PHP/Web
PHP/Web
2
0
Fork 0
Code

tab indentation

Browse Source
This commit is contained in:
Sky Johnson 2025-09-11 10:25:02 -05:00
parent 5cc24441d0
commit 65bfec8078
13 changed files with 2286 additions and 2294 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

562
Context.php
View File

@ -8,326 +8,326 @@ require_once __DIR__ . '/Validator.php';
*/
class Context
{
public Request $request;
public Response $response;
public Session $session;
public array $state = [];
public Request $request;
public Response $response;
public Session $session;
public array $state = [];
/**
* __construct creates a new Context with request and response
*/
public function __construct()
{
$this->request = new Request();
$this->response = new Response();
$this->session = new Session();
$this->session->start();
}
/**
* __construct creates a new Context with request and response
*/
public function __construct()
{
$this->request = new Request();
$this->response = new Response();
$this->session = new Session();
$this->session->start();
}
/**
* set stores a value in the context state
*/
public function set(string $key, mixed $value): void
{
$this->state[$key] = $value;
}
/**
* set stores a value in the context state
*/
public function set(string $key, mixed $value): void
{
$this->state[$key] = $value;
}
/**
* get retrieves a value from the context state
*/
public function get(string $key): mixed
{
return $this->state[$key] ?? null;
}
/**
* get retrieves a value from the context state
*/
public function get(string $key): mixed
{
return $this->state[$key] ?? null;
}
/**
* json sends a JSON response
*/
public function json(mixed $data, int $status = 200): void
{
$this->response->json($data, $status)->send();
}
/**
* json sends a JSON response
*/
public function json(mixed $data, int $status = 200): void
{
$this->response->json($data, $status)->send();
}
/**
* text sends a plain text response
*/
public function text(string $text, int $status = 200): void
{
$this->response->text($text, $status)->send();
}
/**
* text sends a plain text response
*/
public function text(string $text, int $status = 200): void
{
$this->response->text($text, $status)->send();
}
/**
* html sends an HTML response
*/
public function html(string $html, int $status = 200): void
{
$this->response->html($html, $status)->send();
}
/**
* html sends an HTML response
*/
public function html(string $html, int $status = 200): void
{
$this->response->html($html, $status)->send();
}
/**
* redirect sends a redirect response
*/
public function redirect(string $url, int $status = 302): void
{
$this->response->redirect($url, $status)->send();
}
/**
* redirect sends a redirect response
*/
public function redirect(string $url, int $status = 302): void
{
$this->response->redirect($url, $status)->send();
}
/**
* error sends an error response with appropriate content type
*/
public function error(int $status, string $message = ''): void
{
$messages = [
400 => 'Bad Request',
401 => 'Unauthorized',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
500 => 'Internal Server Error',
502 => 'Bad Gateway',
503 => 'Service Unavailable'
];
/**
* error sends an error response with appropriate content type
*/
public function error(int $status, string $message = ''): void
{
$messages = [
400 => 'Bad Request',
401 => 'Unauthorized',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
500 => 'Internal Server Error',
502 => 'Bad Gateway',
503 => 'Service Unavailable'
];
$message = $message ?: ($messages[$status] ?? 'Error');
$message = $message ?: ($messages[$status] ?? 'Error');
$this->response->status($status);
$this->response->status($status);
if ($this->request->header('accept') && str_contains($this->request->header('accept'), 'application/json')) {
$this->json(['error' => $message], $status);
} else {
$this->text($message, $status);
}
}
if ($this->request->header('accept') && str_contains($this->request->header('accept'), 'application/json')) {
$this->json(['error' => $message], $status);
} else {
$this->text($message, $status);
}
}
/**
* validate validates input data against rules
*/
public function validate(array $data, array $rules, array $messages = []): Validator
{
$validator = new Validator();
$validator->validate($data, $rules, $messages);
/**
* validate validates input data against rules
*/
public function validate(array $data, array $rules, array $messages = []): Validator
{
$validator = new Validator();
$validator->validate($data, $rules, $messages);
if ($validator->failed()) {
throw new ValidationException($validator->errors());
}
if ($validator->failed()) {
throw new ValidationException($validator->errors());
}
return $validator;
}
return $validator;
}
/**
* validateRequest validates request data against rules
*/
public function validateRequest(array $rules, array $messages = []): Validator
{
$data = $this->request->all();
return $this->validate($data, $rules, $messages);
}
/**
* validateRequest validates request data against rules
*/
public function validateRequest(array $rules, array $messages = []): Validator
{
$data = $this->request->all();
return $this->validate($data, $rules, $messages);
}
/**
* header returns the value of a request header
*/
public function header(string $name): ?string
{
return $this->request->header($name);
}
/**
* header returns the value of a request header
*/
public function header(string $name): ?string
{
return $this->request->header($name);
}
/**
* input returns a form input value (POST data)
*/
public function input(string $name, mixed $default = null): mixed
{
return $this->request->input($name, $default);
}
/**
* input returns a form input value (POST data)
*/
public function input(string $name, mixed $default = null): mixed
{
return $this->request->input($name, $default);
}
/**
* query returns a query parameter value
*/
public function query(string $name, mixed $default = null): mixed
{
return $this->request->query($name, $default);
}
/**
* query returns a query parameter value
*/
public function query(string $name, mixed $default = null): mixed
{
return $this->request->query($name, $default);
}
/**
* jsonValue returns a value from JSON body
*/
public function jsonValue(string $name, mixed $default = null): mixed
{
return $this->request->jsonValue($name, $default);
}
/**
* jsonValue returns a value from JSON body
*/
public function jsonValue(string $name, mixed $default = null): mixed
{
return $this->request->jsonValue($name, $default);
}
/**
* param returns a route parameter by integer index
*/
public function param(int $index, mixed $default = null): mixed
{
return $this->request->param($index, $default);
}
/**
* param returns a route parameter by integer index
*/
public function param(int $index, mixed $default = null): mixed
{
return $this->request->param($index, $default);
}
/**
* all returns all input data merged from all sources
*/
public function all(): array
{
return $this->request->all();
}
/**
* all returns all input data merged from all sources
*/
public function all(): array
{
return $this->request->all();
}
/**
* only returns only specified keys from input
*/
public function only(array $keys): array
{
return $this->request->only($keys);
}
/**
* only returns only specified keys from input
*/
public function only(array $keys): array
{
return $this->request->only($keys);
}
/**
* except returns all input except specified keys
*/
public function except(array $keys): array
{
return $this->request->except($keys);
}
/**
* except returns all input except specified keys
*/
public function except(array $keys): array
{
return $this->request->except($keys);
}
/**
* has checks if input key exists
*/
public function has(string $key): bool
{
return $this->request->has($key);
}
/**
* has checks if input key exists
*/
public function has(string $key): bool
{
return $this->request->has($key);
}
/**
* cookie returns the value of a request cookie
*/
public function cookie(string $name): ?string
{
return $this->request->cookie($name);
}
/**
* cookie returns the value of a request cookie
*/
public function cookie(string $name): ?string
{
return $this->request->cookie($name);
}
/**
* expectsJson checks if request expects JSON response
*/
public function expectsJson(): bool
{
return $this->request->expectsJson();
}
/**
* expectsJson checks if request expects JSON response
*/
public function expectsJson(): bool
{
return $this->request->expectsJson();
}
/**
* isAjax checks if request is AJAX
*/
public function isAjax(): bool
{
return $this->request->isAjax();
}
/**
* isAjax checks if request is AJAX
*/
public function isAjax(): bool
{
return $this->request->isAjax();
