Ejemplo n.º 1
0
 /**
  * Prepare a phramework instance
  * @uses Bootstrap::getSettings() to fetch the settings
  * @return Phramework
  */
 public static function prepare()
 {
     $settings = self::getSettings();
     $phramework = new Phramework($settings, new \Phramework\URIStrategy\URITemplate([['/', '\\Phramework\\SystemLog\\APP\\Controllers\\DummyController', 'GET', Phramework::METHOD_ANY], ['/dummy/', '\\Phramework\\SystemLog\\APP\\Controllers\\DummyController', 'GET', Phramework::METHOD_ANY], ['/dummy/{id}', '\\Phramework\\SystemLog\\APP\\Controllers\\DummyController', 'GETById', Phramework::METHOD_ANY]]));
     \Phramework\Database\Database::setAdapter(new \Phramework\Database\MySQL($settings['database']));
     return $phramework;
 }
Ejemplo n.º 2
0
 /**
  * Update database records
  * @param  string|integer $id
  * @param  array|object   $keysValues
  * @param  string|array   $table                Table's name
  * @param  string         $idAttribute          **[Optional]** Id attribute
  * @return integer Return number of affected records
  * @param  null|integer   $limit                **[Optional]**
  *     Limit clause, when null there is not limit.
  * @todo Add $additionalAttributes
  */
 public static function update($id, $keysValues, $table, $idAttribute = 'id', $limit = 1)
 {
     //Work with arrays
     if (is_object($keysValues)) {
         $keysValues = (array) $keysValues;
     }
     $queryKeys = implode('" = ?,"', array_keys($keysValues));
     $queryValues = array_values($keysValues);
     //Push id to the end
     $queryValues[] = $id;
     $tableName = '';
     //Work with array
     if (is_object($table)) {
         $table = (array) $table;
     }
     if (is_array($table) && isset($table['schema']) && isset($table['table'])) {
         $tableName = sprintf('"%s"."%s"', $table['schema'], $table['table']);
     } else {
         $tableName = sprintf('"%s"', $table);
     }
     $query = sprintf('UPDATE %s SET "%s" = ?
           WHERE "%s" = ?
           %s', $tableName, $queryKeys, $idAttribute, $limit === null ? '' : '');
     //Return number of rows affected
     $result = Database::execute($query, $queryValues);
     return $result;
 }
Ejemplo n.º 3
0
 /**
  * @covers Phramework\QueryLog\QueryLog::register
  */
 public function testRegister2()
 {
     try {
         \Phramework\Database\Database::execute('SELECT * FROM "boomboom"');
     } catch (\Exception $e) {
     }
     \Phramework\Database\Database::execute('SELECT * FROM user');
     \Phramework\Database\Database::execute('SELECT * FROM user WHERE "user"."id" = ? LIMIT 1', [1]);
 }
Ejemplo n.º 4
0
 /**
  * Delete database records
  * @param  string|integer $id
  *     Id value
  * @param  array|object   $additionalAttributes
  *     Additional attributes to use in WHERE $idAttribute
  * @param  string|array   $table                Table's name
  * @param  string         $idAttribute          **[Optional]**
  *     Id attribute
  * @param  null|integer   $limit                **[Optional]**
  *     Limit clause, when null there is not limit.
  * @return integer Return number of affected records
  */
 public static function delete($id, $additionalAttributes, $table, $idAttribute = 'id', $limit = 1)
 {
     //force disable limit because they wont work with postgreqsql
     $limit = null;
     $queryValues = [$id];
     $additional = [];
     foreach ($additionalAttributes as $key => $value) {
         //push to additional
         $additional[] = sprintf('AND "%s"."%s" = ?', $table, $key);
         $queryValues[] = $value;
     }
     $tableName = '';
     if (is_array($table) && isset($table['schema']) && isset($table['table'])) {
         $tableName = '"' . $table['schema'] . '"' . '."' . $table['table'] . '"';
     } else {
         $tableName = '"' . $table . '"';
     }
     $query = sprintf('DELETE FROM %s
         WHERE "%s" = ?
