joshtronic/pickles
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

Updates.

Browse source 
git-svn-id: http://svn.cleancode.org/svn/pickles@144 4d10bc64-7434-11dc-a737-d2d0f8310089
This commit is contained in:
Josh Sherman 2009-07-29 01:16:49 +00:00
parent 71b2a7c11a
commit c471a7aa3f
11 changed files with 456 additions and 4580 deletions
Download patch file Download diff file Expand all files Collapse all files

258
classes/Controller.php
View file

@ -128,144 +128,144 @@ class Controller extends Object {
}
}
/**
* @todo Maybe the logout shouldn't be an internal thing, what if
* the user wanted to call the logout page something else? or
* better yet, they want to next it, like /users/logout?
* @todo May want to make it work from /store/admin/logout and not
* just from /
*/
if ($module['requested']['name'] == 'logout') {
$security = new Security($config, $db);
$security->logout();
// Loads the requested module's information
$module['requested']['filename'] = strtr($module['requested']['name'], '-', '_');
$module['requested']['php_file'] = '../modules/' . $module['requested']['filename'] . '.php';
$module['requested']['class_name'] = strtr($module['requested']['filename'], '/', '_');
// Establishes the shared module information
$module['shared']['name'] = $config->getSharedModule($module['requested']['name']);
$module['shared']['filename'] = strtr($module['shared']['name'], '-', '_');
$module['shared']['php_file'] = PICKLES_PATH . 'common/modules/' . $module['shared']['filename'] . '.php';
$module['shared']['class_name'] = strtr($module['shared']['filename'], '/', '_');
// Tries to load the site level module
if (file_exists($module['requested']['php_file'])) {
require_once $module['requested']['php_file'];
if (class_exists($module['requested']['class_name'])) {
$module['object'] = new $module['requested']['class_name']($config, $db, $mailer, $error);
}
}
// Tries to load the shared module
else if (file_exists($module['shared']['php_file']) && $module['shared']['name'] != false) {
require_once $module['shared']['php_file'];
if (class_exists($module['shared']['class_name'])) {
$module['object'] = new $module['shared']['class_name']($config, $db, $mailer, $error);
}
}
// Loads the stock module
else {
// Loads the requested module's information
$module['requested']['filename'] = strtr($module['requested']['name'], '-', '_');
$module['requested']['php_file'] = '../modules/' . $module['requested']['filename'] . '.php';
$module['requested']['class_name'] = strtr($module['requested']['filename'], '/', '_');
$module['object'] = new Module($config, $db, $mailer, $error);
}
// Establishes the shared module information
$module['shared']['name'] = $config->getSharedModule($module['requested']['name']);
$module['shared']['filename'] = strtr($module['shared']['name'], '-', '_');
$module['shared']['php_file'] = PICKLES_PATH . 'common/modules/' . $module['shared']['filename'] . '.php';
$module['shared']['class_name'] = strtr($module['shared']['filename'], '/', '_');
// Checks if we loaded a module file and no class was present
if ($module['object'] != null) {
// Tries to load the site level module
if (file_exists($module['requested']['php_file'])) {
require_once $module['requested']['php_file'];
if (class_exists($module['requested']['class_name'])) {
$module['object'] = new $module['requested']['class_name']($config, $db, $mailer, $error);
// Potentially starts the session if it's not started already
if ($module['object']->getSession() === true) {
if (ini_get('session.auto_start') == 0) {
session_start();
}
}
// Tries to load the shared module
else if (file_exists($module['shared']['php_file']) && $module['shared']['name'] != false) {
require_once $module['shared']['php_file'];
if (class_exists($module['shared']['class_name'])) {
$module['object'] = new $module['shared']['class_name']($config, $db, $mailer, $error);
}
}
// Loads the stock module
else {
$module['object'] = new Module($config, $db, $mailer, $error);
}
// Checks if we loaded a module file and no class was present
if ($module['object'] != null) {
// Potentially starts the session if it's not started already
if ($module['object']->getSession() === true) {
if (ini_get('session.auto_start') == 0) {
session_start();
}
}
// Potentially requests use authentication
if ($module['object']->getAuthentication() === true) {
if (!isset($security)) {
$security = new Security($config, $db);
}
$security->authenticate();
}
// Checks if the display type was passed in
if (!isset($display_type)) {
$display_type = $module['object']->getDisplay();
}
// Creates a new viewer object
$display_class = 'Display_' . $display_type;
$display = new $display_class($config, $error);
// Potentially establishes caching
$caching = $module['object']->getCaching();
if ($caching) {
$display->caching = $caching;
