etenil / assegai Goto Github PK

Example: '/foo/(.+)' => ['::redirect', '/bar/$1', 301],

Add generic views support for (almost) static templates, redirections, 404s etc.

Add some form of template inheritance in Mustache.

On non-POST requests, one can still submit POST-like data (with content-type application/x-www-encoded). Parse php://input automatically and load as POST. Very useful for REST requests.

So it has come to this. More and more projects and companies adhere to the PSR standards, including the code formatting guidelines. So let's fit in and do the same.

The framework provides no way to log what is happening.

Bundle Monolog with Assegai and hook it up in the right places of the framework.

What the title says.

Currently views are not objects but sort of hacks on the controller that exploit closures. Change this to use proper view objects.

Sessions must be accessed through a response object, which could be implied.

Make sessions either part of Server or an object of their own.

Allow case-insensitive filename for controlers and models.

As example you have an app "admin" and inside controlers create "Index.php" with name of controler "Admin_Controller_Index" gets a Server error until you rename your file to "index.php"

You ought to be able to pass an expiry into setCookie - currently you can only set cookies for $cookies_max_age

Add controller-wide or even application-wide template variables that get passed on to views automatically.

Add replace patterns to redirect function

Currently, conf files are all in PHP. That's great for ease of implementation, however it also means that the configuration files cannot easily be generated (PHP isn't readily parsable by computers).

Several other formats would provide an equally (or better) readability while being readily consumable by computers. The main contenders being INI, Yaml and JSON.

• Ini is limited and cannot contain complex multi-level data structures. So not usable here.
• Yaml is very readable and manipulable, however it requires external dependencies to work.
• JSON is bundled with PHP and just a bit less readable than Yaml. It's a very widely used format however so most devs should be comfortable with it. Additionally, it's already used in composer.json.

There is no 403 exception defined for Assegai.

The ACL module only handles access based on role and resource. It also needs to be able to account for ownership.

Just what the title says.

Make applications pluggable by letting them have the following:

• Their own modules
• Their own composer.json-based dependencies.

Add a way to generate boilerplate code for standard mapper models in the command-line utility.

Standardise, document and write interfaces for some form DAO model that will be used by optional utilities. Make this very optional! We want people to continue to write model the way they like.

When using a closure in the validator, nothing happens.

Example:

$validator = new \assegai\modules\Validator(['mydate' => '1283123');
$validator
    ->required('You must enter a lesson date')
    ->callback(function($value) { return preg_match('%^\d{4}-\d{2}-\d{2}$%', $value); }, 'Date format not recognised.')
    ->validate('mydate');

\assegai\Security.php line 97
htmlentities() returns an empty string if it fails to convert anything. Can we add an option (or just make it automatic) to set ENT_SUBSTITUTE so that it replaces these errors with a generic replacement character instead of throwing the whole variable away?

These two functions will, if the GET or POST parameter doesn't exist, pass the $default value through htmlentities() instead of just returning it, which is counterintuitive and not what the doc-comment says.

    /**
     * Returns an escaped post variable or default.
     * @param string $varname is the variable's name.
     * @param mixed  $default is the default to be returned if the variable
     * doesn't exist.
     */
    function post($varname, $default = false)
    {
        return $this->sec->clean($this->unsafePost($varname, $default));
    }

    /**
     * Returns an escaped get variable or default.
     * @param string $varname is the variable's name.
     * @param mixed  $default is the default to be returned if the variable
     * doesn't exist.
     */
    function get($varname, $default = false)
    {
        return $this->sec->clean($this->unsafeGet($varname, $default));
    }

I'm not sure how you want to structure the code to avoid that, otherwise I'd submit a patch.

Current coverage is pretty ridiculous. This needs to be seriously expanded. Move to PHPunit also.

The code is called in a static scope to a non-static class property:

public static function fromFile($path)
 {
    if(!file_exists($path)) {
        throw new Exception("File `$path' doesn't exist.");
    }

    $conf = array();
    require($path);

    $this->settings = $conf;
 }

As for sessions, cookies need to be either within Server or to have their own object.

While most of the infrastructure to set a URL prefix is still present in code, setting it currently has no effect; the route returned by the request remains unchanged.

Add support to prefix routes in the Request object so that it works like so:

http://blog.com/foo/bar/stuff + /foo/bar/ => /stuff
http://blog.com/foo/bar + /foo/bar/ => /

Write a script to automate the creation of a project.