From 6ce6e15b1a6f3ada0903ab9bafd475c9e77cb6bb Mon Sep 17 00:00:00 2001 From: Frank Schubert Date: Tue, 16 Apr 2024 14:56:30 +0200 Subject: [PATCH] mfBaseController now throws exception when called method lacks visibility --- lib/mvcfronk/mfBase/mfBaseController.php | 644 ++++++++++++----------- 1 file changed, 337 insertions(+), 307 deletions(-) diff --git a/lib/mvcfronk/mfBase/mfBaseController.php b/lib/mvcfronk/mfBase/mfBaseController.php index 800477617..dd90074a3 100644 --- a/lib/mvcfronk/mfBase/mfBaseController.php +++ b/lib/mvcfronk/mfBase/mfBaseController.php @@ -1,326 +1,356 @@ log = mfLoghandler::singleton(); - - if($params === null || $params === false) { - $params = []; - } - - $this->mod = $params['mod']; - $this->action = $params['action']; - - // run custom constructor init() - if(method_exists($this,"init")) { - $this->init($params); - } - - if(!defined('MFUSELOGIN')) define('MFUSELOGIN',false); - if(!defined('MFUSEMENU')) define('MFUSEMENU',false); - - if(MFUSELOGIN) { - // if protected area and not logged in, redirect to mfLogin - if($this->needlogin==true) { - if(!mfLoginController::isLoggedIn()) { - // Save original request - //$params['mfLoginGet']=$_GET; // TODO: some better way to preserve request while logging in - $params["mfLoginUrl"]=$_SERVER['REQUEST_URI']; - if($params['action']) { - unset($params['action']); - } - - if($this->loginTemplate) { - $params['mfLoginTemplate']=$this->loginTemplate; - } - // Redirect to Loginform - $temp=new mfLoginController($params); - return 0; - } else { - $this->mfUser=mfUser::singleton(); - } - } - } +class mfBaseController +{ + protected $log; + protected $needlogin = false; + protected $request; + private $mfAction; + private $mfDBI; + private $mfLayout; + private $mfMenu; + private $mfUser; + protected $mod; + protected $action; - if(MFUSEMENU) { - // Load mfMenu for menu display - $this->mfMenu=new mfMenuController(); - if($this->mfMenu) { - $this->layout()->set("MenuItems",$this->mfMenu); - } - } - - // set default template variables - $this->layout()->set('mod',$this->mod); - $this->layout()->set('action',$this->action); - - // include and run global init file - if(defined("MFBASECONTROLLER_INIT_INCLUDE_FILE")) { - include MFBASECONTROLLER_INIT_INCLUDE_FILE; - } - - $this->request = new mfRequest($params); - - // now run action - if($params['action']) { - $this->__call($params['action'],$params); - } else { - if(method_exists($this,"index")) { - $this->__call("index",$params); - } - } - } - - protected function user() { - if(!MFUSELOGIN) { - trigger_error("mvcfronk: Tried to access mfBaseController::user(), though MFUSELOGIN is set to false.", E_USER_WARNING); - return false; - } - if(!$this->mfUser) { - $this->mfUser=mfUser::singleton(); - } - return $this->mfUser; - } - - protected function layout() { - if(!is_object($this->mfLayout)) { - $this->mfLayout = Layout::singleton(); - } - return $this->mfLayout; - } - - - protected function db() { - $args=func_get_args(); - - // if no arguments, just return a DB instance - if(!$args) { - // don't allow managed FronkDB instance, but new custom instance is allowed - if(!FRONKDB) { - return false; - } - if(!is_object($this->mfDBI)) { - $this->mfDBI=FronkDB::singleton(); - - } - return $this->mfDBI; - } else { - // else return a new instance - $dbhost=$args[0]; - $dbuser=$args[1]; - $dbpass=$args[2]; - $dbname=$args[3]; - return $this->getNewDBInstance($dbhost,$dbuser,$dbpass,$dbname); - } - - } + public function __construct($params = NULL) + { + // load logging facility + $this->log = mfLoghandler::singleton(); - public function __call($name,$params) { - if(method_exists($this,$name)) { - return call_user_func(array($this, $name), $params); - } else { // if function doesn't exist, maybe it's an Action - $funcname=lcfirst($name); - if(!preg_match('/Action$/',$name)) { - $funcname.