A lot of code cleanup and code sanitation done.

This commit is contained in:
2026-06-20 00:31:32 +02:00
parent be392b8149
commit d781078c0d
100 changed files with 733 additions and 2097 deletions

View File

@@ -6,8 +6,8 @@ use JetBrains\PhpStorm\NoReturn;
class API
{
public $conn;
public $pdo;
public mixed $conn;
public mixed $pdo;
# The user uuid that requested the API
protected $user_uuid;
@@ -21,7 +21,7 @@ class API
protected $content_type;
# The original posted data to the API, this data is NOT sanitized and validated, never use this data for queries!
public $postedData;
public mixed $postedData;
# The validated and sanitized data can be uses for the API actions
public $data;
@@ -32,7 +32,7 @@ class API
# The return url that the frontend request will forward to after the api call is done. if set to false it will only output
# the json response with an http code. API calls always respond with json. $return_url can be set to supply the form with an input
# with the name _return and value of the url to return to.
public $return_url;
public mixed $return_url;
# Used for the query builder base
public $baseQuery = false;
@@ -46,8 +46,8 @@ class API
public function __construct()
{
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/db_connect.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Functions/globalFunctions.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/db_connect.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Functions/globalFunctions.php";
# Setup Database connection
$this->conn = $GLOBALS['conn'];
@@ -100,7 +100,7 @@ class API
}
private function InitUserTypeFrontend()
private function InitUserTypeFrontend(): void
{
$this->user_uuid = $_SESSION['user']['user_uuid'];
$this->user_type = 'frontend';
@@ -265,8 +265,11 @@ class API
{
switch ($rules['type']) {
case 'string':
case 'password':
case 'html':
if (!is_string($value)) return false;
return $this->isValidLength($value, $rules);
case 'slugify':
if (!is_string($value) || !preg_match('/^[a-z0-9]+(-[a-z0-9]+)*$/', $value)) return false;
return $this->isValidLength($value, $rules);
@@ -290,14 +293,6 @@ class API
if (!filter_var($value, FILTER_VALIDATE_EMAIL)) return false;
return $this->isValidLength($value, $rules);
case 'password':
if (!is_string($value)) return false;
return $this->isValidLength($value, $rules);
case 'html':
if (!is_string($value)) return false;
return $this->isValidLength($value, $rules);
case 'int':
if (!is_int($value) && !ctype_digit($value)) return false;
$value = (int)$value;

View File

@@ -10,13 +10,13 @@ require_once 'API.php';
class API_inserve extends API
{
private $inserve_url;
private string $inserve_url;
private $inserve_token;
private string $inserve_token;
public $inserve_source_uuid;
public string $inserve_source_uuid;
public $inserve_custom_data;
public array $inserve_custom_data;
private $ch;

View File

@@ -8,7 +8,7 @@ use bin\php\Classes\mailBuilder;
use JetBrains\PhpStorm\NoReturn;
require_once 'API.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
class API_users extends API
{

View File

@@ -32,7 +32,7 @@ class API_usersavatar extends API
user_profile_picture_thumbnail = ?
WHERE user_uuid = ?";
$stmt = $stmt = $this->prepareStatement($query);
$stmt = $this->prepareStatement($query);
$stmt->bind_param("sss",
$this->data['user_profile_picture'],
$this->data['user_profile_picture_thumbnail'],

View File

@@ -115,7 +115,7 @@ class imageProcessor
return in_array($mime, ['image/png', 'image/webp']);
}
private function setTransparentCanvas($image, $width, $height)
private function setTransparentCanvas($image, $width, $height): void
{
// Enable alpha blending and preserve alpha channel
imagealphablending($image, false);
@@ -125,7 +125,6 @@ class imageProcessor
$transparent = imagecolorallocatealpha($image, 0, 0, 0, 127);
imagefilledrectangle($image, 0, 0, $width, $height, $transparent);
return $image;
}
private function resizeToFitRestrictions($mime, $width, $height)

