Database as new class with interface

Add phpunit for test run Add github action for build project
cyklokoalicia · Feb 24, 2024 · 1baf637 · 1baf637
1 parent f9ea0fe
commit 1baf637
Show file tree

Hide file tree

Showing 19 changed files with 517 additions and 168 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,32 @@
+name: Build
+
+on:
+  push:
+    branches:
+      - "*"
+  pull_request:
+    branches:
+      - "*"
+
+jobs:
+  phpcs:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        php-version: [5.6, 7.0, 7.1]
+      fail-fast: false
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-version }}
+
+      - name: Install dependencies
+        run: composer install
+
+      - name: Run PHP Unit Tests
+        run: vendor/bin/phpunit --configuration phpunit.xml.dist
diff --git a/Dockerfile b/Dockerfile
@@ -10,7 +10,7 @@ RUN sed -i '/security.debian.org/d' /etc/apt/sources.list \
 RUN echo "deb http://archive.debian.org/debian/ stretch main" > /etc/apt/sources.list \
     && echo "deb http://archive.debian.org/debian-security stretch/updates main" >> /etc/apt/sources.list
 
-RUN apt-get update && apt-get install -y zlib1g-dev libicu-dev g++ wget git
+RUN apt-get update && apt-get install -y zlib1g-dev libicu-dev g++ wget git zip
 
 RUN wget --no-check-certificate https://pecl.php.net/get/xdebug-2.5.5.tgz \
     && pecl install --offline ./xdebug-2.5.5.tgz \

diff --git a/actions-sms.php b/actions-sms.php
@@ -1,4 +1,6 @@
 <?php
+
+require_once 'vendor/autoload.php';
 require("common.php");
 
 function help($number)
@@ -307,7 +309,7 @@ function returnBike($number,$bike,$stand,$message="",$force=FALSE)
       {
       $userNote="";
       }
-   else $userNote=$db->conn->real_escape_string(trim($matches[1]));
+   else $userNote=$db->escape(trim($matches[1]));
 
    $result=$db->query("UPDATE bikes SET currentUser=NULL,currentStand=$standId WHERE bikeNum=$bikeNum");
    if ($userNote)
@@ -495,28 +497,30 @@ function freeBikes($number)
 
 function log_sms($sms_uuid, $sender, $receive_time, $sms_text, $ip)
 {
-   global $dbserver,$dbuser,$dbpassword,$dbname;
-        $localdb=new Database($dbserver,$dbuser,$dbpassword,$dbname);
-        $localdb->connect();
-        $localdb->conn->autocommit(TRUE);
-
-   $sms_uuid =$localdb->conn->real_escape_string($sms_uuid);
-   $sender =$localdb->conn->real_escape_string($sender);
-   $receive_time =$localdb->conn->real_escape_string($receive_time);
-   $sms_text =$localdb->conn->real_escape_string($sms_text);
-   $ip =$localdb->conn->real_escape_string($ip);
-
-        $result =$localdb->query("SELECT sms_uuid FROM received WHERE sms_uuid='$sms_uuid'");
-        if (DEBUG===FALSE AND $result->num_rows>=1) // sms already exists in DB, possible problem
-           {
-           notifyAdmins(_('Problem with SMS')." $sms_uuid!",1);
-           return FALSE;
-           }
-        else
-           {
-           $result =$localdb->query("INSERT INTO received SET sms_uuid='$sms_uuid',sender='$sender',receive_time='$receive_time',sms_text='$sms_text',ip='$ip'");
-           }
-
+    global $dbserver, $dbuser, $dbpassword, $dbname;
+    /**
+     * @var \Bikeshare\Db\DbInterface
+     */
+    $localdb = new \Bikeshare\Db\MysqliDb($dbserver, $dbuser, $dbpassword, $dbname);
+    $localdb->connect();
+
+    #TODO does it needed???
+    $localdb->setAutocommit(true);
+
+    $sms_uuid = $localdb->escape($sms_uuid);
+    $sender = $localdb->escape($sender);
+    $receive_time = $localdb->escape($receive_time);
+    $sms_text = $localdb->escape($sms_text);
+    $ip = $localdb->escape($ip);
+
+    $result = $localdb->query("SELECT sms_uuid FROM received WHERE sms_uuid='$sms_uuid'");
+    if (DEBUG === FALSE and $result->num_rows >= 1) {
+        // sms already exists in DB, possible problem
+        notifyAdmins(_('Problem with SMS') . " $sms_uuid!", 1);
+        return FALSE;
+    } else {
+        $result = $localdb->query("INSERT INTO received SET sms_uuid='$sms_uuid',sender='$sender',receive_time='$receive_time',sms_text='$sms_text',ip='$ip'");
+    }
 }
 