if ($display_type == DISPLAY_SMARTY) {
$module['object']->setSmartyObject($display->getSmartyObject());
}
}
$display->prepare();
// Potentially executes the module's logic
if (method_exists($module['object'], '__default')) {
$module['object']->__default();
if ($module['object']->getCacheID()) {
$display->cache_id = $module['object']->getCacheID();
}
}
// Overrides the name and filename with the passed name
if ($module['object']->name != null && $module['requested']['filename'] != $module['object']->name) {
$module['requested']['filename'] = $module['object']->name;
$module['requested']['name'] = $module['object']->name;
}
// Overrides the filename with the passed template
if ($module['object']->template != null) {
$module['requested']['filename'] = $module['object']->template;
}
// Overrides the shared template information with the passed shared template
if ($module['object']->shared_template != null) {
$module['shared']['class_name'] = $module['object']->shared_template;
$module['shared']['filename'] = strtr($module['shared']['class_name'], '_', '/');
$module['shared']['php_file'] = PICKLES_PATH . 'common/modules/' . $module['shared']['filename'] . '.php';
$module['shared']['name'] = $module['shared']['filename'];
}
// Sets the display's properties
$display->module_name = $module['requested']['name'];
$display->module_filename = $module['requested']['filename'];
$display->shared_module_name = $module['shared']['name'];
$display->shared_module_filename = $module['shared']['filename'];
if ($this->execute_tests == true) {
var_dump($module);
exit('caught test');
}
// Loads the module data into the display to be rendered
// Performs a logout if requested
/**
* @todo perhaps make this a passed variable
* @todo Maybe the logout shouldn't be an internal thing, what if
* the user wanted to call the logout page something else? or
* better yet, they want to next it, like /users/logout?
* @todo May want to make it work from /store/admin/logout and not
* just from /
*/
$display->data = $module['object']->public;
// Runs the requested rendering function
$display->render($module);
// Do some cleanup
if (isset($security)) {
unset($security);
if ($module['requested']['name'] == 'logout') {
$security = new Security($config, $db);
$security->logout();
}
unset($module, $viewer);
unset($db, $mailer, $config, $error);
}
// Potentially requests use authentication
if ($module['object']->getAuthentication() === true) {
if (!isset($security)) {
$security = new Security($config, $db);
}
$security->authenticate();
}
// Checks if the display type was passed in
if (!isset($display_type)) {
$display_type = $module['object']->getDisplay();
}
// Creates a new viewer object
$display_class = 'Display_' . $display_type;
$display = new $display_class($config, $error);
// Potentially establishes caching
$caching = $module['object']->getCaching();
if ($caching) {
$display->caching = $caching;
if ($display_type == DISPLAY_SMARTY) {
$module['object']->setSmartyObject($display->getSmartyObject());
}
}
$display->prepare();
// Potentially executes the module's logic
if (method_exists($module['object'], '__default')) {
$module['object']->__default();
if ($module['object']->getCacheID()) {
$display->cache_id = $module['object']->getCacheID();
}
}
// Overrides the name and filename with the passed name
if ($module['object']->name != null && $module['requested']['filename'] != $module['object']->name) {
$module['requested']['filename'] = $module['object']->name;
$module['requested']['name'] = $module['object']->name;
}
// Overrides the filename with the passed template
if ($module['object']->template != null) {
$module['requested']['filename'] = $module['object']->template;
}
// Overrides the shared template information with the passed shared template
if ($module['object']->shared_template != null) {
$module['shared']['class_name'] = $module['object']->shared_template;
$module['shared']['filename'] = strtr($module['shared']['class_name'], '_', '/');
$module['shared']['php_file'] = PICKLES_PATH . 'common/modules/' . $module['shared']['filename'] . '.php';
$module['shared']['name'] = $module['shared']['filename'];
}
// Sets the display's properties
$display->module_name = $module['requested']['name'];
$display->module_filename = $module['requested']['filename'];
$display->shared_module_name = $module['shared']['name'];
$display->shared_module_filename = $module['shared']['filename'];
if ($this->execute_tests == true) {
var_dump($module);
exit('caught test');
}
// Loads the module data into the display to be rendered
/**
* @todo perhaps make this a passed variable
*/
$display->data = $module['object']->public;
// Runs the requested rendering function
$display->render($module);
// Do some cleanup
if (isset($security)) {
unset($security);
}
unset($module, $viewer);
unset($db, $mailer, $config, $error);
}
}
}

