About
News
Downloads
Manual
Support
Examples
Releases
Community
Contact
Blog
Sources for file onyx.class.php in version 2.0 Beta 4
Click on a comment to hide it. Click here to show all comments.
/*
* Project: Onyx: PHP Application Backend
* File: onyx.class.php
* Main Onyx Class
*
* Version: 2.0b4
* CVS tag: $Id: onyx.class.php,v 1.31 2002/10/28 14:49:49 bok Exp $
* Author: Robert Amos <bok[at]ausmac.net>
* Andrew Wellington <proton[at]wiretapped.net>
* Copyright: 2001,2002 Shiznatz.
*/
// set the constants first
// directory seperator (for compatibility with windows)
define('DIRSEP', DIRECTORY_SEPARATOR);
// main onyx dir
if (!defined('ONYXDIR')) {
define('ONYXDIR', dirname(__FILE__).DIRSEP);
}
// main smarty dir
if (!defined('SMARTY_DIR')) {
define('SMARTY_DIR', ONYXDIR.'smarty'.DIRSEP);
}
// main script dir
if (!defined('SCRIPT_DIR')) {
define('SCRIPT_DIR', dirname($_SERVER['SCRIPT_FILENAME']).DIRSEP);
}
// simplified error stuff
define('ERROR', E_USER_ERROR);
define('WARNING', E_USER_WARNING);
define('NOTICE', E_USER_NOTICE);
// are we running from the command line?
if (isset($_SERVER['_'])) {
define ('CLI', true);
define ('WEB', false);
} else {
define ('CLI', false);
define ('WEB', true);
}
// set the include path to include ONYXDIR
ini_set("include_path", ini_get("include_path").":".ONYXDIR.":".SCRIPT_DIR);
// start session now to avoid it bitching about the cache firing before it does
if (WEB) session_start();
// start the class
class Onyx {
// initialise variables
var $config_handler = "file"; // configuration file handler
var $cache_handler = "file"; // cache file handler
var $filter_vars = TRUE; // automatic variable filter
var $global_vars = FALSE; // whether to translate
// $_GET["bleh"] to $bleh
// after we do input
// filtering
var $log_errors = TRUE; // whether to log errors to file
var $error_log = "/var/www/logs/error_log"; // error log file
var $session_lifetime = 86400; // how long until a session
// expires
var $cache = TRUE; // whether to cache or not
var $cache_expire = NULL; // cache expiry time
var $cache_lifetime = 86400; // how long the cache should live for
// basically its just $cache_expire =
// time() + $cache_lifetime
var $cache_location = "cache"; // location to store cache'd
// data, a directory name if
// using the file handler or
// a table name
// or other info if using a
// database handler
var $database_type = "pgsql"; // database type to use
// see database plugin directory
// for other options
var $db_host; // options for connecting
var $db_port; // to the database
var $db_user; // server
var $db_passwd;
var $auth_type = "activedirectory"; // authentication type to use
// see auth plugin directory
// for other options
var $auth_params = array(); // parameters for the selected
// auth plugin
var $logout_redirect_url = ''; // where to redirect
// users who have been
// forcefully logged
// out
var $location_redirect_url = ''; // where to redirect
// users who are
// trying to access a
// page restricted to
// another location
var $plugin_dirs = array ("plugins"); // plugin directories
// variables you shouldnt need to touch
var $page = array(); // Page configuration
// stuffs, like title,
// access, etc.
var $get_vars = array(); // Get Variables
var $post_vars = array(); // Post Variables
var $argv_vars = array(); // Shell Arguments
// These will be automatically
// filtered according to type.
