null)
|
||||||
{
|
{
|
||||||
$this->url = $url;
|
$this->url = $url;
|
||||||
$this->method = $method;
|
$this->method = $method;
|
||||||
@ -24,7 +26,7 @@ class Request implements IRequest
|
|||||||
$this->url = $url;
|
$this->url = $url;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setMethod(int $method): void
|
public function setMethod(string $method): void
|
||||||
{
|
{
|
||||||
$this->method = $method;
|
$this->method = $method;
|
||||||
}
|
}
|
||||||
@ -38,6 +40,11 @@ class Request implements IRequest
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function setBody(string $body): void
|
||||||
|
{
|
||||||
|
$this->body = $body;
|
||||||
|
}
|
||||||
|
|
||||||
public function setHeaders(array $headers): void
|
public function setHeaders(array $headers): void
|
||||||
{
|
{
|
||||||
$this->headers = array_merge($this->headers, $headers);
|
$this->headers = array_merge($this->headers, $headers);
|
||||||
@ -47,13 +54,20 @@ class Request implements IRequest
|
|||||||
{
|
{
|
||||||
$ch = curl_init();
|
$ch = curl_init();
|
||||||
|
|
||||||
if ($this->method === self::HTTP_POST) {
|
$url = $this->url . '?' . $this->query;
|
||||||
$url = $this->url;
|
|
||||||
|
|
||||||
curl_setopt($ch, CURLOPT_POST, 1);
|
if ($this->body !== null) {
|
||||||
curl_setopt($ch, CURLOPT_POSTFIELDS, $this->query);
|
if ($this->method === null) {
|
||||||
} else {
|
$this->method = self::HTTP_POST;
|
||||||
$url = $this->url . '?' . $this->query;
|
}
|
||||||
|
|
||||||
|
if ($this->method === self::HTTP_POST) {
|
||||||
|
curl_setopt($ch, CURLOPT_POST, 1);
|
||||||
|
} else {
|
||||||
|
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $this->method);
|
||||||
|
}
|
||||||
|
|
||||||
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $this->body);
|
||||||
}
|
}
|
||||||
|
|
||||||
curl_setopt($ch, CURLOPT_URL, $url);
|
curl_setopt($ch, CURLOPT_URL, $url);
|
||||||
|
|||||||
@ -2,16 +2,24 @@
|
|||||||
|
|
||||||
interface IRequest
|
interface IRequest
|
||||||
{
|
{
|
||||||
const HTTP_GET = 0;
|
const HTTP_GET = 'GET';
|
||||||
|
|
||||||
const HTTP_POST = 1;
|
const HTTP_POST = 'POST';
|
||||||
|
|
||||||
|
const HTTP_PUT = 'PUT';
|
||||||
|
|
||||||
|
const HTTP_PATCH = 'PATCH';
|
||||||
|
|
||||||
|
const HTTP_DELETE = 'DELETE';
|
||||||
|
|
||||||
public function setUrl(string $url): void;
|
public function setUrl(string $url): void;
|
||||||
|
|
||||||
public function setMethod(int $method): void;
|
public function setMethod(string $method): void;
|
||||||
|
|
||||||
public function setQuery($query): void;
|
public function setQuery($query): void;
|
||||||
|
|
||||||
|
public function setBody(string $body): void;
|
||||||
|
|
||||||
public function setHeaders(array $headers): void;
|
public function setHeaders(array $headers): void;
|
||||||
|
|
||||||
public function send(): IResponse;
|
public function send(): IResponse;
|
||||||
|
|||||||
@ -29,13 +29,6 @@ class Mail
|
|||||||
{
|
{
|
||||||
$this->body = file_get_contents(ROOT . '/mail/' . $template . '.html');
|
$this->body = file_get_contents(ROOT . '/mail/' . $template . '.html');
|
||||||
|
|
||||||
$baseParameters = [
|
|
||||||
'APP_NAME' => $_ENV['APP_NAME'],
|
|
||||||
'BASE_URL' => $_ENV['APP_URL'],
|
|
||||||
];
|
|
||||||
|
|
||||||
$params = array_merge($baseParameters, $params);
|
|
||||||
|
|
||||||
foreach ($params as $key => $param) {
|
foreach ($params as $key => $param) {
|
||||||
$this->body = str_replace('{{' . $key . '}}', $param, $this->body);
|
$this->body = str_replace('{{' . $key . '}}', $param, $this->body);