25
classes/DB.php
View file

@ -334,8 +334,13 @@ class DB extends Object {
" . implode($values, ", ") . "
);
");
return mysql_insert_id($this->connection);
if ($this->error->isError()) {
return false;
}
else {
return mysql_insert_id($this->connection);
}
}
else {
$this->error->addError('No data was specified');
@ -370,7 +375,21 @@ class DB extends Object {
$fields = $where = null;
if (is_array($values)) {
foreach ($values as $key => $value) {
$fields .= ($fields ? ', ' : null) . $key . " = '" . mysql_real_escape_string(stripslashes($value), $this->connection) . "'";
switch ($value) {
case null:
$value = 'NULL';
break;
case 'NOW()':
$value = 'NOW()';
break;
default:
$value = "'" . mysql_real_escape_string(stripslashes($value), $this->connection) . "'";
break;
}
$fields .= ($fields ? ', ' : null) . $key . " = " . $value;
}
if (is_array($conditions)) {

149
classes/Security.php
View file

@ -28,19 +28,14 @@
* Security Class
*
* Handles authenticating a user via an Apache login box.
*
* @todo Make the SQL less specific, right now you have to use a table
* named users, and use the email as the username. I will need
* to move this to the configuration and allow the user to
* specify which table to authenticate against, and what column
* names to use for the username and password.
*/
class Security extends Object {
class Security extends Object
{
private $config;
private $db;
public function __construct(Config $config, DB $db) {
public function __construct(Config $config, DB $db)
{
parent::__construct();
$this->config = $config;
$this->db = $db;
@ -54,69 +49,89 @@ class Security extends Object {
* the user cannot successfully they will be presented with a 401
* Unauthorized page.
*
* @todo I'm sure someone will find the access denied message offensive,
* so this will need to be made more generic. May also want to
* add in the ability for someone to add a custom message and/or
* landing page in the configuration as well.
* @todo May also want to add in the ability for someone to add a custom
* message and/or landing page in the configuration as well.
*/
public function authenticate() {
if (isset($this->config->admin, $this->config->admin->username, $this->config->admin->password)) {
$_SESSION['user_id'] = null;
if (isset($_SERVER['PHP_AUTH_USER'])) {
if (
$_SERVER['PHP_AUTH_USER'] == $this->config->admin->username
&& $this->encrypt($this->config->admin->salt, $_SERVER['PHP_AUTH_PW']) == $this->config->admin->password
) {
$_SESSION['user_id'] = 1;
public function authenticate()
{
if (!isset($_SESSION['user_id']))
{
if (isset($this->config->admin, $this->config->admin->username, $this->config->admin->password))
{
$_SESSION['user_id'] = null;
if (isset($_SERVER['PHP_AUTH_USER']))
{
if ($_SERVER['PHP_AUTH_USER'] == $this->config->admin->username && Security::doubleMD5($_SERVER['PHP_AUTH_PW'], $this->config->admin->salt) == $this->config->admin->password)
{
$_SESSION['user_id'] = 1;
}
}
}
}
else {
else
{
$table = array(
'name' => 'users',
'fields' => array(
'id' => 'id',
'username' => 'username',
'password' => 'password'
)
);
$table = array(
'name' => 'users',
'fields' => array(
'id' => 'id',
'username' => 'username',
'password' => 'password'
)
);
$table = $this->config->getTableMapping('users', $table);
$table = $this->config->getTableMapping('users', $table);
if (isset($_SERVER['PHP_AUTH_USER']))
{
$from = '
FROM ' . $table['name'] . '
WHERE ' . $table['fields']['username'] . ' = "' . $_SERVER['PHP_AUTH_USER'] . '"
AND ' . $table['fields']['password'] . ' = "' . md5($_SERVER['PHP_AUTH_PW']) . '";
';
if (isset($_SERVER['PHP_AUTH_USER'])) {
$from = '
FROM ' . $table['name'] . '
WHERE ' . $table['fields']['username'] . ' = "' . $_SERVER['PHP_AUTH_USER'] . '"
AND ' . $table['fields']['password'] . ' = "' . md5($_SERVER['PHP_AUTH_PW']) . '";
';
$this->db->execute('SELECT COUNT(' . $table['fields']['id'] . ') ' . $from);
if ($this->db->getField() != 0) {
$this->db->execute('SELECT ' . $table['fields']['id'] . ' ' . $from);
$_SESSION['user_id'] = $this->db->getField();
}
else {
$_SESSION['user_id'] = null;
$this->db->execute('SELECT COUNT(' . $table['fields']['id'] . ') ' . $from);
if ($this->db->getField() != 0)
{
$this->db->execute('SELECT ' . $table['fields']['id'] . ' ' . $from);
$_SESSION['user_id'] = $this->db->getField();
}
else
{
$_SESSION['user_id'] = null;
}
}
}
}
if (!isset($_SESSION['user_id'])) {
header('WWW-Authenticate: Basic realm="' . $_SERVER['SERVER_NAME'] . ' Secured Page"');
header('HTTP/1.0 401 Unauthorized');
exit('Invalid login credentials, access denied.');
if (!isset($_SESSION['user_id']))
{
if ($this->config->modules->{'pre-login'})
{
header('Location: /' . $this->config->modules->{'pre-login'});
exit();
}
else
{
header('WWW-Authenticate: Basic realm="' . $_SERVER['SERVER_NAME'] . ' Secured Page"');
header('HTTP/1.0 401 Unauthorized');
exit('Invalid login credentials, access denied.');
}
}
else {
/**
* @todo add logic to allow the site owner to force a redirect when a user logs in
*/
//header('Location: /');
//exit();
/*
else
{
if ($this->config->modules->{'post-login'})
{
//header('Location: /' . $this->config->modules->{'post-login'});
//exit();
}
else
{
//header('Location: /');
//exit();
}
}
*/
}
/**
@ -124,13 +139,21 @@ class Security extends Object {
*
* Destroys the session, and redirects the user to the root of the site.
*/
public function logout() {
public function logout()
{
session_destroy();
header('Location: /');
}
public function encrypt($salt, $string) {
return md5($salt . md5($salt . $string));
public static function doubleMD5($string, $salt1 = null, $salt2 = null)
{
if (!isset($salt2))
{
$salt2 = $salt1;
}
return md5($salt2 . md5($salt1 . $string));
}
}