="Action"; - } - - if(method_exists($this,$funcname)) { - return call_user_func(array($this, $funcname), $params); - } else { - throw new Exception(get_class($this).": $name not found",404); - } - } - } - - public function __get($name) { - if($name == "db") { - return $this->db(); - } - if($name == "layout") { - return $this->layout(); - } - - return null; - } - - - protected function logout() { - mfLoginController::staticLogout(); - $this->redirect(DEFAULT_ROUTE); - } - - /* - * private internal functions - */ - - private function getNewDBInstance($dbhost=false,$dbuser=false,$dbpass=false,$dbname=false) { - if(!$dbhost) $dbhost=FRONKDB_DBHOST; - if(!$dbuser) $dbhost=FRONKDB_DBUSER; - if(!$dbpass) $dbhost=FRONKDB_DBPASS; - if(!$dbname) $dbname=FRONKDB_DBNAME; - - return FronkDB::singleton($dbhost,$dbuser,$dbpass,$dbname); - } - - public static function redirect($mod=false,$action=false,$params=false,$anker=false) { - //var_dump($mod); - //var_dump($action); - - $log = mfLoghandler::singleton(); - - if(MFUSEFANCYURLS && defined('MFFANCYBASEURL')) { - // use fancy urls - $url=MFFANCYBASEURL; - if($mod) { - $url.="/$mod"; - if($action) { - $url.="/$action"; + if ($params === null || $params === false) { + $params = []; } - } - } else { - // no fancy urls - if(!$mod) { - $url="?"; - } elseif($mod) { - $url="?action=$mod"; - if($action) { - $url.="_$action"; + + if (is_array($params)) { + $this->mod = array_key_exists("mod", $params) ? $params['mod'] : null; + $this->action = array_key_exists("mod", $params) ? $params['action'] : null; + } + + + // run custom constructor init() + if (method_exists($this, "init")) { + $this->init($params); + } + + if (!defined('MFUSELOGIN')) define('MFUSELOGIN', false); + if (!defined('MFUSEMENU')) define('MFUSEMENU', false); + + if (MFUSELOGIN) { + // if protected area and not logged in, redirect to mfLogin + if ($this->needlogin == true) { + if (!mfLoginController::isLoggedIn()) { + // Save original request + //$params['mfLoginGet']=$_GET; // TODO: some better way to preserve request while logging in + $params["mfLoginUrl"] = $_SERVER['REQUEST_URI']; + if (array_key_exists("action", $params) && $params['action']) { + unset($params['action']); + } + + if ($this->loginTemplate) { + $params['mfLoginTemplate'] = $this->loginTemplate; + } + // Redirect to Loginform + $temp = new mfLoginController($params); + return 0; + } else { + $this->mfUser = mfUser::singleton(); + } + } + } + + if (MFUSEMENU) { + // Load mfMenu for menu display + $this->mfMenu = new mfMenuController(); + if ($this->mfMenu) { + $this->layout()->set("MenuItems", $this->mfMenu); + } + } + + // set default template variables + $this->layout()->set('mod', $this->mod); + $this->layout()->set('action', $this->action); + + // include and run global init file + if (defined("MFBASECONTROLLER_INIT_INCLUDE_FILE")) { + include MFBASECONTROLLER_INIT_INCLUDE_FILE; + } + + $this->request = new mfRequest($params); + + // now run action + if (array_key_exists("action", $params) && $params['action']) { + $this->__call($params['action'], $params); + } else { + if (method_exists($this, "index")) { + $this->__call("index", $params); + } } - } } + + protected function user() + { + if (!MFUSELOGIN) { + trigger_error("mvcfronk: Tried to access mfBaseController::user(), though MFUSELOGIN is set to false.", E_USER_WARNING); + return false; + } + if (!