Skip to content

Commit

Permalink
Database as new class with interface
Browse files Browse the repository at this point in the history
Add phpunit for test run
Add github action for build project
  • Loading branch information
sveneld committed Feb 24, 2024
1 parent f9ea0fe commit 1baf637
Show file tree
Hide file tree
Showing 19 changed files with 517 additions and 168 deletions.
32 changes: 32 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Build

on:
push:
branches:
- "*"
pull_request:
branches:
- "*"

jobs:
phpcs:
runs-on: ubuntu-latest
strategy:
matrix:
php-version: [5.6, 7.0, 7.1]
fail-fast: false

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-version }}

- name: Install dependencies
run: composer install

- name: Run PHP Unit Tests
run: vendor/bin/phpunit --configuration phpunit.xml.dist
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ RUN sed -i '/security.debian.org/d' /etc/apt/sources.list \
RUN echo "deb http://archive.debian.org/debian/ stretch main" > /etc/apt/sources.list \
&& echo "deb http://archive.debian.org/debian-security stretch/updates main" >> /etc/apt/sources.list

RUN apt-get update && apt-get install -y zlib1g-dev libicu-dev g++ wget git
RUN apt-get update && apt-get install -y zlib1g-dev libicu-dev g++ wget git zip

RUN wget --no-check-certificate https://pecl.php.net/get/xdebug-2.5.5.tgz \
&& pecl install --offline ./xdebug-2.5.5.tgz \
Expand Down
82 changes: 43 additions & 39 deletions actions-sms.php
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
<?php

require_once 'vendor/autoload.php';
require("common.php");

function help($number)
Expand Down Expand Up @@ -307,7 +309,7 @@ function returnBike($number,$bike,$stand,$message="",$force=FALSE)
{
$userNote="";
}
else $userNote=$db->conn->real_escape_string(trim($matches[1]));
else $userNote=$db->escape(trim($matches[1]));

$result=$db->query("UPDATE bikes SET currentUser=NULL,currentStand=$standId WHERE bikeNum=$bikeNum");
if ($userNote)
Expand Down Expand Up @@ -495,28 +497,30 @@ function freeBikes($number)

function log_sms($sms_uuid, $sender, $receive_time, $sms_text, $ip)
{
global $dbserver,$dbuser,$dbpassword,$dbname;
$localdb=new Database($dbserver,$dbuser,$dbpassword,$dbname);
$localdb->connect();
$localdb->conn->autocommit(TRUE);

$sms_uuid =$localdb->conn->real_escape_string($sms_uuid);
$sender =$localdb->conn->real_escape_string($sender);
$receive_time =$localdb->conn->real_escape_string($receive_time);
$sms_text =$localdb->conn->real_escape_string($sms_text);
$ip =$localdb->conn->real_escape_string($ip);

$result =$localdb->query("SELECT sms_uuid FROM received WHERE sms_uuid='$sms_uuid'");
if (DEBUG===FALSE AND $result->num_rows>=1) // sms already exists in DB, possible problem
{
notifyAdmins(_('Problem with SMS')." $sms_uuid!",1);
return FALSE;
}
else
{
$result =$localdb->query("INSERT INTO received SET sms_uuid='$sms_uuid',sender='$sender',receive_time='$receive_time',sms_text='$sms_text',ip='$ip'");
}

global $dbserver, $dbuser, $dbpassword, $dbname;
/**
* @var \Bikeshare\Db\DbInterface
*/
$localdb = new \Bikeshare\Db\MysqliDb($dbserver, $dbuser, $dbpassword, $dbname);
$localdb->connect();

#TODO does it needed???
$localdb->setAutocommit(true);

$sms_uuid = $localdb->escape($sms_uuid);
$sender = $localdb->escape($sender);
$receive_time = $localdb->escape($receive_time);
$sms_text = $localdb->escape($sms_text);
$ip = $localdb->escape($ip);

$result = $localdb->query("SELECT sms_uuid FROM received WHERE sms_uuid='$sms_uuid'");
if (DEBUG === FALSE and $result->num_rows >= 1) {
// sms already exists in DB, possible problem
notifyAdmins(_('Problem with SMS') . " $sms_uuid!", 1);
return FALSE;
} else {
$result = $localdb->query("INSERT INTO received SET sms_uuid='$sms_uuid',sender='$sender',receive_time='$receive_time',sms_text='$sms_text',ip='$ip'");
}
}


