Fixes from phan/phpstan tests

Class fix for ACL\Login, DB\Extended\ArrayIO, edit_base.php
- edit base used useless regex for getting filename and dir from folder list. Changed to pathinfo() call to fix this - edit_base.php and DB\Extended\ArrayIO fixes On page order in edit we got errors because pk_name in ArrayIO class was not init as empty string as it should be (is defined as string only) - ACL\Login updates Move all public functions to the public block. Add public functions for base check Page/Base level to min level name get acl array as is for now (will be extended with other calls for more detail query) Also clean ups in PHPdoc layout, long lines, etc
2022-04-28 14:17:30 +09:00 · 2022-04-28 10:03:47 +09:00 · 2022-04-27 18:12:22 +09:00 · 2022-04-26 13:55:51 +09:00 · 2022-04-25 18:36:08 +09:00
16 changed files with 601 additions and 165 deletions
--- a/4dev/checking/phpunit.sh
+++ b/4dev/checking/phpunit.sh
@@ -2,6 +2,7 @@ base="/storage/var/www/html/developers/clemens/core_data/php_libraries/trunk/";
 # -c phpunit.xml
 # --testdox
 # call with "t" to give verbose testdox output
+# SUPPORTED: https://www.php.net/supported-versions.php
 # call with 7.3, 7.4, 8.0, 8.1 to force a certain php version

 opt_testdox="";
@@ -9,18 +10,22 @@ if [ "${1}" = "t" ] || [ "${2}" = "t" ]; then
 	opt_testdox="--testdox";
 fi;
 php_bin="";
-case "${1}" in
-	"7.3") php_bin="/usr/bin/php7.3 "; ;;
-	"7.4") php_bin="/usr/bin/php7.4 "; ;;
-	"8.0") php_bin="/usr/bin/php8.0 "; ;;
-	"8.1") php_bin="/usr/bin/php8.1 "; ;;
-esac;
-if [ -z "${php_bin}" ]; then
-	case "${2}" in
-		"7.3") php_bin="/usr/bin/php7.3 "; ;;
+if [ ! -z "${1}" ]; then
+	case "${1}" in
+		# "7.3") php_bin="/usr/bin/php7.3 "; ;;
 		"7.4") php_bin="/usr/bin/php7.4 "; ;;
 		"8.0") php_bin="/usr/bin/php8.0 "; ;;
 		"8.1") php_bin="/usr/bin/php8.1 "; ;;
+		*) echo "Not support PHP: ${1}"; exit; ;;
+	esac;
+fi;
+if [ ! -z "${2}" ] && [ -z "${php_bin}" ]; then
+	case "${2}" in
+		# "7.3") php_bin="/usr/bin/php7.3 "; ;;
+		"7.4") php_bin="/usr/bin/php7.4 "; ;;
+		"8.0") php_bin="/usr/bin/php8.0 "; ;;
+		"8.1") php_bin="/usr/bin/php8.1 "; ;;
+		*) echo "Not support PHP: ${1}"; exit; ;;
 	esac;
 fi;

--- a/4dev/tests/CoreLibsACLLoginTest.php
+++ b/4dev/tests/CoreLibsACLLoginTest.php
@@ -95,6 +95,8 @@ final class CoreLibsACLLoginTest extends TestCase
 		$this->markTestIncomplete(
 			'ACL\Login Tests have not yet been implemented'
 		);
+
+		$login = new \CoreLibs\ACL\Login(self::$db, self::$log);
 	}
 }

--- a/phpstan-baseline.neon
+++ b/phpstan-baseline.neon
@@ -1,7 +1,72 @@
 parameters:
 	ignoreErrors:
 		-
-			message: "#^Parameter \\#1 \\$result of function pg_result_error expects resource, object\\|resource\\|true given\\.$#"
+			message: "#^Parameter \\#1 \\$connection of function pg_connection_busy expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 3
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_connection_status expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_get_result expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 2
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_meta_data expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_send_query expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 2
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_socket expects PgSql\\\\Connection, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$connection of function pg_version expects PgSql\\\\Connection\\|null, object\\|resource given\\.$#"
+			count: 2
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_affected_rows expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_fetch_all expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_fetch_array expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_field_name expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_num_fields expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_num_rows expects PgSql\\\\Result, object\\|resource given\\.$#"
+			count: 1
+			path: www/lib/CoreLibs/DB/SQL/PgSQL.php
+
+		-
+			message: "#^Parameter \\#1 \\$result of function pg_result_error expects PgSql\\\\Result, object\\|resource given\\.$#"
 			count: 1
 			path: www/lib/CoreLibs/DB/SQL/PgSQL.php

