From eeb38aeeded4ffbaae08df0d3f25aa4f56599d35 Mon Sep 17 00:00:00 2001 From: dconco Date: Sun, 10 Dec 2023 14:27:44 +0100 Subject: [PATCH 1/2] feat: Update configuration and file handling This commit updates the configuration settings in the .env file to use consistent spacing and adds new environment variables for the default host page. Additionally, it modifies the RouteController class to improve file handling by using the file_get_contents function instead of include, making it easier to manipulate content before output. The commit also includes modifications to the Route class: - It introduces a new static variable, $root_dir, to store the root directory path. - It adds a check for the presence of the 'fileinfo' extension and throws an exception if it is not enabled. - It refactors the file_type method to utilize the finfo_file function instead of mime_content_type for improved performance. - It updates the handling of file extensions for better content type detection. - It sets the $log and $root_dir variables within the class constructor for consistency. The commit also includes minor updates to other files, such as the README.md and composer.json, correcting typos and improving clarity. These changes enhance the configuration and file handling aspects of the project, improving efficiency and providing more control over the output. No issues are associated with this commit at this time. References: None --- .env | 18 +++--- App/Controller/RouteController.php | 16 ++++- App/PhpSlides.php | 68 +++++++++++++++++++-- LICENSE | 2 +- README.md | 2 +- composer.json | 2 +- public/.gitignore | 0 public/styles/App.css | 98 +++++++++++++++++++++++++++++- routes/route.php | 4 +- views/.gitignore | 0 views/components/Header.php | 10 +++ views/dashboard.view.php | 36 ++++++++--- views/errors/404.view.php | 36 ++++++++--- 13 files changed, 254 insertions(+), 38 deletions(-) delete mode 100644 public/.gitignore delete mode 100644 views/.gitignore create mode 100644 views/components/Header.php diff --git a/.env b/.env index 020cf5d..f226b95 100644 --- a/.env +++ b/.env @@ -1,9 +1,13 @@ -APP_NAME='PhpSlides' -APP_VERSION='1.0.0' -APP_SERVER='localhost' +APP_NAME = 'PhpSlides' +APP_VERSION = '1.0.0' +APP_SERVER = 'localhost' ## DATABASE INFO -DB_USER='root' -DB_PASS='root' -DB_HOST='localhost' -DB_BASE='php_slides' \ No newline at end of file +DB_USER = 'root' +DB_PASS = 'root' +DB_HOST = 'localhost' +DB_BASE = 'php_slides' + +## Default host page +ORIGIN = '//localhost' +ORIGIN_ROOT = '//localhost/projects/php_slides' \ No newline at end of file diff --git a/App/Controller/RouteController.php b/App/Controller/RouteController.php index 37bd99e..984d910 100644 --- a/App/Controller/RouteController.php +++ b/App/Controller/RouteController.php @@ -48,12 +48,24 @@ protected static function config_file(): array|bool * | * ----------------------------------------------------------- */ - protected static function get_included_file($filename) + public static function get_included_file($filename) { if (is_file($filename)) { + $file_contents = file_get_contents($filename); + + $root = strtolower(Route::$root_dir . '/'); + $root = str_replace('c:\\', 'c:\\\\', $root); + + $find = '/routes/route.php'; + $self = $_SERVER['PHP_SELF']; + $view = substr_replace($self, '/', strrpos($self, $find), strlen($find)); + + $file_contents = str_replace('::root::view/', $view, $file_contents); + $file_contents = str_replace('::root/', $root, $file_contents); + ob_start(); - include $filename; + eval('?>' . $file_contents); $output = ob_get_contents(); ob_end_clean(); diff --git a/App/PhpSlides.php b/App/PhpSlides.php index f2ecc2f..e9944ba 100644 --- a/App/PhpSlides.php +++ b/App/PhpSlides.php @@ -46,6 +46,8 @@ final class Route extends Controller */ public static bool $log; + public static string $root_dir; + /** * ------------------------------------------------------ @@ -61,11 +63,65 @@ public static function file_type(string $filename): bool|string { if (is_file($filename)) { + if (!extension_loaded('fileinfo')) + { + throw new Exception('Fileinfo extension is not enabled. Please enable it in your php.ini configuration.'); + } + $file_info = finfo_open(FILEINFO_MIME_TYPE); - $file_type = mime_content_type($filename); + $file_type = finfo_file($file_info, $filename); finfo_close($file_info); - return $file_type; + $file_ext = explode('.', $filename); + $file_ext = strtolower(end($file_ext)); + + if ($file_type === 'text/plain' || $file_type === 'application/octet-stream') + { + switch ($file_ext) + { + case 'css': + return 'text/css'; + case 'csv': + return 'text/csv'; + case 'htm': + return 'text/htm'; + case 'html': + return 'text/html'; + case 'js': + return 'application/javascript'; + case 'pdf': + return 'application/pdf'; + case 'doc': + return 'application/msword'; + case 'docx': + return 'application/vnd.openxmlformats-officedocument.wordprocessingml.document'; + case 'xls': + return 'application/vnd.ms-excel'; + case 'xlsx': + return 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'; + case 'json': + return 'application/json'; + case 'md': + return 'text/markdown'; + case 'ppt': + return 'application/mspowerpoint'; + case 'pptx': + return 'application/vnd.openxmlformats-officedocument.presentationml.presentation'; + case 'swf': + return 'application/x-shockwave-flash'; + case 'ai': + return 