}
/**
* ip returns the client IP address
*/
public function ip(): string
{
return $this->request->ip();
}
/**
* ip returns the client IP address
*/
public function ip(): string
{
return $this->request->ip();
}
/**
* userAgent returns the user agent string
*/
public function userAgent(): string
{
return $this->request->userAgent();
}
/**
* userAgent returns the user agent string
*/
public function userAgent(): string
{
return $this->request->userAgent();
}
/**
* referer returns the referer URL
*/
public function referer(): ?string
{
return $this->request->referer();
}
/**
* referer returns the referer URL
*/
public function referer(): ?string
{
return $this->request->referer();
}
/**
* isSecure checks if request is over HTTPS
*/
public function isSecure(): bool
{
return $this->request->isSecure();
}
/**
* isSecure checks if request is over HTTPS
*/
public function isSecure(): bool
{
return $this->request->isSecure();
}
/**
* url returns the full URL of the request
*/
public function url(): string
{
return $this->request->url();
}
/**
* url returns the full URL of the request
*/
public function url(): string
{
return $this->request->url();
}
/**
* fullUrl returns the URL with query string
*/
public function fullUrl(): string
{
return $this->request->fullUrl();
}
/**
* fullUrl returns the URL with query string
*/
public function fullUrl(): string
{
return $this->request->fullUrl();
}
/**
* is checks if the request path matches a pattern
*/
public function is(string $pattern): bool
{
return $this->request->is($pattern);
}
/**
* is checks if the request path matches a pattern
*/
public function is(string $pattern): bool
{
return $this->request->is($pattern);
}
/**
* contentType returns the request content type without charset
*/
public function contentType(): string
{
return $this->request->contentType();
}
/**
* contentType returns the request content type without charset
*/
public function contentType(): string
{
return $this->request->contentType();
}
/**
* status sets the HTTP status code for the response
*/
public function status(int $code): Response
{
return $this->response->status($code);
}
/**
* status sets the HTTP status code for the response
*/
public function status(int $code): Response
{
return $this->response->status($code);
}
/**
* setHeader sets a header for the response
*/
public function setHeader(string $name, string $value): Response
{
return $this->response->header($name, $value);
}
/**
* setHeader sets a header for the response
*/
public function setHeader(string $name, string $value): Response
{
return $this->response->header($name, $value);
}
/**
* setCookie sets a cookie with the given name, value, and options
*/
public function setCookie(string $name, string $value, array $options = []): Response
{
return $this->response->cookie($name, $value, $options);
}
/**
* setCookie sets a cookie with the given name, value, and options
*/
public function setCookie(string $name, string $value, array $options = []): Response
{
return $this->response->cookie($name, $value, $options);
}
/**
* write adds content to the response body
*/
public function write(string $content): Response
{
return $this->response->write($content);
}
/**
* write adds content to the response body
*/
public function write(string $content): Response
{
return $this->response->write($content);
}
/**
* end ends the response with optional content
*/
public function end(string $content = ''): void
{
$this->response->end($content);
}
/**
* end ends the response with optional content
*/
public function end(string $content = ''): void
{
$this->response->end($content);
}
/**
* send sends the response to the client
*/
public function send(): void
{
$this->response->send();
}
/**
* send sends the response to the client
*/
public function send(): void
{
$this->response->send();
}
}

476
EXAMPLES.md
View File

@ -11,11 +11,11 @@ require_once 'Web.php';
$app = new Web(debug: true);
$app->get('/', function(Context $context) {
return 'Hello World!';
return 'Hello World!';
});
$app->get('/users/:id', function(Context $context, $id) {
return ['user_id' => $id, 'name' => 'John Doe'];
return ['user_id' => $id, 'name' => 'John Doe'];
});
$app->run();
@ -32,9 +32,9 @@ $app = new Web(debug: true);
// Add global middleware
$app->use(function(Context $context, callable $next) {
// Pre-processing
$next();
// Post-processing
// Pre-processing
$next();
// Post-processing
});
// Define routes
@ -47,17 +47,17 @@ $app->head('/path', $handler);
// Route groups
$app->group('/api', function(Web $app) {
$app->get('/users', $usersHandler);
$app->post('/users', $createUserHandler);
$app->get('/users', $usersHandler);
$app->post('/users', $createUserHandler);
});
// Custom error handlers
$app->setErrorHandler(404, function(Context $context) {
$context->json(['error' => 'Custom 404'], 404);
$context->json(['error' => 'Custom 404'], 404);
});
$app->setDefaultErrorHandler(function(Context $context, int $status, string $message, ?Exception $e) {
$context->json(['error' => $message, 'status' => $status], $status);
$context->json(['error' => $message, 'status' => $status], $status);
});
// Start the application
@ -78,9 +78,9 @@ $result = $router->lookup('GET', '/posts/123');
// Returns: ['code' => 200, 'handler' => $handler, 'params' => ['123']]
// Route patterns
'/users/:id' // matches /users/123, /users/abc
'/posts/:slug/edit' // matches /posts/my-post/edit
'/' // matches root path
'/users/:id' // matches /users/123, /users/abc
'/posts/:slug/edit' // matches /posts/my-post/edit
'/' // matches root path
```
## Context Examples
@ -89,27 +89,27 @@ $result = $router->lookup('GET', '/posts/123');
```php
// Get input from specific sources - explicit and predictable
$name = $context->input('name', 'default'); // POST data only
$search = $context->query('search', ''); // Query params only
$data = $context->jsonValue('data', []); // JSON body only
$id = $context->param(0, 0); // First route parameter
$name = $context->input('name', 'default'); // POST data only
$search = $context->query('search', ''); // Query params only
$data = $context->jsonValue('data', []); // JSON body only
$id = $context->param(0, 0); // First route parameter
// Examples with route parameters by index
// Route: /users/:userId/posts/:postId
// URL: /users/123/posts/456
$userId = $context->param(0); // "123" (first parameter)
$postId = $context->param(1); // "456" (second parameter)
$userId = $context->param(0); // "123" (first parameter)
$postId = $context->param(1); // "456" (second parameter)
// Examples with conflicting parameter names in different sources
// URL: /users/123?name=query_name
// POST: name=post_name
// JSON: {"name": "json_name"}
$routeId = $context->param(0); // "123" from route (first param)
$queryName = $context->query('name'); // "query_name" from URL
$postName = $context->input('name'); // "post_name" from form
$jsonName = $context->jsonValue('name'); // "json_name" from JSON
$routeId = $context->param(0); // "123" from route (first param)
$queryName = $context->query('name'); // "query_name" from URL
$postName = $context->input('name'); // "post_name" from form
$jsonName = $context->jsonValue('name'); // "json_name" from JSON
// Get all input data merged from all sources (route params override all)
$all = $context->all();
@ -118,7 +118,7 @@ $data = $context->except(['password']); // all except specified keys
// Check if input exists (checks all sources)
if ($context->has('email')) {
// handle email
// handle email
}
// Request headers and cookies
@ -133,15 +133,15 @@ $contentType = $context->contentType();
// Request checks
if ($context->expectsJson()) {
// return JSON response
// return JSON response
}
if ($context->isAjax()) {
// handle AJAX request
// handle AJAX request
}
if ($context->isSecure()) {
// HTTPS request
// HTTPS request
}
// URL helpers
@ -150,7 +150,7 @@ $fullUrl = $context->fullUrl(); // URL with query string
// Path matching
if ($context->is('api/*')) {
// matches API routes
// matches API routes
}
```
@ -191,13 +191,13 @@ $user = $context->get('user');
```php
// Validate request data
$validator = $context->validateRequest([
'email' => 'required|email',
'name' => 'required|string|min:2'
'email' => 'required|email',
'name' => 'required|string|min:2'
]);
// Validate any data
$validator = $context->validate($data, [
'field' => 'required|string'
'field' => 'required|string'
], ['field.required' => 'Custom error message']);
```
@ -207,23 +207,23 @@ $validator = $context->validate($data, [
$request = new Request();
// Basic properties
$request->method; // GET, POST, etc.