--- a/phpstan.neon
+++ b/phpstan.neon
@@ -24,7 +24,9 @@ parameters:
 		# do not check old qq file uploader tests
 		- www/admin/qq_file_upload_*.php
 		# ignore all test files
-		- www/admin/class_test*php
+		- www/admin/class_test*.php
+		# extra in sub folder
+		- www/admin/subfolder/class_test*.php
 		- www/admin/error_test.php
 		# admin synlink files
 		- www/admin/edit_*.php
@@ -47,9 +49,12 @@ parameters:
 		- www/vendor
 	# ignore errores with
 	ignoreErrors:
-		- # this error is ignore because of the PHP 8.0 to 8.1 change for pg_*
+		- # this error is ignore because of the PHP 8.0 to 8.1 change for pg_*, only for 8.0 or lower
 			message: "#^Parameter \\#1 \\$(result|connection) of function pg_\\w+ expects resource(\\|null)?, object\\|resource(\\|bool)? given\\.$#"
 			path: %currentWorkingDirectory%/www/lib/CoreLibs/DB/SQL/PgSQL.php
+		- # this is for 8.1 or newer
+			message: "#^Parameter \\#1 \\$(result|connection) of function pg_\\w+ expects PgSql\\\\(Result|Connection(\\|null)?), object\\|resource given\\.$#"
+			path: %currentWorkingDirectory%/www/lib/CoreLibs/DB/SQL/PgSQL.php
 		# this is ignored for now
 		# - '#Expression in empty\(\) is always falsy.#'
 		# -
--- a/www/admin/class_test.config.direct.php
+++ b/www/admin/class_test.config.direct.php
@@ -0,0 +1,58 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require '../configs/config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-config-direct';
+ob_end_flush();
+
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+
+print "<!DOCTYPE html>";
+print "<html><head><title>TEST CLASS: CONFIG DIRECT</title><head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><b>CONFIG DIRECT</b></div>';
+
+print "DIR: " . DIR . "<br>";
+print "BASE: " . BASE . "<br>";
+print "ROOT: " . ROOT . "<br>";
+print "BASE NAME: " . BASE_NAME . "<br>";
+echo "Config path prefix: " . $CONFIG_PATH_PREFIX . "<br>";
+print "DB Name: " . DB_CONFIG_NAME . "<br>";
+print "DB Config: " . \CoreLibs\Debug\Support::printAr(DB_CONFIG) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
+
+// __END__
--- a/www/admin/class_test.config.link.php
+++ b/www/admin/class_test.config.link.php
@@ -0,0 +1,58 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require 'config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-config-link';
+ob_end_flush();
+
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+
+print "<!DOCTYPE html>";
+print "<html><head><title>TEST CLASS: CONFIG LINK</title><head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+print '<div><b>CONFIG LINK</b></div>';
+
+print "DIR: " . DIR . "<br>";
+print "BASE: " . BASE . "<br>";
+print "ROOT: " . ROOT . "<br>";
+print "BASE NAME: " . BASE_NAME . "<br>";
+echo "Config path prefix: " . $CONFIG_PATH_PREFIX . "<br>";
+print "DB Name: " . DB_CONFIG_NAME . "<br>";
+print "DB Config: " . \CoreLibs\Debug\Support::printAr(DB_CONFIG) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
+
+// __END__
--- a/www/admin/class_test.login.php
+++ b/www/admin/class_test.login.php
@@ -0,0 +1,61 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require 'config.php';
+// set session name
+if (!defined('SET_SESSION_NAME')) {
+	define('SET_SESSION_NAME', EDIT_SESSION_NAME);
+}
+// define log file id
+$LOG_FILE_ID = 'classTest-login';
+// init login & backend class
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+$db = new CoreLibs\DB\IO(DB_CONFIG, $log);
+$login = new CoreLibs\ACL\Login($db, $log);
+ob_end_flush();
+
+print "<!DOCTYPE html>";
+print "<html><head><title>TEST CLASS: LOGIN</title><head>";
+print "<body>";
+print '<div><a href="class_test.php">Class Test Master</a></div>';
+
+echo "CHECK PERMISSION: " . ($login->loginCheckPermissions() ? 'OK' : 'BAD') . "<br>";
+echo "IS ADMIN: " . ($login->loginIsAdmin() ? 'OK' : 'BAD') . "<br>";
+echo "MIN ACCESS BASE: " . ($login->loginCheckAccessBase('admin') ? 'OK' : 'BAD') . "<br>";
+echo "MIN ACCESS PAGE: " . ($login->loginCheckAccessPage('admin') ? 'OK' : 'BAD') . "<br>";
+
+echo "ACL: " . \CoreLibs\Debug\Support::printAr($login->loginGetAcl()) . "<br>";
+echo "ACL (MIN): " . \CoreLibs\Debug\Support::printAr($login->loginGetAcl()['min']) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
--- a/www/admin/class_test.php
+++ b/www/admin/class_test.php
@@ -82,7 +82,11 @@ print '<div><a href="class_test.output.form.php">Class Test: OUTPUT FORM</a></di
 print '<div><a href="class_test.admin.backend.php">Class Test: BACKEND ADMIN CLASS</a></div>';
 print '<div><a href="class_test.lang.php">Class Test: LANG/L10n</a></div>';
 print '<div><a href="class_test.smarty.php">Class Test: SMARTY</a></div>';
+print '<div><a href="class_test.login.php">Class Test: LOGIN</a></div>';
 print '<div><a href="class_test.autoloader.php">Class Test: AUTOLOADER</a></div>';
+print '<div><a href="class_test.config.link.php">Class Test: CONFIG LINK</a></div>';
+print '<div><a href="class_test.config.direct.php">Class Test: CONFIG DIRECT</a></div>';
+print '<div><a href="subfolder/class_test.config.direct.php">Class Test: CONFIG DIRECT SUB</a></div>';

