public function run()
{
// Determine the Correct Route
$router = RouteController::getController();
$route = $router->findRouteForURL($this->request->url());
// Found Route? (default if not)
if ($route) {
// CSRF Protection (allow Stripe to avoid) -- if route name changes, it needs to change here!
if ($route->action() != 'stripeNotification') {
(new CSRFProtection())->enable();
}
// Determine the Target Details...
$target = array("controller" => $route->controller(), "method" => $route->method(), "args" => $route->extractArgs($this->request->url()));
// Check Class & Method Exists...
if (@method_exists($target['controller'], $target['method'])) {
// Object Instantiation
$instance = is_a($this, $target['controller']) ? $this : new $target['controller']();
// don't re-instantiate the AppController (self) if we're the target
$instance->route_args = $target['args'];
// provide target controller access to arguments in the route URL
// Handover Control
$instance->{$target['method']}();
// args are optional, can be null
// Log the Performance Data...
if (isTrue(AppConfig::getValue('log_performance'))) {
PerformanceMonitor::logPerformanceData();
}
// We need to return at this point, or we'll drop into the 404 code...
return true;
}
}
// Show a Friendly Error Page (fallback)
$this->view = new HTMLView(true);
$this->view->includeTemplate('error.not-found', ['app_name' => AppConfig::getValue('app_name')]);
$this->view->render(true);
}
public function query($sql, $data = null, array $allowed_errors = array())
{
/**
* Should an array containing allowed error codes be supplied, it instructs this function to ignore terminating for errors contained within the array.
* Codes should be supplied as strings, or it is open to accidental conversion of octal numbers, e.g. 00100 would be seen as 64 (octal) not 100 (decimal)!
* Common Codes:
* 23505 : duplicate key
*
* Search 'SQL-92 SQLSTATE Codes' for more information...
* Good Page: http://publib.boulder.ibm.com/infocenter/db2e/v9r1f1/index.jsp?topic=/com.ibm.db2e.doc/adg/sql11.htm
*/
if (!strlen($sql)) {
if ($this->inTransaction) {
$this->rollBack();
}
exit('Zero length query string (SQL statement) passed to query().');
// ignore whether to terminate or not, no SQL is just plain wrong!
}
PerformanceMonitor::incrementQueryCount();
// register query
$dbh = $this->handle;
// handle to db
// SET Schema
$dbh->exec("SET search_path TO {$this->schema}");
if ($data) {
// Prepared Query
$query = $dbh->prepare($sql);
if (!$query || $dbh->errorCode() != '00000') {
if (!in_array($dbh->errorCode(), $allowed_errors)) {
if ($this->inTransaction) {
$this->rollBack();
}
exit('Error preparing query "' . $sql . '", Data: ' . print_r($data, TRUE) . $this->pdoError($dbh));
}
} else {
// Bind Values (PDO defaults to STR)
foreach ($data as $key => $value) {
switch (true) {
case is_int($value):
$type = PDO::PARAM_INT;
break;
case is_bool($value):
$type = PDO::PARAM_BOOL;
break;
case is_null($value):
$type = PDO::PARAM_NULL;
break;
default:
$type = PDO::PARAM_STR;
break;
}
$query->bindValue($key, $value, $type);
}
// Execute Query
$query->execute();
if ($query->errorCode() != '00000') {
if (!in_array($query->errorCode(), $allowed_errors)) {
if ($this->inTransaction) {
$this->rollBack();
}
exit('Error executing prepared query "' . $sql . '", Data: ' . print_r($data, TRUE) . $this->pdoError($query));
}
} else {
return $query;
// worked
}
}
} else {
// Literal Query
$query = $dbh->query($sql);
if (!$query || $dbh->errorCode() != '00000') {
if (!in_array($dbh->errorCode(), $allowed_errors)) {
if ($this->inTransaction) {
$this->rollBack();
}
exit('Error executing literal query "' . $sql . '".' . $this->pdoError($dbh));
}
} else {
if ($query->errorCode() != '00000') {
if (!in_array($query->errorCode(), $allowed_errors)) {
if ($this->inTransaction) {
$this->rollBack();
}
exit('Error executing literal query "' . $sql . '".' . $this->pdoError($query));
}
} else {
return $query;
// worked
}
}
}
// The query failed and the caller wants to handle the error itself, if we can return a query handle then do so, otherwise return false (last resort).
return $query ? $query : false;
}
define('LIB_EXT_ROOT', APP_ROOT . 'lib-ext/');
define('TEMPLATE_ROOT', APP_ROOT . 'templates/');
// Assign File Locations
define('ROUTES_FILE', ETC_ROOT . 'routes.json');
define('CONFIG_FILE', ETC_ROOT . 'application.conf.ini');
// Assign Log File DEFINEs
define('ERROR_LOG', LOG_ROOT . 'error.log');
define('WARNING_LOG', LOG_ROOT . 'warning.log');
define('INFO_LOG', LOG_ROOT . 'info.log');
define('PERFORMANCE_LOG', LOG_ROOT . 'performance.log');
define('SECURITY_LOG', LOG_ROOT . 'security.log');
define('STRIPE_LOG', LOG_ROOT . 'stripe.log');
// Load Custom Function Library
require_once LIB_ROOT . 'functions.php';
// Class Auto-Loading
spl_autoload_register(function ($class) {
@(include LIB_ROOT . strtolower($class) . '.php');
// @ to allow passthru on fail (observe hierarchy)
});
// Composer (vendor) Auto-Loading
require_once LIB_EXT_ROOT . 'vendor/autoload.php';
// Domain/Cookie Setup (using config file, so load after autoloader)
$appDomain = AppConfig::getValue('cookie_domain');
define('COOKIE_DOMAIN', is_string($appDomain) && !empty($appDomain) ? $appDomain : $_SERVER['SERVER_NAME']);
// default to current server name
define('HOSTNAME', $_SERVER['SERVER_NAME']);
// this is the hostname we use in URLs
// Update (start) the Performance Monitor
PerformanceMonitor::setStart($script_start_ts_micro);
// Launch the AppController
(new AppController())->run();