This patch introduces a dependency injection container for the PHP bug
tracker application. Container deals with the creation of all service
classes and additionally provides retrieving of configuration parameters.
Service classes are used everywhere in the app - from accessing database
to uploading files. Configuration parameters include infrastructure
configuration (database credentials...) and application level
configuration (directories locations...).
Container is compatible with the PSR-11 container interface defined
so it is simple to quickly understand its usage. Advanced features
such as autowiring are not included in this phase.
Some considerations were raised on the mailing list that this PHP
application doesn't need a PDO wrapper at all.
Changes:
- ::fetchRow() method removed in favor of the vanilla PDOStatement::fetch()
- ::fetchAll() override removed in favor of the vanilla
PDOStatement::fetchAll()
- ::fetchCol() removed since it is not used and is only a wrapper for
the PDOStatement::fetchColumn()
- PDO fetch_style synced accross the app. When no fetch style is passed
the default PDO::FETCH_ASSOC is used as set when connecting to db.
- Remove Database::escape() method
The custom ::escape() method is a wrapper around PDO::quote() which
additionally trims leading and trailing quotes from the string. All
this should ideally be done via prepared statements only, except where
we can and need to use PDO::quote() this step can be done on the given
string or variable at hand directly.
- Remove escapeSQL() function
The escapeSQL function is a wrapper around the PDO::quote() and is
using $dbh from the global scope which is not testable nor good practice
further on. Removed and refactored into only PDO::quote() usages on
required places.
- Remove ::fetchOne() method
The fetchOne() method is a simple wrapper around the PDOStatement::fetch()
method with very minor tweaks so the usage can be simplified even more.
The PDOStatement::fetch(\PDO::FETCH_NUM)[0] will always return either a
result from the database column or when row is empty a null.
- Probably this should be refactored to the database tables respected
repositories further on.
- Remove PDO wrapper
The app's current goal is to lean on a vanilla PDO wrapper only.
Current set of features also don't require additional functionality
and extending PDO to a wrapper or create a database abstraction layer
yet.
Changes:
- get_pseudo_packages() function is moved to its own repository class.
- Database::queryAll() removed since it is not used and the method
arguments don't match the number of used arguments anymore
- Project types configuration is moved to repository class for now.
- Some unused items removed
- Some template changes and show_project_options() helper function
integrated in the view layer directly since it is used in a simplified
way.
Since site is using PHP 5.4+ already, the longer `array()` syntax can be
refactored to shorter `[]`. Also code is already using short array
syntax on some places.
- Added support to private report
(When setting the package name to 'Security related', it will turns automatically a private report)
private report: Only the original reporter and people behind security@php will can see/edit/comment it.
When the report is ok to be public, anyone from security@php can turn it public.
# Initial commit... :P
