PageRenderTime 47ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/Nooges.php

https://github.com/leftnode/nooges.com
PHP | 155 lines | 117 code | 34 blank | 4 comment | 6 complexity | e7cac502e880a5ff4078ee6639120657 MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. require_once 'ArtisanSystem/Exception.php';
    4. 

  4. 

  5. require_once 'ArtisanSystem/Controller.php';
    6. 

  6. require_once 'ArtisanSystem/Db.php';
    7. 

  7. require_once 'ArtisanSystem/Registry.php';
    8. 

  8. require_once 'ArtisanSystem/Router.php';
    9. 

  9. require_once 'ArtisanSystem/Session.php';
    10. 

  10. require_once 'ArtisanSystem/Validator.php';
    11. 

  11. require_once 'ArtisanSystem/View.php';
    12. 

  12. 

  13. require_once 'DataModeler/DataAdapterPdo.php';
    14. 

  14. require_once 'DataModeler/DataIterator.php';
    15. 

  15. require_once 'DataModeler/DataModel.php';
    16. 

  16. require_once 'DataModeler/DataObject.php';
    17. 

  17. 

  18. function __autoload($class) {
    19. 

  19. 	$class_path = str_replace('_', '.', $class) . '.php';
    20. 

  20. 	require_once DIR_LIB . $class_path;
    21. 

  21. }
    22. 

  22. 

  23. class Nooges {
    24. 

  24. 	private static $config_router = array();
    25. 

  25. 	private static $config_db = array();
    26. 

  26. 	private static $is_cli = false;
    27. 

  27. 	
    28. 

  28. 	public static function setConfigRouter(array $config) {
    29. 

  29. 		self::$config_router = $config;
    30. 

  30. 	}
    31. 

  31. 	
    32. 

  32. 	public static function setConfigDb(array $config) {
    33. 

  33. 		self::$config_db = $config;
    34. 

  34. 	}
    35. 

  35. 	
    36. 

  36. 	public static function init() {
    37. 

  37. 		$db_hostname = self::$config_db['server'];
    38. 

  38. 		$db_username = self::$config_db['username'];
    39. 

  39. 		$db_password = self::$config_db['password'];
    40. 

  40. 		$db_database = self::$config_db['database'];
    41. 

  41. 		
    42. 

  42. 		$dsn = "mysql:host={$db_hostname};port=3306;dbname={$db_database}";
    43. 

  43. 		$pdo = new PDO($dsn, $db_username, $db_password);
    44. 

  44. 

  45. 		$sql = "SET character_set_results = 'utf8',
    46. 

  46. 			character_set_client = 'utf8',
    47. 

  47. 			character_set_connection = 'utf8',
    48. 

  48. 			character_set_database = 'utf8',
    49. 

  49. 			character_set_server = 'utf8'";
    50. 

  50. 		$pdo->query($sql);
    51. 

  51. 		Artisan_Registry::push('db', $pdo);
    52. 

  52. 

  53. 		$data_adapter = new DataAdapterPdo($pdo);
    54. 

  54. 		$data_model = new DataModel($data_adapter);
    55. 

  55. 

  56. 		Artisan_Registry::push('data_adapter', $data_adapter);
    57. 

  57. 		Artisan_Registry::push('data_model', $data_model);
    58. 

  58. 		
    59. 

  59. 		self::$is_cli = ( 'cli' === php_sapi_name() ? true : false );
    60. 

  60. 

  61. 		if ( false === self::$is_cli ) {
    62. 

  62. 			/* Attempt to get the session ID from the forums */
    63. 

  63. 			$user_id = 0;
    64. 

  64. 			$smf_cookie = er(COOKIE_NAME, $_COOKIE);
    65. 

  65. 			if ( false === empty($smf_cookie) ) {
    66. 

  66. 				/* If this is set, we can get their user ID and use that to load data. */
    67. 

  67. 				$smf_cookie = unserialize($smf_cookie);
    68. 

  68. 				
    69. 

  69. 				$user_id = er(0, $smf_cookie, 0);
    70. 

  70. 			}
    71. 

  71. 			
    72. 

  72. 			session_start();
    73. 

  73. 

  74. 			$_SESSION['user_id'] = $user_id;
    75. 

