public function setup() { $settings = $this->routeInstance->getSetup(); //TODO 调用对应的驱动配置 require_once Lemon::find_file('vendor', 'phprpc/phprpc_client', TRUE); $this->instance = new PHPRPC_Client($settings['phprpcHost']); $this->isAvailable = $this->instance ? TRUE : FALSE; }
public function setup() { $settings = $this->routeInstance->getSetup(); //TODO 调用对应的驱动配置 require_once Lemon::find_file('vendor', 'MixFS', TRUE); $this->instance = MixFS::factory($settings['fsBasePath'], $this->routeInstance->getRouteKey(), $settings['fsDomain']); $this->isAvailable = $this->instance->connect() === FALSE ? FALSE : TRUE; }
/** * Sets the view filename. * * @chainable * @param string view filename * @param string view file type * @return object */ public function set_filename($name, $type = NULL) { if ($type == NULL) { // Load the filename and set the content type $this->lemon_filename = Lemon::find_file('view', $name, TRUE); $this->lemon_filetype = '.php'; } else { // Check if the filetype is allowed by the configuration if (!in_array($type, Lemon::config('view.allowed_filetypes'))) { throw new LemonRuntimeException('core.invalid_filetype ' . $type, 500); } // Load the filename and set the content type $this->lemon_filename = Lemon::find_file('view', $name, TRUE, $type); $this->lemon_filetype = Lemon::config('mimes.' . $type); if ($this->lemon_filetype == NULL) { // Use the specified type $this->lemon_filetype = $type; } } return $this; }
public function setup() { $settings = $this->routeInstance->getSetup(); //TODO 调用对应的驱动配置 require_once Lemon::find_file('vendor', 'ez_sql/shared/ez_sql_core', TRUE); require_once Lemon::find_file('vendor', 'ez_sql/mysql/ez_sql_mysql', TRUE); $curInst = new ezSQL_mysql($settings['dbUser'], $settings['dbPasswd'], $settings['dbSchema'], $settings['dbHost']); $curInst->cache_timeout = $settings['dbCacheTimeout']; $curInst->cache_dir = $settings['dbDiskCachePath']; $curInst->use_disk_cache = $settings['dbCache'] == 1; $curInst->cache_queries = $settings['dbCache'] == 1; if ($settings['dbShowError'] == 1) { $curInst->show_errors(); } else { $curInst->hide_errors(); } $curInst->set_charset('utf8'); //$curInst->quick_connect($settings['dbUser'], $settings['dbPasswd'], $settings['dbSchema'], $settings['dbHost']); $this->instance = $curInst; //$this->isAvailable = $this->instance->dbh?TRUE:FALSE; $this->isAvailable = TRUE; }
/** * rpc服务 */ public function attachment() { $returnStruct = array('status' => 0, 'code' => 501, 'msg' => _('Not Implemented'), 'content' => array()); try { //* 初始化返回数据 */ $returnStatus = 1; $returnCode = 200; $returnMessage = ''; $returnData = array(); //* 收集请求数据 ==根据业务逻辑定制== */ $requestData = $this->input->get(); //* 实现功能后屏蔽此异常抛出 */ //throw new MyRuntimeException(_('Not Implemented'),501); //* 权限验证,数据验证,逻辑验证 ==根据业务逻辑定制== */ //if(util::isAccess(array(Logon::$MGR_ROLE_LABEL_SYS_ADMIN,), array(Logon::$USER_ROLE_LABEL_DENIED,Logon::$USER_ROLE_LABEL_GUEST), $this->getUserRoleLabel())==FALSE){ // throw new MyRuntimeException(_('Access Denied'),403); //} if (util::isAccess('*', array(Logon::$USER_ROLE_LABEL_DENIED), $this->getUserRoleLabel()) == FALSE) { throw new MyRuntimeException(_('Access Denied'), 403); } //* 权限验证 ==根据业务逻辑定制== */ //* 数据验证 ==根据业务逻辑定制== */ //* 逻辑验证 ==根据业务逻辑定制== */ // 调用底层服务 !isset($servRouteInstance) && ($servRouteInstance = ServRouteInstance::getInstance(ServRouteConfig::getInstance())); // 执行业务逻辑 require_once Lemon::find_file('vendor', 'phprpc/phprpc_server', TRUE); $server = new PHPRPC_Server(); $server->add(array('phprpc_addAttachmentFileData', 