Merge pull request #1700 from abantecart/1.4.0

1.4.0

Author: abantecart

.github/workflows/test.yml

@@ -0,0 +1,62 @@
+name: Integration tests
+on:
+  push:
+  pull_request:
+
+jobs:
+  integration:
+    permissions:
+      contents: read   #   to clone the repos and get release assets (shivammathur/setup-php)
+    name: Integration tests
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        php: [ '8.1', '8.2', '8.3' ]
+        db:
+          - ver: mysql
+            release: '5.7'
+          - ver: mysql
+            release: latest
+          - ver: mariadb
+            release: '10.5.25'
+          - ver: mariadb
+            release: latest
+      fail-fast: false
+
+    steps:
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+          extensions: mbstring, gd, soap, zip, iconv, pdo_mysql
+          tools: phpunit
+
+      - name: Setup MariaDB
+        if: ${{ matrix.db.ver == 'mariadb' }}
+        uses: getong/mariadb-action@v1.1
+        with:
+          mariadb version: ${{ matrix.db.release }}
+          mysql database: 'abantecart_test_build'
+          mysql user: 'abantecart'
+          mysql password: 'cartsarecool'
+
+      - name: Setup MySQL
+        if: ${{ matrix.db.ver == 'mysql' }}
+        uses: mirromutth/mysql-action@v1.1
+        with:
+          mysql version: ${{ matrix.db.release }}
+          mysql database: 'abantecart_test_build'
+          mysql user: 'abantecart'
+          mysql password: 'cartsarecool'
+
+      - uses: actions/checkout@v4
+
+      - name: Add a pause to be sure that ${{ matrix.db.ver}} is running
+        run: to=15; until mysql -h 127.0.0.1 -u abantecart -pcartsarecool -e 'select 1' abantecart_test_build || [ $to -eq 0 ]; do sleep 1; echo not there yet - remaining $to; to=$(( to - 1 )); done; echo "ready"
+
+      - name: Initialize ${{ matrix.db.ver }} Database
+        id: db-init
+        run: php ./public_html/install/cli_install.php install --db_host=127.0.0.1 --db_user=abantecart --db_password=cartsarecool --db_name=abantecart_test_build  --db_driver=amysqli  --db_prefix=abc_ --admin_path=admin  --username=admin  --password=admin  --email=dsuprunenko@abantecart.com  --http_server=https://abantecart.nowhere/public_html --with-sample-data=public_html/install/abantecart_sample_data.sql --template=novator
+
+      - name: Run phpunit for ${{ matrix.db.ver }}
+        run: phpunit -c tests/phpunit/phpunit_mysql.xml

.travis.yml

@@ -6,9 +6,9 @@
 # Example:  yourdomain.com/store   use RewriteBase /store/ 
 # Important to have / at the end of the line.
 
-# 4. if htaccess and mode_rewrite still does not works - check and set apache2 webserver directive AllowOverride All for your virtual hosts
+# 4. if htaccess and mode_rewrite still does not work - check and set apache2 webserver directive AllowOverride All for your virtual hosts
 
-# For any support issues please visit: http://forum.abantecart.com
+# For any support issues please visit: https://forum.abantecart.com
 
 Options +FollowSymlinks
 
@@ -28,10 +28,10 @@ RewriteEngine on
 # To emulate Retina mode on your NON-Retina display, add HTTP_IS_RETINA cookie in your browser
 RewriteCond %{HTTP_COOKIE} HTTP_IS_RETINA [NC]
 RewriteCond %{REQUEST_FILENAME} !@2x
-RewriteRule ^(.*)\.(gif|jpg|jpeg|png|webp)$ $1@2x.$2
+RewriteRule ^(.*)\.(gif|jpg|jpeg|png|webp|avif)$ $1@2x.$2
 # if @2x isn't available fulfill the original request
 RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^(.*)@2x\.(gif|jpg|jpeg|png|webp)$ $1.$2
+RewriteRule ^(.*)@2x\.(gif|jpg|jpeg|png|webp|avif)$ $1.$2
 