Expand All @@ -540,7 +544,7 @@ function delnote($number,$bikeNum,$message)
}
else
{
sendSMS($number,_('Error in bike number / stand name specification:'.$db->conn->real_escape_string($bikeNum)));
sendSMS($number,_('Error in bike number / stand name specification:'.$db->escape($bikeNum)));
return;
}

Expand Down Expand Up @@ -573,15 +577,15 @@ function delnote($number,$bikeNum,$message)
$reportedBy=$row["userName"];

$matches=explode(" ",$message,3);
$userNote=$db->conn->real_escape_string(trim($matches[2]));
$userNote=$db->escape(trim($matches[2]));

if($userNote=='')
{
$userNote='%';
}

$result=$db->query("UPDATE notes SET deleted=NOW() where bikeNum=$bikeNum and deleted is null and note like '%$userNote%'");
$count = $db->conn->affected_rows;
$count = $db->getAffectedRows();

if($count == 0)
{
Expand Down Expand Up @@ -633,15 +637,15 @@ function untag($number,$standName,$message)


$matches=explode(" ",$message,3);
$userNote=$db->conn->real_escape_string(trim($matches[2]));
$userNote=$db->escape(trim($matches[2]));

if($userNote=='')
{
$userNote='%';
}

$result=$db->query("update notes join bikes on notes.bikeNum = bikes.bikeNum set deleted=now() where bikes.currentStand='$standId' and note like '%$userNote%' and deleted is null");
$count = $db->conn->affected_rows;
$count = $db->getAffectedRows();

if($count == 0)
{
Expand Down Expand Up @@ -692,15 +696,15 @@ function delstandnote($number,$standName,$message)


$matches=explode(" ",$message,3);
$userNote=$db->conn->real_escape_string(trim($matches[2]));
$userNote=$db->escape(trim($matches[2]));

if($userNote=='')
{
$userNote='%';
}

$result=$db->query("UPDATE notes SET deleted=NOW() where standId=$standId and deleted is null and note like '%$userNote%'");
$count = $db->conn->affected_rows;
$count = $db->getAffectedRows();

if($count == 0)
{
Expand Down Expand Up @@ -751,7 +755,7 @@ function standNote($number,$standName,$message)


$matches=explode(" ",$message,3);
$userNote=$db->conn->real_escape_string(trim($matches[2]));
$userNote=$db->escape(trim($matches[2]));

if ($userNote=="") //deletemmm
{
Expand All @@ -767,7 +771,7 @@ function standNote($number,$standName,$message)
else
{
$db->query("INSERT INTO notes SET standId='$standId',userId='$userId',note='$userNote'");
$noteid=$db->conn->insert_id;
$noteid=$db->getLastInsertId();
sendSMS($number,_('Note for stand')." ".$standName." "._('saved').".");
notifyAdmins(_('Note #').$noteid.": "._("on stand")." ".$standName." "._('by')." ".$reportedBy." (".$number."):".$userNote);
}
Expand Down Expand Up @@ -799,7 +803,7 @@ function tag($number,$standName,$message)


$matches=explode(" ",$message,3);
$userNote=$db->conn->real_escape_string(trim($matches[2]));
$userNote=$db->escape(trim($matches[2]));

if ($userNote=="") //deletemmm
{
Expand All @@ -815,7 +819,7 @@ function tag($number,$standName,$message)
else
{
$db->query("INSERT INTO notes (bikeNum,userId,note) SELECT bikeNum,'$userId','$userNote' FROM bikes where currentStand='$standId'");
//$noteid=$db->conn->insert_id;
//$noteid=$db->getLastInsertId();
sendSMS($number,_('All bikes on stand')." ".$standName." "._('tagged').".");
notifyAdmins(_('All bikes on stand')." "."$standName".' '._('tagged by')." ".$reportedBy." (".$number.")". _("with note:").$userNote);
}
Expand All @@ -841,7 +845,7 @@ function note($number,$bikeNum,$message)
}
else
{
sendSMS($number,_('Error in bike number / stand name specification:'.$db->conn->real_escape_string($bikeNum)));
sendSMS($number,_('Error in bike number / stand name specification:'.$db->escape($bikeNum)));
return;
}