'phprpc_getAttachmentDataById', 'phprpc_getStoreDataByStoreId', 'phprpc_getStoreDataByAttachmentId', 'phprpc_removeAttachmentDataByAttachmentId', 'phprpc_getStoreInfoByStoreId'), Attachment_Service::getInstance()); $server->start(); exit; throw new MyRuntimeException(_('Internal Error'), 500); //* 补充&修改返回结构体 */ $returnStruct['status'] = $returnStatus; $returnStruct['code'] = $returnCode; $returnStruct['msg'] = $returnMessage; $returnStruct['content'] = $returnData; //* 请求类型 */ if ($this->isAjaxRequest()) { // ajax 请求 // json 输出 $this->template->content = $returnStruct; } else { // html 输出 //* 模板输出 */ $this->template->returnStruct = $returnStruct; $content = new View('info'); //* 变量绑定 */ $this->template->title = Lemon::config('site.name'); $this->template->content = $content; //* 请求结构数据绑定 */ $this->template->content->requestData = $requestData; //* 返回结构体绑定 */ $this->template->content->returnStruct = $returnStruct; //:: 当前应用专用数据 $this->template->content->title = Lemon::config('site.name'); } // end of request type determine } catch (MyRuntimeException $ex) { $returnStruct['status'] = 0; $returnStruct['code'] = $ex->getCode(); $returnStruct['msg'] = $ex->getMessage(); //TODO 异常处理 //throw $ex; if ($this->isAjaxRequest()) { $this->template->content = $returnStruct; } else { $this->template->returnStruct = $returnStruct; $content = new View('info'); $this->template->content = $content; //* 请求结构数据绑定 */ $this->template->content->requestData = $requestData; //* 返回结构体绑定 */ $this->template->content->returnStruct = $returnStruct; } } }
/** * 删除数据 action */ public function delete() { $returnStruct = array('status' => 0, 'code' => 501, 'msg' => _('Not Implemented'), 'content' => array()); try { // 是否调用本地服务 $useLocalService = TRUE; //$useLocalService = FALSE; //* 初始化返回数据 */ $returnStatus = 1; $returnCode = 200; $returnMessage = ''; $returnData = array(); //* 收集请求数据 ==根据业务逻辑定制== */ $requestData = $this->input->get(); //* 实现功能后屏蔽此异常抛出 */ //throw new MyRuntimeException(_('Not Implemented'),501); //* 权限验证,数据验证,逻辑验证 ==根据业务逻辑定制== */ //if(util::isAccess(array(Logon::$MGR_ROLE_LABEL_SYS_ADMIN,), array(Logon::$USER_ROLE_LABEL_DENIED,Logon::$USER_ROLE_LABEL_GUEST), $this->getUserRoleLabel())==FALSE){ // throw new MyRuntimeException(_('Access Denied'),403); //} if (util::isAccess('*', array(Logon::$USER_ROLE_LABEL_DENIED), $this->getUserRoleLabel()) == FALSE) { throw new MyRuntimeException(_('Access Denied'), 403); } //* 权限验证 ==根据业务逻辑定制== */ //* 数据验证 ==根据业务逻辑定制== */ if (!isset($requestData['id']) || empty($requestData['id']) || !is_numeric($requestData['id'])) { throw new MyRuntimeException(_('Bad Request,id required'), 400); } //* 逻辑验证 ==根据业务逻辑定制== */ // 调用底层服务 !isset($servRouteInstance) && ($servRouteInstance = ServRouteInstance::getInstance(ServRouteConfig::getInstance())); // 执行业务逻辑 // TODO 根据数据特征定制对应的服务实例 if ($useLocalService == TRUE) { !isset($attachmentService) && ($attachmentService = Attachment_Service::getInstance($servRouteInstance)); } else { require_once Lemon::find_file('vendor', 'phprpc/phprpc_client', TRUE); !isset($attachmentService) && ($attachmentService = new PHPRPC_Client(Lemon::config('phprpc.remote.Attachment.host'))); !isset($phprpcApiKey) && ($phprpcApiKey = Lemon::config('phprpc.remote.Attachment.apiKey')); } try { if ($useLocalService == TRUE) { $attachmentService->removeAttachmentDataByAttachmentId($requestData['id']); } else { $args = array($requestData['id']); $sign = md5(json_encode($args) . $phprpcApiKey); $attachmentService->phprpc_removeAttachmentDataByAttachmentId($requestData['id'], $sign); } } catch (MyRuntimeException $ex) { //* ==根据业务逻辑定制== */ //FIXME 根据service层的异常做一些对应处理并抛出用户友好的异常Message throw $ex; } $returnMessage = _('Sucess'); //* 补充&修改返回结构体 */ $returnStruct['status'] = $returnStatus; $returnStruct['code'] = $returnCode; $returnStruct['msg'] = $returnMessage; $returnStruct['content'] = $returnData; //* 请求类型 */ if ($this->isAjaxRequest()) { // ajax 请求 // json 输出 $this->template->content = $returnStruct; } else { // html 输出 //* 模板输出 */ $this->template->returnStruct = $returnStruct; $content = new View('info'); //* 变量绑定 */ $this->template->title = Lemon::config('site.name'); $this->template->content = $content; //* 请求结构数据绑定 */ $this->template->content->requestData = $requestData; //* 返回结构体绑定 */ $this->template->content->returnStruct = $returnStruct; //:: 当前应用专用数据 $this->template->content->title = Lemon::config('site.name'); } // end of request type determine } catch (MyRuntimeException $ex) { $returnStruct['status'] = 0; $returnStruct['code'] = $ex->getCode(); $returnStruct['msg'] = $ex->getMessage(); //TODO 异常处理 //throw $ex; if ($this->isAjaxRequest()) { $this->template->content = $returnStruct; } else { $this->template->returnStruct = $returnStruct; $content = new View('info'); $this->template->content = $content; //* 请求结构数据绑定 */ $this->template->content->requestData = $requestData; //* 返回结构体绑定 */ $this->template->content->returnStruct = $returnStruct; } } }
public static function _minifiyRender($output) { $headers = array(); $heads = headers_list(); if (is_array($heads)) { foreach ($heads as $ahead) { list($head_name, $head_value) = explode(":", $ahead); if ($head_name) { $headers[strtolower($head_name)] = trim($head_value); } } } if (array_key_exists('content-type', $headers)) { $contentTypeStr = $headers['content-type']; $contentTypeArr = explode(';', $contentTypeStr); $contentType = $contentTypeArr[0]; $contentType = strtolower(trim($contentType)); switch ($contentType) { case 'text/html': require_once Lemon::find_file('vendor', 'htmlmin', TRUE); require_once Lemon::find_file('vendor', 'cssmin', TRUE); require_once Lemon::find_file('vendor', 'jsmin', TRUE); $options = array('cssMinifier' => array('cssmin', 'minify'), 'jsMinifier' => array('JSMin', 'minify')); $output = Minify_HTML::minify($output, $options); break; } } return $output; }
/** * Clean cross site scripting exploits from string. * HTMLPurifier may be used if installed, otherwise defaults to built in method. * Note - This function should only be used to deal with data upon submission. * It's not something that should be used for general runtime processing * since it requires a fair amount of processing overhead. * * @param string data to clean * @param string xss_clean method to use ('htmlpurifier' or defaults to built-in method) * @return string */ public function xss_clean($data, $tool = NULL) { if ($tool === NULL) { // Use the default tool $tool = Lemon::config('core.global_xss_filtering'); } if (is_array($data)) { foreach ($data as $key => $val) { $data[$key] = $this->xss_clean($val, $tool); } return $data; } // Do not clean empty strings if (trim($data) === '') { return $data; } if ($tool === TRUE) { // NOTE: This is necessary because switch is NOT type-sensative! $tool = 'default'; } switch ($tool) { case 'htmlpurifier': /** * @todo License should go here, http://htmlpurifier.org/ */ if (!class_exists('HTMLPurifier_Config', FALSE)) { // Load HTMLPurifier require Lemon::find_file('vendor', 'htmlpurifier/HTMLPurifier.auto', TRUE); require 