 print "<hr>";
 print "L: " . CoreLibs\Debug\Support::printAr($locale) . "<br>";
--- a/www/admin/class_test.system.php
+++ b/www/admin/class_test.system.php
@@ -42,7 +42,6 @@ $log = new CoreLibs\Debug\Logging([
 	'echo_all' => $ECHO_ALL ?? false,
 	'print_all' => $PRINT_ALL ?? false,
 ]);
-$basic = new CoreLibs\Basic($log);

 print "<!DOCTYPE html>";
 print "<html><head><title>TEST CLASS: SYSTEM</title><head>";
--- a/www/admin/subfolder/class_test.config.direct.php
+++ b/www/admin/subfolder/class_test.config.direct.php
@@ -0,0 +1,58 @@
+<?php // phpcs:ignore warning
+
+/**
+ * @phan-file-suppress PhanTypeSuspiciousStringExpression
+ */
+
+declare(strict_types=1);
+
+$DEBUG_ALL_OVERRIDE = 0; // set to 1 to debug on live/remote server locations
+$DEBUG_ALL = 1;
+$PRINT_ALL = 1;
+$DB_DEBUG = 1;
+
+if ($DEBUG_ALL) {
+	error_reporting(E_ALL | E_STRICT | E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR);
+}
+
+ob_start();
+
+// basic class test file
+define('USE_DATABASE', false);
+// sample config
+require '../../configs/config.php';
+// define log file id
+$LOG_FILE_ID = 'classTest-config-direct';
+ob_end_flush();
+
+$log = new CoreLibs\Debug\Logging([
+	'log_folder' => BASE . LOG,
+	'file_id' => $LOG_FILE_ID,
+	// add file date
+	'print_file_date' => true,
+	// set debug and print flags
+	'debug_all' => $DEBUG_ALL ?? false,
+	'echo_all' => $ECHO_ALL ?? false,
+	'print_all' => $PRINT_ALL ?? false,
+]);
+
+print "<!DOCTYPE html>";
+print "<html><head><title>TEST CLASS: CONFIG DIRECT SUB</title><head>";
+print "<body>";
+print '<div><a href="../class_test.php">Class Test Master</a></div>';
+print '<div><b>CONFIG DIRECT SUB</b></div>';
+
+print "DIR: " . DIR . "<br>";
+print "BASE: " . BASE . "<br>";
+print "ROOT: " . ROOT . "<br>";
+print "BASE NAME: " . BASE_NAME . "<br>";
+echo "Config path prefix: " . $CONFIG_PATH_PREFIX . "<br>";
+print "DB Name: " . DB_CONFIG_NAME . "<br>";
+print "DB Config: " . \CoreLibs\Debug\Support::printAr(DB_CONFIG) . "<br>";
+
+// error message
+print $log->printErrorMsg();
+
+print "</body></html>";
+
+// __END__
--- a/www/configs/config.php
+++ b/www/configs/config.php
@@ -11,44 +11,56 @@
 declare(strict_types=1);