 
@@ -540,7 +544,7 @@ function delnote($number,$bikeNum,$message)
 	}
 	else
 	{
-      	sendSMS($number,_('Error in bike number / stand name specification:'.$db->conn->real_escape_string($bikeNum)));
+      	sendSMS($number,_('Error in bike number / stand name specification:'.$db->escape($bikeNum)));
 		return;
 	}
 
@@ -573,15 +577,15 @@ function delnote($number,$bikeNum,$message)
    $reportedBy=$row["userName"];
 
       $matches=explode(" ",$message,3);
-      $userNote=$db->conn->real_escape_string(trim($matches[2]));
+      $userNote=$db->escape(trim($matches[2]));
 
 	if($userNote=='')
 	{
 		$userNote='%';
 	}
 
       $result=$db->query("UPDATE notes SET deleted=NOW() where bikeNum=$bikeNum and deleted is null and note like '%$userNote%'");
-      $count = $db->conn->affected_rows;
+      $count = $db->getAffectedRows();
 
 	if($count == 0)
 	{
@@ -633,15 +637,15 @@ function untag($number,$standName,$message)
 
 
       $matches=explode(" ",$message,3);
-      $userNote=$db->conn->real_escape_string(trim($matches[2]));
+      $userNote=$db->escape(trim($matches[2]));
 
 	if($userNote=='')
 	{
 		$userNote='%';
 	}
 
     $result=$db->query("update notes join bikes on notes.bikeNum = bikes.bikeNum set deleted=now() where bikes.currentStand='$standId' and note like '%$userNote%' and deleted is null");
-    $count = $db->conn->affected_rows;
+    $count = $db->getAffectedRows();
 
 	if($count == 0)
 	{
@@ -692,15 +696,15 @@ function delstandnote($number,$standName,$message)
 
 
       $matches=explode(" ",$message,3);
-      $userNote=$db->conn->real_escape_string(trim($matches[2]));
+      $userNote=$db->escape(trim($matches[2]));
 
 	if($userNote=='')
 	{
 		$userNote='%';
 	}
 
       $result=$db->query("UPDATE notes SET deleted=NOW() where standId=$standId and deleted is null and note like '%$userNote%'");
-      $count = $db->conn->affected_rows;
+      $count = $db->getAffectedRows();
 
 	if($count == 0)
 	{
@@ -751,7 +755,7 @@ function standNote($number,$standName,$message)
 
 
     $matches=explode(" ",$message,3);
-    $userNote=$db->conn->real_escape_string(trim($matches[2]));
+    $userNote=$db->escape(trim($matches[2]));
 
    if ($userNote=="") //deletemmm
       {
@@ -767,7 +771,7 @@ function standNote($number,$standName,$message)
    else
       {
       $db->query("INSERT INTO notes SET standId='$standId',userId='$userId',note='$userNote'");
-      $noteid=$db->conn->insert_id;
+      $noteid=$db->getLastInsertId();
       sendSMS($number,_('Note for stand')." ".$standName." "._('saved').".");
       notifyAdmins(_('Note #').$noteid.": "._("on stand")." ".$standName." "._('by')." ".$reportedBy." (".$number."):".$userNote);
       }
@@ -799,7 +803,7 @@ function tag($number,$standName,$message)
 
 
     $matches=explode(" ",$message,3);
-    $userNote=$db->conn->real_escape_string(trim($matches[2]));
+    $userNote=$db->escape(trim($matches[2]));
 
    if ($userNote=="") //deletemmm
       {
@@ -815,7 +819,7 @@ function tag($number,$standName,$message)
    else
       {
       $db->query("INSERT INTO notes (bikeNum,userId,note) SELECT bikeNum,'$userId','$userNote' FROM bikes where currentStand='$standId'");
-      //$noteid=$db->conn->insert_id;
+      //$noteid=$db->getLastInsertId();
       sendSMS($number,_('All bikes on stand')." ".$standName." "._('tagged').".");
       notifyAdmins(_('All bikes on stand')." "."$standName".' '._('tagged by')." ".$reportedBy." (".$number.")". _("with note:").$userNote);
       }
@@ -841,7 +845,7 @@ function note($number,$bikeNum,$message)
 	}
 	else
 	{
-      	sendSMS($number,_('Error in bike number / stand name specification:'.$db->conn->real_escape_string($bikeNum)));
+      	sendSMS($number,_('Error in bike number / stand name specification:'.$db->escape($bikeNum)));
 		return;
 	}
 
