# CLAUDE.md ## Project Overview Crop Management Platform (CMS -> PHP migration) - Purpose: Centralize records for irrigation, weather, and soil moisture; supports real-time monitoring for Australian conditions. - Current stack: PHP 8.4, MySQL; originally built on modX CMS (template tags and resource IDs present). - Repository root: `f:\GIT_REPO\crop_monitor` ## Identified Modules & Paths - Front controllers: `index.php`, `post.php`, `newClientDetails.php` - API: `api/api.php`, `api/Rest.inc.php`, `api/updateweatherstation.php` - Dashboard UI: `dashboard/*.php`, in particular `dashboard/crop-analysis/*` for soil analysis reports - Login management: `login/*.php` - Static assets: `client-assets/`, `books/`, `uploads/`, etc. ## Database Schema Available - **Schema File**: `cropmonitor.sql` added to root folder - **Key Tables Identified**: - `soil_records`: Main soil analysis data with all nutrient values, base saturations, and specifications - `client_records`: Client information with weather station API keys - `soil_specifications`: Soil type specifications for different crops - `animal_records`: Animal feed analysis data - `plant_records`: Plant tissue analysis data - `fertiliser_specifications`: Fertilizer composition data ## Database Validation - **Soil Records Fields**: All fields used in `lib/soil_calculations.php` confirmed present (BS_ca_ppm, ca_ppm_min/max, etc.) - **Data Types**: Most nutrient values stored as VARCHAR(10), need to handle numeric conversion in PHP - **Primary Keys**: All tables have proper primary key indexes - **Relationships**: `modx_user_id` field links records to users (legacy modX integration) ## modX remnants to refactor - Template markers like `[[*longtitle]]`, `[[++site_name]]`, `[[!++site_url]]` need replacement with PHP-based logic. - Resource URL helpers such as `[[~41~]]` from modX should resolve to real PHP route URLs in migrated implementation. - Includes like `[[!Profile]]` are modX snippets; replace with traditional include/require and controller logic. ## Immediate Actions (High Priority) 1. Inventory all modX markers across `.php` files (grep for `\[\[.*\]\]`) and catalog them. 2. Implement configuration layer for DB credentials, environment-based. 3. Replace direct `mysqli_*` calls with PDO (prepared statements) for security and maintainability. 4. Build PHP routing (`index.php` + `GET`/`POST` handling) and template system (Twig/Blade/manual) for consistent page output. 5. Migrate each page one-by-one preserving functionality: login, dashboard, soil analysis, reports. ## File-specific findings (example in `dashboard/crop-analysis/soil-analysis-pdf.php`) - Uses `$_GET` keys `cid`, `rid`, `rand`, `stid` and query, but no sanitization. - Performs `SELECT * FROM soil_records WHERE id = '$record_id' AND rand = '$rand_id'`. - Uses a modX resource reference mechanism for flow buttons; in pure PHP, build URLs manually. - Styles and assets loaded via `` tags; safe to reuse. ## Migration strategy recommendations - Step 1: Set up a global config `config.php` with database credentials and site constants. - Step 2: Create `lib/db.php` for database operations (PDO). Add `catch` error logging. - Step 3: Add `lib/helper.php` for URL generation, escaping, and date formatting. - Step 4: Create test data and verify with `phpunit` (?) if tests added later. ## Next file audits planned - `dashboard/crop-analysis/soil-analysis.php` - `dashboard/crop-analysis/soil-report.php`, `soil-report-pdf.php` - `login/login.php`, `login/register.php`, `login/change-password.php` - `api/api.php` and REST API endpoints ## Recent Progress (2026-03-27) ### ✅ Completed Components - **Layout System**: Created reusable `layouts/header.php`, `layouts/footer.php`, `layouts/navbar.php`, `layouts/sidebar.php` - **Client Details Form**: Converted `[[!clientDetailsFORM]]` → `components/clientDetailsForm.php` (PDO + validation) - **New Client Modal**: Converted `[[!newClientDetails]]` → `components/newClientModal.php` + `controllers/newClientSubmit.php` (AJAX + validation) - **Soil Analysis Form**: Created `components/soilAnalysisForm.php` with comprehensive field validation - **Secure Controller**: Converted `[[!soilformSubmit]]` → `controllers/soilTestSubmit.php` (PDO + CSRF + auth) - **Database Config**: `config/database.php` with PDO connection - **Security Libraries**: `lib/auth.php`, `lib/csrf.php`, `lib/validation.php` - **Navigation System**: Converted `[[!Personalize?]]` and `[[Wayfinder?]]` → `components/navigation.php` (authentication-based navigation)- **Soil Calculations**: Created `lib/soil_calculations.php` with `soilAnalysisReportCalcs()` and `soilProgramCalcs()` functions - **Page Migration**: `soil-test-data.php` now uses include-based layout system - **Soil Analysis Migration**: `soil-analysis.php` migrated from modX to secure PHP with PDO, Bootstrap 5, and calculation functions ### 🔧 Security Improvements Made - Replaced mysqli with PDO prepared statements - Added CSRF token protection - Input validation and sanitization - Session-based authentication checks - Proper error handling and logging - Removed SQL injection vulnerabilities ### 📋 Remaining Tasks 1. Migrate `soil-analysis.php` (data display page) - **COMPLETED** 2. Update `soil-analysis-pdf.php` to use secure queries 3. Convert remaining modX placeholders across all files 4. Add proper user authentication system 5. Test form submission and data flow ## Questions for you - Do you prefer retaining the current page structure (`dashboard/crop-analysis/*`) or migrating to a MVC-style folder layout? - Are we required to keep URL slugs like existing modX IDs (e.g., page 41, 66, 37) for compatibility with external links? - Do you have existing MySQL schema docs or dumps to validate field mappings? --- *Generated on 2026-03-27*