           %s
           %s', $tableName, $idAttribute, implode("\n", $additional), $limit === null ? '' : 'LIMIT ' . $limit);
     return Database::execute($query, $queryValues);
 }
Ejemplo n.º 5
0
 /**
  * Create a new record in database
  * @param  array|object $attributes  Key-value array or object with records's attributes
  * @param  string $table       Table's name
  * @param  string|null $schema *[Optional]* Table's schema, default is null for no schema
  * @param  integer $return     Return method type
  * - if **`RETURN_ID`** will return the id of last inserted record
  * - if **`RETURN_RECORDS`** will return the inserted record
  * - if **`RETURN_NUMBER_OF_RECORDS`** will return the number of records affected
  * @return integer|array
  * @throws ServerException
  * @todo Check RETURNING id for another primary key attribute
  */
 public static function create($attributes, $table, $schema = null, $return = self::RETURN_ID)
 {
     if (is_object($attributes)) {
         $attributes = (array) $attributes;
     }
     $driver = Database::getAdapterName();
     //prepare query
     $query_keys = implode('" , "', array_keys($attributes));
     $query_parameter_string = trim(str_repeat('?,', count($attributes)), ',');
     $query_values = array_values($attributes);
     if ($driver == 'postgresql') {
         //Make sure boolean are strings
         foreach ($query_values as &$queryValue) {
             if (is_bool($queryValue)) {
                 $queryValue = $queryValue ? 'true' : 'false';
             }
         }
     }
     $query = 'INSERT INTO ';
     if ($schema !== null) {
         $query .= sprintf('"%s"."%s"', $schema, $table);
     } else {
         $query .= sprintf('"%s"', $table);
     }
     $query .= sprintf(' ("%s") VALUES (%s)', $query_keys, $query_parameter_string);
     if ($return == self::RETURN_ID) {
         //Return inserted id
         if ($driver == 'postgresql') {
             $query .= ' RETURNING id';
             $id = Database::executeAndFetch($query, $query_values);
             return $id['id'];
         }
         return Database::executeLastInsertId($query, $query_values);
     } elseif ($return == self::RETURN_RECORDS) {
         //Return records
         if ($driver != 'postgresql') {
             throw new ServerExcetion('RETURN_RECORDS works only with postgresql adapter');
         }
         $query .= 'RETURNING *';
         return Database::executeAndFetch($query, $query_values);
     } else {
         //Return number of records affected
         return Database::execute($query, $query_values);
     }
 }
Ejemplo n.º 6
0
 /**
  * Activate query-log
  * @param null|object $additionalParameters
  *     Additional parameters to be stored in query logs
  * @return boolean Returns false if query log is disabled
  * @throws \Exception
  * @uses Phramework\Database\Database
  */
 public function register($additionalParameters = null)
 {
     if ($additionalParameters && !is_object($additionalParameters)) {
         throw new \Exception('additionalParameters must be an object');
     }
     //Ignore registration if disabled setting is set to true
     if (isset($this->settings->disabled) && $this->settings->disabled) {
         return false;
     }
     //Get current global adapter
     $internalAdapter = \Phramework\Database\Database::getAdapter();
     if (!$internalAdapter) {
         throw new \Exception('Global database adapter is not initialized');
     }
     //Create new QueryLogAdapter instance, using current global adapter
     $queryLogAdapter = new QueryLogAdapter($this->settings, $internalAdapter, $additionalParameters);
     //Set newly created QueryLogAdapter instance as global adapter
     \Phramework\Database\Database::setAdapter($queryLogAdapter);
     return true;
 }
Ejemplo n.º 7
0
 public static function post($username)
 {
     return Database::execute('INSERT INTO "user"
         ("username") VALUES (?)', [$username]);
 }
Ejemplo n.º 8
0
 /**
  * Execute the API
  * @throws \Phramework\Exceptions\PermissionException
  * @throws \Phramework\Exceptions\NotFoundException
  * @throws \Phramework\Exceptions\IncorrectParametersException
  * @throws \Phramework\Exceptions\RequestException
  * @todo change default timezone
  * @todo change default language
  * @todo initialize database if set
  * @todo @security deny access to any else referals
  */
 public function invoke()
 {
     $params = new \stdClass();
     $method = self::METHOD_GET;
     $headers = [];
     try {
         date_default_timezone_set('Europe/Athens');
         if (self::getSetting('debug')) {
             error_reporting(E_ALL);
             ini_set('display_errors', '1');
         }
         if (self::getSetting('errorlog_path')) {
             ini_set('error_log', self::getSetting('errorlog_path'));
         }
         //Check if callback is set (JSONP)