'application/postscript'; + case 'odt': + return 'application/vnd.oasis.opendocument.text'; + + default: + return $file_type; + } + } + else + { + return $file_type; + } } else { @@ -98,11 +154,15 @@ public static function config(bool $request_log = true) try { self::$log = $request_log; + self::$root_dir = dirname(__DIR__); $dir = dirname(__DIR__); $req = preg_replace("/(^\/)|(\/$)/", "", $_REQUEST["uri"]); $url = explode('/', $req); + $req_ext = explode('.', end($url)); + $req_ext = strtolower(end($req_ext)); + $file = self::get_included_file($dir . '/public/' . $req); $file_type = $file ? self::file_type($dir . '/public/' . $req) : null; @@ -119,10 +179,6 @@ public static function config(bool $request_log = true) if (!empty($config_file) && $file_type != null) { $config = $config_file['public']; - - // checks if the all URL / match the key in json - $req_ext = explode('.', end($url)); - $req_ext = strtolower(end($req_ext)); $accept = true; // loop over the requested URL folders diff --git a/LICENSE b/LICENSE index 213f465..19b2db2 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2023 Dave Conco +Copyright (c) 2023 Dave Conco - PhpSlides Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 449d226..69ce37b 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Use ***PhpSlides*** in creating of Very based secured Router, Api & database, created inbuilt template database which accepts - `MySql` & `Sqlite` database 🔥✨ can also setup other database. -It has by default SQL injections, it prevents project from XXS attacks 🔐. +It has by default in preventing SQL injections, it prevents project from XXS attacks & CSRF 🔐. It's a good practice for a beginner in Php to start with ***PhpSlides*** diff --git a/composer.json b/composer.json index 1cf5b0e..57b73fd 100644 --- a/composer.json +++ b/composer.json @@ -1,6 +1,6 @@ { "name": "dconco/php_slides", - "description": "PhpSlides let you create a secured Routing in php and secured API, which contains SQL injections, and prevent from XSS attack.", + "description": "PhpSlides let you create a secured Routing in php and secured API, which prevents SQL injections, and from XSS attack & CSRF.", "homepage": "https://github.com/dconco/php_slides", "version": "1.0.0", "type": "project", diff --git a/public/.gitignore b/public/.gitignore deleted file mode 100644 index e69de29..0000000 diff --git a/public/styles/App.css b/public/styles/App.css index a71f6af..e5d5d28 100644 --- a/public/styles/App.css +++ b/public/styles/App.css @@ -1,3 +1,97 @@ -.s { - color: blue; +body { + margin: 0; + display: flex; + height: 100svh; + flex-flow: column; + background: #bb9fe5; +} + +@keyframes ZoomIn { + from { + transform: scale(0, 0); + } + 75% { + transform: scale(1.2, 1.2); + } + to { + transform: scale(1, 1); + } +} + +.container { + width: 70%; + height: 70%; + margin: auto; + padding: 20px; + display: flex; + flex-flow: column; + overflow-y: auto; + overflow-x: hidden; + border-radius: 15px; + background: #6432c9; + align-items: center; + justify-content: space-between; + box-shadow: 0px 0px 8px 10px #a176f8; + animation: ZoomIn 0.8s ease-in-out forwards; +} + +.container::-webkit-scrollbar { + width: 8px; + border-radius: 5px; + background: #bb9fe5; +} + +.container::-webkit-scrollbar-thumb { + border-radius: 5px; + background: #783fe9; +} + +.logo { + width: 45%; +} + +.logo img { + width: 100%; +} + +button.btn { + border: none; + margin: 0 auto; + color: wheat; + cursor: pointer; + font-weight: bold; + border-radius: 5px; + text-transform: uppercase; + transition: all 0.2s ease-in-out; + padding: 10px 40px 10px 40px; + box-shadow: 0 0 8px #a176f8; + background: linear-gradient(50deg, darkblue, blue); + font-family: 'Lucida Sans', 'Lucida Sans Regular', 'Lucida Grande', 'Lucida Sans Unicode', Geneva, Verdana, sans-serif; +} + +button.btn:hover { + background: #783fe9; + animation: ButtonAnim 0.5s ease-in-out forwards; +} + +@keyframes ButtonAnim { + 0% { + transform: scale(1.3, 1.3); + } + 100% { + transform: scale(1, 1); + } +} + +button.btn:active { + background: #a176f8; +} + +h3.text { + margin: auto; + color: wheat; + text-align: center; + font-size: 50px; + font-weight: 700; + font-family: 'Franklin Gothic Medium', 'Arial Narrow', Arial, sans-serif; } \ No newline at end of file diff --git a/routes/route.php b/routes/route.php index b7fc548..ee77a77 100644 --- a/routes/route.php +++ b/routes/route.php @@ -22,7 +22,7 @@ * -------------------------------------------------------------------- */ -Route::view('/dashboard', '::dashboard'); +Route::view('/dashboard', '::Dashboard'); Route::redirect('/', '/dashboard'); -Route::any('*', view::render('::errors::404')); \ No newline at end of file +Route::any('*', view::render('::Errors::404')); \ No newline at end of file diff --git a/views/.gitignore b/views/.gitignore deleted file mode 100644 index e69de29..0000000 diff --git a/views/components/Header.php b/views/components/Header.php new file mode 100644 index 0000000..cfabf4b --- /dev/null +++ b/views/components/Header.php @@ -0,0 +1,10 @@ + + + + + + + + + + \ No newline at end of file diff --git a/views/dashboard.view.php b/views/dashboard.view.php index c1951d7..871c942 100644 --- a/views/dashboard.view.php +++ b/views/dashboard.view.php @@ -1,18 +1,40 @@ + + - + + + + + - + - Index Page + + Dashboard | PhpSlides + + + + + + -