2
classes/WebService/AuthorizeNet/AIM.php
View file

@ -190,6 +190,8 @@ class WebService_AuthorizeNet_AIM extends WebService_Common {
$response_values = explode('|', $response, 41);
$response = array_combine($this->response_variables, $response_values);
file_put_contents('/tmp/authnet.log', print_r($response, true), FILE_APPEND);
// Trims all of the variables up
// @todo Replace this with a user defined trim() and use array_walk()
foreach ($response as $key => $value) {

75
classes/WebService/PayPal/Common.php Normal file
View file

@ -0,0 +1,75 @@
<?php
/**
* Common PayPal Web Service Class File for PICKLES
*
* PICKLES is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation, either version 3 of
* the License, or (at your option) any later version.
*
* PICKLES is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with PICKLES. If not, see
* <http://www.gnu.org/licenses/>.
*
* @author Joshua John Sherman <josh@phpwithpickles.org>
* @copyright Copyright 2009 Joshua John Sherman
* @link http://phpwithpickles.org
* @license http://www.gnu.org/copyleft/lesser.html
* @package PICKLES
*/
/**
* Common PayPal Web Service Class
*
* This is the class that each PayPal gateway class should be extending from.
*/
abstract class WebService_PayPal_Common extends WebService_Common {
private $test_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
private $prod_url = 'https://www.paypal.com/cgi-bin/webscr';
protected $url = null;
/**
* Constructor
*
* Runs the parent's constructor and adds the module to the object.
*/
public function __construct(Config $config, Error $error) {
parent::__construct($config, $error);
$this->config = $config;
$this->error = $error;
$this->url = $this->test_url;
// @todo there is a test flag for paypal "test_ipn = 1"
// Loads the API keys based on what URL is being loaded
// if (preg_match("/{$this->config->webservices->authorizenet_aim->domain}/", $_SERVER['HTTP_HOST'])) {
// $url = $this->prod_url;
// $login = $this->config->webservices->authorizenet_aim->login;
// $transaction_key = $this->config->webservices->authorizenet_aim->transaction_key;
// $test_request = 'FALSE';
// }
// else {
// $url = $this->test_url;
// $login = $this->test_login;
// $transaction_key = $this->test_transaction_key;
// $test_request = 'TRUE';
// }
}
/**
* Abstract processing function that is overloaded within the loaded gateway
*/
//public abstract function process();
}
?>

