function getLogin()
{
log_err(__FILE__, __LINE__, "(MVC_Model.getlink())");
/*
FIXME:
The db code needs changing to
$db->setFetchMode( DB_FETCHMODE_ASSOC );
$res =& $db->query($sql);
if ( DB::isError( $res ) ) {
print "Error - could not select: ";
die( $res->getMessage() );
}
while( $row =& $res->fetchRow() )
*/
//print "<p>Model: params</p>";
//print_r($this->c->request->params);
//$linkKey = $_REQUEST['id'];
$linkKey = $this->c->request->params['id'];
log_err(__FILE__, __LINE__, "Link Key: {$linkKey}");
$sql = "SELECT * FROM links WHERE id=" . $this->db->quote($linkKey);
$this->result = $this->db->query($sql);
//$tmp = $this->result->fetchRow(DB_FETCHMODE_ASSOC);
// debug
//print "<pre>";
//print_r( $tmp );
//print "</pre>";
//return $tmp;
return $this->result->fetchRow(DB_FETCHMODE_ASSOC);
}
function invoke()
{
global $c;
// Hack
// although technically a class name at
// this point, I chose to avoid class
// given it is a PHP special word
$module = $this->module;
$method = $this->method;
// would prefer to do
//$c->controller = new $module( $method );
// Form standard framework class name
$target_class = ucfirst($this->module);
$target_class .= "Controller";
// debug
//print "Target Controller Class: ". $target_class;
log_err(__FILE__, __LINE__, "Instantiating Controller for Module: {$target_module}");
log_err(__FILE__, __LINE__, "Action URL: {$target_method} Action Method: {$v}");
/*
Somehow this does not seem right here. It seems that you would
pass the action to the module controller and then it would
do $action->invoke().
*/
$controller = new $target_class($c);
}
function HomeController($c)
{
parent::MVC_Controller($c);
$this->model = new HomeModel($this->c);
$this->view->setTemplateDir('home');
// FIXME: this needs automating
log_err(__FILE__, __LINE__, "Info: About to do action: {$action}");
$this->doAction();
}
function _start()
{
/**
* Use request to compare against action list
* to see if any actions match the request.
*/
//print "<p>Request Module: ". $c->request->get_module() .'</p>';
//print "<p>Request Method: ". $c->request->get_method() .'</p>';
/**
* Does the requested action match an existing action?
*/
if (!$this->is_valid_action()) {
die("Error - Action uknown");
}
/*
If there is no action or actions defined for this module, then
the fc must create a default action, or get one from the framework
config.
// setup default action is there is none
if( empty( $this->action ) ) {
$action = new Action;
$action->pattern = 'home/home'; // FIXME: change to set prop method
$action->method = 'Home'; // FIXME: change to set prop method
$action->class_name = 'Home'; // FIXME: change to set prop method
$action->auth = 0; // FIXME: change to set prop method
//$action->invoke();
}
print '<pre>';
print_r( $this->action );
print '</pre>';
*/
/**
* The front controller is responsible for loading the module.
*/
$this->_start();
/**
* It is the responsiblity of the front controller to find out
* from the module if a particular method url pattern or method
* requires authentication.
*/
// add auth state to context
//$c->require_auth = $auth_state;
// if auth required
if ($action->auth) {
if (!$a->checkAuth()) {
/**
* redirect to login page
* and redirect to original requested page
* support is required.
* $location = "index.php?action=$module/$method";
* header("Location: $location");
* I have a forward method, but will avoid it for now.
* It would be nice for redirections within the framework
* to be defined by their action (module/method) name or
* pattern. This is what the forward does.
*/
// needs to pass original page as parameter???
/**
I need to get the original requested action or url.
Where?
* If the current module is loaded, this //$this->forward( 'list' );
* might work.
* But why not grab the module and method name?
*/
$location = "http://www.phphelp.com/test/projects/sandbox/mvc/index.php?action=login/login&rebound={$target_module}%2F{$target_method}";
header("Location: {$location}");
exit;
}
}
/**
* The action invokes itself. I don't know if this should be down
* in the controller somewhere, or even allow actions to be invoked
* from anywhere. Calling invoke on an action instantiates the class
* controller and this automatically invokes the method.
