public function setup()
{
$settings = $this->routeInstance->getSetup();
//TODO 调用对应的驱动配置
require_once Lemon::find_file('vendor', 'phprpc/phprpc_client', TRUE);
$this->instance = new PHPRPC_Client($settings['phprpcHost']);
$this->isAvailable = $this->instance ? TRUE : FALSE;
}
public function setup()
{
$settings = $this->routeInstance->getSetup();
//TODO 调用对应的驱动配置
require_once Lemon::find_file('vendor', 'MixFS', TRUE);
$this->instance = MixFS::factory($settings['fsBasePath'], $this->routeInstance->getRouteKey(), $settings['fsDomain']);
$this->isAvailable = $this->instance->connect() === FALSE ? FALSE : TRUE;
}
/**
* Sets the view filename.
*
* @chainable
* @param string view filename
* @param string view file type
* @return object
*/
public function set_filename($name, $type = NULL)
{
if ($type == NULL) {
// Load the filename and set the content type
$this->lemon_filename = Lemon::find_file('view', $name, TRUE);
$this->lemon_filetype = '.php';
} else {
// Check if the filetype is allowed by the configuration
if (!in_array($type, Lemon::config('view.allowed_filetypes'))) {
throw new LemonRuntimeException('core.invalid_filetype ' . $type, 500);
}
// Load the filename and set the content type
$this->lemon_filename = Lemon::find_file('view', $name, TRUE, $type);
$this->lemon_filetype = Lemon::config('mimes.' . $type);
if ($this->lemon_filetype == NULL) {
// Use the specified type
$this->lemon_filetype = $type;
}
}
return $this;
}
public function setup()
{
$settings = $this->routeInstance->getSetup();
//TODO 调用对应的驱动配置
require_once Lemon::find_file('vendor', 'ez_sql/shared/ez_sql_core', TRUE);
require_once Lemon::find_file('vendor', 'ez_sql/mysql/ez_sql_mysql', TRUE);
$curInst = new ezSQL_mysql($settings['dbUser'], $settings['dbPasswd'], $settings['dbSchema'], $settings['dbHost']);
$curInst->cache_timeout = $settings['dbCacheTimeout'];
$curInst->cache_dir = $settings['dbDiskCachePath'];
$curInst->use_disk_cache = $settings['dbCache'] == 1;
$curInst->cache_queries = $settings['dbCache'] == 1;
if ($settings['dbShowError'] == 1) {
$curInst->show_errors();
} else {
$curInst->hide_errors();
}
$curInst->set_charset('utf8');
//$curInst->quick_connect($settings['dbUser'], $settings['dbPasswd'], $settings['dbSchema'], $settings['dbHost']);
$this->instance = $curInst;
//$this->isAvailable = $this->instance->dbh?TRUE:FALSE;
$this->isAvailable = TRUE;
}
/**
* rpc服务
*/
public function attachment()
{
$returnStruct = array('status' => 0, 'code' => 501, 'msg' => _('Not Implemented'), 'content' => array());
try {
//* 初始化返回数据 */
$returnStatus = 1;
$returnCode = 200;
$returnMessage = '';
$returnData = array();
//* 收集请求数据 ==根据业务逻辑定制== */
$requestData = $this->input->get();
//* 实现功能后屏蔽此异常抛出 */
//throw new MyRuntimeException(_('Not Implemented'),501);
//* 权限验证,数据验证,逻辑验证 ==根据业务逻辑定制== */
//if(util::isAccess(array(Logon::$MGR_ROLE_LABEL_SYS_ADMIN,), array(Logon::$USER_ROLE_LABEL_DENIED,Logon::$USER_ROLE_LABEL_GUEST), $this->getUserRoleLabel())==FALSE){
// throw new MyRuntimeException(_('Access Denied'),403);
//}
if (util::isAccess('*', array(Logon::$USER_ROLE_LABEL_DENIED), $this->getUserRoleLabel()) == FALSE) {
throw new MyRuntimeException(_('Access Denied'), 403);
}
//* 权限验证 ==根据业务逻辑定制== */
//* 数据验证 ==根据业务逻辑定制== */
//* 逻辑验证 ==根据业务逻辑定制== */
// 调用底层服务
!isset($servRouteInstance) && ($servRouteInstance = ServRouteInstance::getInstance(ServRouteConfig::getInstance()));
// 执行业务逻辑
require_once Lemon::find_file('vendor', 'phprpc/phprpc_server', TRUE);