38
classes/WebService/PayPal/IPN.php Normal file
View file

@ -0,0 +1,38 @@
<?php
/**
* PayPal Instant Payment Notification (IPN) Web Service Class File for PICKLES
*
* PICKLES is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation, either version 3 of
* the License, or (at your option) any later version.
*
* PICKLES is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with PICKLES. If not, see
* <http://www.gnu.org/licenses/>.
*
* @author Joshua John Sherman <josh@phpwithpickles.org>
* @copyright Copyright 2009 Joshua John Sherman
* @link http://phpwithpickles.org
* @license http://www.gnu.org/copyleft/lesser.html
* @package PICKLES
*/
/**
* PayPal Instant Payment Notification (IPN) Web Service
*/
class WebService_PayPal_IPN extends WebService_PayPal_Common {
public function process() {
return $response;
}
}
?>

64
classes/WebService/PayPal/WPS.php Normal file
View file

@ -0,0 +1,64 @@
<?php
/**
* PayPal Web Payments Standard (WPS) Web Service Class File for PICKLES
*
* PICKLES is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation, either version 3 of
* the License, or (at your option) any later version.
*
* PICKLES is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with PICKLES. If not, see
* <http://www.gnu.org/licenses/>.
*
* @author Joshua John Sherman <josh@phpwithpickles.org>
* @copyright Copyright 2009 Joshua John Sherman
* @link http://phpwithpickles.org
* @license http://www.gnu.org/copyleft/lesser.html
* @package PICKLES
*/
/**
* PayPal Web Payments Standard (WPS) Web Service
*/
class WebService_PayPal_WPS extends WebService_PayPal_Common {
private $variables = array(
'rm' => 2, // 2 == POST
'cmd' => '_xclick', // _xclick-subscriptions
);
public function set($variable, $value) {
$this->variables[$variable] = $value;
}
// @todo ENCRYPT FORM VIA PAYPAL ENCRYPTED WEBSITE PAYMENTS
public function process() {
$form = '
<form method="post" id="paypalRedirectForm" action="' . $this->url .'">
<h2>Please wait while you are redirected to PayPal.</h2>
If you are not redirected to PayPal within 5 seconds...
';
// Adds all the variables to the form
foreach ($this->variables as $variable => $value) {
$form .= '<input type="hidden" name="' . $variable . '" value="' . $value . '" />' . "\n";
}
$form .= '
<input type="submit" value="Click Here">
</form>
';
return $form;
}
}
?>

4376
common/static/js/jquery-1.3.2.js vendored
View file

File diff suppressed because it is too large Load diff

19
common/static/js/jquery-1.3.2.min.js vendored Normal file
View file

File diff suppressed because one or more lines are too long

2
common/static/js/jquery.js vendored
View file

@ -1 +1 @@
jquery-1.3.2.js
jquery-1.3.2.min.js

28
pickles.php
View file

@ -34,7 +34,8 @@
* @todo Allow users to override the timezone from their configuration file.
*/
// Sets the timezone to avoid Smarty warnings
if (ini_get('date.timezone') == '') {
if (ini_get('date.timezone') == '')
{
ini_set('date.timezone', 'America/New_York');
}
@ -61,32 +62,43 @@ define('DISPLAY_XML', 'XML');
* @param string $class Name of the class to be loaded
* @return boolean Return value of require_once() or false (default)
*/
function __autoload($class) {
function __autoload($class)
{
$filename = preg_replace('/_/', '/', $class) . '.php';
$class_file = PICKLES_PATH . 'classes/' . $filename;
$module_file = PICKLES_PATH . 'common/modules/' . $filename;
$local_file = $_SERVER['DOCUMENT_ROOT'] . '/../modules/' . $filename;
$test_file = $_SERVER['DOCUMENT_ROOT'] . '/../tests/' . str_replace('Test', '', $filename);
// Loads the class file
if (file_exists($class_file)) {
if (file_exists($class_file))
{
return require_once $class_file;
}
// Loads the shared module
else if (file_exists($module_file)) {
elseif (file_exists($module_file))
{
return require_once $module_file;
}
// Loads the local module
else if (file_exists($local_file)) {
elseif (file_exists($local_file))
{
return require_once $local_file;
}
// Loads Smarty
else if ($class == 'Smarty') {
elseif ($class == 'Smarty')
{
return require_once 'contrib/smarty/libs/Smarty.class.php';
}
// Loads a test class
elseif (preg_match('/Test$/', $class) && file_exists($test_file))
{
return require_once $test_file;
}
// Loads nothing
else {
else
{
return false;
}
}