Permalink
Browse files

BackwardsCompatibilityBreak - moved fCRUD::printOption() to fHTML::pr…

…intOption(), fCRUD::showChecked() to fHTML::showChecked(), fCRUD::removeListItems() and fCRUD::reorderListItems() to fException::splitMessage(), fCRUD::generateRequestToken() to fRequest::generateCSRFToken(), and fCRUD::validateRequestToken() to fRequest::validateCSRFToken()
  • Loading branch information...
wbond committed May 8, 2009
1 parent 854e4fd commit d6d9c90795462d51a47fe415e44eadcdaa5bcf2c
Showing with 269 additions and 209 deletions.
  1. +2 −201 classes/fCRUD.php
  2. +143 −3 classes/fException.php
  3. +50 −1 classes/fHTML.php
  4. +74 −4 classes/fRequest.php
View
@@ -9,27 +9,22 @@
* @package Flourish
* @link http://flourishlib.com/fCRUD
*
* @version 1.0.0b2
* @version 1.0.0b3
* @changes 1.0.0b3 Backwards Compatiblity Break - moved ::printOption() to fHTML::printOption(), ::showChecked() to fHTML::showChecked(), ::removeListItems() and ::reorderListItems() to fException::splitMessage(), ::generateRequestToken() to fRequest::generateCSRFToken(), and ::validateRequestToken() to fRequest::validateCSRFToken() [wb, 2009-05-08]
* @changes 1.0.0b2 Fixed a bug preventing loaded search values from being included in redirects [wb, 2009-03-18]
* @changes 1.0.0b The initial implementation [wb, 2007-06-14]
*/
class fCRUD
{
// The following constants allow for nice looking callbacks to static methods
const generateRequestToken = 'fCRUD::generateRequestToken';
const getColumnClass = 'fCRUD::getColumnClass';
const getRowClass = 'fCRUD::getRowClass';
const getSearchValue = 'fCRUD::getSearchValue';
const getSortColumn = 'fCRUD::getSortColumn';
const getSortDirection = 'fCRUD::getSortDirection';
const printOption = 'fCRUD::printOption';
const printSortableColumn = 'fCRUD::printSortableColumn';
const redirectWithLoadedValues = 'fCRUD::redirectWithLoadedValues';
const removeListItems = 'fCRUD::removeListItems';
const reorderListItems = 'fCRUD::reorderListItems';
const reset = 'fCRUD::reset';
const showChecked = 'fCRUD::showChecked';
const validateRequestToken = 'fCRUD::validateRequestToken';
/**
@@ -68,40 +63,6 @@ class fCRUD
static private $sort_direction = NULL;
/**
* Returns a request token that should be placed in each HTML form to prevent [http://en.wikipedia.org/wiki/Cross-site_request_forgery cross-site request forgery]
*
* This method will return a random 15 character string that should be
* placed in a hidden `input` element on every HTML form. When the form
* contents are being processed, the token should be retrieved and passed
* into ::validateRequestToken().
*
* The value returned by this method is stored in the session and then
* checked by the validate method, which helps prevent cross site request
* forgeries and (naive) automated form submissions.
*
* Tokens generated by this method are single use, so a user must request
* the page that generates the token at least once per submission.
*
* @param string $url The URL to generate a token for, default to the current page
* @return string The token to be submitted with the form
*/
static public function generateRequestToken($url=NULL)
{
if ($url === NULL) {
$url = fURL::get();
}
$token = fCryptography::randomString(16);
$tokens = fSession::get($url . '::request_tokens', array(), __CLASS__ . '::');
$tokens[] = $token;
fSession::set($url . '::request_tokens', $tokens, __CLASS__ . '::');
return $token;
}
/**
* Return the string `'sorted'` if `$column` is the column that is currently being sorted by, otherwise returns `''`
*
@@ -269,29 +230,6 @@ static public function getSortDirection($default_direction)
}
/**
* Prints an `option` tag with the provided value, using the selected value to determine if the option should be marked as selected
*
* @param string $text The text to display in the option tag
* @param string $value The value for the option
* @param string $selected_value If the value is the same as this, the option will be marked as selected
* @return void
*/
static public function printOption($text, $value, $selected_value=NULL)
{
$selected = FALSE;
if ($value == $selected_value || (is_array($selected_value) && in_array($value, $selected_value))) {
$selected = TRUE;
}
echo '<option value="' . fHTML::encode($value) . '"';
