DB Class throws Exception if on init it fails to connect to the DB,
will not throw Exception if failed connection during execution but
will do the normal retry and soft failure run
DB\ArrayIO will throw Exception on missing table array and table name
All Exceptions have a code set
exit will add message as first parameter (string) next to code (int)
Log this to info or critical.
3000 -> 100: info
rest >=1000: critical
previous 4000 = 3000 (options not set)
update unit tests for this
Possible change idea: critical abort throw error?
It has to be int or null but because the SQL result is undefined (string)
it needs to be converted on return if it is a numeric value, else
null will be returned (it is the edit access id PK so it has to be
numeric)
All variable declarations in all classes have a strict type set
Exception: constants (will be setable from PHP 8.3 on), resources (no type)
Debug\LoggingLegacy is kept as is, will be deprecated
old Debug\Logging is in Debug\LoggingLegacy and Debug\Logging extends
Logging\Logging
Logging\Logging is a new class with most of the functionality except
there is no more print/outout to screen, but we use the default log
levels (RFC5424)
The plan is to be a frontend between the old type class and
Monolog\Monolog
Updated all other classes to use new class interface
Move Passwords from Check to Security and deprecate old
Add new SymmetricEncryption and CreateKey
CreateKey class just creates keys for the SymmetricEncryption
SymmetricEncryption uses the hex2bin calls to convert the hex key to the
internal binary key
Example:
$key = CreateKey::generateRandomKey();
$encrypted = SymmetricEncryption::encrypt($string, $key);
$decrypted = SymmetricEncryption::decrypt($encrypted, $key);
Above $key must be stored in some secure location (.env file)
On error with query with params the query was sent to the server and
if ther query itself is ok but there is a problem with the parameters
a wrong error message ($1 not found) will be returned
Add pg_last_error reporting to catch this too.
Update both error reporting to return not string and prefix combined
but prefix + error string in array
In error return check that both strings are not equal, so we do not
return the same error string twice.
Also default set dbh variable in the PgSQL class to false so it will
skip last error report if there is no dbh set yet.
Bug fix for db query with params debug output. if there are more than 9
entries the $1 of eg $10 is replaced with $1 entry again. Changed to
'#' instead '$' to avoid this.
Other:
ACL\Login: replace EOM with HTML
config.master: replace list() with []
Add single DB tester where we can test single db calls without adding
more to the general test run
If ACL\Login is used, the loginGetLocale() call should be used to fetch
the locale data set during login
Language\L10n now has new encoding/charset optional parameter 4
If the locale does not have a charset set the defautl charset is UTF-8
unless set via the new parameter or setOverrideEncoding()
Because of the deprecation of the getLocales call the following methods
do no longer need $locales
- Admin\Backend
- Admin\EditBase
- Output\Form\Generate
- Template\SmartyExtend
They all use the new l10n->getLocaleAsArray() call to set all the local
variables
* Admin\EditBase has new parameter "options" to set
- cache_id
- compile_id
which must be passed on the SmartyExtend class init
Remove unused code and classes.
Clean up code to remove all named constant from them and throw
deprecation alerts if used.
Add basic psalm setup in root folder and remove from www folder
- remove auto load _POST vars
- Update color settings to # leading 6/8 digit hex code
- remove any global variable calls/requests
- fix some isset/empty clean ups (isset + set = !empty)
- fix on delete of reference data that loaded data was not shown again
- fix on reference data save error that wrong data is still shown and not removed
Fixed phpunit test runs with encoding test run and not resetting the
subsitute character back to default
Note: There are mime encoding failures for php 7.4 and 8.0 and one ACL
login failure test for php 7.4
the former public var $login is now private and if it is set can be
checked with loginActionSet (true if login_login was in _POST as login
action.
Some info update for phpUnit ACL\Login test file
- DB function had wrong column name
- Queries in ACL\Login had wrong column name
- Renamed from login_user_id_last_login to login_user_id_last_revalidate
to make it more clear what this column is
- add edit_user admin page output for this column
- add phpUnit test case for revalidate is needed and login with next
loginUserId is ok again
After revalidate time was reached, it was never reset because it used
the original loginUserId set date.
A new column has been added that gets reset every time the user logs in
with username and password if a loginUserId is set in the database
login_user_id is unique if not null (as index, constraint only with
PostgreSQL 15)
login_user_id_revalidate_after is not longer not null and default set,
no need for this
DB\Extended\ArrayIO:
add sql_read for datetime fields to change amount of data (eg only up
to minute) with to_char() method. sample: YYYY-MM-DD HH24:MI
Add date/datetime/emptynull for setting empty fields to null and not
empty string
Output\From\Generate:
Remove all fill for spacer and change them to placeholder html types.
Add datetime check next to date, time only checks
edit_user Admin Form:
add all new columns there
loginUserId parameter in _GET or _POST for direct login without username
and password.