$request->uri; // /path?query=value
$request->path; // /path
$request->query; // query=value
$request->body; // raw request body
$request->method; // GET, POST, etc.
$request->uri; // /path?query=value
$request->path; // /path
$request->query; // query=value
$request->body; // raw request body
// Parsed data
$request->queryParams; // parsed query parameters
$request->postData; // parsed POST data
$request->params; // route parameters (set by router)
$request->postData; // parsed POST data
$request->params; // route parameters (set by router)
// Input methods
$value = $request->input('key', 'default'); // POST data only
$value = $request->query('key', 'default'); // Query params only
$value = $request->jsonValue('key', 'default'); // JSON body only
$value = $request->param(0, 'default'); // Route params by index
$all = $request->all(); // all input merged
$value = $request->input('key', 'default'); // POST data only
$value = $request->query('key', 'default'); // Query params only
$value = $request->jsonValue('key', 'default'); // JSON body only
$value = $request->param(0, 'default'); // Route params by index
$all = $request->all(); // all input merged
$subset = $request->only(['key1', 'key2']);
$subset = $request->except(['password']);
$exists = $request->has('key');
@ -257,22 +257,22 @@ $response = new Response();
// Set status and headers
$response->status(201)
->header('Content-Type', 'application/json')
->header('X-Custom', 'value');
->header('Content-Type', 'application/json')
->header('X-Custom', 'value');
// Content methods
$response->json($data, 201); // JSON with status
$response->text('Hello', 200); // Plain text
$response->json($data, 201); // JSON with status
$response->text('Hello', 200); // Plain text
$response->html('<h1>Hi</h1>', 200); // HTML
$response->redirect('/login', 302); // Redirect
$response->redirect('/login', 302); // Redirect
// Cookies
$response->cookie('name', 'value', [
'expires' => time() + 3600,
'path' => '/',
'secure' => true,
'httponly' => true,
'samesite' => 'Strict'
'expires' => time() + 3600,
'path' => '/',
'secure' => true,
'httponly' => true,
'samesite' => 'Strict'
]);
// Manual building
@ -307,8 +307,8 @@ $valid = $session->validateCsrf($userToken);
// Session management
$session->regenerate(); // Regenerate session ID
$session->destroy(); // Destroy session completely
$session->clear(); // Clear data but keep session active
$session->destroy(); // Destroy session completely
$session->clear(); // Clear data but keep session active
$all = $session->all(); // Get all session data
```
@ -319,27 +319,27 @@ $validator = new Validator();
// Validate data
$isValid = $validator->validate($data, [
'email' => 'required|email',
'password' => 'required|min:8',
'age' => 'integer|between:18,120',
'tags' => 'array',
'website' => 'url',
'role' => 'in:admin,user,moderator'
'email' => 'required|email',
'password' => 'required|min:8',
'age' => 'integer|between:18,120',
'tags' => 'array',
'website' => 'url',
'role' => 'in:admin,user,moderator'
], [
'email.required' => 'Email is mandatory',
'password.min' => 'Password must be at least 8 characters'
'email.required' => 'Email is mandatory',
'password.min' => 'Password must be at least 8 characters'
]);
// Check results
if ($validator->failed()) {
$errors = $validator->errors();
$firstError = $validator->firstError();
$fieldError = $validator->firstError('email');
$errors = $validator->errors();
$firstError = $validator->firstError();
$fieldError = $validator->firstError('email');
}
// Custom validation rules
Validator::extend('custom', function($value, $parameters, $data) {
return $value === 'custom_value';
return $value === 'custom_value';
});
```
@ -347,9 +347,9 @@ Validator::extend('custom', function($value, $parameters, $data) {
```php
$auth = new Auth($session, [
'cookie_name' => 'remember_token',
'cookie_lifetime' => 2592000, // 30 days
'cookie_secure' => true
'cookie_name' => 'remember_token',
'cookie_lifetime' => 2592000, // 30 days
'cookie_secure' => true
]);
// Authentication
@ -376,10 +376,10 @@ $auth->clear(); // Clear all auth data
```php
$user = new User([
'id' => 1,
'username' => 'john',
'email' => 'john@example.com',
'role' => 'admin'
'id' => 1,
'username' => 'john',
'email' => 'john@example.com',
'role' => 'admin'
]);
// Properties
@ -391,8 +391,8 @@ $user->role;
// Methods
$identifier = $user->getIdentifier(); // email or username
$id = $user->getId();
$array = $user->toArray(); // with all data
$safe = $user->toSafeArray(); // without sensitive data
$array = $user->toArray(); // with all data
$safe = $user->toSafeArray(); // without sensitive data
```
## Auth Middleware Examples
@ -430,11 +430,11 @@ $errorHandler = new ErrorHandler(debug: true);
// Register custom error handlers
$errorHandler->register(404, function(Context $context, int $status, string $message) {
$context->json(['error' => 'Custom not found'], 404);
$context->json(['error' => 'Custom not found'], 404);
});
$errorHandler->setDefaultHandler(function(Context $context, int $status, string $message, ?Exception $e) {
$context->json(['error' => $message, 'code' => $status], $status);
$context->json(['error' => $message, 'code' => $status], $status);
});
// Handle errors manually
@ -451,46 +451,46 @@ throw new ValidationException($validator->errors(), 'Validation failed');
```php
// Basic middleware
$app->use(function(Context $context, callable $next) {
// Pre-processing
$start = microtime(true);
// Pre-processing
$start = microtime(true);
$next(); // Call next middleware/handler
$next(); // Call next middleware/handler
// Post-processing
$duration = microtime(true) - $start;
$context->setHeader('X-Response-Time', $duration . 'ms');
// Post-processing
$duration = microtime(true) - $start;
$context->setHeader('X-Response-Time', $duration . 'ms');
});
// Conditional middleware
$app->use(function(Context $context, callable $next) {
if ($context->is('api/*')) {
$context->setHeader('Content-Type', 'application/json');
}
$next();
if ($context->is('api/*')) {
$context->setHeader('Content-Type', 'application/json');
}
$next();
});
// Logging middleware
$app->use(function(Context $context, callable $next) {
$method = $context->request->method;
$path = $context->request->path;
$ip = $context->ip();
$method = $context->request->method;
$path = $context->request->path;
$ip = $context->ip();
error_log("[$method] $path from $ip");
$next();
error_log("[$method] $path from $ip");
$next();
});
// CORS middleware
$app->use(function(Context $context, callable $next) {
$context->setHeader('Access-Control-Allow-Origin', '*');
$context->setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
$context->setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
$context->setHeader('Access-Control-Allow-Origin', '*');
$context->setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
$context->setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
if ($context->request->method === 'OPTIONS') {
$context->status(200)->send();
return;
}
if ($context->request->method === 'OPTIONS') {
$context->status(200)->send();
return;
}
$next();
$next();
});
```
@ -499,62 +499,62 @@ $app->use(function(Context $context, callable $next) {
```php
// Simple handler
$app->get('/hello', function(Context $context) {
return 'Hello World!';
return 'Hello World!';
});
// Handler with parameters
$app->get('/users/:id/posts/:slug', function(Context $context, $userId, $slug) {
// Parameters are passed as function arguments in order
// Or access via index: $userId = $context->param(0), $slug = $context->param(1)
return [
'user_id' => $userId,
'post_slug' => $slug,
'data' => $context->all()
];
// Parameters are passed as function arguments in order
// Or access via index: $userId = $context->param(0), $slug = $context->param(1)
return [
'user_id' => $userId,
'post_slug' => $slug,
'data' => $context->all()
];
});
// Handler return types
$app->get('/json', fn($context) => ['key' => 'value']); // Auto JSON