$this->mfUser) { + $this->mfUser = mfUser::singleton(); + } + return $this->mfUser; + } + + protected function layout() + { + if (!is_object($this->mfLayout)) { + $this->mfLayout = Layout::singleton(); + } + return $this->mfLayout; + } + + + protected function db() + { + $args = func_get_args(); + + // if no arguments, just return a DB instance + if (!$args) { + // don't allow managed FronkDB instance, but new custom instance is allowed + if (!FRONKDB) { + return false; + } + if (!is_object($this->mfDBI)) { + $this->mfDBI = FronkDB::singleton(); + + } + return $this->mfDBI; + } else { + // else return a new instance + $dbhost = $args[0]; + $dbuser = $args[1]; + $dbpass = $args[2]; + $dbname = $args[3]; + return $this->getNewDBInstance($dbhost, $dbuser, $dbpass, $dbname); + } + + } + + public function __call($name, $params) + { + $methodname = false; + if (method_exists($this, $name)) { + // check if callable + $methodname = $name; + } else { // if function doesn't exist, maybe it's an Action + $funcname = lcfirst($name); + if (!preg_match('/Action$/', $name)) { + $funcname .= "Action"; + } + + if (method_exists($this, $funcname)) { + $methodname = $funcname; + } else { + throw new Exception(get_class($this) . ": $name not found", 404); + } + } + + try { + $ref = new ReflectionMethod($this, $methodname); + if (!$ref->isPublic() && !$ref->isProtected()) { + throw new Exception("Method $methodname cannot be called due to limited visibility"); + } + } catch (Exception $e) { + throw $e; + } + + return call_user_func(array($this, $methodname), $params); + } + + public function __get($name) + { + if ($name == "db") { + return $this->db(); + } + if ($name == "layout") { + return $this->layout(); + } + + return null; + } + + + protected function logout() + { + mfLoginController::staticLogout(); + $this->redirect(DEFAULT_ROUTE); + } + /* - if(is_array($params) && count($params)) { - foreach($params as $k => $v) { - $url.="&$k=$v"; - } - }*/ - - if($params) { + * private internal functions + */ - if(is_array($params) && count($params)) { - $url .= (MFUSEFANCYURLS) ? "/?" : "&"; - foreach($params as $k => $v) { - $v = urlencode($v); - - if($k) { - $k = urlencode($k); - $url .= "$k=$v&"; - } else { - $url .= "$v&"; - } - } - - $url = preg_replace('/&$/', '', $url); - } else { - $url .= (MFUSEFANCYURLS) ? "/?" : "&"; - $url .= $params; - } - } - if($anker) { - $url.="#$anker"; + private function getNewDBInstance($dbhost = false, $dbuser = false, $dbpass = false, $dbname = false) + { + if (!$dbhost) $dbhost = FRONKDB_DBHOST; + if (!$dbuser) $dbhost = FRONKDB_DBUSER; + if (!$dbpass) $dbhost = FRONKDB_DBPASS; + if (!$dbname) $dbname = FRONKDB_DBNAME; + + return FronkDB::singleton($dbhost, $dbuser, $dbpass, $dbname); } - $url = preg_replace('#^/+#', "/", $url); - - $log->debug("Redirecting to $url"); - header("Location: $url"); - exit; - } - - public static function getUrl($mod, $action=null, $param=null) { - if(!$mod) { - return ""; - } + public static function redirect($mod = false, $action = false, $params = false, $anker = false) + { + //var_dump($mod); + //var_dump($action); - - if(MFUSEFANCYURLS) { - // use fancy urls - $url=MFFANCYBASEURL; - if($mod) { - $url.="/$mod"; - if($action) { - $url.="/$action"; + $log = mfLoghandler::singleton(); + + if (MFUSEFANCYURLS && defined('MFFANCYBASEURL')) { + // use fancy urls + $url = MFFANCYBASEURL; + if ($mod) { + $url .= "/$mod"; + if ($action) { + $url .= "/$action"; + } + } + } else { + // no fancy urls + if (!$mod) { + $url = "?"; + } elseif ($mod) { + $url = "?action=$mod"; + if ($action) { + $url .