$server = new PHPRPC_Server();
$server->add(array('phprpc_addAttachmentFileData', 'phprpc_getAttachmentDataById', 'phprpc_getStoreDataByStoreId', 'phprpc_getStoreDataByAttachmentId', 'phprpc_removeAttachmentDataByAttachmentId', 'phprpc_getStoreInfoByStoreId'), Attachment_Service::getInstance());
$server->start();
exit;
throw new MyRuntimeException(_('Internal Error'), 500);
//* 补充&修改返回结构体 */
$returnStruct['status'] = $returnStatus;
$returnStruct['code'] = $returnCode;
$returnStruct['msg'] = $returnMessage;
$returnStruct['content'] = $returnData;
//* 请求类型 */
if ($this->isAjaxRequest()) {
// ajax 请求
// json 输出
$this->template->content = $returnStruct;
} else {
// html 输出
//* 模板输出 */
$this->template->returnStruct = $returnStruct;
$content = new View('info');
//* 变量绑定 */
$this->template->title = Lemon::config('site.name');
$this->template->content = $content;
//* 请求结构数据绑定 */
$this->template->content->requestData = $requestData;
//* 返回结构体绑定 */
$this->template->content->returnStruct = $returnStruct;
//:: 当前应用专用数据
$this->template->content->title = Lemon::config('site.name');
}
// end of request type determine
} catch (MyRuntimeException $ex) {
$returnStruct['status'] = 0;
$returnStruct['code'] = $ex->getCode();
$returnStruct['msg'] = $ex->getMessage();
//TODO 异常处理
//throw $ex;
if ($this->isAjaxRequest()) {
$this->template->content = $returnStruct;
} else {
$this->template->returnStruct = $returnStruct;
$content = new View('info');
$this->template->content = $content;
//* 请求结构数据绑定 */
$this->template->content->requestData = $requestData;
//* 返回结构体绑定 */
$this->template->content->returnStruct = $returnStruct;
}
}
}
/**
* 删除数据 action
*/
public function delete()
{
$returnStruct = array('status' => 0, 'code' => 501, 'msg' => _('Not Implemented'), 'content' => array());
try {
// 是否调用本地服务
$useLocalService = TRUE;
//$useLocalService = FALSE;
//* 初始化返回数据 */
$returnStatus = 1;
$returnCode = 200;
$returnMessage = '';
$returnData = array();
//* 收集请求数据 ==根据业务逻辑定制== */
$requestData = $this->input->get();
//* 实现功能后屏蔽此异常抛出 */
//throw new MyRuntimeException(_('Not Implemented'),501);
//* 权限验证,数据验证,逻辑验证 ==根据业务逻辑定制== */
//if(util::isAccess(array(Logon::$MGR_ROLE_LABEL_SYS_ADMIN,), array(Logon::$USER_ROLE_LABEL_DENIED,Logon::$USER_ROLE_LABEL_GUEST), $this->getUserRoleLabel())==FALSE){
// throw new MyRuntimeException(_('Access Denied'),403);
//}
if (util::isAccess('*', array(Logon::$USER_ROLE_LABEL_DENIED), $this->getUserRoleLabel()) == FALSE) {
throw new MyRuntimeException(_('Access Denied'), 403);
}
//* 权限验证 ==根据业务逻辑定制== */
//* 数据验证 ==根据业务逻辑定制== */
if (!isset($requestData['id']) || empty($requestData['id']) || !is_numeric($requestData['id'])) {
throw new MyRuntimeException(_('Bad Request,id required'), 400);
}
//* 逻辑验证 ==根据业务逻辑定制== */
// 调用底层服务
!isset($servRouteInstance) && ($servRouteInstance = ServRouteInstance::getInstance(ServRouteConfig::getInstance()));
// 执行业务逻辑
// TODO 根据数据特征定制对应的服务实例
if ($useLocalService == TRUE) {
!isset($attachmentService) && ($attachmentService = Attachment_Service::getInstance($servRouteInstance));
} else {
require_once Lemon::find_file('vendor', 'phprpc/phprpc_client', TRUE);
!isset($attachmentService) && ($attachmentService = new PHPRPC_Client(Lemon::config('phprpc.remote.Attachment.host')));
!isset($phprpcApiKey) && ($phprpcApiKey = Lemon::config('phprpc.remote.Attachment.apiKey'));
}
try {
if ($useLocalService == TRUE) {