         if (isset($_GET['callback'])) {
             if (!\Phramework\Validate\Validate::isValidJsonpCallback($_GET['callback'])) {
                 throw new \Phramework\Exceptions\IncorrectParametersException(['callback']);
             }
             self::$callback = $_GET['callback'];
             unset($_GET['callback']);
         }
         /*
         //Initialize Database connection if required or db set
         if (self::getSetting('require_db') || self::getSetting('db')) {
             \Phramework\Models\Database::requireDatabase(self::getSetting('db'));
         }
         
         //Unset from memory Database connection information
         unset(self::$settings['db']);
         */
         //Get method from the request (HTTP) method
         $method = self::$method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : self::METHOD_GET;
         //Check if the requested HTTP method method is allowed
         // @todo check error code
         if (!in_array($method, self::$methodWhitelist)) {
             throw new \Phramework\Exceptions\RequestException('Method not allowed');
         }
         //Default value of response's header origin
         $origin = '*';
         //Get request headers
         $headers = Models\Request::headers();
         //Check origin header
         if (isset($headers['Origin'])) {
             $originHost = parse_url($headers['Origin'], PHP_URL_HOST);
             //Check if origin host is allowed
             if ($originHost && self::getSetting('allowed_referer') && in_array($originHost, self::getSetting('allowed_referer'))) {
                 $origin = $headers['Origin'];
             }
             //@TODO @security else deny access
         } elseif (isset($_SERVER['HTTP_HOST']) && isset($_SERVER['REQUEST_URI'])) {
             $origin = '*';
             //TODO Exctract origin from request url
         }
         //Send access control headers
         if (!headers_sent()) {
             header('Access-Control-Allow-Credentials: true');
             header('Access-Control-Allow-Origin: ' . $origin);
             header('Access-Control-Allow-Methods: GET, POST, PUT, PATCH, HEAD, DELETE, OPTIONS');
             header('Access-Control-Allow-Headers: ' . 'Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Encoding');
         }
         //Catch OPTIONS request and kill it
         if ($method == self::METHOD_OPTIONS) {
             header('HTTP/1.1 200 OK');
             exit;
         }
         //Merge all REQUEST parameters into $params array
         $params = (object) array_merge($_GET, $_POST, $_FILES);
         //TODO $_FILES only if POST OR PUT
         //Parse request body
         //@Todo add allowed content-types
         if (in_array($method, [self::METHOD_POST, self::METHOD_PATCH, self::METHOD_PUT, self::METHOD_DELETE])) {
             $CONTENT_TYPE = null;
             if (isset($headers[Request::HEADER_CONTENT_TYPE])) {
                 $CONTENT_TYPE = explode(';', $headers[Request::HEADER_CONTENT_TYPE]);
                 $CONTENT_TYPE = $CONTENT_TYPE[0];
             }
             if ($CONTENT_TYPE === 'application/x-www-form-urlencoded') {
                 //Decode and merge params
                 parse_str(file_get_contents('php://input'), $input);
                 if ($input && !empty($input)) {
                     $params = (object) array_merge((array) $params, (array) $input);
                 }
             } elseif (in_array($CONTENT_TYPE, ['application/json', 'application/vnd.api+json'], true)) {
                 $input = trim(file_get_contents('php://input'));
                 if (!empty($input)) {
                     //note if input length is >0 and decode returns null then its bad data
                     //json_last_error()
                     $inputObject = json_decode($input);
                     if (json_last_error() !== JSON_ERROR_NONE) {
                         throw new \Phramework\Exceptions\RequestException('JSON parse error: ' . json_last_error_msg());
                     }
                     if ($inputObject && !empty($inputObject)) {
                         $params = (object) array_merge((array) $params, (array) $inputObject);
                     }
                 }
             }
         }
         //STEP_AFTER_AUTHENTICATION_CHECK
         self::$stepCallback->call(StepCallback::STEP_BEFORE_AUTHENTICATION_CHECK, $params, $method, $headers);
         //Authenticate request (check authentication)
         self::$user = \Phramework\Authentication\Manager::check($params, $method, $headers);
         //In case of array returned force type to be object
         if (is_array(self::$user)) {
             self::$user = (object) self::$user;
         }
         //STEP_AFTER_AUTHENTICATION_CHECK
         self::$stepCallback->call(StepCallback::STEP_AFTER_AUTHENTICATION_CHECK, $params, $method, $headers, [self::$user]);
