feat: P4 backend kvalita - SELECT * fix, overdue konsolidace, Validator

- SELECT * nahrazen explicitnimi sloupci ve 22 PHP souborech (69+ vyskytu) - users-handlers.php: password_hash explicitne vyloucen z dotazu - Overdue detekce presunuta do invoices.php routeru (1x pred dispatch misto 3x v handlerech) - Validator.php: validacni helper s pravidly required, string, int, email, in, numeric - PaginationHelper: PHPStan typy opraveny Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-12 18:42:42 +01:00
parent df506dfea4
commit 758be819c3
25 changed files with 513 additions and 102 deletions
--- a/api/includes/JWTAuth.php
+++ b/api/includes/JWTAuth.php
@@ -245,8 +245,11 @@ class JWTAuth

            // First check if token exists (regardless of expiry)
            $stmt = $pdo->prepare('
-                SELECT rt.*, u.id as user_id, u.username, u.email, u.first_name, u.last_name,
-                       u.is_active, r.name as role_name, r.display_name as role_display_name
+                SELECT rt.id, rt.user_id, rt.token_hash, rt.expires_at,
+                       rt.replaced_at, rt.remember_me,
+                       u.id as user_id, u.username, u.email,
+                       u.first_name, u.last_name, u.is_active,
+                       r.name as role_name, r.display_name as role_display_name
                FROM refresh_tokens rt
                JOIN users u ON rt.user_id = u.id
                LEFT JOIN roles r ON u.role_id = r.id