  75. 

  76. 			/* Create the token for POST methods to prevent CSRF attacks. */
    77. 

  77. 			self::createToken();
    78. 

  78. 			
    79. 

  79. 			/* Validate POST requests. */
    80. 

  80. 			if ( POST == RM ) {
    81. 

  81. 				$token = er('token', $_POST);
    82. 

  82. 				if ( false === self::verifyToken($token) ) {
    83. 

  83. 					exit('POST methods are not allowed without the correct token! Token given: ' . $token);
    84. 

  84. 				}
    85. 

  85. 			}
    86. 

  86. 		}
    87. 

  87. 		
    88. 

  88. 		setlocale(LC_ALL, 'en_US.utf8');
    89. 

  89. 	}
    90. 

  90. 	
    91. 

  91. 	public static function run() {
    92. 

  92. 		$artisanRouter = new Artisan_Router(self::$config_router);
    93. 

  93. 		echo $artisanRouter->dispatch();
    94. 

  94. 	}
    95. 

  95. 	
    96. 

  96. 	public static function createToken() {
    97. 

  97. 		if ( false === exs(SESSION_TOKEN, $_SESSION) ) {
    98. 

  98. 			$token = mt_rand(1000000, mt_getrandmax());
    99. 

  99. 			$salt = crypt_create_salt();
    100. 

  100. 			$secret_token = crypt_compute_hash($token, $salt);
    101. 

  101. 			
    102. 

  102. 			$_SESSION[SESSION_TOKEN] = $token;
    103. 

  103. 			$_SESSION[SESSION_TOKEN_SECRET] = $secret_token;
    104. 

  104. 			$_SESSION[SESSION_TOKEN_SALT] = $salt;
    105. 

  105. 		}
    106. 

  106. 	}
    107. 

  107. 	
    108. 

  108. 	public static function verifyToken($token) {
    109. 

  109. 		$salt = self::getTokenSalt();
    110. 

  110. 		$secret_token = self::getSecretToken();
    111. 

  111. 		$hashed_token = crypt_compute_hash($token, $salt);
    112. 

  112. 		
    113. 

  113. 		return ( $secret_token === $hashed_token );
    114. 

  114. 	}
    115. 

  115. 	
    116. 

  116. 	public static function getConfigDb() {
    117. 

  117. 		return self::$config_db;
    118. 

  118. 	}
    119. 

  119. 	
    120. 

  120. 	public static function getConfigRouter() {
    121. 

  121. 		return self::$config_router;
    122. 

  122. 	}
    123. 

  123. 	
    124. 

  124. 	public static function getDataAdapter() {
    125. 

  125. 		return Artisan_Registry::pop('data_adapter');
    126. 

  126. 	}
    127. 

  127. 	
    128. 

  128. 	public static function getDataModel() {
    129. 

  129. 		return Artisan_Registry::pop('data_model');
    130. 

  130. 	}
    131. 

  131. 	
    132. 

  132. 	public static function getDb() {
    133. 

  133. 		return Artisan_Registry::pop('db');
    134. 

  134. 	}
    135. 

  135. 	
    136. 

  136. 	public static function getSecretToken() {
    137. 

  137. 		return $_SESSION[SESSION_TOKEN_SECRET];
    138. 

  138. 	}
    139. 

  139. 	
    140. 

  140. 	public static function getToken() {
    141. 

  141. 		return $_SESSION[SESSION_TOKEN];
    142. 

  142. 	}
    143. 

  143. 	
    144. 

  144. 	public static function getTokenSalt() {
    145. 

  145. 		return $_SESSION[SESSION_TOKEN_SALT];
    146. 

  146. 	}
    147. 

  147. 	
    148. 

  148. 	public static function getView() {
    149. 

  149. 		$view = new Artisan_View(self::$config_router['root_dir']);
    150. 

  150. 		$view->setIsRewrite(self::$config_router['rewrite'])
    151. 

  151. 			->setSiteRoot(self::$config_router['site_root'])
    152. 

  152. 			->setSiteRootSecure(self::$config_router['site_root_secure']);
    153. 

  153. 		return $view;
    154. 

  154. 	}
    155. 

  155. }
    156.