= "_$action"; + } + } } - } - $url = preg_replace('#//#','/',$url); - } else { - // no fancy urls - $url="?action=$mod"; - if($action) { - $url.="_$action"; - } - } - if(is_array($param) && count($param)) { - $url .= (MFUSEFANCYURLS) ? "/?" : "&"; - $param_qs = http_build_query($param); - $url .= "$param_qs"; - } - - return $url; - } - - public static function returnJson($data) { - if(is_array($data)) { - header("Content-Type: application/json"); - echo json_encode($data); - exit; - } else { - throw new Exception("Data not an array"); - } - } - - // Helper functions + /* + if(is_array($params) && count($params)) { + foreach($params as $k => $v) { + $url.="&$k=$v"; + } + }*/ - public static function dateToTimestamp($date) { - // extract day, month, year - if (!preg_match('/^(\d{1,2})\.(\d{1,2})\.(\d{2,4})/',$date,$d)) { - return false; - } - // extract time if available - if (preg_match('/(\d\d):(\d\d):(\d\d)$/',$date,$t)) { - if (!$t[3]) { - $t[3] = 0; - } - } else { - $t = array(0,0,0); - } - // make and return timestamp - $ts = mktime($t[1],$t[2],$t[3],$d[2],$d[1],$d[3]); - return $ts; - } - - public static function dateToDB($date,$type='l') { - // get timestamp - $ts = self::dateToTimestamp($date); - - // only proceed if timestamp conversion was successful - if(!$ts) { - return false; - } - - // return date and time if long type requested - if($type = 'l') { - $dbdate = date('Y-m-d H:i:s',$ts); - } else { - $dbdate = date('Y-m-d',$ts); + if ($params) { + + if (is_array($params) && count($params)) { + $url .= (MFUSEFANCYURLS) ? "/?" : "&"; + foreach ($params as $k => $v) { + $v = urlencode($v); + + if ($k) { + $k = urlencode($k); + $url .= "$k=$v&"; + } else { + $url .= "$v&"; + } + } + + $url = preg_replace('/&$/', '', $url); + } else { + $url .= (MFUSEFANCYURLS) ? "/?" : "&"; + $url .= $params; + } + } + if ($anker) { + $url .= "#$anker"; + } + + $url = preg_replace('#^/+#', "/", $url); + + $log->debug("Redirecting to $url"); + header("Location: $url"); + exit; + } + + public static function getUrl($mod, $action = null, $param = null) + { + if (!$mod) { + return ""; + } + + + if (MFUSEFANCYURLS) { + // use fancy urls + $url = MFFANCYBASEURL; + if ($mod) { + $url .= "/$mod"; + if ($action) { + $url .= "/$action"; + } + } + $url = preg_replace('#//#', '/', $url); + } else { + // no fancy urls + $url = "?action=$mod"; + if ($action) { + $url .= "_$action"; + } + } + if (is_array($param) && count($param)) { + $url .= (MFUSEFANCYURLS) ? "/?" : "&"; + $param_qs = http_build_query($param); + $url .= "$param_qs"; + } + + return $url; + } + + public static function returnJson($data) + { + if (is_array($data)) { + header("Content-Type: application/json"); + echo json_encode($data); + exit; + } else { + throw new Exception("Data not an array"); + } + } + + // Helper functions + + public static function dateToTimestamp($date) + { + // extract day, month, year + if (!preg_match('/^(\d{1,2})\.(\d{1,2})\.(\d{2,4})/', $date, $d)) { + return false; + } + // extract time if available + if (preg_match('/(\d\d):(\d\d):(\d\d)$/', $date, $t)) { + if (!$t[3]) { + $t[3] = 0; + } + } else { + $t = array(0, 0, 0); + } + // make and return timestamp + $ts = mktime($t[1], $t[2], $t[3], $d[2], $d[1], $d[3]); + return $ts; + } + + public static function dateToDB($date, $type = 'l') + { + // get timestamp + $ts = self::dateToTimestamp($date); + + // only proceed if timestamp conversion was successful + if (!$ts) { + return false; + } + + // return date and time if long type requested + if ($type = 'l') { + $dbdate = date('Y-m-d H:i:s', $ts); + } else { + $dbdate = date('Y-m-d', $ts); + } + + return $dbdate; } - return $dbdate; - } - }