|
||||||
}
|
}
|
||||||
@ -51,8 +44,10 @@ class Mail
|
|||||||
if (!empty($_ENV['MAIL_HOST'])) {
|
if (!empty($_ENV['MAIL_HOST'])) {
|
||||||
$mailer->Mailer = 'smtp';
|
$mailer->Mailer = 'smtp';
|
||||||
$mailer->Host = $_ENV['MAIL_HOST'];
|
$mailer->Host = $_ENV['MAIL_HOST'];
|
||||||
$mailer->Port = !empty($_ENV['MAIL_PORT']) ? $_ENV['MAIL_PORT'] : 25;
|
$mailer->Port = !empty($_ENV['MAIL_PORT']) ? $_ENV['MAIL_PORT'] : 587;
|
||||||
$mailer->SMTPSecure = !empty($_ENV['MAIL_SECURE']) ? $_ENV['MAIL_SECURE'] : '';
|
|
||||||
|
$secureMaping = ['none' => '', 'starttls' => PHPMailer::ENCRYPTION_STARTTLS, 'smtps' => PHPMailer::ENCRYPTION_SMTPS];
|
||||||
|
$mailer->SMTPSecure = !empty($_ENV['MAIL_SECURE']) ? $secureMaping[$_ENV['MAIL_SECURE']] : '';
|
||||||
|
|
||||||
if (!empty($_ENV['MAIL_USER'])) {
|
if (!empty($_ENV['MAIL_USER'])) {
|
||||||
$mailer->SMTPAuth = true;
|
$mailer->SMTPAuth = true;
|
||||||
|
|||||||
@ -6,12 +6,12 @@ use SokoWeb\Interfaces\Response\IRedirect;
|
|||||||
use SokoWeb\Interfaces\Response\IContent;
|
use SokoWeb\Interfaces\Response\IContent;
|
||||||
use SokoWeb\Interfaces\Authentication\IAuthenticationRequired;
|
use SokoWeb\Interfaces\Authentication\IAuthenticationRequired;
|
||||||
use SokoWeb\Interfaces\Authorization\ISecured;
|
use SokoWeb\Interfaces\Authorization\ISecured;
|
||||||
|
use SokoWeb\Interfaces\Routing\IRouteCollection;
|
||||||
use SokoWeb\Interfaces\Database\IConnection;
|
use SokoWeb\Interfaces\Database\IConnection;
|
||||||
use SokoWeb\Interfaces\Request\IRequest;
|
use SokoWeb\Interfaces\Request\IRequest;
|
||||||
use SokoWeb\Response\Redirect;
|
use SokoWeb\Response\Redirect;
|
||||||
use SokoWeb\Response\HtmlContent;
|
use SokoWeb\Response\HtmlContent;
|
||||||
use SokoWeb\Response\JsonContent;
|
use SokoWeb\Response\JsonContent;
|
||||||
use SokoWeb\Routing\RouteCollection;
|
|
||||||
|
|
||||||
class HttpResponse
|
class HttpResponse
|
||||||
{
|
{
|
||||||
@ -19,7 +19,7 @@ class HttpResponse
|
|||||||
|
|
||||||
private IConnection $dbConnection;
|
private IConnection $dbConnection;
|
||||||
|
|
||||||
private RouteCollection $routeCollection;
|
private IRouteCollection $routeCollection;
|
||||||
|
|
||||||
private array $appConfig;
|
private array $appConfig;
|
||||||
|
|
||||||
@ -32,7 +32,7 @@ class HttpResponse
|
|||||||
public function __construct(
|
public function __construct(
|
||||||
IRequest $request,
|
IRequest $request,
|
||||||
IConnection $dbConnection,
|
IConnection $dbConnection,
|
||||||
RouteCollection $routeCollection,
|
IRouteCollection $routeCollection,
|
||||||
array $appConfig,
|
array $appConfig,
|
||||||
string $requestMethod,
|
string $requestMethod,
|
||||||
string $requestUrl
|
string $requestUrl
|
||||||
@ -55,6 +55,11 @@ class HttpResponse
|
|||||||
|
|
||||||
public function render(): void
|
public function render(): void
|
||||||
{
|
{
|
||||||
|
$this->handleCors();
|
||||||
|
if ($this->method === 'options') {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$match = $this->routeCollection->match($this->method, $this->parsedUrl['path']);
|
$match = $this->routeCollection->match($this->method, $this->parsedUrl['path']);
|
||||||
if ($match === null) {
|
if ($match === null) {
|
||||||
$this->render404();
|
$this->render404();
|
||||||
@ -94,6 +99,7 @@ class HttpResponse
|
|||||||
$response = call_user_func([$controller, $handler[1]]);
|
$response = call_user_func([$controller, $handler[1]]);
|
||||||
} catch (Exception $exception) {
|