$attachmentService->removeAttachmentDataByAttachmentId($requestData['id']);
} else {
$args = array($requestData['id']);
$sign = md5(json_encode($args) . $phprpcApiKey);
$attachmentService->phprpc_removeAttachmentDataByAttachmentId($requestData['id'], $sign);
}
} catch (MyRuntimeException $ex) {
//* ==根据业务逻辑定制== */
//FIXME 根据service层的异常做一些对应处理并抛出用户友好的异常Message
throw $ex;
}
$returnMessage = _('Sucess');
//* 补充&修改返回结构体 */
$returnStruct['status'] = $returnStatus;
$returnStruct['code'] = $returnCode;
$returnStruct['msg'] = $returnMessage;
$returnStruct['content'] = $returnData;
//* 请求类型 */
if ($this->isAjaxRequest()) {
// ajax 请求
// json 输出
$this->template->content = $returnStruct;
} else {
// html 输出
//* 模板输出 */
$this->template->returnStruct = $returnStruct;
$content = new View('info');
//* 变量绑定 */
$this->template->title = Lemon::config('site.name');
$this->template->content = $content;
//* 请求结构数据绑定 */
$this->template->content->requestData = $requestData;
//* 返回结构体绑定 */
$this->template->content->returnStruct = $returnStruct;
//:: 当前应用专用数据
$this->template->content->title = Lemon::config('site.name');
}
// end of request type determine
} catch (MyRuntimeException $ex) {
$returnStruct['status'] = 0;
$returnStruct['code'] = $ex->getCode();
$returnStruct['msg'] = $ex->getMessage();
//TODO 异常处理
//throw $ex;
if ($this->isAjaxRequest()) {
$this->template->content = $returnStruct;
} else {
$this->template->returnStruct = $returnStruct;
$content = new View('info');
$this->template->content = $content;
//* 请求结构数据绑定 */
$this->template->content->requestData = $requestData;
//* 返回结构体绑定 */
$this->template->content->returnStruct = $returnStruct;
}
}
}
public static function _minifiyRender($output)
{
$headers = array();
$heads = headers_list();
if (is_array($heads)) {
foreach ($heads as $ahead) {
list($head_name, $head_value) = explode(":", $ahead);
if ($head_name) {
$headers[strtolower($head_name)] = trim($head_value);
}
}
}
if (array_key_exists('content-type', $headers)) {
$contentTypeStr = $headers['content-type'];
$contentTypeArr = explode(';', $contentTypeStr);
$contentType = $contentTypeArr[0];
$contentType = strtolower(trim($contentType));
switch ($contentType) {
case 'text/html':
require_once Lemon::find_file('vendor', 'htmlmin', TRUE);
require_once Lemon::find_file('vendor', 'cssmin', TRUE);
require_once Lemon::find_file('vendor', 'jsmin', TRUE);
$options = array('cssMinifier' => array('cssmin', 'minify'), 'jsMinifier' => array('JSMin', 'minify'));
$output = Minify_HTML::minify($output, $options);
break;
}
}
return $output;
}
/**
* Clean cross site scripting exploits from string.
* HTMLPurifier may be used if installed, otherwise defaults to built in method.
* Note - This function should only be used to deal with data upon submission.
* It's not something that should be used for general runtime processing
* since it requires a fair amount of processing overhead.
*
* @param string data to clean
* @param string xss_clean method to use ('htmlpurifier' or defaults to built-in method)
* @return string
*/
public function xss_clean($data, $tool = NULL)
{
if ($tool === NULL) {
// Use the default tool
$tool = Lemon::config('core.global_xss_filtering');
}
if (is_array($data)) {
foreach ($data as $key => $val) {
$data[$key] = $this->xss_clean($val, $tool);
}
return $data;
}
// Do not clean empty strings
if (trim($data) === '') {
return $data;
}
if ($tool === TRUE) {
// NOTE: This is necessary because switch is NOT type-sensative!