'HTMLPurifier.func.php'; } // Set configuration $config = HTMLPurifier_Config::createDefault(); $config->set('HTML', 'TidyLevel', 'none'); // Only XSS cleaning now // Run HTMLPurifier $data = HTMLPurifier($data, $config); break; default: // http://svn.bitflux.ch/repos/public/popoon/trunk/classes/externalinput.php // +----------------------------------------------------------------------+ // | Copyright (c) 2001-2006 Bitflux GmbH | // +----------------------------------------------------------------------+ // | Licensed under the Apache License, Version 2.0 (the "License"); | // | you may not use this file except in compliance with the License. | // | You may obtain a copy of the License at | // | http://www.apache.org/licenses/LICENSE-2.0 | // | Unless required by applicable law or agreed to in writing, software | // | distributed under the License is distributed on an "AS IS" BASIS, | // | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | // | implied. See the License for the specific language governing | // | permissions and limitations under the License. | // +----------------------------------------------------------------------+ // | Author: Christian Stocker <*****@*****.**> | // +----------------------------------------------------------------------+ // // Lemon Modifications: // * Changed double quotes to single quotes, changed indenting and spacing // * Removed magic_quotes stuff // * Increased regex readability: // * Used delimeters that aren't found in the pattern // * Removed all unneeded escapes // * Deleted U modifiers and swapped greediness where needed // * Increased regex speed: // * Made capturing parentheses non-capturing where possible // * Removed parentheses where possible // * Split up alternation alternatives // * Made some quantifiers possessive // Fix &entity\n; $data = str_replace(array('&', '<', '>'), array('&amp;', '&lt;', '&gt;'), $data); $data = preg_replace('/(&#*\\w+)[\\x00-\\x20]+;/u', '$1;', $data); $data = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $data); $data = html_entity_decode($data, ENT_COMPAT, 'UTF-8'); // Remove any attribute starting with "on" or xmlns $data = preg_replace('#(<[^>]+?[\\x00-\\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $data); // Remove javascript: and vbscript: protocols $data = preg_replace('#([a-z]*)[\\x00-\\x20]*=[\\x00-\\x20]*([`\'"]*)[\\x00-\\x20]*j[\\x00-\\x20]*a[\\x00-\\x20]*v[\\x00-\\x20]*a[\\x00-\\x20]*s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:#iu', '$1=$2nojavascript...', $data); $data = preg_replace('#([a-z]*)[\\x00-\\x20]*=([\'"]*)[\\x00-\\x20]*v[\\x00-\\x20]*b[\\x00-\\x20]*s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:#iu', '$1=$2novbscript...', $data); $data = preg_replace('#([a-z]*)[\\x00-\\x20]*=([\'"]*)[\\x00-\\x20]*-moz-binding[\\x00-\\x20]*:#u', '$1=$2nomozbinding...', $data); // Only works in IE: <span style="width: expression(alert('Ping!'));"></span> $data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?expression[\\x00-\\x20]*\\([^>]*+>#i', '$1>', $data); $data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?behaviour[\\x00-\\x20]*\\([^>]*+>#i', '$1>', $data); $data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:*[^>]*+>#iu', '$1>', $data); // Remove namespaced elements (we do not need them) $data = preg_replace('#</*\\w+:\\w[^>]*+>#i', '', $data); do { // Remove really unwanted tags $old_data = $data; $data = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data); } while ($old_data !== $data); break; } return $data; }