if ($selected) {
echo ' selected="selected"';
}
echo '>' . fHTML::prepare($text) . '</option>';
}
/**
* Prints a sortable column header `a` tag
*
@@ -364,89 +302,6 @@ static public function redirectWithLoadedValues()
}
/**
* Removes list items from an fException based on their contents
*
* @param fException $exception The exception to remove field names from
* @param array $filters An array of strings to search for, if a string is found in a list item, the list item will be removed
* @return void
*/
static public function removeListItems($exception, $filters)
{
$message = $exception->getMessage();
// If we can't find a list, don't bother continuing
if (!preg_match('#^(.*<(?:ul|ol)[^>]*?>)(.*?)(</(?:ul|ol)>.*)$#isD', $message, $matches)) {
return;
}
$beginning = $matches[1];
$list_items = $matches[2];
$ending = $matches[3];
preg_match_all('#<li(.*?)</li>#i', $list_items, $matches, PREG_SET_ORDER);
$new_list_items = array();
foreach ($matches as $match) {
foreach ($filters as $filter) {
if (strpos($match[1], $filter) !== FALSE) {
continue 2;
}
}
$new_list_items[] = $match[0];
}
$exception->setMessage($beginning . join("\n", $new_list_items) . $ending);
}
/**
* Reorders list items in an fException based on their contents
*
* @param fException $exception The exception to reorder the list items in
* @param array $matches This should be an ordered array of strings. If a list item contains the string it will be displayed in the relative order it occurs in this array.
* @return void
*/
static public function reorderListItems($exception, $matches)
{
$message = $exception->getMessage();
// If we can't find a list, don't bother continuing
if (!preg_match('#^(.*<(?:ul|ol)[^>]*?>)(.*?)(</(?:ul|ol)>.*)$#isD', $message, $message_parts)) {
return;
}
$beginning = $message_parts[1];
$list_contents = $message_parts[2];
$ending = $message_parts[3];
preg_match_all('#<li(.*?)</li>#i', $list_contents, $list_items, PREG_SET_ORDER);
$ordered_items = array_fill(0, sizeof($matches), array());
$other_items = array();
foreach ($list_items as $list_item) {
foreach ($matches as $num => $match_string) {
if (strpos($list_item[1], $match_string) !== FALSE) {
$ordered_items[$num][] = $list_item[0];
continue 2;
}
}
$other_items[] = $list_item[0];
}
$final_list = array();
foreach ($ordered_items as $ordered_item) {
$final_list = array_merge($final_list, $ordered_item);
}
$final_list = array_merge($final_list, $other_items);
$exception->setMessage($beginning . join("\n", $final_list) . $ending);
}
/**
* Resets the configuration and data of the class
*
@@ -503,60 +358,6 @@ static private function setPreviousSortDirection($sort_direction)
}
/**
* Prints a `checked="checked"` HTML input attribute if `$value` equals `$checked_value`, or if `$value` is in `$checked_value`
*
* @param string $value The value for the current HTML input tag
* @param string|array $checked_value The value (or array of values) that has been checked
* @return boolean If the checked attribute was printed
*/
static public function showChecked($value, $checked_value)
{
$checked = FALSE;
if ($value == $checked_value || (is_array($checked_value) && in_array($value, $checked_value))) {
$checked = TRUE;
}
if ($checked) {
echo ' checked="checked"';
return TRUE;
}
return FALSE;
}
/**
* Validates a request token generated by ::generateRequestToken()
*
* This method takes a request token and ensures it is valid, otherwise
* it will throw an fValidationException.
*
* @throws fValidationException
*
* @param string $token The request token to validate
* @param string $url The URL to validate the token for, default to the current page
* @return void
*/
static public function validateRequestToken($token, $url=NULL)
{
if ($url === NULL) {
$url = fURL::get();
}
$tokens = fSession::get($url . '::request_tokens', array(), __CLASS__ . '::');
if (!in_array($token, $tokens)) {
throw new fValidationException(
'The form submitted could not be validated as authentic, please try submitting it again'
);
}
$tokens = array_diff($tokens, array($token));;
fSession::set($url . '::request_tokens', $tokens, __CLASS__ . '::');
}
/**
* Indicates if a reset was requested for search values
*
Oops, something went wrong.

0 comments on commit d6d9c90

Please sign in to comment.