 define('CONFIG_PATH', 'configs' . DIRECTORY_SEPARATOR);
-// config path prefix search, start with 0, got down each level __DIR__ has, if nothing found -> bail
+// config path prefix search, start with 0, got down each level __DIR__ has,
+// if nothing found -> bail
 $CONFIG_PATH_PREFIX = '';
+// base path for loads
+$__DIR__PATH = __DIR__ . DIRECTORY_SEPARATOR;
+// don't load autoloader twice
 $end_autoload = false;
-for ($dir_pos = 0, $dir_max = count(explode(DIRECTORY_SEPARATOR, __DIR__)); $dir_pos <= $dir_max; $dir_pos++) {
+for (
+	$dir_pos = 0, $dir_max = count(explode(DIRECTORY_SEPARATOR, __DIR__));
+	$dir_pos <= $dir_max;
+	$dir_pos++
+) {
 	$CONFIG_PATH_PREFIX .= '..' . DIRECTORY_SEPARATOR;
 	if ($end_autoload === false) {
 		/************* AUTO LOADER *******************/
-		// read auto loader for lib only
-		// It is recommended to setup basic composer and use just one auto loader
-		// if (is_file($CONFIG_PATH_PREFIX . 'lib' . DIRECTORY_SEPARATOR . 'autoloader.php')) {
-		// 	require $CONFIG_PATH_PREFIX . 'lib' . DIRECTORY_SEPARATOR . 'autoloader.php';
-		//	$end_autoload = true;
-		// }
-		// composer auto loader, IF composer.json file includes classmap for lib/:
+		// composer auto loader, in composer.json file add classmap for lib/:
 		// "autoload": {
 		// 	"classmap": [
 		// 		"lib/"
 		// 	]
 		// },
-		// NOTE: MUST RUN composer dump-autoload if file/class names are changed or added
-		// load auto loader
-		if (is_file($CONFIG_PATH_PREFIX . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php')) {
-			require $CONFIG_PATH_PREFIX . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
+		// NOTE: MUST RUN composer dump-autoload if file/class names are
+		// changed or new ones are added
+		if (
+			is_file(
+				$__DIR__PATH . $CONFIG_PATH_PREFIX
+					. 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php'
+			)
+		) {
+			require $__DIR__PATH . $CONFIG_PATH_PREFIX
+				. 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
 			$end_autoload = true;
 		}
-		// load enviorment file if it exists
-		\CoreLibs\Get\ReadEnvFile::readEnvFile($CONFIG_PATH_PREFIX . CONFIG_PATH);
 	}
 	/************* MASTER CONFIG *******************/
-	if (is_file($CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php')) {
+	if (
+		is_file($__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php')
+	) {
+		// load enviorment file if it exists
+		\CoreLibs\Get\ReadEnvFile::readEnvFile(
+			$__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH
+		);
 		// load master config file that loads all other config files
-		require $CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php';
+		require $__DIR__PATH . $CONFIG_PATH_PREFIX . CONFIG_PATH . 'config.master.php';
 		break;
 	}
 }
 // fail if no base DIR is not set
 if (!defined('DIR')) {
-	exit('Base config unloadable');
+	exit('Base config could not be loaded');
 }
 // find trigger name "admin/" or "frontend/" in the getcwd() folder
 foreach (['admin', 'frontend'] as $folder) {
--- a/www/includes/edit_base.php
+++ b/www/includes/edit_base.php
@@ -446,16 +446,15 @@ if ($form->my_page_name == 'edit_order') {
 					$t_q = '';
 					foreach ($output as $output_file) {
 						// split the ouput into folder and file
-						// eg ../admin/test.php is ../admin/ and test.php
-						preg_match("/([\.\/\w]+\/)+(\w+\.\w{1,})$/", $output_file, $matches);
-						// if named config.php, skip
-						if ($matches[2] != 'config.php') {
-							if ($t_q) {
-								$t_q .= ', ';
-							}
-							$t_q .= "('" . $form->dbEscapeString($matches[1]) . "', '"
-								. $form->dbEscapeString($matches[2]) . "')";
+						$pathinfo = pathinfo($output_file);
+						if (!empty($pathinfo['dirname'])) {
+							$pathinfo['dirname'] .= DIRECTORY_SEPARATOR;
 						}
+						if ($t_q) {
+							$t_q .= ', ';
+						}
+						$t_q .= "('" . $form->dbEscapeString($pathinfo['dirname']) . "', '"
+							. $form->dbEscapeString($pathinfo['basename']) . "')";
 					}
 					$form->dbExec($q . $t_q, 'NULL');
 					$elements[] = $form->formCreateElement('filename');
--- a/www/lib/CoreLibs/ACL/Login.php
+++ b/www/lib/CoreLibs/ACL/Login.php
@@ -164,7 +164,9 @@ class Login
 	public $l;

 	/**
-	 * constructor, does ALL, opens db, works through connection checks, closes itself
+	 * constructor, does ALL, opens db, works through connection checks,
+	 * finishes itself
+	 *
 	 * @param \CoreLibs\DB\IO              $db   Database connection class
 	 * @param \CoreLibs\Debug\Logging      $log  Logging class
 	 */
@@ -191,6 +193,7 @@ class Login
 		// check if session exists and could be created
 		// TODO: move session creation and check to outside?
 		if (Session::startSession() === false) {
+			$this->login_error = 1;
 			echo '<b>Session not started or could not be started!</b><br>'
 				. 'Use \'\CoreLibs\Create\Session::startSession();\'.<br>'
 				. 'For less problems with other session, you can set a '
@@ -200,12 +203,10 @@ class Login

 		// pre-check that password min/max lengths are inbetween 1 and 255;
 		if ($this->password_max_length > 255) {
-			echo '<b>Settings problem</b> PMaL<br>';
-			exit;
+			$this->password_max_length = 255;
 		}
 		if ($this->password_min_length < 1) {
-			echo '<b>Settings problem</b> PMiL<br>';
-			exit;
+			$this->password_min_length = 1;
 		}