This can be secured by:
- must login after x days from set loginUserId on
- can only login with loginUserId in given time range
- flag lock loginUserId
Move logic from constructor to separate function
Add more public access methods for internal variable access (password
min length settings, error login code, error login string error)
All error messages are declared in constructor with wrapper function to
create html error string for template creation
Add wrapper function for exit/abort and page name read for easier mocking
in testing
Fixes for multi login main function caller and cached query problem: do
not cache query for login
Add reverse default access list SESSION variable and public readers
Update logout with unset of full SESSION array to empty, use external
session class for all session calls. Also unset euid on logout
All static Session:: calls (except for checking valid session name) are
converted to object type. This Object is passed on to Login, Admin
Backend and any other class that needs basic session checking
- edit base used useless regex for getting filename and dir from folder
list. Changed to pathinfo() call to fix this
- edit_base.php and DB\Extended\ArrayIO fixes
On page order in edit we got errors because pk_name in ArrayIO class was
not init as empty string as it should be (is defined as string only)
- ACL\Login updates
Move all public functions to the public block.
Add public functions for base check Page/Base level to min level name
get acl array as is for now (will be extended with other calls for more
detail query)
Also clean ups in PHPdoc layout, long lines, etc
new Langauge\GetLocale::setLocale() for getting new type lang info from
session, etc
L10n class call chnage of parameters:
NEW: locale, domain, path
OLD: locale, path, domain, legacy(bool)
Temporary auto detect for possible path/domain switch if domain value
has slash inside
Rename all local files to names matching locale folder
en_US -> en
Delete lang folders with symlinks as they are no longer used
Update all header files and class Backend\Admin, ACL\Login,
Output\Form\Generate, Template\SmartyExtend with new language order:
call ::setLocale() afer login class
Update missing test translation strings in all po files
Update phpUnit tests to match all new changes
Add locale global variable in the format
<lang>_<country>.<encoding>@<suffix>
Default set to en_US.UTF-8
Also remove nested if callse and do early abort/method return for
flatten code:
loginUser
logoutUser
setAcl
printLogin
passwordChange
There was a bug in ther SQL interface class where the folder was just
called "Interface" which is not an allowed Namespace name. Renamed to
SqlInterface
Moved the detect lang/etc function used in Form/Generate,
Template/SmartyExtend and Admin/Backend to Language/GetSettings.
Fixed some test class calls
ACL\Login and Admin\Backend do not extend DB\IO anymore which was a hold
over from old extend Class\Basic usage.
The old DB_CONFIG parameter has been replaced with DB\IO Object.
Also Admin\Backend has a language class overide loder like ACL\Login
Output\Form\Generate and ACL\Login have DB\IO method call name changes
for pos/num rows methods. Use proper methods and not use the cursor full
return check method
DB\IO:
Switched to new conenction busy check with sockt and timeout loop. So
short blocked and psql error blocked ones are not blocking other calls.
Moved the dbReturn cache read to a separte private method and cleaned up
code for more clear view
Moved all query hash creations to method to simple change hash creatio
if needed. This method can be used for external correct query hash
creation if needed.
Variable name and code block clean up in dbReturn
No data return (dbReturn or dbFetchArray) will change returned data row.
Return as is.
Moved methods around in code to group them together for next stage in
sub class creation (planned)
Renamed dbCursorPos to dbGetCursorPos
and dbCursorNumRows to dbGetCursorNumRows
Work on phpunit tests for DB\IO
DB/SQL/Pgsql:
add __dbConnectionBusySocketWait for testing with loop type and socket
check wait loop for async queries. (TODO)
add parameter query method to supplement current normal query only
function
DB/IO:
Make all class variables private and add needed methods to read them.
Also add method for reset query in case for new calls.
db error/warnings are written to proper history file with timestamp,
source, etc.
Update source (where called) to show the whole method stack.
Move connection OK to method to easy switch to different connection open
for queries check type.
Never use method variable query, instead only use method parameter and
error out on not set.
All core calls reset errors and set error hash id for history.
Bug fix for insert data return array and reset said array every time a
query execution is started and not only if we have some return data to
avoid having wrong (previous query) data for a new query.
Add more error info to all erros where a separate db logging call was
done.:
ACL/Login:
Do not access DB IO cursor variable directly but use method to read
data. Fixes change for hash type
Move all session_id and check calls function calls that we have to Session class
In Login class use new false return for session set check
Be sure all session set variables are unset, do extra unset call and
destroy call on close session
Login class does not set GLOBALS anymore (DEBUG_ALL, DB_DEBUG)
Update Logging to check for DEBUG_ALL from SESSION and set DEBUG_ALL on
and PRINT_ALL on.
All logging setting vars are primary via options and only if not set
there fallback to SESSION/GLOBALS and then defaults
DB:IO code for debug flag check has been updated for primary check in
config, then session/globals
Debug update for logging tester for first step to remove Basic class
call.
NOTE: after basic php unit tests are written the clean up for no longer
using Basic class has to start.
Switch to logging class for logging only needs
If not created Logger class will be auto created in \DB\IO
Recommended to run a CoreLibs\Debug\Logging([...]); and use this class
for all ACL\Login, Admin\Backend, DB\IO, Output\Form\Generate calls.
Last parameter after DB CONFIG is the log parameter
Session create has been moved to a new Create\Session class from the
\Basic class and MUST be started before using ACL\Login. Currently
ACL\Login will fallback and start it if no session is yet started.
See the Readme.md file for which classes use _SESSION data
In future the _SESSION settings should be moved to some wrapper class
for this so we can unit test sessions
Only Output\Form\Generate class call has the new changed with the second
parameter no longer beeing the table width setting but the class
setting.
But as this is a semi retired class and only used for edit_base this is
not 100% breaking.
All other classes can be used as is and have internal fallback to run as
before.
Deprecation messages will be added later.
