/** * @param Request $request * @param string $repositoryPath * @param string $prefix * * @throws Resolver\Exception */ public function __construct(Request $request, $repositoryPath = '/Controller', $prefix = 'Pimf\\') { $conf = Registry::get('conf'); $controllerName = $request->fromGet()->get('controller'); if ($conf['app']['routeable'] === true) { $target = Registry::get('router')->find(); if ($target instanceof \Pimf\Route\Target) { $controllerName = $target->getController(); } } if (Sapi::isCli() && $conf['environment'] == 'production') { $controllerName = $request->fromCli()->get('controller'); } if (!$controllerName) { $controllerName = $conf['app']['default_controller']; } $this->repositoryPath = $repositoryPath; $this->request = $request; $this->controllerClass = $prefix . 'Controller\\'; $basepath = $this->repositoryPath . '/'; $controller = ucfirst($controllerName); if (Str::isEvilPath($basepath . $controller)) { throw new Bomb('directory traversal attack is not funny!'); } $this->controllerPath = $basepath . $controller . '.php'; if (!file_exists($this->controllerPath)) { throw new Bomb('no controller found at the repository path; ' . $this->controllerPath); } }