 		// set global is ajax page for if we show the data directly,
@@ -267,7 +268,8 @@ class Login
 		// init default ACL list array
 		$_SESSION['DEFAULT_ACL_LIST'] = [];
 		// read the current edit_access_right list into an array
-		$q = "SELECT level, type, name FROM edit_access_right WHERE level >= 0 ORDER BY level";
+		$q = "SELECT level, type, name FROM edit_access_right "
+			. "WHERE level >= 0 ORDER BY level";
 		while (is_array($res = $this->db->dbReturn($q))) {
 			// level to description format (numeric)
 			$this->default_acl_list[$res['level']] = [
@@ -286,7 +288,10 @@ class Login
 		$this->loginLogoutUser();
 		// ** LANGUAGE SET AFTER LOGIN **
 		// set the locale
-		if (Session::getSessionId() !== false && !empty($_SESSION['DEFAULT_LANG'])) {
+		if (
+			Session::getSessionId() !== false &&
+			!empty($_SESSION['DEFAULT_LANG'])
+		) {
 			$locale = $_SESSION['DEFAULT_LOCALE'] ?? '';
 		} else {
 			$locale = defined('SITE_LOCALE') && !empty(SITE_LOCALE) ?
@@ -314,7 +319,8 @@ class Login
 		$this->login_html = $this->loginPrintLogin();
 		// closing all connections, depending on error status, exit
 		if (!$this->loginCloseClass()) {
-			// if variable AJAX flag is not set, show output, else pass through for ajax work
+			// if variable AJAX flag is not set, show output
+			// else pass through for ajax work
 			if ($this->login_is_ajax_page !== true) {
 				// the login screen if we hav no login permission & login screen html data
 				if ($this->login_html !== null) {
@@ -360,8 +366,13 @@ class Login
 		// NO OP
 	}

+	// *************************************************************************
+	// **** PRIVATE INTERNAL
+	// *************************************************************************
+
 	/**
 	 * checks if password is valid, sets internal error login variable
+	 *
 	 * @param  string $hash     password hash
 	 * @param  string $password submitted password
 	 * @return bool             true or false on password ok or not
@@ -418,7 +429,9 @@ class Login
 	}

 	/**
-	 * if user pressed login button this script is called, but only if there is no preview euid set]
+	 * if user pressed login button this script is called,
+	 * but only if there is no preview euid set
+	 *
 	 * @return void has not return
 	 */
 	private function loginLoginUser(): void
@@ -702,88 +715,6 @@ class Login
 		}
 	}

-	/**
-	 * for every page the user access this script checks if he is allowed to do so
-	 * @return bool permission okay as true/false
-	 */
-	public function loginCheckPermissions(): bool
-	{
-		if ($this->euid && $this->login_error != 103) {
-			$q = "SELECT filename "
-				. "FROM edit_page ep, edit_page_access epa, edit_group eg, edit_user eu "
-				. "WHERE ep.edit_page_id = epa.edit_page_id "
-				. "AND eg.edit_group_id = epa.edit_group_id "
-				. "AND eg.edit_group_id = eu.edit_group_id "
-				. "AND eu.edit_user_id = " . $this->euid . " "
-				. "AND filename = '" . $this->page_name . "' "
-				. "AND eg.enabled = 1 AND epa.enabled = 1";
-			$res = $this->db->dbReturnRow($q);
-			if (!is_array($res)) {
-				$this->login_error = 109;
-				$this->permission_okay = false;
-				return $this->permission_okay;
-			}
-			if (isset($res['filename']) && $res['filename'] == $this->page_name) {
-				$this->permission_okay = true;
-			} else {
-				$this->login_error = 103;
-				$this->permission_okay = false;
-			}
-		}
-		// if called from public, so we can check if the permissions are ok
-		return $this->permission_okay;
-	}
-
-	/**
-	 * if a user pressed on logout, destroyes session and unsets all global vars
-	 * @return void has no return
-	 */
-	public function loginLogoutUser(): void
-	{
-		// must be either logout or error
-		if (!$this->logout && !$this->login_error) {
-			return;
-		}
-		// unregister and destroy session vars
-		foreach (
-			// TODO move this into some global array for easier update
-			[
-				'ADMIN',
-				'BASE_ACL_LEVEL',
-				'DB_DEBUG',
-				'DEBUG_ALL',
-				'DEFAULT_ACL_LIST',
-				'DEFAULT_CHARSET',
-				'DEFAULT_LANG',
-				'DEFAULT_LOCALE',
-				'EAID',
-				'EUID',
-				'GROUP_ACL_LEVEL',
-				'GROUP_ACL_TYPE',
-				'GROUP_NAME',
-				'HEADER_COLOR',
-				'LANG',
-				'PAGES_ACL_LEVEL',
-				'PAGES',
-				'TEMPLATE',
-				'UNIT_ACL_LEVEL',
-				'UNIT_DEFAULT',
-				'UNIT',
-				'USER_ACL_LEVEL',
-				'USER_ACL_TYPE',
-				'USER_NAME',
-			] as $session_var
-		) {
-			unset($_SESSION[$session_var]);
-		}
-		// final unset all
-		session_unset();
-		// final destroy session
-		session_destroy();
-		// then prints the login screen again
-		$this->permission_okay = false;
-	}
-
 	/**
 	 * sets all the basic ACLs
 	 * init set the basic acl the user has, based on the following rules
@@ -799,6 +730,7 @@ class Login
 	 * - if an account ACL is set, set this parallel, account ACL overrides user ACL if it applies
 	 * - if edit access ACL level is set, use this, else use page
 	 * set all base ACL levels as a list keyword -> ACL number
+	 *
 	 * @return void has no return
 	 */
 	private function loginSetAcl(): void
@@ -837,10 +769,10 @@ class Login
 		$_SESSION['BASE_ACL_LEVEL'] = $this->acl['base'];