*/
$action->invoke();
$target_class = ucfirst($action->module);
// should this come from the array?
$target_class .= "Controller";
log_err(__FILE__, __LINE__, "Instantiating Controller for Module: {$target_module}");
log_err(__FILE__, __LINE__, "Action URL: {$target_method} Action Method: {$v}");
if (empty($this->action_list)) {
die("Error - empty action list");
}
}
/**
* Login
*
*/
function Login()
{
log_err(__FILE__, __LINE__, "Info: (Controller.EditForm))");
$this->c->plugins[form]->init(array('username', 'password', 'rebound'));
$this->c->plugins[form]->params($this->c->request->params);
$this->c->plugins[form]->validate_fields(array());
$this->c->plugins[form]->required_fields(array());
$this->c->plugins[form]->templateobj->set_mod_dir('/login/');
// trailing slash required
/**
* Given the quirks of Auth, the only purpose of this
* module is to display the login form through the
* framework template engine at a valid framework
* url.
* Although, normally, one might expect the this method
* to check the authenitcations staus, it can't. Ideally,
* the framwork would contain an auth object, which the
* method could interrogate to see if the login is
* authentic. But this is done automatically in Auth
* before it ever gets here and is beyond my control.
*/
if ($this->c->plugins[form]->submitted()) {
// debug
// print "<p>Submitted</p>";
/*
* IMPORTANT: Normally, a check would be done on login
* form submission to see if the user is authentic, but
* the PEAR Auth module does this automatically and
* opaquely at $auth->start invocation. So I have no
* control over this process, not even the names of
* form inputs. If this point is reached, the user will
* either be logged in or not logged in. If they are
* logged in then we can safely send them to their
* destination, otherwise display the login page.
* I don't know how to just block this in the front
* controller on login form submission. Every form
* in the framework should be handled by a module at
* a framework url and use the template engine and
* I would hope they use the built-in form handler
* although that is optional.
*/
/**
* Redirect to the location supplied
* by the form. It should redirect the browser back to
* the original page that prompted the login.
* A "forward" could work here.
*/
if ($this->c->auth->getAuth()) {
// find out what the requested location is
// debug
// print "Rebounding To: ". $this->c->request->params['rebound'];
// print "Location: http://". DOMAIN .'/'. WEB_ROOT .'/index.php?action='. $this->c->request->params['rebound'];
if (empty($this->c->request->params['rebound'])) {
// FIXME:
// set default location
// default default would be homepage
}
header('Location: http://' . WEB_ROOT . '/index.php?action=' . $this->c->request->params['rebound']);
exit;
// debug
// print "<strong>Authenticated</strong>";
} else {
// debug
// print "<strong>Not Authenticated</strong>";
$form_html = $this->c->plugins[form]->render('mvc-login-form.tpl', FORM_NORMAL);
$this->view->assign("form_view", $form_html);
/**
* Note: A single login message is used to inform the
* user of a failed login. This avoids displaying error
* messages by the username and password fields, which
* hides any clues those might give to hackers as to
* which field failed. Also, it is not really known at
* this point which one failed anyway...this is not
* field validation failing but login failing.
*/
define('FAILED_LOGIN_MSG', "Your login information is incorrect, please try again.");
$this->view->assign("login_message", FAILED_LOGIN_MSG);
$this->view->display('mvc-login');
}
} else {
// debug
print "<p>Not Submitted</p>";
/**
* Here the framework must discover what url
* the user was originally requesting.