         //Default language value
         $language = self::getSetting('language');
         //Select request's language
         if (isset($_GET['this_language']) && self::getSetting('languages') && in_array($_GET['this_language'], self::getSetting('languages'))) {
             //Force requested language
             if ($_GET['this_language'] != $language) {
                 $language = $_GET['this_language'];
             }
             unset($_GET['this_language']);
         } elseif (self::$user && property_exists(self::$user, 'language_code')) {
             // Use user's langugae
             $language = self::$user->language_code;
         } elseif (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) && self::getSetting('languages')) {
             // Use Accept languge if provided
             $a = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
             if (in_array($a, self::getSetting('languages'))) {
                 $language = $a;
             }
         }
         //Set language variable
         self::$language = $language;
         //self::$translation->setLanguageCode($language);
         //STEP_BEFORE_CALL_URISTRATEGY
         self::$stepCallback->call(StepCallback::STEP_BEFORE_CALL_URISTRATEGY, $params, $method, $headers);
         //Call controller's method
         list($invokedController, $invokedMethod) = self::$URIStrategy->invoke($params, $method, $headers, self::$user);
         self::$stepCallback->call(StepCallback::STEP_AFTER_CALL_URISTRATEGY, $params, $method, $headers, [$invokedController, $invokedMethod]);
         //STEP_BEFORE_CLOSE
         self::$stepCallback->call(StepCallback::STEP_BEFORE_CLOSE, $params, $method, $headers);
     } catch (\Phramework\Exceptions\NotFoundException $exception) {
         self::errorView([(object) ['status' => $exception->getCode(), 'detail' => $exception->getMessage(), 'title' => $exception->getMessage()]], $exception->getCode(), $params, $method, $headers, $exception);
     } catch (\Phramework\Exceptions\RequestException $exception) {
         self::errorView([(object) ['status' => $exception->getCode(), 'detail' => $exception->getMessage(), 'title' => $exception->getMessage()]], $exception->getCode(), $params, $method, $headers, $exception);
     } catch (\Phramework\Exceptions\PermissionException $exception) {
         self::errorView([(object) ['status' => $exception->getCode(), 'detail' => $exception->getMessage(), 'title' => $exception->getMessage()]], $exception->getCode(), $params, $method, $headers, $exception);
     } catch (\Phramework\Exceptions\UnauthorizedException $exception) {
         self::errorView([(object) ['status' => $exception->getCode(), 'detail' => $exception->getMessage(), 'title' => $exception->getMessage()]], $exception->getCode(), $params, $method, $headers, $exception);
     } catch (\Phramework\Exceptions\MissingParametersException $exception) {
         self::errorView([(object) ['status' => $exception->getCode(), 'detail' => $exception->getMessage(), 'meta' => ['missing' => $exception->getParameters()], 'title' => $exception->getMessage()]], $exception->getCode(), $params, $method, $headers, $exception);
     } catch (\Phramework\Exceptions\IncorrectParametersException $exception) {
         self::errorView([(object) ['status' => $exception->getCode(), 'detail' => $exception->getMessage(), 'meta' => ['incorrect' => $exception->getParameters()], 'title' => $exception->getMessage()]], $exception->getCode(), $params, $method, $headers, $exception);
     } catch (\Phramework\Exceptions\MethodNotAllowedException $exception) {
         //Write allow header if AllowedMethods is set
         if (!headers_sent() && $exception->getAllowedMethods()) {
             header('Allow: ' . implode(', ', $exception->getAllowedMethods()));
         }
         self::errorView([(object) ['status' => $exception->getCode(), 'detail' => $exception->getMessage(), 'meta' => ['allow' => $exception->getAllowedMethods()], 'title' => $exception->getMessage()]], $exception->getCode(), $params, $method, $headers, $exception);
     } catch (\Phramework\Exceptions\RequestException $exception) {
         self::errorView([(object) ['status' => $exception->getCode(), 'detail' => $exception->getMessage(), 'title' => 'Request Error']], $exception->getCode(), $params, $method, $headers, $exception);
     } catch (\Exception $exception) {
         self::errorView([(object) ['status' => 400, 'detail' => $exception->getMessage(), 'title' => 'Error']], 400, $params, $method, $headers, $exception);
     } finally {
         self::$stepCallback->call(StepCallback::STEP_FINALLY, $params, $method, $headers);
         //Unset all
         unset($params);
         //Try to close the databse
         \Phramework\Database\Database::close();
     }
 }