 		// set the current page acl
-		// start with default acl
+		// start with base acl
 		// set group if not -1, overrides default
 		// set page if not -1, overrides group set
-		$this->acl['page'] = DEFAULT_ACL_LEVEL;
+		$this->acl['page'] = $this->acl['base'];
 		if ($_SESSION['GROUP_ACL_LEVEL'] != -1) {
 			$this->acl['page'] = $_SESSION['GROUP_ACL_LEVEL'];
 		}
@@ -886,6 +818,7 @@ class Login
 		}
 		// set the default edit access
 		$this->acl['default_edit_access'] = $_SESSION['UNIT_DEFAULT'] ?? null;
+		$this->acl['min'] = [];
 		// integrate the type acl list, but only for the keyword -> level
 		foreach ($this->default_acl_list as $level => $data) {
 			$this->acl['min'][$data['type']] = $level;
@@ -897,25 +830,34 @@ class Login
 	}

 	/**
-	 * checks if this edit access id is valid
-	 * @param  int|null $edit_access_id access id pk to check
-	 * @return bool                     true/false: if the edit access is not
-	 *                                  in the valid list: false
+	 * Check if source (page, base) is matching to the given min access string
+	 * min access string must be valid access level string (eg read, mod, write)
+	 * This does not take in account admin flag set
+	 *
+	 * @param  string $source     a valid base level string eg base, page
+	 * @param  string $min_access a valid min level string, eg read, mod, siteadmin
+	 * @return bool               True for valid access, False for invalid
 	 */
-	public function loginCheckEditAccess($edit_access_id): bool
+	public function loginCheckAccess(string $source, string $min_access): bool
 	{
-		if ($edit_access_id === null) {
+		$source = 'base';
+		if (
+			empty($this->acl['min'][$min_access]) ||
+			empty($this->acl[$source])
+		) {
 			return false;
 		}
-		if (array_key_exists($edit_access_id, $this->acl['unit'])) {
+		// phan claims $this->acl['min'] can be null, but above should skip
+		/** @phan-suppress-next-line PhanTypeArraySuspiciousNullable */
+		if ($this->acl[$source] >= $this->acl['min'][$min_access]) {
 			return true;
-		} else {
-			return false;
 		}
+		return false;
 	}

 	/**
 	 * checks if the password is in a valid format
+	 *
 	 * @param  string $password the new password
 	 * @return bool             true or false if valid password or not
 	 */
@@ -939,6 +881,7 @@ class Login

 	/**
 	 * dummy declare for password forget
+	 *
 	 * @return void has no return
 	 */
 	private function loginPasswordForgot(): void
@@ -946,25 +889,9 @@ class Login
 		// will do some password recovert, eg send email
 	}

-	/**
-	 * sets the minium length and checks on valid
-	 * @param  int  $length set the minimum length
-	 * @return bool         true/false on success
-	 */
-	public function loginSetPasswordMinLength(int $length): bool
-	{
-		// check that numeric, positive numeric, not longer than max input string lenght
-		// and not short than min password length
-		if (is_numeric($length) && $length >= PASSWORD_MIN_LENGTH && $length <= $this->password_max_length) {
-			$this->password_min_length = $length;
-			return true;
-		} else {
-			return false;
-		}
-	}
-
 	/**
 	 * changes a user password
+	 *
 	 * @return void has no return
 	 */
 	private function loginPasswordChange(): void
@@ -1065,6 +992,7 @@ class Login

 	/**
 	 * prints out login html part if no permission (error) is set
+	 *
 	 * @return string|null html data for login page, or null for nothing
 	 */
 	private function loginPrintLogin()
@@ -1170,6 +1098,7 @@ class Login
 	/**
 	 * last function called, writes log and prints out error msg and
 	 * exists script if permission 0
+	 *
 	 * @return bool true on permission ok, false on permission wrong
 	 */
 	private function loginCloseClass(): bool
@@ -1208,6 +1137,7 @@ class Login

 	/**
 	 * checks if there are external templates, if not uses internal fallback ones
+	 *
 	 * @return void has no return
 	 */
 	private function loginSetTemplates(): void
@@ -1389,6 +1319,7 @@ EOM;

 	/**
 	 * writes detailed data into the edit user log table (keep log what user does)
+	 *
 	 * @param  string     $event    string of what has been done
 	 * @param  string     $data     data information (id, etc)
 	 * @param  string|int $error    error id (mostly an int)
@@ -1449,8 +1380,186 @@ EOM;
 		$this->db->dbExec($q, 'NULL');
 	}