* so if they wanted links/list it must
* encode this on the login form
*/
// assign to form template
// debug
print "Assigning Rebound: " . $this->c->request->params['rebound'];
$this->c->plugins[form]->field('rebound', $this->c->request->params['rebound']);
$form_html = $this->c->plugins[form]->render('mvc-login-form.tpl', FORM_NORMAL);
$this->view->assign("form_view", $form_html);
$this->view->display('mvc-login');
}
}
/**
* Edit/Update
*
*/
function EditForm()
{
print "In Edit";
log_err(__FILE__, __LINE__, "Info: (Controller.EditForm))");
$this->c->plugins[form]->init(array('id', 'title', 'link', 'description', 'subject'));
$this->c->plugins[form]->params($this->c->request->params);
$this->c->plugins[form]->validate_fields(array());
$this->c->plugins[form]->required_fields(array('title', 'link', 'description'));
$this->c->plugins[form]->templateobj->set_mod_dir('/links/');
// trailing slash required
if ($this->c->plugins[form]->submitted()) {
if ($this->c->plugins[form]->validate()) {
print "<strong>Validated</strong>";
$this->model->saveLink();
//$this->forward( 'list' );
} else {
// hack in subjects
$data = array(1 => 'Food', 2 => 'Music', 3 => 'Women', 4 => 'Agriculture', 5 => 'Regional');
// singular! The name of the field should be singular, it is the
// _subject_ of the link, not the _subjects_ of the link. Unless
// multi-select.
$this->c->plugins[form]->options('subject', $data);
$this->c->plugins[form]->field('subject', 2);
/**
typcial usage
$form->options("streamformat", $data);
$form->field('streamformat', $row2['streamformat']);
*/
$form_html = $this->c->plugins[form]->render('mvc-links-edit-form.tpl', FORM_STICKY);
$this->view->assign("form_view", $form_html);
$this->view->display('mvc-links-edit');
}
} else {
// the prerendered form is output to a single placeholder here
// unnecessary to assign form fields
// perhaps some method of including the form template
// and then assigning the form values to template placholders
// done through the framework's template engine
//
// get the form handler integrated into the framework
// how to get the data from the model into the form?
// okay, what I need to do as a temporary solution is
// assign the model data to the form handler object
// manually
$tmp = $this->model->getLink();
// Debugging
// print "<pre>Model:";
// print_r( $tmp );
// print "</pre>";
foreach ($tmp as $k => $v) {
$this->c->plugins[form]->field($k, $v);
}
// hack in subjects
$data = array(1 => 'Food', 2 => 'Music', 3 => 'Women', 4 => 'Agriculture', 5 => 'Regional');
// singular! The name of the field should be singular, it is the
// _subject_ of the link, not the _subjects_ of the link. Unless
// multi-select.
$this->c->plugins[form]->options('subject', $data);
$this->c->plugins[form]->field('subject', 2);
/**
typcial usage
$form->options("streamformat", $data);
$form->field('streamformat', $row2['streamformat']);
*/
// need constant for FORM_STICKY = 1
$form_html = $this->c->plugins[form]->render('mvc-links-edit-form.tpl', FORM_NORMAL);
$this->view->assign("form_view", $form_html);
$this->view->display('mvc-links-edit');
}
}
/**
* Reset Password
*
*/
function ResetPasswordForm()
{
log_err(__FILE__, __LINE__, "Request to reset password made.");
$this->c->plugins[form]->init(array('username', 'email'));
$this->c->plugins[form]->params($this->c->request->params);
$this->c->plugins[form]->validate_fields(array());
$this->c->plugins[form]->required_fields(array('username', 'email'));
$this->c->plugins[form]->templateobj->set_mod_dir('/users/');
// trailing slash required
if ($this->c->plugins[form]->submitted()) {
if ($this->c->plugins[form]->validate()) {
// start valid
// debug
// print "<strong>Validated</strong>";
/**
* Note: it is obvious, I hope, that the user should not need to
* be logged in when requesting this, otherwise they would not
* be in need of finding a password (unless an anonymous or guest
* user has a session). This means we don't know their
* user profile.