 # SEO URL Settings
 RewriteBase /
@@ -85,6 +85,7 @@ RewriteRule ^(.*)\?*$ index.php?_route_=$1 [L,QSA]
   ExpiresByType image/gif "access 1 year"
   ExpiresByType image/png "access 1 year"
   ExpiresByType image/webp "access 1 year"
+  ExpiresByType image/avif "access 1 year"
   ExpiresByType text/css "access 1 month"
   ExpiresByType text/html "access 1 month"
   ExpiresByType application/pdf "access 1 month"
@@ -95,7 +96,7 @@ RewriteRule ^(.*)\?*$ index.php?_route_=$1 [L,QSA]
 </IfModule>
 <IfModule mod_headers.c>
   Header set Connection keep-alive
-  <filesmatch "\.(ico|flv|jpg|jpeg|png|gif|css|swf|webp)$">
+  <filesmatch "\.(ico|flv|jpg|jpeg|png|gif|css|swf|webp|avif)$">
   Header set Cache-Control "max-age=2678400, public"
   </filesmatch>
   <filesmatch "\.(html|htm)$">

public_html/.htaccess.txt

@@ -50,29 +50,31 @@ public function main()
         //init controller data
         $this->extensions->hk_InitData($this, __FUNCTION__);
 
-        $url = "/index.php?option=com_antresponses&format=raw";
-        $url .= "&store_id=".UNIQUE_ID;
-        $url .= "&store_ip=".$_SERVER ['SERVER_ADDR'];
-        $url .= "&store_url=".HTTP_SERVER;
-        $url .= "&software_name=AbanteCart";
-        $url .= "&store_version=".VERSION;
-        $url .= "&language_code=".$this->request->cookie ['language'];
-        //check if user login first time 
+        $httpQuery['option'] = 'com_antresponses';
+        $httpQuery['format'] = 'raw';
+        $httpQuery['software_name'] = 'AbanteCart';
+        $httpQuery['store_id'] = UNIQUE_ID;
+        $httpQuery['store_ip'] = $_SERVER ['SERVER_ADDR'];
+        $httpQuery['store_url'] = HTTP_SERVER;
+        $httpQuery['store_version'] = VERSION;
+        $httpQuery['language_code'] = $this->request->cookie ['language'];
+
+        //check if user login first time
         if (!$this->user->getLastLogin()) {
-            $url .= "&new_cart=1";
+            $httpQuery['new_cart'] = 1;
         }
 
         //send extension info
         $extensions_list = $this->extensions->getExtensionsList();
         if ($extensions_list) {
             foreach ($extensions_list->rows as $ext) {
-                $url .= "&extension[]=".$ext ['key']."~".$ext ['version'];
+                $httpQuery['extension'][] = $ext ['key'] . "~" . $ext ['version'];
             }
         }
 
         //do connect without any http-redirects
         $connect = new AConnect (true);
-        $result = $connect->getResponseSecure($url);
+        $result = $connect->getResponseSecure("/index.php?".http_build_query($httpQuery));
         $this->session->data ['ant_messages'] = []; // prevent requests in future at this session
         // insert new messages in database
         if ($result && is_array($result)) {

public_html/admin/controller/common/ant.php

@@ -1,32 +1,29 @@
 <?php
-/** @noinspection PhpUndefinedClassInspection */
+/*
+ *   $Id$
+ *
+ *   AbanteCart, Ideal OpenSource Ecommerce Solution
+ *   http://www.AbanteCart.com
+ *
+ *   Copyright © 2011-2024 Belavier Commerce LLC
+ *
+ *   This source file is subject to Open Software License (OSL 3.0)
+ *   License details is bundled with this package in the file LICENSE.txt.
+ *   It is also available at this URL:
+ *   <http://www.opensource.org/licenses/OSL-3.0>
+ *
+ *  UPGRADE NOTE:
+ *    Do not edit or add to this file if you wish to upgrade AbanteCart to newer
+ *    versions in the future. If you wish to customize AbanteCart for your
+ *    needs please refer to http://www.AbanteCart.com for more information.
+ */
 