$app->get('/text', fn($context) => 'Plain text'); // Auto text
$app->get('/json', fn($context) => ['key' => 'value']); // Auto JSON
$app->get('/text', fn($context) => 'Plain text'); // Auto text
$app->get('/response', fn($context) => $context->json([])); // Manual response
// Complex handler with validation
$app->post('/users', function(Context $context) {
$context->validateRequest([
'name' => 'required|string|min:2',
'email' => 'required|email',
'age' => 'integer|min:18'
]);
$context->validateRequest([
'name' => 'required|string|min:2',
'email' => 'required|email',
'age' => 'integer|min:18'
]);
$userData = $context->only(['name', 'email', 'age']);
$userData = $context->only(['name', 'email', 'age']);
// Save user logic here
$userId = saveUser($userData);
// Save user logic here
$userId = saveUser($userData);
return [
'message' => 'User created successfully',
'user_id' => $userId
];
return [
'message' => 'User created successfully',
'user_id' => $userId
];
});
// File upload handler
$app->post('/upload', function(Context $context) {
if (!isset($_FILES['file'])) {
$context->error(400, 'No file uploaded');
return;
}
if (!isset($_FILES['file'])) {
$context->error(400, 'No file uploaded');
return;
}
$file = $_FILES['file'];
$file = $_FILES['file'];
if ($file['error'] !== UPLOAD_ERR_OK) {
$context->error(400, 'Upload failed');
return;
}
if ($file['error'] !== UPLOAD_ERR_OK) {
$context->error(400, 'Upload failed');
return;
}
// Handle file upload logic
$filename = handleFileUpload($file);
// Handle file upload logic
$filename = handleFileUpload($file);
return ['filename' => $filename];
return ['filename' => $filename];
});
```
@ -574,142 +574,142 @@ $authMiddleware = new AuthMiddleware($auth);
// Global middleware
$app->use(function(Context $context, callable $next) {
$context->setHeader('X-Framework', 'Web');
$next();
$context->setHeader('X-Framework', 'Web');
$next();
});
// Auth routes
$app->post('/login', function(Context $context) use ($auth) {
$context->validateRequest([
'email' => 'required|email',
'password' => 'required|min:6'
]);
$context->validateRequest([
'email' => 'required|email',
'password' => 'required|min:6'
]);
$email = $context->input('email');
$password = $context->input('password');
$email = $context->input('email');
$password = $context->input('password');
// Verify credentials externally, then login
if (verifyCredentials($email, $password)) {
$userData = getUserData($email);
$auth->login($userData, $context->input('remember'));
return ['message' => 'Logged in successfully'];
}
// Verify credentials externally, then login
if (verifyCredentials($email, $password)) {
$userData = getUserData($email);
$auth->login($userData, $context->input('remember'));
return ['message' => 'Logged in successfully'];
}
$context->error(401, 'Invalid credentials');
$context->error(401, 'Invalid credentials');
});
$app->post('/logout', function(Context $context) use ($auth) {
$auth->logout();
return ['message' => 'Logged out'];
$auth->logout();
return ['message' => 'Logged out'];
});
// Protected routes
$app->group('/api', function(Web $app) use ($authMiddleware) {
$app->use($authMiddleware->requireAuth());
$app->use($authMiddleware->rateLimit(100, 1));
$app->use($authMiddleware->requireAuth());
$app->use($authMiddleware->rateLimit(100, 1));
$app->get('/profile', function(Context $context) {
return $context->get('user')->toSafeArray();
});
$app->get('/profile', function(Context $context) {
return $context->get('user')->toSafeArray();
});
$app->put('/profile', function(Context $context) {
$context->validateRequest([
'name' => 'required|string|min:2',
'email' => 'required|email'
]);
$app->put('/profile', function(Context $context) {
$context->validateRequest([
'name' => 'required|string|min:2',
'email' => 'required|email'
]);
// Update profile logic here
return ['message' => 'Profile updated'];
});
// Update profile logic here
return ['message' => 'Profile updated'];
});
$app->get('/posts', function(Context $context) {
$page = $context->input('page', 1);
$limit = $context->input('limit', 10);
$app->get('/posts', function(Context $context) {
$page = $context->input('page', 1);
$limit = $context->input('limit', 10);
// Get posts with pagination
$posts = getPosts($page, $limit);
// Get posts with pagination
$posts = getPosts($page, $limit);
return [
'posts' => $posts,
'pagination' => [
'page' => $page,
'limit' => $limit
]
];
});
return [
'posts' => $posts,
'pagination' => [
'page' => $page,
'limit' => $limit
]
];
});
$app->post('/posts', function(Context $context) {
$context->validateRequest([
'title' => 'required|string|min:5',
'content' => 'required|string|min:10',
'tags' => 'array'
]);
$app->post('/posts', function(Context $context) {
$context->validateRequest([
'title' => 'required|string|min:5',
'content' => 'required|string|min:10',
'tags' => 'array'
]);
$postData = $context->only(['title', 'content', 'tags']);
$postData['user_id'] = $context->get('user')->id;
$postData = $context->only(['title', 'content', 'tags']);
$postData['user_id'] = $context->get('user')->id;
$postId = createPost($postData);
$postId = createPost($postData);
return [
'message' => 'Post created successfully',
'post_id' => $postId
];
});
return [
'message' => 'Post created successfully',
'post_id' => $postId
];
});
});
// Admin routes
$app->group('/admin', function(Web $app) use ($authMiddleware) {
$app->use($authMiddleware->requireRole('admin'));
$app->use($authMiddleware->requireRole('admin'));
$app->get('/users', function(Context $context) {
return ['users' => getAllUsers()];
});
$app->get('/users', function(Context $context) {
return ['users' => getAllUsers()];
});
$app->delete('/users/:id', function(Context $context, $userId) {
deleteUser($userId);
return ['message' => 'User deleted successfully'];
});
$app->delete('/users/:id', function(Context $context, $userId) {
deleteUser($userId);
return ['message' => 'User deleted successfully'];
});
$app->get('/stats', function(Context $context) {
return [
'total_users' => getUserCount(),
'total_posts' => getPostCount(),
'active_sessions' => getActiveSessionCount()
];
});
$app->get('/stats', function(Context $context) {
return [
'total_users' => getUserCount(),
'total_posts' => getPostCount(),
'active_sessions' => getActiveSessionCount()
];
});
});
// Public API routes
$app->group('/public', function(Web $app) {
$app->get('/posts', function(Context $context) {
$posts = getPublicPosts();
return ['posts' => $posts];
});
$app->get('/posts', function(Context $context) {
$posts = getPublicPosts();
return ['posts' => $posts];
});
$app->get('/posts/:id', function(Context $context, $postId) {
$post = getPublicPost($postId);
if (!$post) {
$context->error(404, 'Post not found');
return;
}
return ['post' => $post];
});
$app->get('/posts/:id', function(Context $context, $postId) {
$post = getPublicPost($postId);
if (!$post) {
$context->error(404, 'Post not found');
return;
}
return ['post' => $post];
});
});
// Error handlers
$app->setErrorHandler(404, function(Context $context) {
if ($context->expectsJson()) {
$context->json(['error' => 'Endpoint not found'], 404);
} else {
$context->html('<h1>Page Not Found</h1>', 404);
}
if ($context->expectsJson()) {
$context->json(['error' => 'Endpoint not found'], 404);
} else {
$context->html('<h1>Page Not Found</h1>', 404);
}
});
$app->setErrorHandler(429, function(Context $context) {
$context->json([
'error' => 'Rate limit exceeded',
'message' => 'Please slow down your requests'
], 429);
$context->json([
'error' => 'Rate limit exceeded',
'message' => 'Please slow down your requests'
], 429);
});
$app->run();
@ -721,21 +721,21 @@ $app->run();
```php
// Simple test setup
function testRoute($method, $path, $data = []) {
$_SERVER['REQUEST_METHOD'] = $method;
$_SERVER['REQUEST_URI'] = $path;
$_SERVER['REQUEST_METHOD'] = $method;
$_SERVER['REQUEST_URI'] = $path;
if ($method === 'POST' && $data) {
$_POST = $data;
}
if ($method === 'POST' && $data) {
$_POST = $data;
}
$app = new Web();
// Setup your routes...