*/
$email = $this->c->request->params['email'];
// debug
//print "Email: $email";
// confirmation code is md5 of email,
// gives an opportunity to compare the input
// against the real email address
$confirmcode = md5($this->c->request->params['email']);
$this->model->setConfirm($this->c->request->params['username'], $confirmcode);
send_confirm_passwordreset($email, $confirmcode);
print "Password reset confirmation sent";
//log_err( __FILE__, __LINE__, "Successful password reset." );
} else {
print "<strong>Not Validated</strong>";
$form_html = $this->c->plugins[form]->render('mvc-users-resetpassword-form.tpl', FORM_STICKY);
$this->view->assign("form_view", $form_html);
$this->view->display('mvc-users-resetpassword');
}
} else {
if (empty($this->c->request->params['confirm'])) {
// ask for password to be reset
$form_html = $this->c->plugins[form]->render('mvc-users-resetpassword-form.tpl', FORM_NORMAL);
$this->view->assign("form_view", $form_html);
$this->view->display('mvc-users-resetpassword');
} else {
/**
* This is a tricky sequence. The raw password must be
* sent to the user, but the encrypted password is stored
* in the database.
*/
// confirming and reset password
$newpass = $this->model->setPassword($this->c->request->params['confirm']);
$profile = $this->model->getUserByConfirm($this->c->request->params['confirm']);
print_r($profile);
// Why isn't the profile an object?
// Damn, the password is not returned in the typical profile
// as a security measure. But to send a new password, it
// must retrieve it.
send_password($profile['email'], $newpass);
$this->view->display('mvc-users-passwordsent');
}
}
}
/**
* Load the module specified in the
* request, then pass the whole thing
* or parts on to the controller.
*/
$fc = new FrontController();
$target_module = $c->request->get_module();
$target_method = $c->request->get_action();
/**
* Load controller module.
*
*/
if (file_exists(MODULE_PATH . "/modules/{$target_module}/controller/{$target_module}.php")) {
require_once MODULE_PATH . "/modules/{$target_module}/controller/{$target_module}.php";
} else {
log_err(__FILE__, __LINE__, "Error: Module does not exist.");
/**
A view _can_ be created and used without respect to
a controller or a framework external request. I wonder
if the forward mechanism could be used to do this, some
way of invoking a module completely internally, to do
work like this?
$this->view = new MVC_View();
But I'm not sure I want to create another copy of Smarty to just output an
error message from the framework. There has to be a better way to do this. Can
I get hold of a view here? No, the view object is created within a controller.
Also, some mechanism would be needed to load "system" modules by default, which
breaks the assumption there is only one module active at any time, corresponding
to the invocation corresponding with the request.
*/
// FIXME: replace with template page
<?php
function log_err($file, $line, $type, $message)
{
$event_types = array(0 => 'Information', 1 => 'Error', 2 => 'Warning');
print "<h3>Application Framework Event:</h3>";
print "<p>Type: {$event_types[$type]}</p>";
print "<p>Message: {$message}</p>";
print "<p>Location: {$file} @ {$line}</p>";
}
log_err(__FILE__, ___LINE___, 2, "An error has occured that prevents the framework from responding to login events.");
/*
___LINE___ The current line number of the file.
___FILE___ The full path and filename of the file. If used inside an include, the name of the included file is returned. Since PHP 4.0.2, ___FILE___ always contains an absolute path whereas in older versions it contained relative path under some circumstances.
__FUNCTION__ The function name. (Added in PHP 4.3.0) As of PHP 5 this constant returns the function name as it was declared (case-sensitive). In PHP 4 its value is always lowercased.
__CLASS__ The class name. (Added in PHP 4.3.0) As of PHP 5 this constant returns the class name as it was declared (case-sensitive). In PHP 4 its value is always lowercased.
__METHOD__
By the way, if __FILE__ is within a function call, its value corresponds to the file it was defined in and not the file that it was called from. Also, I used $script and strtolower instead of realpath because if the script is deleted after inclusion but before realpath is called (which could happen if the test is deferred), then realpath would return empty since it requires an extant file or directory.
in reply to x123 at bestof dash inter:
I believe, this is not a bug, but a feature.
__FILE__ returns the name of the include file, while $PHP_SELF returns the relative name of the main file.
It is then easy to get the file name only with substr(strrchr($PHP_SELF,'/'),1)
DIRECTORY_SEPARATOR constant which you can use to make you scripts more portatable between OS's with different directory structures.
*/
