Refactor logging configuration and update handlers

Author: walmir-silva

config/logging.php

@@ -5,6 +5,7 @@
 
 return [
     'default' => Config::env('LOG_CHANNEL', 'file'),
+    'timezone' => Config::env('LOG_TIMEZONE', 'UTC'),
     'channels' => [
         'file' => [
             'minLevel' => Config::env('LOG_LEVEL', 'debug'),

src/Handler/AbstractHandler.php

@@ -9,16 +9,15 @@
 use KaririCode\Contract\Logging\LogHandler;
 use KaririCode\Contract\Logging\LogLevel as LoggingLogLevel;
 use KaririCode\Contract\Logging\Structural\HandlerAware;
-use KaririCode\Logging\Formatter\LineFormatter;
 use KaririCode\Logging\LogLevel;
 
 abstract class AbstractHandler implements LogHandler, HandlerAware
 {
     protected array $handlers = [];
+    protected LogFormatter $formatter;
 
     public function __construct(
         protected LoggingLogLevel $minLevel = LogLevel::DEBUG,
-        protected LogFormatter $formatter = new LineFormatter()
     ) {
     }
 

src/Handler/ConsoleHandler.php

@@ -23,6 +23,7 @@ public function __construct(
     ) {
         parent::__construct($minLevel, $formatter);
         $this->output = fopen('php://stdout', 'w');
+        $this->setFormatter($formatter);
         $this->colorFormatter = new ConsoleColorFormatter();
     }
 

src/Util/ConfigLoader/EnvLoader.php

@@ -21,7 +21,8 @@ public function load(): void
                 continue;
             }
             [$name, $value] = $this->parseEnvLine($line);
-            putenv(sprintf('%s=%s', $name, $value));
+            $sanitizedValue = $this->sanitizeValue($value);
+            putenv(sprintf('%s=%s', $name, $sanitizedValue));
         }
     }
 
@@ -50,4 +51,21 @@ private function parseEnvLine(string $line): array
 
         return [trim($name), trim($value)];
     }
+
+    private function sanitizeValue(string $value): string
+    {
+        // Remove any potentially harmful characters
+        $value = preg_replace('/[^a-zA-Z0-9_\-\.,@\/\\\\:;]/', '', $value);
+
+        // Ensure the value doesn't start with a dash (which could be interpreted as a command line option)
+        $value = ltrim($value, '-');
+
+        // Limit the length of the value to prevent buffer overflow attacks
+        $maxLength = 1000; // Adjust this value based on your requirements
+        if (strlen($value) > $maxLength) {
+            $value = substr($value, 0, $maxLength);
+        }
+
+        return $value;
+    }
 }

tests/Logger/test_config.php

@@ -1 +1 @@
-<?php return ['key' => 'value'];
+<?php return ['key' => 'value'];

tests/application.php

@@ -27,9 +27,9 @@
 
 $serviceProvider->register();
 
-// $defaultLogger = $loggerRegistry->getLogger('console');
+$defaultLogger = $loggerRegistry->getLogger('console');
 
-// $defaultLogger->debug('User email is john.doe@example.com');
+$defaultLogger->debug('User email is john.doe@example.com');
 // $defaultLogger->info('User IP is 192.168.1.1');
 // $defaultLogger->notice('User credit card number is 1234-5678-1234-5678', ['context' => 'credit card']);
 // $defaultLogger->warning('User phone number is (11) 91234-7890', ['context' => 'phone']);
@@ -60,5 +60,5 @@
 // $errorLogger = $loggerRegistry->getLogger('error');
 // $errorLogger->error('This is a critical error.', ['context' => 'Testing error logger']);
 
-$slackLogger = $loggerRegistry->getLogger('slack');
-$slackLogger->critical('Este é um teste de mensagem crítica enviada para o Slack');
+// $slackLogger = $loggerRegistry->getLogger('slack');
+// $slackLogger->critical('Este é um teste de mensagem crítica enviada para o Slack');