$app = new Web();
// Setup your routes...
ob_start();
$app->run();
$output = ob_get_clean();
ob_start();
$app->run();
$output = ob_get_clean();
return $output;
return $output;
}
// Test examples

728
ErrorHandler.php
View File

@ -5,404 +5,404 @@
*/
class ErrorHandler
{
private array $handlers = [];
private $defaultHandler = null;
private bool $debug = false;
private array $handlers = [];
private $defaultHandler = null;
private bool $debug = false;
/**
* __construct creates a new ErrorHandler
*/
public function __construct(bool $debug = false)
{
$this->debug = $debug;
$this->registerDefaultHandlers();
}
/**
* __construct creates a new ErrorHandler
*/
public function __construct(bool $debug = false)
{
$this->debug = $debug;
$this->registerDefaultHandlers();
}
/**
* register registers a custom error handler for a specific status code
*/
public function register(int $status, callable $handler): void
{
$this->handlers[$status] = $handler;
}
/**
* register registers a custom error handler for a specific status code
*/
public function register(int $status, callable $handler): void
{
$this->handlers[$status] = $handler;
}
/**
* setDefaultHandler sets the default error handler for unregistered status codes
*/
public function setDefaultHandler(callable $handler): void
{
$this->defaultHandler = $handler;
}
/**
* setDefaultHandler sets the default error handler for unregistered status codes
*/
public function setDefaultHandler(callable $handler): void
{
$this->defaultHandler = $handler;
}
/**
* handle handles an error with the appropriate handler
*/
public function handle(Context $context, int $status, string $message = '', ?Exception $exception = null): void
{
if (isset($this->handlers[$status])) {
$handler = $this->handlers[$status];
$handler($context, $status, $message, $exception);
return;
}
/**
* handle handles an error with the appropriate handler
*/
public function handle(Context $context, int $status, string $message = '', ?Exception $exception = null): void
{
if (isset($this->handlers[$status])) {
$handler = $this->handlers[$status];
$handler($context, $status, $message, $exception);
return;
}
if ($this->defaultHandler) {
($this->defaultHandler)($context, $status, $message, $exception);
return;
}
if ($this->defaultHandler) {
($this->defaultHandler)($context, $status, $message, $exception);
return;
}
$this->renderDefaultError($context, $status, $message, $exception);
}
$this->renderDefaultError($context, $status, $message, $exception);
}
/**
* handleException handles uncaught exceptions
*/
public function handleException(Context $context, Exception $exception): void
{
$status = $this->getStatusFromException($exception);
$message = $this->debug ? $exception->getMessage() : $this->getDefaultMessage($status);
/**
* handleException handles uncaught exceptions
*/
public function handleException(Context $context, Exception $exception): void
{
$status = $this->getStatusFromException($exception);
$message = $this->debug ? $exception->getMessage() : $this->getDefaultMessage($status);
if ($this->debug) {
error_log($exception->getMessage() . "\n" . $exception->getTraceAsString());
}
if ($this->debug) {
error_log($exception->getMessage() . "\n" . $exception->getTraceAsString());
}
$this->handle($context, $status, $message, $exception);
}
$this->handle($context, $status, $message, $exception);
}
/**
* getStatusFromException determines HTTP status from exception type
*/
private function getStatusFromException(Exception $exception): int
{
if ($exception instanceof HttpException) {
return $exception->getStatusCode();
}
/**
* getStatusFromException determines HTTP status from exception type
*/
private function getStatusFromException(Exception $exception): int
{
if ($exception instanceof HttpException) {
return $exception->getStatusCode();
}
return match(get_class($exception)) {
'InvalidArgumentException' => 400,
'UnauthorizedException' => 401,
'ForbiddenException' => 403,
'NotFoundException' => 404,
'MethodNotAllowedException' => 405,
'ValidationException' => 422,
default => 500
};
}
return match(get_class($exception)) {
'InvalidArgumentException' => 400,
'UnauthorizedException' => 401,
'ForbiddenException' => 403,
'NotFoundException' => 404,
'MethodNotAllowedException' => 405,
'ValidationException' => 422,
default => 500
};
}
/**
* registerDefaultHandlers registers built-in error handlers
*/
private function registerDefaultHandlers(): void
{
// 404 Not Found
$this->register(404, function(Context $context, int $status, string $message) {
$accept = $context->request->header('accept') ?? '';
/**
* registerDefaultHandlers registers built-in error handlers
*/
private function registerDefaultHandlers(): void
{
// 404 Not Found
$this->register(404, function(Context $context, int $status, string $message) {
$accept = $context->request->header('accept') ?? '';
if (str_contains($accept, 'application/json')) {
$context->json(['error' => $message ?: 'Not Found'], 404);
} else {
$html = $this->render404Page($message);
$context->html($html, 404);
}
});
if (str_contains($accept, 'application/json')) {
$context->json(['error' => $message ?: 'Not Found'], 404);
} else {
$html = $this->render404Page($message);
$context->html($html, 404);
}
});
// 500 Internal Server Error
$this->register(500, function(Context $context, int $status, string $message, ?Exception $exception) {
$accept = $context->request->header('accept') ?? '';
// 500 Internal Server Error
$this->register(500, function(Context $context, int $status, string $message, ?Exception $exception) {
$accept = $context->request->header('accept') ?? '';
if (str_contains($accept, 'application/json')) {
$response = ['error' => $message ?: 'Internal Server Error'];
if ($this->debug && $exception) {
$response['trace'] = $exception->getTrace();
}
$context->json($response, 500);
} else {
$html = $this->render500Page($message, $exception);
$context->html($html, 500);
}
});
}
if (str_contains($accept, 'application/json')) {
$response = ['error' => $message ?: 'Internal Server Error'];
if ($this->debug && $exception) {
$response['trace'] = $exception->getTrace();
}
$context->json($response, 500);
} else {
$html = $this->render500Page($message, $exception);
$context->html($html, 500);
}
});
}
/**
* renderDefaultError renders a generic error response
*/
private function renderDefaultError(Context $context, int $status, string $message, ?Exception $exception): void
{
$message = $message ?: $this->getDefaultMessage($status);
$accept = $context->request->header('accept') ?? '';
/**
* renderDefaultError renders a generic error response
*/
private function renderDefaultError(Context $context, int $status, string $message, ?Exception $exception): void
{
$message = $message ?: $this->getDefaultMessage($status);
$accept = $context->request->header('accept') ?? '';
if (str_contains($accept, 'application/json')) {
$response = ['error' => $message];
if ($this->debug && $exception) {
$response['trace'] = $exception->getTrace();
}
$context->json($response, $status);
} else {