@@ -878,7 +882,7 @@ function note($number,$bikeNum,$message)
    else
       {
       $matches=explode(" ",$message,3);
-      $userNote=$db->conn->real_escape_string(trim($matches[2]));
+      $userNote=$db->escape(trim($matches[2]));
       }
 
    if ($userNote=="")
@@ -897,7 +901,7 @@ function note($number,$bikeNum,$message)
    else
       {
       $db->query("INSERT INTO notes SET bikeNum='$bikeNum',userId='$userId',note='$userNote'");
-      $noteid=$db->conn->insert_id;
+      $noteid=$db->getLastInsertId();
       sendSMS($number,_('Note for bike')." ".$bikeNum." "._('saved').".");
       notifyAdmins(_('Note #').$noteid.": b.".$bikeNum." (".$bikeStatus.") "._('by')." ".$reportedBy." (".$number."):".$userNote);
       }
@@ -1014,8 +1018,8 @@ function add($number,$email,$phone,$message)
       sendSMS($number,_('Contact information is in incorrect format. Use:')." ADD [email protected] 0901456789 Martin Luther King Jr.");
       return;
    }
-   $userName=$db->conn->real_escape_string(trim($matches[2]));
-   $email=$db->conn->real_escape_string(trim($matches[1]));
+   $userName=$db->escape(trim($matches[2]));
+   $email=$db->escape(trim($matches[1]));
 
    $result=$db->query("INSERT into users SET userName='$userName',number=$phone,mail='$email'");
 

diff --git a/admin.php b/admin.php
@@ -1,15 +1,21 @@
 <?php
+
+use Bikeshare\Db\MysqliDb;
+
+require_once 'vendor/autoload.php';
 require("config.php");
-require("db.class.php");
 require('actions-web.php');
 
-$db=new Database($dbserver,$dbuser,$dbpassword,$dbname);
+/**
+ * @var \Bikeshare\Db\DbInterface
+ */
+$db=new MysqliDb($dbserver,$dbuser,$dbpassword,$dbname);
 $db->connect();
 
 checksession();
 
 if (isset($_COOKIE["loguserid"])) {
-    $userid = $db->conn->real_escape_string(trim($_COOKIE["loguserid"]));
+    $userid = $db->escape(trim($_COOKIE["loguserid"]));
 } else {
     $userid = 0;
 }

diff --git a/agree.php b/agree.php
@@ -1,9 +1,15 @@
 <?php
+
+use Bikeshare\Db\MysqliDb;
+
+require_once 'vendor/autoload.php';
 require("config.php");
-require("db.class.php");
 require('actions-web.php');
 
-$db=new Database($dbserver,$dbuser,$dbpassword,$dbname);
+/**
+ * @var \Bikeshare\Db\DbInterface
+ */
+$db=new MysqliDb($dbserver,$dbuser,$dbpassword,$dbname);
 $db->connect();
 ?>
 <!DOCTYPE html>

diff --git a/command.php b/command.php
@@ -1,19 +1,25 @@
 <?php
+
+use Bikeshare\Db\MysqliDb;
+
+require_once 'vendor/autoload.php';
 require("config.php");
-require("db.class.php");
 require('actions-web.php');
 
-$db=new Database($dbserver,$dbuser,$dbpassword,$dbname);
+/**
+ * @var \Bikeshare\Db\DbInterface
+ */
+$db=new MysqliDb($dbserver,$dbuser,$dbpassword,$dbname);
 $db->connect();
 
 if (isset($_COOKIE["loguserid"])) {
-    $userid = $db->conn->real_escape_string(trim($_COOKIE["loguserid"]));
+    $userid = $db->escape(trim($_COOKIE["loguserid"]));
 } else {
     $userid = 0;
 }
 
 if (isset($_COOKIE["logsession"])) {
-    $session = $db->conn->real_escape_string(trim($_COOKIE["logsession"]));
+    $session = $db->escape(trim($_COOKIE["logsession"]));
 } else {
     $session = '';
 }