Index Page

+
+ - Login -
- Signup + +
\ No newline at end of file diff --git a/views/errors/404.view.php b/views/errors/404.view.php index 67d7adc..5ded579 100644 --- a/views/errors/404.view.php +++ b/views/errors/404.view.php @@ -1,11 +1,29 @@ + + - - - - - 404 | Page not Found - - -

404 | Page not Found

- + + + + + + 404 | Page Not Found + + + +
+

404 | Page Not Found

+ +
+ + \ No newline at end of file From dffa41dbdcc85711a0ce333cf7e3b060f9b54394 Mon Sep 17 00:00:00 2001 From: dconco Date: Sun, 10 Dec 2023 15:06:01 +0100 Subject: [PATCH 2/2] feat: Update configuration and file handling This commit updates the configuration settings in the .env file to use consistent spacing and adds new environment variables for the default host page. Additionally, it modifies the RouteController class to improve file handling by using the file_get_contents function instead of include, making it easier to manipulate content before output. The commit also includes modifications to the Route class: - It introduces a new static variable, $root_dir, to store the root directory path. - It adds a check for the presence of the 'fileinfo' extension and throws an exception if it is not enabled. - It refactors the file_type method to utilize the finfo_file function instead of mime_content_type for improved performance. - It updates the handling of file extensions for better content type detection. - It sets the $log and $root_dir variables within the class constructor for consistency. The commit also includes minor updates to other files, such as the README.md and composer.json, correcting typos and improving clarity. These changes enhance the configuration and file handling aspects of the project, improving efficiency and providing more control over the output. No issues are associated with this commit at this time. References: None --- public/styles/App.css | 9 +++++++++ views/dashboard.view.php | 4 ++++ 2 files changed, 13 insertions(+) diff --git a/public/styles/App.css b/public/styles/App.css index e5d5d28..680a877 100644 --- a/public/styles/App.css +++ b/public/styles/App.css @@ -94,4 +94,13 @@ h3.text { font-size: 50px; font-weight: 700; font-family: 'Franklin Gothic Medium', 'Arial Narrow', Arial, sans-serif; +} + +.description { + margin: auto; + color: wheat; + font-size: 15px; + text-align: center; + font-weight: 400; + font-family: 'Lucida Sans', 'Lucida Sans Regular', 'Lucida Grande', 'Lucida Sans Unicode', Geneva, Verdana, sans-serif; } \ No newline at end of file diff --git a/views/dashboard.view.php b/views/dashboard.view.php index 871c942..53daccd 100644 --- a/views/dashboard.view.php +++ b/views/dashboard.view.php @@ -33,6 +33,10 @@ PhpSlides Logo +
+

PhpSlides let you create a secured Routing in php and secured API, which prevents SQL injections, and from XSS attack & CSRF.

+
+