-/*------------------------------------------------------------------------------
-  $Id$
-
-  AbanteCart, Ideal OpenSource Ecommerce Solution
-  http://www.AbanteCart.com
-
-  Copyright © 2011-2021 Belavier Commerce LLC
-
-  This source file is subject to Open Software License (OSL 3.0)
-  License details is bundled with this package in the file LICENSE.txt.
-  It is also available at this URL:
-  <http://www.opensource.org/licenses/OSL-3.0>
-
- UPGRADE NOTE:
-   Do not edit or add to this file if you wish to upgrade AbanteCart to newer
-   versions in the future. If you wish to customize AbanteCart for your
-   needs please refer to http://www.AbanteCart.com for more information.
-------------------------------------------------------------------------------*/
 if (!defined('DIR_CORE') || !IS_ADMIN) {
     header('Location: static_pages/');
 }
 
 class  ControllerCommonHead extends AController
 {
-    public $data = [];
-
     public function main()
     {
         //use to init controller data
@@ -74,6 +71,14 @@ public function main()
         if (HTTPS === true) {
             $this->data['ssl'] = 1;
         }
+        /** @var ModelToolMPAPI $mdl */
+        $mdl = $this->loadModel('tool/mp_api');
+        $return_url = base64_encode($this->html->getSecureURL('tool/extensions_store/connect'));
+        $mp_params = '?rt=account/authenticate&return_url='.$return_url;
+        $mp_params .= '&store_id='.UNIQUE_ID;
+        $mp_params .= '&store_url='.HTTP_SERVER;
+        $mp_params .= '&store_version='.VERSION;
+        $this->data['amp_connect_url'] = $mdl->getMPURL().$mp_params;
 
         $this->view->batchAssign($this->data);
         $this->processTemplate('common/head.tpl');

public_html/admin/controller/common/head.php

@@ -26,6 +26,11 @@ class ControllerCommonPageLayout extends AController
 
     private $installed_blocks = [];
 
+    /**
+     * @param ALayoutManager $layout
+     * @void
+     * @throws AException
+     */
     public function main($layout)
     {
 
@@ -141,7 +146,7 @@ private function _buildBlocks($section_id, $section_blocks)
                 'validate_url'          => $this->html->getSecureURL(
                     'design/blocks_manager/validate_block',
                     '&block_id='.$block['block_id']
-                ),
+                )
                 ]
             );
 

public_html/admin/controller/common/page_layout.php

@@ -1,22 +1,22 @@
 <?php
-/*------------------------------------------------------------------------------
-  $Id$
-
-  AbanteCart, Ideal OpenSource Ecommerce Solution
-  http://www.AbanteCart.com
-
-  Copyright © 2011-2022 Belavier Commerce LLC
-
-  This source file is subject to Open Software License (OSL 3.0)
-  License details is bundled with this package in the file LICENSE.txt.
-  It is also available at this URL:
-  <http://www.opensource.org/licenses/OSL-3.0>
-
- UPGRADE NOTE:
-   Do not edit or add to this file if you wish to upgrade AbanteCart to newer
-   versions in the future. If you wish to customize AbanteCart for your
-   needs please refer to http://www.AbanteCart.com for more information.
-------------------------------------------------------------------------------*/
+/*
+ * $Id$
+ *
+ * AbanteCart, Ideal OpenSource Ecommerce Solution
+ * http://www.AbanteCart.com
+ *
+ * Copyright © 2011-2024 Belavier Commerce LLC
+ *
+ * This source file is subject to Open Software License (OSL 3.0)
+ * License details is bundled with this package in the file LICENSE.txt.
+ * It is also available at this URL:
+ * <http://www.opensource.org/licenses/OSL-3.0>
+ *
+ * UPGRADE NOTE:
+ * Do not edit or add to this file if you wish to upgrade AbanteCart to newer
+ * versions in the future. If you wish to customize AbanteCart for your
+ * needs please refer to http://www.AbanteCart.com for more information.
+ */
 