var $_loaded_plugins = array();
var $_input_modified = array();
/***************************************************************\
* Method: Start *
* Description: start the function parsing and stuff0r
* Syntax: $onyx->start(); *
* Returns: true *
\***************************************************************/
function start () {
// set global $onyx_parent variable
$GLOBALS['onyx_parent'] =& $this;
// fetched cache'd copy if we have one
if ($this->cache && WEB) {
$this->_fetch_cache();
}
// start the output buffer (no caching for CLI)
if (WEB) ob_start("onyx_ob_cache_handler");
// log errors
if (CLI) {
ini_set("display_errors", true);
} else {
if ($this->log_errors && ini_get("log_errors") == false) {
ini_set("error_log", $this->error_log);
ini_set("log_errors", true);
}
}
// load the default plugins
$this->load_plugin($this->database_type, 'database');
$this->load_plugin('input');
$this->load_plugin('access');
global $access;
// do auth type checking
if (!$access->sess_check()) {
header("Location: ".$this->logout_redirect_url);
exit;
}
// Parse our variables
if ($this->filter_vars) {
if (WEB) {
if (count($this->get_vars) > 0 && count($_GET) > 0)
$this->_filter_input_vars ($this->get_vars, 1);
if (count($this->post_vars) > 0 && count($_POST) > 0)
$this->_filter_input_vars ($this->post_vars, 2);
} else {
// cant exactly global argv...
$this->global_vars = false;
if (count($this->argv_vars) > 0 && count($_SERVER['argv']) > 0)
$this->_filter_input_vars ($this->argv_vars, 3);
}
}
// load smarty
include_once SMARTY_DIR.'/Smarty.class.php';
$GLOBALS['smarty'] = new Smarty;
foreach ($this->plugin_dirs as $dir) {
$smarty_dirs[] = $dir.'/smarty';
}
$onyx_smarty_var = array (
"page" => &$this->page
);
$GLOBALS['smarty']->plugins_dir = $smarty_dirs;
$GLOBALS['smarty']->assign_by_ref('onyx', $onyx_smarty_var);
}
/***************************************************************\
* Method: load_plugin *
* Description: Load a plugin into the system *
* Syntax: $this->load_plugin(string plugin[, string type])*
* Returns: true on success, false on failure *
\***************************************************************/
function load_plugin($plugin, $type=NULL) {
// set default type
if (is_null($type)) {
$type = "class";
}
// do we have this plugin in the return list?
if (isset($this->_return_plugins[$plugin]))
return $this->_return_plugins[$plugin];
// return true if we've already loaded this plugin
if ($this->_loaded_plugins[$type][$plugin]) {
return true;
}
// no plugin name?
if (empty($plugin)) {
return false;
}
// check for the plugin file
foreach ($this->plugin_dirs as $dir) {
// check the path
$dir = $this->_transform_path($dir.DIRSEP.$type).DIRSEP;
// try it with ONYXDIR prepended first..
if (file_exists(ONYXDIR.$dir.$plugin.".php"))
$dir = ONYXDIR.$dir;
// load the plugin if we have it
if (file_exists($dir.$plugin.".php")) {
include_once($dir.$plugin.".php");
// loaded successfully
$this->_loaded_plugins[$type][$plugin] = true;
// our action variables
$global = FALSE;
$return = FALSE;
// start the magic
switch ($type) {
case 'class':
$class = $plugin."_plugin";
$objname = strtolower($plugin);
$global = TRUE;
break;
case 'database':
$class = "db_plugin";
$objname = "db";
$global = TRUE;
break;
case 'auth':
$class = "auth_".$plugin."_plugin";
$objname = "_auth_".strtolower($plugin)."_handler";
break;
case 'config':
$class = "config_".$plugin."_plugin";
$objname = "_config_".strtolower($plugin)."_handler";
break;
case 'cache':
$class = "cache_".$plugin."_plugin";
$objname = "_cache_".strtolower($plugin)."_handler";
break;
case 'dbspec':
$class = "dbspec_".$plugin;
$return = TRUE;
break;
default:
return false;
}
// Make the object i guess
if ($global)
$GLOBALS[$objname] = new $class;
elseif ($return) {
$this->_return_plugins[$plugin] = new $class;
return $this->_return_plugins[$plugin];
} else
$this->$objname = new $class;
// finished teh juarez
return true;
}
}
// guess we fucked up...