$tool = 'default';
}
switch ($tool) {
case 'htmlpurifier':
/**
* @todo License should go here, http://htmlpurifier.org/
*/
if (!class_exists('HTMLPurifier_Config', FALSE)) {
// Load HTMLPurifier
require Lemon::find_file('vendor', 'htmlpurifier/HTMLPurifier.auto', TRUE);
require 'HTMLPurifier.func.php';
}
// Set configuration
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML', 'TidyLevel', 'none');
// Only XSS cleaning now
// Run HTMLPurifier
$data = HTMLPurifier($data, $config);
break;
default:
// http://svn.bitflux.ch/repos/public/popoon/trunk/classes/externalinput.php
// +----------------------------------------------------------------------+
// | Copyright (c) 2001-2006 Bitflux GmbH |
// +----------------------------------------------------------------------+
// | Licensed under the Apache License, Version 2.0 (the "License"); |
// | you may not use this file except in compliance with the License. |
// | You may obtain a copy of the License at |
// | http://www.apache.org/licenses/LICENSE-2.0 |
// | Unless required by applicable law or agreed to in writing, software |
// | distributed under the License is distributed on an "AS IS" BASIS, |
// | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or |
// | implied. See the License for the specific language governing |
// | permissions and limitations under the License. |
// +----------------------------------------------------------------------+
// | Author: Christian Stocker <*****@*****.**> |
// +----------------------------------------------------------------------+
//
// Lemon Modifications:
// * Changed double quotes to single quotes, changed indenting and spacing
// * Removed magic_quotes stuff
// * Increased regex readability:
// * Used delimeters that aren't found in the pattern
// * Removed all unneeded escapes
// * Deleted U modifiers and swapped greediness where needed
// * Increased regex speed:
// * Made capturing parentheses non-capturing where possible
// * Removed parentheses where possible
// * Split up alternation alternatives
// * Made some quantifiers possessive
// Fix &entity\n;
$data = str_replace(array('&', '<', '>'), array('&amp;', '&lt;', '&gt;'), $data);
$data = preg_replace('/(&#*\\w+)[\\x00-\\x20]+;/u', '$1;', $data);
$data = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $data);
$data = html_entity_decode($data, ENT_COMPAT, 'UTF-8');
// Remove any attribute starting with "on" or xmlns
$data = preg_replace('#(<[^>]+?[\\x00-\\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $data);
// Remove javascript: and vbscript: protocols
$data = preg_replace('#([a-z]*)[\\x00-\\x20]*=[\\x00-\\x20]*([`\'"]*)[\\x00-\\x20]*j[\\x00-\\x20]*a[\\x00-\\x20]*v[\\x00-\\x20]*a[\\x00-\\x20]*s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:#iu', '$1=$2nojavascript...', $data);
$data = preg_replace('#([a-z]*)[\\x00-\\x20]*=([\'"]*)[\\x00-\\x20]*v[\\x00-\\x20]*b[\\x00-\\x20]*s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:#iu', '$1=$2novbscript...', $data);
$data = preg_replace('#([a-z]*)[\\x00-\\x20]*=([\'"]*)[\\x00-\\x20]*-moz-binding[\\x00-\\x20]*:#u', '$1=$2nomozbinding...', $data);
// Only works in IE: <span style="width: expression(alert('Ping!'));"></span>
$data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?expression[\\x00-\\x20]*\\([^>]*+>#i', '$1>', $data);
$data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?behaviour[\\x00-\\x20]*\\([^>]*+>#i', '$1>', $data);
$data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:*[^>]*+>#iu', '$1>', $data);
// Remove namespaced elements (we do not need them)
$data = preg_replace('#</*\\w+:\\w[^>]*+>#i', '', $data);
do {
// Remove really unwanted tags
$old_data = $data;
$data = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
} while ($old_data !== $data);
break;
}
return $data;
}
