Tutorial [Creating a PHP Framework] {advanced} (PART 2)

[litewarez]

PART 1: http://www.besthostingforums.com/showthread.php?t=23883

Ok heres part 2 of the framework tutorial!

In the last part we discussed benefits of the framwork and started the main base!

in this part were going to create the Input object and attach it to the framework registry

About the input object:
The input obect is a class that you will use to get any data sent via the user such as GET and POST, the reason we use a class to grab these slices of data is so we can perform sanitization and stuff to make them safe before you use them in your application!

so an overview of the input and what the code below is doing:
Were going to grab all the seperate globals that hold the user input and individually place them in an array after they have been sanitized

so lets begin

Create a file called Input.php

Heres the code:

PHP Code: 

<?php
if(!defined('BASE_PATH')){exit;} /*REMEMBER this should be in every file thats included by startup.php*/

class Input{
    //Set up the place holders
    private $globals = array();

    function __construct()
    {
        $this->globals['get'] = $this->sanitize($_GET,true);
        $this->globals['post'] = $this->sanitize($_POST,true);
        $this->globals['files'] = $this->sanitize($_FILES,true);
        $this->globals['cookie'] = $this->sanitize($_COOKIE,true);
    }
    
    /*This function is what you will use to get the sanitized data*/
    public function get($name,$section,$default = false)
    {
        return (isset($this->globals[$section][$name]) ? $this->globals[$section][$name] : $default);
    }//Usage:: $object->get('username','post',false);
    
    public function sanitize($input,$keys)
    {
        switch(gettype($input))
        {
            case 'array':
                //Set up a blank array to hold the new data
                $holder = array();
                foreach($input as $item => $value)
                {
                    if($keys === true)
                    {
                        //We make sure that the keys is valid string else exit
                        if(!preg_match("/^[a-z0-9_\-]+$/i",$item))
                        {
                            die('Invalid keys found within input, please contact owner if this persists');
                        }
                        //Now we sanitize the value recursivly
                        $holder[$item] = $this->sanitize($value,true);
                        /*
                            Running the sanitize function within the sanitize funtion creates a recursive pattern
                            so you sanitize all sub arrays of the array!
                        */
                    }
                }
            break;
            case 'string':
                //Ok so here we check to see if the value of bar=foo is numeric, if so then we will make it an interger instead of a string
                if(is_numeric($input))
                {
                    return (int)$input;
                }
                //Here im just gonna check wether its a string of true or false and set it to a bool if it is
                if($input == 'true' || $input == 'false')
                {
                    return (bool)$input;
                }
                /*
                    ENT_QUOTES will covert both ' and " to '
                    IMPORTANT NOTE:
                        This will take care of post entities but you MUST still escape for database
                */
                return htmlentities($input, ENT_QUOTES, 'UTF-8');
            break;
            default:
                //This leaves it to objects or resources etc wich we wont need to sanitize
                return $input;
            break;
        }
    }
}

?>

If you read threw the code ive left comments to show you what i am doing etc, its not really super hard!

SAVING THE FILE:
Save the file system/engine/Input.php -> with a capital I

now open up your startup.php file and file the section where it says

PHP Code: 

/* 
** here we will include all framework files 
*/ 


and add after

PHP Code: 

include SYSTEM_BASE_PATH . '/engine/Input.php'; 


ok so now thats out the way were going to add the object to the Registry!

so find

PHP Code: 

/* 
** here we will load all classes into the registry 
*/ 


and ADD after

PHP Code: 

Registry::set('Input', new Input()); //Clean eh 


now what's happening here is that class is being created and but help within the Registry object so you can call it out when its needed!

PLEASE DO NOT START THIS CODE UNTILL I HAVE FINISHED ALL SECTIONS

In the next part we will be doing:

• Output (headers,cookies) compression / gzip
• Binding the output with registry (link the input)
• A little talk about the output

Part 3: http://www.besthostingforums.com/sho...d.php?p=223286

litewarez Reviewed by litewarez on 3rd Feb 2010. Tutorial [Creating a PHP Framework] {advanced} (PART 2) PART 1: http://www.besthostingforums.com/showthread.php?t=23883 Ok heres part 2 of the framework tutorial! In the last part we discussed benefits of the framwork and started the main base! in this part were going to create the Input object and attach it to the framework registry About the input object: The input obect is a class that you will use to get any data sent via the user such as GET and POST, the reason we use a class to grab these slices of data is so we can perform Rating: 5

[SplitIce]

How about namspacing? Very usefull in preventing conflicts, but requires PHP 5.3.

if($input == 'true' || $input == 'false')

Not a good idea mate, then when you do a mysql_real_escape_string it will return 1. not 'true'

[litewarez]

Splitice this is not for mysql, this is soly input only (when do you insert string::'true' into the db lol its always intbools 0 / 1)

if a user goes to an url of

login.php?redirect=true

then with the get function it will return a bool instead og you doing == 'true' and checking as string!

Just basic type casting turing numerics into ints and bool strings into bools

PHP Code: 

if(Registry::get('Input')->get('redirect','get',false)){}/*aslong as your expecting true or false*/ 


Also regards namspace i dont think users will be able to grasp the true idea behind it, i mean i think they will only see it as a directory system for php so i didnt want to go that advanced atm because thats when you get shit lol