 class ControllerPagesCatalogAttribute extends AController
 {
@@ -193,9 +193,9 @@ public function update()
 
     protected function _getForm()
     {
-
         $this->data = $attribute_type_info = [];
-        $this->data['error'] = $this->error;
+        $this->data['error_warning'] = implode("\n", $this->error);
+
         $this->data['cancel'] = $this->html->getSecureURL('catalog/attribute');
         $this->data['get_attribute_type'] = $this->html->getSecureURL('r/catalog/attribute/get_attribute_type');
 
@@ -297,13 +297,6 @@ protected function _getForm()
 
         $this->_initTabs($attribute_type_id);
 
-        //NOTE: Future implementation ???????????
-        /*$attribute_groups = array( '' => $this->language->get('text_select'));
-        $results = $this->attribute_manager->getAttributeGroups(array('language_id' => $this->session->data['content_language_id']));
-        foreach ($results as $type) {
-            $attribute_groups[$type['attribute_group_id']] = $type['name'];
-        }*/
-
         if (!$attribute_id) {
             $this->data['action'] = $this->html->getSecureURL('catalog/attribute/insert', '&attribute_type_id=' . $attribute_type_id);
             $this->data['heading_title'] = $this->language->get('text_insert') . $this->language->get('text_attribute');
@@ -380,13 +373,6 @@ protected function _getForm()
                 'options' => $parent_attributes,
             ]);
         }
-        //NOTE: Future implementation ????
-        /*$this->data['form']['fields']['attribute_group'] = $form->getFieldHtml(array(
-            'type' => 'selectbox',
-            'name' => 'attribute_group_id',
-            'value' => $this->data['attribute_group_id'],
-            'options' => $attribute_groups,
-        ));*/
 
         if ($this->data['attribute_types'][$attribute_type_id]['controller']) {
             $subform = $this->dispatch($this->data['attribute_types'][$attribute_type_id]['controller'],
@@ -407,12 +393,10 @@ protected function _getForm()
         $this->data['text_parent_note'] = $this->language->get('text_parent_note');
         $this->data['help_url'] = $this->gen_help_url('global_attributes_edit');
 
-        $saved_list_data = json_decode(html_entity_decode($this->request->cookie['grid_params']));
-        if ($saved_list_data->table_id == 'attribute_grid') {
-            $this->data['list_url'] = $this->html->getSecureURL('catalog/attribute', '&saved_list=attribute_grid');
-        }
+        $this->data['list_url'] = $this->html->getSecureURL('catalog/attribute', '&saved_list=attribute_grid');
 
         $this->view->batchAssign($this->data);
+        /** @see public_html/admin/view/default/template/pages/catalog/attribute_form.tpl */
         $this->processTemplate('pages/catalog/attribute_form.tpl');
     }
 
@@ -437,8 +421,6 @@ public function validateAttributeForm()
         }
 
         if (has_value($this->request->post['regexp_pattern'])) {
-            //value encoded because of xss (see ARequest::clean() for details)
-            $this->request->post['regexp_pattern'] = base64_decode($this->request->post['regexp_pattern']);
             $this->request->post['regexp_pattern'] = trim($this->request->post['regexp_pattern']);
         }
         if (has_value($this->request->post['placeholder'])) {
@@ -447,7 +429,11 @@ public function validateAttributeForm()
 
         $this->error = array_merge(
             $this->error,
-            $this->attribute_manager->validateAttributeCommonData($this->request->post)
+            $this->attribute_manager->validateAttributeCommonData($this->request->post),
+            $this->attribute_manager->validateAttributeValues(
+                (int)$this->request->get_or_post('attribute_id'),
+                (array)$this->request->post['values']
+            )
         );
 
         //update controller data