From f827f304e6b395f3b0ba17b26a9026a9a3cfdf6c Mon Sep 17 00:00:00 2001
From: Pinga <help@namingo.org>
Date: Tue, 12 Aug 2025 09:54:16 +0300
Subject: [PATCH] PostgreSQL improvements

---
 cp/app/Controllers/DapiController.php | 26 +++++++++++++++++----
 cp/app/Middleware/AuditMiddleware.php | 33 +++++++++++++++++++++++----
 2 files changed, 51 insertions(+), 8 deletions(-)

diff --git a/cp/app/Controllers/DapiController.php b/cp/app/Controllers/DapiController.php
index cafe752..2b6e69d 100644
--- a/cp/app/Controllers/DapiController.php
+++ b/cp/app/Controllers/DapiController.php
@@ -169,7 +169,7 @@ class DapiController extends Controller
             $sqlWhere
             GROUP BY d.id
             ORDER BY $sortField $sortDir
-            LIMIT $offset, $size
+            " . $this->limitClause($offset, $size) . "
         ";
 
         $records = $db->select($dataSql, $bindParams);
@@ -375,7 +375,7 @@ class DapiController extends Controller
             $sqlWhere
             GROUP BY d.id
             ORDER BY $sortField $sortDir
-            LIMIT $offset, $size
+            " . $this->limitClause($offset, $size) . "
         ";
 
         $records = $db->select($dataSql, $bindParams);
@@ -564,7 +564,7 @@ class DapiController extends Controller
             $sqlBase
             $sqlWhere
             ORDER BY $sortField $sortDir
-            LIMIT $offset, $size
+            " . $this->limitClause($offset, $size) . "
         ";
 
         $records = $db->select($dataSql, $bindParams);
@@ -736,7 +736,7 @@ class DapiController extends Controller
             $sqlBase
             $sqlWhere
             ORDER BY $sortField $sortDir
-            LIMIT $offset, $size
+            " . $this->limitClause($offset, $size) . "
         ";
 
         $records = $db->select($dataSql, $bindParams);
@@ -781,4 +781,22 @@ class DapiController extends Controller
         return $response->withHeader('Content-Type', 'application/json');
     }
 
+    private function limitClause(int $offset, int $size): string
+    {
+        // harden numbers
+        $offset = max(0, (int)$offset);
+        $size   = max(1, (int)$size);
+
+        switch (envi('DB_DRIVER')) {
+            case 'mysql':
+                // MySQL/MariaDB
+                return "LIMIT {$offset}, {$size}";
+            case 'pgsql':
+            case 'sqlite':
+            default:
+                // PostgreSQL & SQLite
+                return "LIMIT {$size} OFFSET {$offset}";
+        }
+    }
+
 }
\ No newline at end of file
diff --git a/cp/app/Middleware/AuditMiddleware.php b/cp/app/Middleware/AuditMiddleware.php
index dd434bd..70a1e61 100644
--- a/cp/app/Middleware/AuditMiddleware.php
+++ b/cp/app/Middleware/AuditMiddleware.php
@@ -1,4 +1,15 @@
 <?php
+/**
+ * Argora Foundry
+ *
+ * A modular PHP boilerplate for building SaaS applications, admin panels, and control systems.
+ *
+ * @package    App
+ * @author     Taras Kondratyuk <help@argora.org>
+ * @copyright  Copyright (c) 2025 Argora
+ * @license    MIT License
+ * @link       https://github.com/getargora/foundry
+ */
 
 namespace App\Middleware;
 
@@ -12,11 +23,25 @@ class AuditMiddleware extends Middleware
     public function __invoke(Request $request, RequestHandler $handler)
     {
         if (isset($_SESSION['auth_user_id'])) {
-            $userId = (int)$_SESSION['auth_user_id'];
-            $this->container->get('db')->exec("SET @audit_usr_id = $userId");
-            $this->container->get('db')->exec("SET @audit_ses_id = " . crc32(\Pinga\Session\Session::id()));
+            $userId = (int) $_SESSION['auth_user_id'];
+            $sessionId = crc32(\Pinga\Session\Session::id());
+            $db = $this->container->get('db');
+
+            switch (envi('DB_DRIVER')) {
+                case 'mysql':
+                    $db->exec("SET @audit_usr_id = {$userId}");
+                    $db->exec("SET @audit_ses_id = {$sessionId}");
+                    break;
+
+                case 'pgsql':
+                    // Use dotted custom GUC names; SELECT set_config(...) works everywhere
+                    $db->exec("SELECT set_config('app.audit_usr_id', '{$userId}', true)");
+                    $db->exec("SELECT set_config('app.audit_ses_id', '{$sessionId}', true)");
+                    break;
+            }
         }
+
         return $handler->handle($request);
     }
 
-}
+}
\ No newline at end of file