$html = $this->renderErrorPage($status, $message, $exception);
$context->html($html, $status);
}
}
if (str_contains($accept, 'application/json')) {
$response = ['error' => $message];
if ($this->debug && $exception) {
$response['trace'] = $exception->getTrace();
}
$context->json($response, $status);
} else {
$html = $this->renderErrorPage($status, $message, $exception);
$context->html($html, $status);
}
}
/**
* getDefaultMessage gets default message for status code
*/
private function getDefaultMessage(int $status): string
{
return match($status) {
400 => 'Bad Request',
401 => 'Unauthorized',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
422 => 'Unprocessable Entity',
429 => 'Too Many Requests',
500 => 'Internal Server Error',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
default => 'Error'
};
}
/**
* getDefaultMessage gets default message for status code
*/
private function getDefaultMessage(int $status): string
{
return match($status) {
400 => 'Bad Request',
401 => 'Unauthorized',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
422 => 'Unprocessable Entity',
429 => 'Too Many Requests',
500 => 'Internal Server Error',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
default => 'Error'
};
}
/**
* render404Page renders a 404 error page
*/
private function render404Page(string $message): string
{
$message = htmlspecialchars($message ?: 'Not Found');
/**
* render404Page renders a 404 error page
*/
private function render404Page(string $message): string
{
$message = htmlspecialchars($message ?: 'Not Found');
return <<<HTML
return <<<HTML
<!DOCTYPE html>
<html>
<head>
<title>404 - Not Found</title>
<style>
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
background: #f5f5f5;
color: #333;
margin: 0;
padding: 0;
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
}
.error-container {
text-align: center;
padding: 2rem;
}
h1 {
font-size: 6rem;
margin: 0;
color: #e74c3c;
}
h2 {
font-size: 1.5rem;
margin: 1rem 0;
font-weight: normal;
}
p {
color: #666;
margin: 1rem 0;
}
a {
color: #3498db;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
</style>
<title>404 - Not Found</title>
<style>
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
background: #f5f5f5;
color: #333;
margin: 0;
padding: 0;
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
}
.error-container {
text-align: center;
padding: 2rem;
}
h1 {
font-size: 6rem;
margin: 0;
color: #e74c3c;
}
h2 {
font-size: 1.5rem;
margin: 1rem 0;
font-weight: normal;
}
p {
color: #666;
margin: 1rem 0;
}
a {
color: #3498db;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<div class="error-container">
<h1>404</h1>
<h2>{$message}</h2>
<p>The page you are looking for could not be found.</p>
<a href="/">Go to Homepage</a>
</div>
<div class="error-container">
<h1>404</h1>
<h2>{$message}</h2>
<p>The page you are looking for could not be found.</p>
<a href="/">Go to Homepage</a>
</div>
</body>
</html>
HTML;
}
}
/**
* render500Page renders a 500 error page
*/
private function render500Page(string $message, ?Exception $exception): string
{
$message = htmlspecialchars($message ?: 'Internal Server Error');
$debugInfo = '';
/**
* render500Page renders a 500 error page
*/
private function render500Page(string $message, ?Exception $exception): string
{
$message = htmlspecialchars($message ?: 'Internal Server Error');
$debugInfo = '';
if ($this->debug && $exception) {
$exceptionClass = get_class($exception);
$file = htmlspecialchars($exception->getFile());
$line = $exception->getLine();
$trace = htmlspecialchars($exception->getTraceAsString());
if ($this->debug && $exception) {
$exceptionClass = get_class($exception);
$file = htmlspecialchars($exception->getFile());
$line = $exception->getLine();
$trace = htmlspecialchars($exception->getTraceAsString());
$debugInfo = <<<HTML
<div class="debug-info">
<h3>Debug Information</h3>
<p><strong>Exception:</strong> {$exceptionClass}</p>
<p><strong>File:</strong> {$file}:{$line}</p>
<pre>{$trace}</pre>
</div>
$debugInfo = <<<HTML
<div class="debug-info">
<h3>Debug Information</h3>
<p><strong>Exception:</strong> {$exceptionClass}</p>
<p><strong>File:</strong> {$file}:{$line}</p>
<pre>{$trace}</pre>
</div>
HTML;
}
}
return <<<HTML
return <<<HTML
<!DOCTYPE html>
<html>
<head>
<title>500 - Internal Server Error</title>
<style>
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
background: #f5f5f5;
color: #333;
margin: 0;
padding: 0;
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
}
.error-container {
text-align: center;
padding: 2rem;
max-width: 800px;
}
h1 {
font-size: 6rem;
margin: 0;
color: #e74c3c;
}
h2 {
font-size: 1.5rem;
margin: 1rem 0;
font-weight: normal;
}
p {
color: #666;
margin: 1rem 0;
}
.debug-info {
margin-top: 2rem;
padding: 1rem;
background: #fff;
border: 1px solid #ddd;
border-radius: 4px;
text-align: left;
}
.debug-info h3 {
margin-top: 0;
color: #e74c3c;
}
.debug-info pre {
background: #f8f8f8;
padding: 1rem;
overflow-x: auto;
font-size: 0.875rem;
}
</style>
<title>500 - Internal Server Error</title>
<style>
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
background: #f5f5f5;
color: #333;
margin: 0;
padding: 0;
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
}
.error-container {
text-align: center;
padding: 2rem;
max-width: 800px;
}
h1 {
font-size: 6rem;
margin: 0;
color: #e74c3c;
}
h2 {
font-size: 1.5rem;
margin: 1rem 0;
font-weight: normal;
}
p {
color: #666;
margin: 1rem 0;
}
.debug-info {
margin-top: 2rem;
padding: 1rem;
background: #fff;
border: 1px solid #ddd;
border-radius: 4px;
text-align: left;
}
.debug-info h3 {
margin-top: 0;
color: #e74c3c;
}
.debug-info pre {
background: #f8f8f8;
padding: 1rem;
overflow-x: auto;
font-size: 0.875rem;
}
</style>
</head>
<body>
<div class="error-container">
<h1>500</h1>
<h2>{$message}</h2>
<p>Something went wrong on our end. Please try again later.</p>
{$debugInfo}
</div>
<div class="error-container">
<h1>500</h1>
<h2>{$message}</h2>
<p>Something went wrong on our end. Please try again later.</p>
{$debugInfo}
</div>
</body>
</html>
HTML;
}
}
/**
* renderErrorPage renders a generic error page
*/
private function renderErrorPage(int $status, string $message, ?Exception $exception): string
{
$message = htmlspecialchars($message);
$debugInfo = '';
/**
* renderErrorPage renders a generic error page
*/
private function renderErrorPage(int $status, string $message, ?Exception $exception): string
{
$message = htmlspecialchars($message);
$debugInfo = '';
if ($this->debug && $exception) {
$exceptionClass = get_class($exception);
$file = htmlspecialchars($exception->getFile());
$line = $exception->getLine();
$trace = htmlspecialchars($exception->getTraceAsString());
if ($this->debug && $exception) {
$exceptionClass = get_class($exception);
$file = htmlspecialchars($exception->getFile());
$line = $exception->getLine();
$trace = htmlspecialchars($exception->getTraceAsString());
$debugInfo = <<<HTML
<div class="debug-info">
<h3>Debug Information</h3>
<p><strong>Exception:</strong> {$exceptionClass}</p>
