Job application tests PHP

[AlbertXerta]

I've added some comments on the controller functions to explain decissions, but here's a resume:

• Retrieve posts on Test1 page from jsonplaceholder. Added a simple placeholder image just for coherency. Used Yii2 http client instead of a simpler method like file_get_contents just for the practice.
• Add a simple validation for missing posts (during a brief time, jsonplaceholder was down and I was unable to retrieve any posts, this validation prevents the list page from breaking in that case).
• Added a simple pagination using Yii Pagination.
• Added a new single page to actually see the single post, with a "back" button to go back to the list, linking to the current pagination page and a simple validation in case of a missing post (via a user changing the post id in the url).

[windsurf-bot]

Other comments (7)

• views/site/test1.php (41-41) Same issue with direct `$_GET` access. Use Yii's request component instead.

  						<a href="<?=Url::to(['site/post', 'postId' => $post['id'], 'page' => Yii::$app->request->get('page', 1)])?>" class="post-title"><h4><?= htmlspecialchars($post['title']) ?></h4></a>
  

• views/site/test1.php (43-43) Same issue with direct `$_GET` access. Use Yii's request component instead.

  						<a href="<?=Url::to(['site/post', 'postId' => $post['id'], 'page' => Yii::$app->request->get('page', 1)])?>" class="btn btn-primary btn-sm mb-3">See post</a>
  

• composer.json (20-21) I noticed you're using a wildcard version constraint (`*`) for the yiisoft/yii2-httpclient package. This could potentially lead to compatibility issues in the future if breaking changes are introduced in newer versions.

          "yiisoft/yii2-symfonymailer": "~2.0.3",
          "yiisoft/yii2-httpclient": "^2.0"
  

  Specifying a more precise version constraint (like ^2.0) would allow for compatible updates while preventing potentially breaking changes from major version bumps.

• controllers/SiteController.php (52-56) Similar to the issue in `actionPost()`, the error handling in `actionTest1()` could be improved. When the API request fails, you set `$data` to an empty array and then try to paginate it. This works but might not be the best user experience.

  Consider adding a flash message or some indication to the user that the data couldn't be loaded:

          if ($response->isOk) {
              $data = $response->data;
          } else {
              $data = [];
              \Yii::$app->session->setFlash('error', 'Unable to load posts. Please try again later.');
          }
  

• views/site/test1.php (41-41) Consider moving the placeholder image URL (`https://placehold.co/600x400`) to a configuration parameter or constant rather than hardcoding it in the view. This would make it easier to update across the application if needed.
• web/css/site.css (1-1) The removal of spaces in CSS selectors like `main>.container` and `.footer>.container` changes the selector meaning. The correct syntax for child selectors should include spaces: `main > .container` and `.footer > .container`.

  main > .container {
  

• web/css/site.css (11-11) Same issue with the child selector syntax here.

  .footer > .container {
  

💡 To request another review, post a new comment with "/windsurf-review".

[windsurf-bot]

The error handling in actionPost() could be improved. When the API request fails, you set $post to an empty array, but then render the view without checking if the post data is valid. This might cause errors in the view if it tries to access properties of a non-existent post.

Consider adding a check before rendering or redirecting to an error page:

Suggested change

	if ($response->isOk) {
	$post = $response->data;
	} else {
	$post = [];
	}
	if ($response->isOk) {
	$post = $response->data;
	if (empty($post)) {
	return $this->redirect(['site/test1']);
	}
	} else {
	return $this->redirect(['site/test1']);
	}

[windsurf-bot]

There's a potential security issue with directly inserting the $postId parameter into the URL string. While jsonplaceholder.typicode.com might handle this safely, it's a good practice to validate or sanitize URL parameters before using them in requests.

Suggested change

	->setUrl("https://jsonplaceholder.typicode.com/posts/{$postId}")
	->setUrl("https://jsonplaceholder.typicode.com/posts/" . intval($postId))

[windsurf-bot]

Instead of directly accessing $_GET['page'], consider using Yii's request component: Yii::$app->request->get('page', 1). This is safer and follows Yii2 best practices.

Suggested change

	<a href="<?=Url::to(['site/post', 'postId' => $post['id'], 'page' => isset($_GET['page']) ? $_GET['page'] : 1])?>" class="post-title"><h4><?= htmlspecialchars($post['title']) ?></h4></a>
	<a href="<?=Url::to(['site/post', 'postId' => $post['id'], 'page' => Yii::$app->request->get('page', 1)])?>"><?= htmlspecialchars($post['title']) ?></a>