+	// *************************************************************************
+	// **** PUBLIC INTERNAL
+	// *************************************************************************
+
+	/**
+	 * sets the minium length and checks on valid
+	 *
+	 * @param  int  $length set the minimum length
+	 * @return bool         true/false on success
+	 */
+	public function loginSetPasswordMinLength(int $length): bool
+	{
+		// check that numeric, positive numeric, not longer than max input string lenght
+		// and not short than min password length
+		if (is_numeric($length) && $length >= PASSWORD_MIN_LENGTH && $length <= $this->password_max_length) {
+			$this->password_min_length = $length;
+			return true;
+		}
+		return false;
+	}
+
+	/**
+	 * if a user pressed on logout, destroyes session and unsets all global vars
+	 *
+	 * @return void has no return
+	 */
+	public function loginLogoutUser(): void
+	{
+		// must be either logout or error
+		if (!$this->logout && !$this->login_error) {
+			return;
+		}
+		// unregister and destroy session vars
+		foreach (
+			// TODO move this into some global array for easier update
+			[
+				'ADMIN',
+				'BASE_ACL_LEVEL',
+				'DB_DEBUG',
+				'DEBUG_ALL',
+				'DEFAULT_ACL_LIST',
+				'DEFAULT_CHARSET',
+				'DEFAULT_LANG',
+				'DEFAULT_LOCALE',
+				'EAID',
+				'EUID',
+				'GROUP_ACL_LEVEL',
+				'GROUP_ACL_TYPE',
+				'GROUP_NAME',
+				'HEADER_COLOR',
+				'LANG',
+				'PAGES_ACL_LEVEL',
+				'PAGES',
+				'TEMPLATE',
+				'UNIT_ACL_LEVEL',
+				'UNIT_DEFAULT',
+				'UNIT',
+				'USER_ACL_LEVEL',
+				'USER_ACL_TYPE',
+				'USER_NAME',
+			] as $session_var
+		) {
+			unset($_SESSION[$session_var]);
+		}
+		// final unset all
+		session_unset();
+		// final destroy session
+		session_destroy();
+		// then prints the login screen again
+		$this->permission_okay = false;
+	}
+
+	/**
+	 * for every page the user access this script checks if he is allowed to do so
+	 *
+	 * @return bool permission okay as true/false
+	 */
+	public function loginCheckPermissions(): bool
+	{
+		// start with not allowed
+		$this->permission_okay = false;
+		// bail for no euid (no login)
+		if (!$this->euid) {
+			return $this->permission_okay;
+		}
+		// bail for previous wrong page match, eg if method is called twice
+		if ($this->login_error == 103) {
+			return $this->permission_okay;
+		}
+		// if ($this->euid && $this->login_error != 103) {
+		$q = "SELECT filename "
+			. "FROM edit_page ep, edit_page_access epa, edit_group eg, edit_user eu "
+			. "WHERE ep.edit_page_id = epa.edit_page_id "
+			. "AND eg.edit_group_id = epa.edit_group_id "
+			. "AND eg.edit_group_id = eu.edit_group_id "
+			. "AND eu.edit_user_id = " . $this->euid . " "
+			. "AND filename = '" . $this->page_name . "' "
+			. "AND eg.enabled = 1 AND epa.enabled = 1";
+		$res = $this->db->dbReturnRow($q);
+		if (!is_array($res)) {
+			$this->login_error = 109;
+			return $this->permission_okay;
+		}
+		if (isset($res['filename']) && $res['filename'] == $this->page_name) {
+			$this->permission_okay = true;
+		} else {
+			$this->login_error = 103;
+		}
+		// if called from public, so we can check if the permissions are ok
+		return $this->permission_okay;
+	}
+
+	/**
+	 * Return ACL array as is
+	 *
+	 * @return array<mixed>
+	 */
+	public function loginGetAcl(): array
+	{
+		return $this->acl;
+	}
+
+	/**
+	 * checks if this edit access id is valid
+	 *
+	 * @param  int|null $edit_access_id access id pk to check
+	 * @return bool                     true/false: if the edit access is not
+	 *                                  in the valid list: false
+	 */
+	public function loginCheckEditAccess($edit_access_id): bool
+	{
+		if ($edit_access_id === null) {
+			return false;
+		}
+		if (array_key_exists($edit_access_id, $this->acl['unit'])) {
+			return true;
+		}
+		return false;
+	}
+
+	/**
+	 * Check if admin flag is set
+	 *
+	 * @return bool True if admin flag set
+	 */
+	public function loginIsAdmin(): bool
+	{
+		if (!empty($this->acl['admin'])) {
+			return true;
+		}
+		return false;
+	}
+
+	/**
+	 * check if min accesss string (eg, read, mod, etc) is matchable
+	 * EQUAL to BASE set right
+	 *
+	 * @param  string $min_access
+	 * @return bool
+	 */
+	public function loginCheckAccessBase(string $min_access): bool
+	{
+		return $this->loginCheckAccess('base', $min_access);
+	}
+
+	/**
+	 * check if min accesss string (eg, read, mod, etc) is matchable
+	 * EQUAL to PAGE set right
+	 *
+	 * @param  string $min_access
+	 * @return bool
+	 */
+	public function loginCheckAccessPage(string $min_access): bool
+	{
+		return $this->loginCheckAccess('page', $min_access);
+	}
+
 	/**
 	 * checks that the given edit access id is valid for this user
+	 *
 	 * @param  int|null $edit_access_id edit access id to check
 	 * @return int|null                 same edit access id if ok
 	 *                                  or the default edit access id
@@ -1465,14 +1574,14 @@ EOM;
 			!array_key_exists($edit_access_id, $_SESSION['UNIT'])
 		) {
 			return $_SESSION['UNIT_DEFAULT'] ?? null;
-		} else {
-			return $edit_access_id;
 		}
+		return $edit_access_id;
 	}