} catch (Exception $exception) {
|
||||||
$this->dbConnection->rollback();
|
$this->dbConnection->rollback();
|
||||||
|
error_log($exception);
|
||||||
$this->render500($exception);
|
$this->render500($exception);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -109,10 +115,63 @@ class HttpResponse
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private function handleCors(): void
|
||||||
|
{
|
||||||
|
$origin = $this->request->header('Origin');
|
||||||
|
if (!$origin) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($this->appConfig['cors']['allow_origins'])) {
|
||||||
|
if (in_array($origin, $this->appConfig['cors']['allow_origins']) || in_array('*', $this->appConfig['cors']['allow_origins'])) {
|
||||||
|
header("Access-Control-Allow-Origin: {$origin}");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!empty($this->appConfig['cors']['allow_credentials'])) {
|
||||||
|
header('Access-Control-Allow-Credentials: true');
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($this->method !== 'options') {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($this->appConfig['cors']['allow_headers'])) {
|
||||||
|
$headers = explode(',', $this->request->header('Access-Control-Request-Headers'));
|
||||||
|
if (in_array('*', $this->appConfig['cors']['allow_headers'])) {
|
||||||
|
$allow_headers = $headers;
|
||||||
|
} else {
|
||||||
|
$allow_headers = array_intersect($this->appConfig['cors']['allow_headers'], $headers);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (count($allow_headers) > 0) {
|
||||||
|
header('Access-Control-Allow-Headers: ' . join(', ', $allow_headers));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($this->appConfig['cors']['allow_methods'])) {
|
||||||
|
if (in_array('*', $this->appConfig['cors']['allow_methods'])) {
|
||||||
|
$allow_methods = ['DELETE', 'GET', 'HEAD', 'OPTIONS', 'PATCH', 'POST', 'PUT'];
|
||||||
|
} else {
|
||||||
|
$allow_methods = $this->appConfig['cors']['allow_methods'];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (count($allow_methods) > 0) {
|
||||||
|
header('Access-Control-Allow-Methods: ' . join(', ', $allow_methods));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$max_age = $this->appConfig['cors']['max_age'] ?? 600;
|
||||||
|
header("Access-Control-Max-Age: {$max_age}");
|
||||||
|
}
|
||||||
|
|
||||||
private function redirectToLogin(): void
|
private function redirectToLogin(): void
|
||||||
{
|
{
|
||||||
$this->request->session()->set('redirect_after_login', $this->rawUrl);
|
$this->request->session()->set('redirect_after_login', $this->rawUrl);
|
||||||
$response = new Redirect($this->routeCollection->getRoute($this->appConfig['loginRouteId'])->generateLink(), IRedirect::TEMPORARY);
|
$response = new Redirect(
|
||||||
|
$this->routeCollection->getRoute($this->appConfig['loginRouteId'])
|
||||||
|
->generateLink(['redirect_after_login' => $this->rawUrl]),
|
||||||
|
IRedirect::TEMPORARY);
|
||||||
header('Location: ' . $this->getRedirectUrl($response), true, $response->getHttpCode());
|
header('Location: ' . $this->getRedirectUrl($response), true, $response->getHttpCode());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -34,7 +34,7 @@ class Route implements IRoute
|
|||||||
foreach ($this->pattern as $fragment) {
|
foreach ($this->pattern as $fragment) {
|
||||||
if (preg_match('/^{(\\w+)(\\?)?}$/', $fragment, $matches) === 1) {
|
if (preg_match('/^{(\\w+)(\\?)?}$/', $fragment, $matches) === 1) {
|
||||||
if (isset($parameters[$matches[1]])) {
|
if (isset($parameters[$matches[1]])) {