View File

@@ -3,7 +3,7 @@
use api\classes\API_devices;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
$API_devices = new API_devices();

View File

@@ -3,8 +3,8 @@
use api\classes\API_devices;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_devices.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_devices.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
$API_devices = new API_devices();

View File

@@ -4,8 +4,8 @@ use api\classes\API_platforms;
use api\classes\imageProcessor;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_platforms.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_platforms.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
$API_platforms = new API_platforms();

View File

@@ -4,8 +4,8 @@ use api\classes\API_vendors;
use api\classes\imageProcessor;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_vendors.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_vendors.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
$API_vendors = new API_vendors();

View File

@@ -4,7 +4,7 @@ use api\classes\API_companies;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_companies.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_companies.php";
# Check permissions
$API_companies = new API_companies();

View File

@@ -4,8 +4,8 @@ use api\classes\API_permissions;
use api\classes\API_usergroups;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usergroups.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usergroups.php";
$API_permissions = new API_permissions();
$API_usergroups = new API_usergroups();

View File

@@ -4,8 +4,8 @@ use api\classes\API_mailsettings;
use bin\php\Classes\mailBuilder;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_mailsettings.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_mailsettings.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
$API_mailsettings = new API_mailsettings();

View File

@@ -3,7 +3,7 @@
use api\classes\API_system_modules;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_system_modules.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_system_modules.php";
$API_system_modules = new API_system_modules();

View File

@@ -4,7 +4,7 @@ use api\classes\API_permissions;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_permissions.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_permissions.php";
$API_permissions = new API_permissions();

View File

@@ -3,7 +3,7 @@
use api\classes\API_system_sources;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_system_sources.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_system_sources.php";
$API_system_sources = new API_system_sources();

View File

@@ -3,7 +3,7 @@
use api\classes\API_usergroups;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usergroups.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usergroups.php";
$API_usergroups = new API_usergroups();

View File

@@ -3,7 +3,7 @@
use api\classes\API_users;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_users.php";
$API_users = new API_users();

View File

@@ -4,7 +4,7 @@ use api\classes\API_servers;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_servers.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_servers.php";
$API_servers = new API_servers();

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve();
$API_inserve->setupConnection();

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve();

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve();
$API_inserve->setupConnection();
@@ -20,7 +20,7 @@ if ($API_inserve->request_method === 'POST' || $API_inserve->request_method ===
do {
$result = $API_inserve->companies($page);
if (!isset($result['data']) || empty($result['data'])) {
if (empty($result['data'])) {
break;
}

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve();

View File

@@ -4,7 +4,7 @@ use api\classes\API_inserve;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_inserve.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_inserve.php";
$API_inserve = new API_inserve();

View File

@@ -5,7 +5,7 @@ use api\classes\API_users;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_apitoken.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_apitoken.php";
$API_apitoken = new API_apitoken();

View File

@@ -4,8 +4,8 @@
use api\classes\API_usersavatar;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_usersavatar.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/imageProcessor.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_usersavatar.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/imageProcessor.php";
$API_usersavatar = new API_usersavatar();

View File

@@ -1,8 +1,8 @@
<?php
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_mfa.php';
require $_SERVER['DOCUMENT_ROOT'] . '/../vendor/autoload.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/login/php/authFunctions.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}'/api/classes/API_mfa.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/../vendor/autoload.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/login/php/authFunctions.php";
use api\classes\API_mfa;

View File

@@ -5,9 +5,9 @@ use api\classes\API_users;
use bin\php\Classes\mailBuilder;
session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_resetpassword.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Classes/mailBuilder.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/api/classes/API_users.php';
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_resetpassword.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/bin/php/Classes/mailBuilder.php";
require_once "{$_SERVER['DOCUMENT_ROOT']}/api/classes/API_users.php";
$API_resetpassword = new API_resetpassword();