 	/**
 	 * retunrn a set entry from the UNIT session for an edit access_id
 	 * if not found return false
+	 *
 	 * @param  int        $edit_access_id edit access id
 	 * @param  string|int $data_key       key value to search for
 	 * @return bool|string                false for not found or string for found data
@@ -1481,9 +1590,8 @@ EOM;
 	{
 		if (!isset($_SESSION['UNIT'][$edit_access_id]['data'][$data_key])) {
 			return false;
-		} else {
-			return $_SESSION['UNIT'][$edit_access_id]['data'][$data_key];
 		}
+		return $_SESSION['UNIT'][$edit_access_id]['data'][$data_key];
 	}
 	// close class
 }
--- a/www/lib/CoreLibs/Basic.php
+++ b/www/lib/CoreLibs/Basic.php
@@ -85,11 +85,13 @@ class Basic
 	 * main Basic constructor to init and check base settings
 	 * @param \CoreLibs\Debug\Logging|null $log Logging class
 	 * @param string|null $session_name Set session name
+	 * @deprecated DO NOT USE Class\Basic anymore. Use dedicated logger and sub classes
 	 */
 	public function __construct(
 		\CoreLibs\Debug\Logging $log = null,
 		?string $session_name = null
 	) {
+		trigger_error('Class \CoreLibs\Basic is deprected', E_USER_DEPRECATED);
 		// TODO make check dynamic for entries we MUST have depending on load type
 		// before we start any work, we should check that all MUST constants are defined
 		$abort = false;
--- a/www/lib/CoreLibs/DB/Extended/ArrayIO.php
+++ b/www/lib/CoreLibs/DB/Extended/ArrayIO.php
@@ -43,7 +43,7 @@ class ArrayIO extends \CoreLibs\DB\IO
 	/** @var string */
 	public $table_name; // the table_name
 	/** @var string */
-	public $pk_name; // the primary key from this table
+	public $pk_name = ''; // the primary key from this table
 	/** @var int|string|null */
 	public $pk_id; // the PK id

--- a/www/lib/CoreLibs/DB/SQL/PgSQL.php
+++ b/www/lib/CoreLibs/DB/SQL/PgSQL.php
@@ -604,7 +604,7 @@ class PgSQL implements \CoreLibs\DB\SQL\SqlInterface\SqlFunctions
 			return '';
 		}
 		// extract element
-		$return_string = pg_version($this->dbh)[$parameter] ?? '';
+		$return_string = (string)(pg_version($this->dbh)[$parameter] ?? '');
 		// for version, strip if requested
 		if (
 			in_array($parameter, ['server']) &&
Author	SHA1	Message	Date
Clemens Schwaighofer	51e700cd10	Fixes from phan/phpstan tests	2022-04-28 14:17:30 +09:00
Clemens Schwaighofer	71a431d5aa	Class fix for ACL\Login, DB\Extended\ArrayIO, edit_base.php - edit base used useless regex for getting filename and dir from folder list. Changed to pathinfo() call to fix this - edit_base.php and DB\Extended\ArrayIO fixes On page order in edit we got errors because pk_name in ArrayIO class was not init as empty string as it should be (is defined as string only) - ACL\Login updates Move all public functions to the public block. Add public functions for base check Page/Base level to min level name get acl array as is for now (will be extended with other calls for more detail query) Also clean ups in PHPdoc layout, long lines, etc	2022-04-28 10:03:47 +09:00
Clemens Schwaighofer	6970e6221b	Fix ACL\Login base ACL for page with DEFAULT ACL LEVEL USER	2022-04-27 18:12:22 +09:00
Clemens Schwaighofer	831f3be1a8	Update config.php to use absolute paths for loading basic settings	2022-04-26 13:55:51 +09:00
Clemens Schwaighofer	f2aba8c466	add error for unsupported php in phpunit test script	2022-04-25 18:36:08 +09:00