|
||||||
$link[] = $parameters[$matches[1]];
|
$link[] = rawurlencode($parameters[$matches[1]]);
|
||||||
unset($parameters[$matches[1]]);
|
unset($parameters[$matches[1]]);
|
||||||
} elseif (!isset($matches[2])) {//TODO: why? parameter not found but not optional
|
} elseif (!isset($matches[2])) {//TODO: why? parameter not found but not optional
|
||||||
$link[] = $fragment;
|
$link[] = $fragment;
|
||||||
@ -53,7 +53,7 @@ class Route implements IRoute
|
|||||||
$queryParams[$key] = $value;
|
$queryParams[$key] = $value;
|
||||||
}
|
}
|
||||||
|
|
||||||
$query = count($queryParams) > 0 ? '?' . http_build_query($queryParams) : '';
|
$query = count($queryParams) > 0 ? '?' . http_build_query($queryParams, encoding_type: PHP_QUERY_RFC3986) : '';
|
||||||
|
|
||||||
return '/' . implode('/', $link) . $query;
|
return '/' . implode('/', $link) . $query;
|
||||||
}
|
}
|
||||||
@ -64,7 +64,7 @@ class Route implements IRoute
|
|||||||
|
|
||||||
foreach ($path as $i => $fragment) {
|
foreach ($path as $i => $fragment) {
|
||||||
if (preg_match('/^{(\\w+)(?:\\?)?}$/', $this->pattern[$i], $matches) === 1) {
|
if (preg_match('/^{(\\w+)(?:\\?)?}$/', $this->pattern[$i], $matches) === 1) {
|
||||||
$parameters[$matches[1]] = $fragment;
|
$parameters[$matches[1]] = rawurldecode($fragment);
|
||||||
} elseif ($fragment != $this->pattern[$i]) {
|
} elseif ($fragment != $this->pattern[$i]) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -86,12 +86,12 @@ class DatabaseSessionHandler implements ISessionHandler
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function gc($maxlifetime): bool
|
public function gc($maxlifetime): int|false
|
||||||
{
|
{
|
||||||
// empty on purpose
|
// empty on purpose
|
||||||
// old sessions are deleted by MaintainDatabaseCommand
|
// old sessions are deleted by MaintainDatabaseCommand
|
||||||
|
|
||||||
return true;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function create_sid(): string
|
public function create_sid(): string
|
||||||
|
|||||||
@ -17,7 +17,7 @@ final class GoogleOAuthTest extends TestCase
|
|||||||
$redirectUrl = 'http://example.com/oauth';
|
$redirectUrl = 'http://example.com/oauth';
|
||||||
|
|
||||||
$requestMock = $this->getMockBuilder(IRequest::class)
|
$requestMock = $this->getMockBuilder(IRequest::class)
|
||||||
->setMethods(['setUrl', 'setMethod', 'setQuery', 'setHeaders', 'send'])
|
->onlyMethods(['setUrl', 'setMethod', 'setQuery', 'setHeaders', 'send'])
|
||||||
->getMock();
|
->getMock();
|
||||||
$googleOAuth = new GoogleOAuth($requestMock);
|
$googleOAuth = new GoogleOAuth($requestMock);
|
||||||
|
|
||||||
@ -48,10 +48,10 @@ final class GoogleOAuthTest extends TestCase
|
|||||||
$redirectUrl = 'http://example.com/oauth';
|
$redirectUrl = 'http://example.com/oauth';
|
||||||
|
|
||||||
$requestMock = $this->getMockBuilder(IRequest::class)
|
$requestMock = $this->getMockBuilder(IRequest::class)
|
||||||
->setMethods(['setUrl', 'setMethod', 'setQuery', 'setHeaders', 'send'])
|
->onlyMethods(['setUrl', 'setMethod', 'setQuery', 'setHeaders', 'send'])
|
||||||
->getMock();
|
->getMock();
|
||||||
$responseMock = $this->getMockBuilder(IResponse::class)
|
$responseMock = $this->getMockBuilder(IResponse::class)
|
||||||
->setMethods(['getBody', 'getHeaders'])
|
->onlyMethods(['getBody', 'getHeaders'])
|
||||||
->getMock();
|
->getMock();
|
||||||
$googleOAuth = new GoogleOAuth($requestMock);
|
$googleOAuth = new GoogleOAuth($requestMock);
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user