feat: P4 backend kvalita - SELECT * fix, overdue konsolidace, Validator

- SELECT * nahrazen explicitnimi sloupci ve 22 PHP souborech (69+ vyskytu) - users-handlers.php: password_hash explicitne vyloucen z dotazu - Overdue detekce presunuta do invoices.php routeru (1x pred dispatch misto 3x v handlerech) - Validator.php: validacni helper s pravidly required, string, int, email, in, numeric - PaginationHelper: PHPStan typy opraveny Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 18:42:42 +01:00
parent df506dfea4
commit 758be819c3
25 changed files with 513 additions and 102 deletions
--- a/api/admin/handlers/trips-handlers.php
+++ b/api/admin/handlers/trips-handlers.php
@@ -37,7 +37,10 @@ function handleGetCurrent(PDO $pdo, int $userId): void
    $endDate = date('Y-m-t', strtotime($startDate));

    $sql = "
-        SELECT t.*, v.spz, v.name as vehicle_name, v.brand, v.model,
+        SELECT t.id, t.vehicle_id, t.user_id, t.trip_date, t.start_km,
+               t.end_km, t.distance, t.route_from, t.route_to,
+               t.is_business, t.notes, t.created_at,
+               v.spz, v.name as vehicle_name, v.brand, v.model,
               CONCAT(u.first_name, ' ', u.last_name) as driver_name
        FROM trips t
        JOIN vehicles v ON t.vehicle_id = v.id
@@ -101,7 +104,10 @@ function handleGetHistory(PDO $pdo, int $userId): void
    $endDate = date('Y-m-t', strtotime($startDate));

    $sql = "
-        SELECT t.*, v.spz, v.name as vehicle_name, v.brand, v.model,
+        SELECT t.id, t.vehicle_id, t.user_id, t.trip_date, t.start_km,
+               t.end_km, t.distance, t.route_from, t.route_to,
+               t.is_business, t.notes, t.created_at,
+               v.spz, v.name as vehicle_name, v.brand, v.model,
               CONCAT(u.first_name, ' ', u.last_name) as driver_name
        FROM trips t
        JOIN vehicles v ON t.vehicle_id = v.id
@@ -173,7 +179,10 @@ function handleGetAdmin(PDO $pdo): void
    }

    $sql = "
-        SELECT t.*, v.spz, v.name as vehicle_name,
+        SELECT t.id, t.vehicle_id, t.user_id, t.trip_date, t.start_km,
+               t.end_km, t.distance, t.route_from, t.route_to,
+               t.is_business, t.notes, t.created_at,
+               v.spz, v.name as vehicle_name,
               CONCAT(u.first_name, ' ', u.last_name) as driver_name
        FROM trips t
        JOIN vehicles v ON t.vehicle_id = v.id
@@ -239,7 +248,10 @@ function handleGetAdmin(PDO $pdo): void
 function handleGetVehicles(PDO $pdo): void
 {
    $stmt = $pdo->query('
-        SELECT v.*, COUNT(t.id) as trip_count,
+        SELECT v.id, v.spz, v.name, v.brand, v.model,
+               v.initial_km, v.actual_km, v.is_active,
+               v.created_at, v.updated_at,
+               COUNT(t.id) as trip_count,
               COALESCE(MAX(t.end_km), v.initial_km) as current_km
        FROM vehicles v
        LEFT JOIN trips t ON t.vehicle_id = v.id
@@ -415,7 +427,11 @@ function handleVehicle(PDO $pdo): void
 */
 function handleUpdateTrip(PDO $pdo, int $id, int $userId, array $authData): void
 {
-    $stmt = $pdo->prepare('SELECT * FROM trips WHERE id = ?');
+    $stmt = $pdo->prepare(
+        'SELECT id, vehicle_id, user_id, trip_date, start_km, end_km,
+                route_from, route_to, is_business, notes
+        FROM trips WHERE id = ?'
+    );
    $stmt->execute([$id]);
    $trip = $stmt->fetch();

@@ -467,7 +483,11 @@ function handleUpdateTrip(PDO $pdo, int $id, int $userId, array $authData): void
 */
 function handleDeleteTrip(PDO $pdo, int $id, int $userId, array $authData): void
 {
-    $stmt = $pdo->prepare('SELECT * FROM trips WHERE id = ?');
+    $stmt = $pdo->prepare(
+        'SELECT id, vehicle_id, user_id, trip_date, start_km, end_km,
+                route_from, route_to, is_business, notes
+        FROM trips WHERE id = ?'
+    );
    $stmt->execute([$id]);
    $trip = $stmt->fetch();

@@ -497,7 +517,9 @@ function handleDeleteVehicle(PDO $pdo, int $id): void
        errorResponse('ID je povinné');
    }

-    $stmt = $pdo->prepare('SELECT * FROM vehicles WHERE id = ?');
+    $stmt = $pdo->prepare(
+        'SELECT id, spz, name, brand, model, is_active FROM vehicles WHERE id = ?'
+    );
    $stmt->execute([$id]);
    $vehicle = $stmt->fetch();

@@ -573,7 +595,10 @@ function handleGetPrint(PDO $pdo): void
    }

    $sql = "
-        SELECT t.*, v.spz, v.name as vehicle_name, v.brand, v.model,
+        SELECT t.id, t.vehicle_id, t.user_id, t.trip_date, t.start_km,
+               t.end_km, t.distance, t.route_from, t.route_to,
+               t.is_business, t.notes, t.created_at,
+               v.spz, v.name as vehicle_name, v.brand, v.model,
               CONCAT(u.first_name, ' ', u.last_name) as driver_name
        FROM trips t
        JOIN vehicles v ON t.vehicle_id = v.id