return false;
}
/***************************************************************\
* Method: _filter_input_vars *
* Description: Automatically filter input variables *
* Syntax: $this->_filter_input_vars(array vars, int type) *
* Returns: true on success, false on failure *
\***************************************************************/
function _filter_input_vars ($vars, $type=1) {
// best double check everything
if (!is_array($vars) || count($vars) == 0)
return false;
// load input juarez
global $input;
// set variable stuffs
switch($type) {
case 3: $parse = $_SERVER['argv'];
break;
case 2:
$parse = $_POST;
break;
case 1:
default:
$parse = $_GET;
}
// do the filtering
foreach ($parse as $key => $var) {
if (isset($vars[$key])) {
// deal with arrays
if (is_array($vars[$key])) {
$array_type = $vars[$key][0];
$vars[$key] = "_array";
}
if (method_exists($input, $vars[$key])) {
$method = $vars[$key];
// again our arrays
if (!empty($array_type)) {
$parsed[$key] = $input->$method($var, $array_type);
} else {
$parsed[$key] = $input->$method($var);
}
// dear god, more arrays
if (is_array($parse[$key])) {
foreach ($parse[$key] as $k => $v)
$this->_input_modified[$key][$k] = $parse[$key][$k] != $parsed[$key][$k];
} else {
$this->_input_modified[$key] = $parse[$key] != $parsed[$key];
}
if ($this->global && !isset($GLOBALS[$key]))
$GLOBALS[$key] = $var;
}
}
}
switch($type) {
case 3:
$_SERVER['argv'] = $parsed;
break;
case 2:
$_POST = $parsed;
break;
case 1:
default:
$_GET = $parsed;
}
return true;
}
/***************************************************************\
* Method: parse_config *
* Description: Parse Configuration Stuffs *
* Syntax: $this->parse_config(string var); *
* Returns: mixed on success, false on failure *
\***************************************************************/
function parse_config ($var=NULL) {
if (is_null($var))
return false;
// no handler? we're screwed!
if (empty($this->config_handler))
return false;
// load it first, to be sure
if (!$this->load_plugin($this->config_handler, 'config'))
return false;
// do the warez
$obj_name = "_config_".$this->config_handler."_handler";
$config = $this->$obj_name->parse($var);
return $config;
}
/***************************************************************\
* Method: _fetch_cache *
* Description: Fetch a cached file *
* Syntax: $this->_fetch_cache(); *
* Returns: exits or false when no cached page found *
\***************************************************************/
function _fetch_cache () {
// ok, first things first, last things last, you know the drill
// do security checking
if (isset($_SESSION["user"]) && $_SESSION["expiry"] <= time()) {
return false;
}
// no handler? we're screwed!
if (empty($this->cache_handler)) {
trigger_error('No cache handler set, but caching is on!', WARNING);
return false;
}
// load it first, to be sure
if (!$this->load_plugin($this->cache_handler, 'cache')) {
trigger_error('Unable to load configured cache handler', WARNING);
return false;
}
// do the warez
$method_name = "_cache_".$this->cache_handler."_handler";
if ($this->$method_name->read()) {
exit;
}
return false;
}
/***************************************************************\
* Method: _transform_path *
* Description: Seucrity check and clean a filesystem path *
* Syntax: $this->_transform_path(string path); *
* Returns: nice clean path *
\***************************************************************/
function _transform_path ($path) {
// we dont allow leading slashes
$path = preg_replace("/^\//", "", $path);
// nor do we allow directory transversals
$path = preg_replace("/\.\./", "", $path);
// clean up nicely
$path = preg_replace("/\/\//", "", $path);
// all done
return $path;
}
}
/***************************************************************\
* Function: onyx_ob_cache_handler *
* Description: Cache output of file *
* Syntax: onyx_ob_cache_handler(string buffer); *
* Returns: unchanged browser output *
\***************************************************************/
function onyx_ob_cache_handler ($buffer) {
global $onyx_parent;
// output a content-length header, we never modify the data, so do it
header('Content-Length: '.strlen($buffer));
// not caching? fine with me
if (!$onyx_parent->cache)
return $buffer;
// no handler? we're screwed!
if (empty($onyx_parent->cache_handler)) {
trigger_error('No caching handler set but caching is on', WARNING);
return $buffer;
}
// load it first, to be sure
if (!$onyx_parent->load_plugin($onyx_parent->cache_handler, 'cache')) {
trigger_error('Couldnt load configured cache handler.', WARNING);
return $buffer;
}
// do the warez
$method_name = "_cache_".$onyx_parent->cache_handler."_handler";
$onyx_parent->$method_name->write($buffer);
return $buffer;
}
?>