dcovington
/
KCI-CAMPAIGN-TRACKER
1
0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
4 Révisions
1 Branche
177KB
Aborescence: e84151ff01
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de 'e84151ff01'
${ noResults }
KCI-CAMPAIGN-TRACKER/core/helpers.php

208 lignes
5.4KB
Brut Annotations Historique 

  1. <?php

  2. 

  3. declare(strict_types=1);

  4. 

  5. use Core\App;

  6. use Core\Auth\KeycloakAuth;

  7. use Core\Auth\PermissionService;

  8. use Core\Database;

  9. use Core\Http\Session;

  10. use Core\MigrationManager;

  11. use Core\Response;

  12. use Core\View;

  13. 

  14. // ── Framework helpers ─────────────────────────────────────────────────────────

  15. 

  16. function app(): App

  17. {

  18.     static $app = null;

  19. 

  20.     if ($app === null) {

  21.         $app = new App();

  22.     }

  23. 

  24.     return $app;

  25. }

  26. 

  27. function view(string $view, array $data = []): Response

  28. {

  29.     return View::render($view, $data);

  30. }

  31. 

  32. function redirect(string $url): Response

  33. {

  34.     return Response::redirect($url);

  35. }

  36. 

  37. // ── Environment helpers ───────────────────────────────────────────────────────

  38. 

  39. function env(string $key, mixed $default = null): mixed

  40. {

  41.     $value = $_ENV[$key] ?? getenv($key);

  42. 

  43.     return ($value === false) ? $default : $value;

  44. }

  45. 

  46. function loadEnv(string $path): void

  47. {

  48.     if (!file_exists($path)) {

  49.         return;

  50.     }

  51. 

  52.     foreach (file($path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES) as $line) {

  53.         $line = trim($line);

  54. 

  55.         if ($line === '' || str_starts_with($line, '#') || !str_contains($line, '=')) {

  56.             continue;

  57.         }

  58. 

  59.         [$key, $value] = explode('=', $line, 2);

  60.         $key   = trim($key);

  61.         $value = trim($value, " \t\"'");

  62. 

  63.         if (!isset($_ENV[$key]) && getenv($key) === false) {

  64.             $_ENV[$key] = $value;

  65.             putenv("{$key}={$value}");

  66.         }

  67.     }

  68. }

  69. 

  70. // ── Session helper ────────────────────────────────────────────────────────────

  71. 

  72. function session(): Session

  73. {

  74.     static $session = null;

  75. 

  76.     if ($session === null) {

  77.         $session = new Session();

  78.     }

  79. 

  80.     return $session;

  81. }

  82. 

  83. // ── Auth helper ───────────────────────────────────────────────────────────────

  84. 

  85. function auth(): KeycloakAuth

  86. {

  87.     static $auth = null;

  88. 

  89.     if ($auth === null) {

  90.         $auth = new KeycloakAuth(session(), new PermissionService());

  91.     }

  92. 

  93.     return $auth;

  94. }

  95. 

  96. // ── Database helpers ──────────────────────────────────────────────────────────

  97. 

  98. function ensureSqlServerDatabase(array $config): void

  99. {

  100.     if (!str_starts_with($config['dsn'] ?? '', 'sqlsrv:')) {

  101.         return;

  102.     }

  103. 

  104.     preg_match('/Server=([^;]+)/', $config['dsn'], $serverMatch);

  105.     preg_match('/Database=([^;]+)/', $config['dsn'], $dbMatch);

  106. 

  107.     if (empty($serverMatch[1]) || empty($dbMatch[1])) {

  108.         return;

  109.     }

  110. 

  111.     $server = $serverMatch[1];

  112.     $dbName = $dbMatch[1];

  113. 

  114.     try {

  115.         $masterPdo = new PDO(

  116.             "sqlsrv:Server={$server};Database=master;LoginTimeout=5;TrustServerCertificate=1",

  117.             $config['username'] ?? null,

  118.             $config['password'] ?? null,

  119.             [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]

  120.         );

  121. 

  122.         $check = $masterPdo->prepare('SELECT 1 FROM sys.databases WHERE name = ?');

  123.         $check->execute([$dbName]);

  124. 

  125.         if (!$check->fetch()) {

  126.             $safeName = str_replace(']', ']]', $dbName);

  127.             $masterPdo->exec("CREATE DATABASE [{$safeName}]");

  128.         }

  129.     } catch (\Throwable) {

  130.         // Let the main connection fail with its own error if master access fails

  131.     }

  132. }

  133. 

  134. function database(): Database

  135. {

  136.     static $database = null;

  137. 

  138.     if ($database === null) {

  139.         /** @var array<string, mixed> $config */

  140.         $config = require __DIR__ . '/../config/database.php';

  141. 

  142.         ensureSqlServerDatabase($config);

  143. 

  144.         $database = new Database($config);

  145.     }

  146. 

  147.     return $database;

  148. }

  149. 

  150. function migration_manager(): MigrationManager

  151. {

  152.     static $migrationManager = null;

  153. 

  154.     if ($migrationManager === null) {

  155.         $migrationManager = new MigrationManager(database(), __DIR__ . '/../database/migrations');

  156.     }

  157. 

  158.     return $migrationManager;

  159. }

  160. 

  161. // ── Session / CSRF helpers ────────────────────────────────────────────────────

  162. 

  163. function ensureSessionStarted(): void

  164. {

  165.     if (session_status() === PHP_SESSION_NONE) {

  166.         session_start();

  167.     }

  168. }

  169. 

  170. function e(?string $value): string

  171. {

  172.     return htmlspecialchars((string) $value, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');

  173. }

  174. 

  175. function asset(string $path): string

  176. {

  177.     return '/' . ltrim($path, '/');

  178. }

  179. 

  180. function csrf_token(): string

  181. {

  182.     ensureSessionStarted();

  183. 

  184.     if (!isset($_SESSION['_csrf_token']) || !is_string($_SESSION['_csrf_token'])) {

  185.         $_SESSION['_csrf_token'] = bin2hex(random_bytes(32));

  186.     }

  187. 

  188.     return $_SESSION['_csrf_token'];

  189. }

  190. 

  191. function csrf_field(): string

  192. {

  193.     return '<input type="hidden" name="_token" value="' . e(csrf_token()) . '">';

  194. }

  195. 

  196. function verify_csrf_token(?string $token): bool

  197. {

  198.     ensureSessionStarted();

  199. 

  200.     if (!is_string($token) || $token === '') {

  201.         return false;

  202.     }

  203. 

  204.     $sessionToken = $_SESSION['_csrf_token'] ?? null;

  205. 

  206.     return is_string($sessionToken) && hash_equals($sessionToken, $token);

  207. }

Powered by TurnKey Linux.