PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 11:09:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
eaad74057464e81fdba0a5e23c265c706753c1d3
xamxam/TODO.md
Pontoporeia eaad740574 refactor: extract buildSearchConditions, add getThesesList, remove dead code, fix SearchTest 
- Database: extract private buildSearchConditions(array $params): array shared by
  searchTheses() and countSearchResults(), eliminating ~80 lines of duplication;
  add array type hints to both public methods
- Database: add getThesesList(array $filters) and getAllYears() so admin/index.php
  no longer builds raw SQL inline
- admin/index.php: replace inline PDO query block with $db->getThesesList() /
  $db->getAllYears(); drop the now-unused $pdo local
- config/bootstrap.php: remove dead include_template() helper and the
  vendor/autoload.php Composer stub (no vendor/ directory exists)
- apps/: delete entire directory (leftover artefact, no code references it)
- tests/Integration/SearchTest.php: fix three searchTheses() calls from bare
  strings to proper array params to match the method signature (prevented TypeError)
2026-02-24 23:21:44 +01:00

6.4 KiB
Raw Blame History

Post-ERG Dependency & Refactoring Analysis

Summary

The project has zero external PHP library dependencies (no Composer, no vendor/). All PHP logic relies exclusively on standard PHP extensions: PDO/SQLite, finfo, session_*, password_verify, hash_equals, random_bytes, json_*, SPL iterators. There is one vendored CSS file (modern-normalize.min.css, 1 file, 8 lines).

The only real problems are internal structural bugs and dead code paths, not third-party dependencies. The tasks below are ordered from critical to nice-to-have.

Critical Bugs (broken at runtime)

  • Fix broken lib/ require paths in all admin pages Admin pages (add.php, edit.php, import.php, thanks.php, login.php, logout.php, actions/formulaire.php, actions/publish.php) all require ../../lib/AdminAuth.php and ../../lib/Database.php, but the lib/ directory does not exist. The actual files live in src/. This means the entire admin panel is broken. Fix: change all lib/ references to src/.

  • Fix missing modern-normalize.css (no .min variant) templates/header.php, templates/head.php, and public/search.php reference assets/modern-normalize.css (without .min), but only modern-normalize.min.css exists. Either rename the file or update the references to be consistent.

  • Fix admin/index.php inconsistency admin/index.php uses src/AdminAuth.php (correct) but then ../../lib/Database.php (broken). It should load from src/ consistently.

Structural / Code-Quality Refactors

  • Unify and rename src/ path references across the entire codebase After fixing the lib/src/ migration, normalise every admin page to load src/Database.php and src/AdminAuth.php via APP_ROOT (the constant already defined in bootstrap.php), removing the fragile relative-path ../../ chains.

  • Eliminate the duplicate searchTheses / countSearchResults condition block Database::searchTheses() and Database::countSearchResults() share identical WHERE-clause construction logic (~80 lines each). Extract a private buildSearchConditions(array $params): array helper that returns [$conditions, $bindings] and call it from both methods.

  • Remove getConnection() / getPDO() alias duplication The Database class exposes getConnection(), getPDO(), and direct transaction delegation (beginTransaction, commit, rollback) purely because the admin code accesses raw PDO. Consider removing getConnection() (alias of getPDO()) and instead promoting the most-used raw queries into Database methods, reducing direct PDO exposure.

  • Move inline SQL in admin/index.php into Database admin/index.php builds a raw SQL query with dynamic filter conditions directly in the page. This is the only admin page doing so. Add a getThesesList(array $filters): array method to Database to match the pattern used everywhere else.

  • Add a getThesisByIdAdmin(int $id): ?array method to remove repeated raw queries in admin admin/thanks.php and admin/edit.php each call $db->getThesis($id) then immediately issue further raw PDO queries for related data (thesis_languages, thesis_formats, files). Consolidate into a method that returns everything needed for the admin detail view.

What Can Be Removed / Simplified

  • Remove include_template() helper from bootstrap.php — it is never called The function include_template($name) in config/bootstrap.php is dead code; pages use direct include APP_ROOT . '/templates/...' instead.

  • Remove the Composer autoload stub from bootstrap.php bootstrap.php has if (file_exists(APP_ROOT . '/vendor/autoload.php')) — there is no Composer vendor directory and no plan for one. Remove this dead branch.

  • Delete apps/admin/ directory apps/admin/ contains only data/ (empty with test data) and error.log and test.db. It appears to be a leftover from an earlier structure. If confirmed unused, delete it.

  • Remove apps/ directory entirely if it contains only residual artefacts Related to the above — verify no active code references apps/.

What Needs External Dependencies (nothing — keep it that way)

  • Authentication: password_verify + session_* + random_bytes — already standard PHP. No dependency needed.
  • Database: PDO + SQLite — already standard PHP. No dependency needed.
  • Rate limiting: File-based JSON sliding window — already implemented without deps. Could be replaced by Redis/APCu at scale, but unnecessary for current load.
  • File serving / MIME validation: finfo (fileinfo extension) — standard PHP bundled extension.
  • CSRF: hash_equals + random_bytes — standard PHP. No dependency needed.
  • CSS reset (modern-normalize): The single vendored file (8 lines, minified) is small enough to keep vendored. No CDN link, no build step. ✓

Testing Infrastructure

  • Fix SearchTest.php — it calls searchTheses() with a string, not an array $db->searchTheses('art') passes a string, but searchTheses() expects array $params. This test would throw a TypeError at runtime. Fix the call to $db->searchTheses(['query' => 'art']).

  • Add a test for the lib/src/ path fix once it is applied After the path fix, add a smoke test that require-s each admin page's dependencies to catch future regressions.

Low Priority / Nice-to-Have

  • Normalise modern-normalize to a single canonical filename Pick either .min.css or .css and use it everywhere. Prefer .min.css since the file is already minified.

  • Consider extracting file-upload logic from formulaire.php into Database File validation, directory creation, and insertThesisFile() are scattered across formulaire.php. Wrapping them in a Database::attachFile() or a dedicated FileUploadHandler class would make formulaire.php much shorter and the upload logic testable.

  • Unify head.php vs header.php templates The public site has both templates/head.php (shared <head> tag) and templates/header.php (full <head> + <body><header>). tfe.php uses head.php and renders its own <body>, while index.php uses header.php. This split is confusing. Consider making header.php the single entry point.

Reference in New Issue View Git Blame Copy Permalink