<p><strong>File:</strong> {$file}:{$line}</p>
<pre>{$trace}</pre>
</div>
$debugInfo = <<<HTML
<div class="debug-info">
<h3>Debug Information</h3>
<p><strong>Exception:</strong> {$exceptionClass}</p>
<p><strong>File:</strong> {$file}:{$line}</p>
<pre>{$trace}</pre>
</div>
HTML;
}
}
return <<<HTML
return <<<HTML
<!DOCTYPE html>
<html>
<head>
<title>{$status} - {$message}</title>
<style>
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
background: #f5f5f5;
color: #333;
margin: 0;
padding: 0;
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
}
.error-container {
text-align: center;
padding: 2rem;
max-width: 800px;
}
h1 {
font-size: 6rem;
margin: 0;
color: #e74c3c;
}
h2 {
font-size: 1.5rem;
margin: 1rem 0;
font-weight: normal;
}
.debug-info {
margin-top: 2rem;
padding: 1rem;
background: #fff;
border: 1px solid #ddd;
border-radius: 4px;
text-align: left;
}
.debug-info h3 {
margin-top: 0;
color: #e74c3c;
}
.debug-info pre {
background: #f8f8f8;
padding: 1rem;
overflow-x: auto;
font-size: 0.875rem;
}
</style>
<title>{$status} - {$message}</title>
<style>
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
background: #f5f5f5;
color: #333;
margin: 0;
padding: 0;
display: flex;
align-items: center;
justify-content: center;
min-height: 100vh;
}
.error-container {
text-align: center;
padding: 2rem;
max-width: 800px;
}
h1 {
font-size: 6rem;
margin: 0;
color: #e74c3c;
}
h2 {
font-size: 1.5rem;
margin: 1rem 0;
font-weight: normal;
}
.debug-info {
margin-top: 2rem;
padding: 1rem;
background: #fff;
border: 1px solid #ddd;
border-radius: 4px;
text-align: left;
}
.debug-info h3 {
margin-top: 0;
color: #e74c3c;
}
.debug-info pre {
background: #f8f8f8;
padding: 1rem;
overflow-x: auto;
font-size: 0.875rem;
}
</style>
</head>
<body>
<div class="error-container">
<h1>{$status}</h1>
<h2>{$message}</h2>
{$debugInfo}
</div>
<div class="error-container">
<h1>{$status}</h1>
<h2>{$message}</h2>
{$debugInfo}
</div>
</body>
</html>
HTML;
}
}
}
/**
@ -410,18 +410,18 @@ HTML;
*/
class HttpException extends Exception
{
protected int $statusCode;
protected int $statusCode;
public function __construct(int $statusCode, string $message = '', int $code = 0, Exception $previous = null)
{
$this->statusCode = $statusCode;
parent::__construct($message, $code, $previous);
}
public function __construct(int $statusCode, string $message = '', int $code = 0, Exception $previous = null)
{
$this->statusCode = $statusCode;
parent::__construct($message, $code, $previous);
}
public function getStatusCode(): int
{
return $this->statusCode;
}
public function getStatusCode(): int
{
return $this->statusCode;
}
}
/**
@ -429,16 +429,16 @@ class HttpException extends Exception
*/
class ValidationException extends HttpException
{
private array $errors;
private array $errors;
public function __construct(array $errors, string $message = 'Validation failed')
{
$this->errors = $errors;
parent::__construct(422, $message);
}
public function __construct(array $errors, string $message = 'Validation failed')
{
$this->errors = $errors;
parent::__construct(422, $message);
}
public function getErrors(): array
{
return $this->errors;
}
public function getErrors(): array
{
return $this->errors;
}
}

60
HTTPMethod.php
View File

@ -4,36 +4,36 @@
* HTTPMethod represents an HTTP method
*/
enum HTTPMethod: string {
case GET = 'GET';
case POST = 'POST';
case PUT = 'PUT';
case DELETE = 'DELETE';
case PATCH = 'PATCH';
case OPTIONS = 'OPTIONS';
case HEAD = 'HEAD';
case GET = 'GET';
case POST = 'POST';
case PUT = 'PUT';
case DELETE = 'DELETE';
case PATCH = 'PATCH';
case OPTIONS = 'OPTIONS';
case HEAD = 'HEAD';
/**
* fromString converts a string to an HTTPMethod
*/
public static function fromString(string $method): self
{
return match(strtoupper($method)) {
'GET' => self::GET,
'POST' => self::POST,
'PUT' => self::PUT,
'DELETE' => self::DELETE,
'PATCH' => self::PATCH,
'OPTIONS' => self::OPTIONS,
'HEAD' => self::HEAD,
default => self::GET
};
}
/**
* fromString converts a string to an HTTPMethod
*/
public static function fromString(string $method): self
{
return match(strtoupper($method)) {
'GET' => self::GET,
'POST' => self::POST,
'PUT' => self::PUT,
'DELETE' => self::DELETE,
'PATCH' => self::PATCH,
'OPTIONS' => self::OPTIONS,
'HEAD' => self::HEAD,
default => self::GET
};
}
/**
* toString returns the string representation of the method
*/
public function toString(): string
{
return $this->value;
}
/**
* toString returns the string representation of the method
*/
public function toString(): string
{
return $this->value;
}
}

10
README.md
View File

@ -11,11 +11,11 @@ require_once 'Web.php';
$app = new Web(debug: true);
$app->get('/', function(Context $context) {
return 'Hello World!';
return 'Hello World!';
});
$app->get('/users/:id', function(Context $context, $id) {
return ['user_id' => $id, 'name' => 'John Doe'];
return ['user_id' => $id, 'name' => 'John Doe'];
});
$app->run();
@ -112,10 +112,10 @@ run(): void
### Context Class
```php
// Request helpers
input(string $name, mixed $default = null): mixed // POST data
query(string $name, mixed $default = null): mixed // Query params
input(string $name, mixed $default = null): mixed // POST data
query(string $name, mixed $default = null): mixed // Query params
jsonValue(string $name, mixed $default = null): mixed // JSON body
param(int $index, mixed $default = null): mixed // Route params by index
param(int $index, mixed $default = null): mixed // Route params by index
all(): array
only(array $keys): array
except(array $keys): array

452
Request.php
View File

@ -5,265 +5,265 @@
*/
class Request
{
public string $method;
public string $uri;
public string $path;
public string $query;
public array $headers;
public string $body;
public array $params = [];
public array $queryParams = [];
public array $postData = [];
public array $cookies;
public string $method;
public string $uri;
public string $path;
public string $query;
public array $headers;
public string $body;
public array $params = [];
public array $queryParams = [];
public array $postData = [];
public array $cookies;
/**
* __construct creates a new Request from PHP globals
*/
public function __construct()
{
$this->method = $_SERVER['REQUEST_METHOD'] ?? 'GET';
$this->uri = $_SERVER['REQUEST_URI'] ?? '/';
/**
* __construct creates a new Request from PHP globals
*/
public function __construct()
{
$this->method = $_SERVER['REQUEST_METHOD'] ?? 'GET';
$this->uri = $_SERVER['REQUEST_URI'] ?? '/';
$urlParts = parse_url($this->uri);
$this->path = $urlParts['path'] ?? '/';
$this->query = $urlParts['query'] ?? '';
$urlParts = parse_url($this->uri);
$this->path = $urlParts['path'] ?? '/';
$this->query = $urlParts['query'] ?? '';
parse_str($this->query, $this->queryParams);
parse_str($this->query, $this->queryParams);
$this->headers = $this->parseHeaders();
$this->body = file_get_contents('php://input') ?: '';
$this->cookies = $_COOKIE ?? [];
$this->headers = $this->parseHeaders();
$this->body = file_get_contents('php://input') ?: '';