Expand Down Expand Up @@ -878,7 +882,7 @@ function note($number,$bikeNum,$message)
else
{
$matches=explode(" ",$message,3);
$userNote=$db->conn->real_escape_string(trim($matches[2]));
$userNote=$db->escape(trim($matches[2]));
}

if ($userNote=="")
Expand All @@ -897,7 +901,7 @@ function note($number,$bikeNum,$message)
else
{
$db->query("INSERT INTO notes SET bikeNum='$bikeNum',userId='$userId',note='$userNote'");
$noteid=$db->conn->insert_id;
$noteid=$db->getLastInsertId();
sendSMS($number,_('Note for bike')." ".$bikeNum." "._('saved').".");
notifyAdmins(_('Note #').$noteid.": b.".$bikeNum." (".$bikeStatus.") "._('by')." ".$reportedBy." (".$number."):".$userNote);
}
Expand Down Expand Up @@ -1014,8 +1018,8 @@ function add($number,$email,$phone,$message)
sendSMS($number,_('Contact information is in incorrect format. Use:')." ADD king@earth.com 0901456789 Martin Luther King Jr.");
return;
}
$userName=$db->conn->real_escape_string(trim($matches[2]));
$email=$db->conn->real_escape_string(trim($matches[1]));
$userName=$db->escape(trim($matches[2]));
$email=$db->escape(trim($matches[1]));

$result=$db->query("INSERT into users SET userName='$userName',number=$phone,mail='$email'");

Expand Down
12 changes: 9 additions & 3 deletions admin.php
Original file line number Diff line number Diff line change
@@ -1,15 +1,21 @@
<?php

use Bikeshare\Db\MysqliDb;

require_once 'vendor/autoload.php';
require("config.php");
require("db.class.php");
require('actions-web.php');

$db=new Database($dbserver,$dbuser,$dbpassword,$dbname);
/**
* @var \Bikeshare\Db\DbInterface
*/
$db=new MysqliDb($dbserver,$dbuser,$dbpassword,$dbname);
$db->connect();

checksession();

if (isset($_COOKIE["loguserid"])) {
$userid = $db->conn->real_escape_string(trim($_COOKIE["loguserid"]));
$userid = $db->escape(trim($_COOKIE["loguserid"]));
} else {
$userid = 0;
}
Expand Down
10 changes: 8 additions & 2 deletions agree.php
Original file line number Diff line number Diff line change
@@ -1,9 +1,15 @@
<?php

use Bikeshare\Db\MysqliDb;

require_once 'vendor/autoload.php';
require("config.php");
require("db.class.php");
require('actions-web.php');

$db=new Database($dbserver,$dbuser,$dbpassword,$dbname);
/**
* @var \Bikeshare\Db\DbInterface
*/
$db=new MysqliDb($dbserver,$dbuser,$dbpassword,$dbname);
$db->connect();
?>
<!DOCTYPE html>
Expand Down
14 changes: 10 additions & 4 deletions command.php
Original file line number Diff line number Diff line change
@@ -1,19 +1,25 @@
<?php

use Bikeshare\Db\MysqliDb;

require_once 'vendor/autoload.php';
require("config.php");
require("db.class.php");
require('actions-web.php');

$db=new Database($dbserver,$dbuser,$dbpassword,$dbname);
/**
* @var \Bikeshare\Db\DbInterface
*/
$db=new MysqliDb($dbserver,$dbuser,$dbpassword,$dbname);
$db->connect();

if (isset($_COOKIE["loguserid"])) {
$userid = $db->conn->real_escape_string(trim($_COOKIE["loguserid"]));
$userid = $db->escape(trim($_COOKIE["loguserid"]));
} else {
$userid = 0;
}

if (isset($_COOKIE["logsession"])) {
$session = $db->conn->real_escape_string(trim($_COOKIE["logsession"]));
$session = $db->escape(trim($_COOKIE["logsession"]));
} else {
$session = '';
}
Expand Down
Loading

0 comments on commit 1baf637

Please sign in to comment.