$this->cookies = $_COOKIE ?? [];
if ($this->method === 'POST' && $this->contentType() === 'application/x-www-form-urlencoded') {
parse_str($this->body, $this->postData);
} elseif ($this->method === 'POST' && str_contains($this->contentType(), 'multipart/form-data')) {
$this->postData = $_POST ?? [];
}
}
if ($this->method === 'POST' && $this->contentType() === 'application/x-www-form-urlencoded') {
parse_str($this->body, $this->postData);
} elseif ($this->method === 'POST' && str_contains($this->contentType(), 'multipart/form-data')) {
$this->postData = $_POST ?? [];
}
}
/**
* parseHeaders extracts HTTP headers from $_SERVER
*/
private function parseHeaders(): array
{
$headers = [];
foreach ($_SERVER as $key => $value) {
if (str_starts_with($key, 'HTTP_')) {
$header = str_replace('_', '-', substr($key, 5));
$headers[strtolower($header)] = $value;
}
}
/**
* parseHeaders extracts HTTP headers from $_SERVER
*/
private function parseHeaders(): array
{
$headers = [];
foreach ($_SERVER as $key => $value) {
if (str_starts_with($key, 'HTTP_')) {
$header = str_replace('_', '-', substr($key, 5));
$headers[strtolower($header)] = $value;
}
}
if (isset($_SERVER['CONTENT_TYPE'])) $headers['content-type'] = $_SERVER['CONTENT_TYPE'];
if (isset($_SERVER['CONTENT_LENGTH'])) $headers['content-length'] = $_SERVER['CONTENT_LENGTH'];
if (isset($_SERVER['CONTENT_TYPE'])) $headers['content-type'] = $_SERVER['CONTENT_TYPE'];
if (isset($_SERVER['CONTENT_LENGTH'])) $headers['content-length'] = $_SERVER['CONTENT_LENGTH'];
return $headers;
}
return $headers;
}
/**
* header returns the value of the specified header
*/
public function header(string $name): ?string
{
return $this->headers[strtolower($name)] ?? null;
}
/**
* header returns the value of the specified header
*/
public function header(string $name): ?string
{
return $this->headers[strtolower($name)] ?? null;
}
/**
* contentType returns the content type without charset
*/
public function contentType(): string
{
$contentType = $this->header('content-type') ?? '';
return explode(';', $contentType)[0];
}
/**
* contentType returns the content type without charset
*/
public function contentType(): string
{
$contentType = $this->header('content-type') ?? '';
return explode(';', $contentType)[0];
}
/**
* json decodes the request body as JSON
*/
public function json(): mixed
{
return json_decode($this->body, true);
}
/**
* json decodes the request body as JSON
*/
public function json(): mixed
{
return json_decode($this->body, true);
}
/**
* cookie returns the value of the specified cookie
*/
public function cookie(string $name): ?string
{
return $this->cookies[$name] ?? null;
}
/**
* cookie returns the value of the specified cookie
*/
public function cookie(string $name): ?string
{
return $this->cookies[$name] ?? null;
}
/**
* param returns a route parameter by integer index
*/
public function param(int $index, mixed $default = null): mixed
{
return $this->params[$index] ?? $default;
}
/**
* param returns a route parameter by integer index
*/
public function param(int $index, mixed $default = null): mixed
{
return $this->params[$index] ?? $default;
}
/**
* input returns a form input value (POST data)
*/
public function input(string $name, mixed $default = null): mixed
{
return $this->postData[$name] ?? $default;
}
/**
* input returns a form input value (POST data)
*/
public function input(string $name, mixed $default = null): mixed
{
return $this->postData[$name] ?? $default;
}
/**
* query returns a query parameter value
*/
public function query(string $name, mixed $default = null): mixed
{
return $this->queryParams[$name] ?? $default;
}
/**
* query returns a query parameter value
*/
public function query(string $name, mixed $default = null): mixed
{
return $this->queryParams[$name] ?? $default;
}
/**
* jsonValue returns a value from JSON body
*/
public function jsonValue(string $name, mixed $default = null): mixed
{
if ($this->contentType() !== 'application/json') {
return $default;
}
/**
* jsonValue returns a value from JSON body
*/
public function jsonValue(string $name, mixed $default = null): mixed
{
if ($this->contentType() !== 'application/json') {
return $default;
}
$json = $this->json();
if (!is_array($json)) {
return $default;
}
$json = $this->json();
if (!is_array($json)) {
return $default;
}
return $json[$name] ?? $default;
}
return $json[$name] ?? $default;
}
/**
* all returns all input data merged from all sources
*/
public function all(): array
{
$data = array_merge($this->queryParams, $this->postData, $this->params);
/**
* all returns all input data merged from all sources
*/
public function all(): array
{
$data = array_merge($this->queryParams, $this->postData, $this->params);
if ($this->contentType() === 'application/json') {
$json = $this->json();
if (is_array($json)) {
$data = array_merge($data, $json);
}
}
if ($this->contentType() === 'application/json') {
$json = $this->json();
if (is_array($json)) {
$data = array_merge($data, $json);
}
}
return $data;
}
return $data;
}
/**
* only returns only specified keys from input
*/
public function only(array $keys): array
{
$all = $this->all();
return array_intersect_key($all, array_flip($keys));
}
/**
* only returns only specified keys from input
*/
public function only(array $keys): array
{
$all = $this->all();
return array_intersect_key($all, array_flip($keys));
}
/**
* except returns all input except specified keys
*/
public function except(array $keys): array
{
$all = $this->all();
return array_diff_key($all, array_flip($keys));
}
/**
* except returns all input except specified keys
*/
public function except(array $keys): array
{
$all = $this->all();
return array_diff_key($all, array_flip($keys));
}
/**
* has checks if input key exists
*/
public function has(string $key): bool
{
return $this->input($key) !== null;
}
/**
* has checks if input key exists
*/
public function has(string $key): bool
{
return $this->input($key) !== null;
}
/**
* expectsJson checks if request expects JSON response
*/
public function expectsJson(): bool
{
$accept = $this->header('accept') ?? '';
return str_contains($accept, 'application/json') ||
str_contains($accept, 'text/json') ||
$this->header('x-requested-with') === 'XMLHttpRequest';
}
/**
* expectsJson checks if request expects JSON response
*/
public function expectsJson(): bool
{
$accept = $this->header('accept') ?? '';
return str_contains($accept, 'application/json') ||
str_contains($accept, 'text/json') ||
$this->header('x-requested-with') === 'XMLHttpRequest';
}
/**
* isAjax checks if request is AJAX
*/
public function isAjax(): bool
{
return $this->header('x-requested-with') === 'XMLHttpRequest';
}
/**
* isAjax checks if request is AJAX
*/
public function isAjax(): bool
{
return $this->header('x-requested-with') === 'XMLHttpRequest';
}
/**
* ip returns the client IP address
*/
public function ip(): string
{
// Check for proxied IPs
if ($ip = $this->header('x-forwarded-for')) {
return explode(',', $ip)[0];
}
/**
* ip returns the client IP address
*/
public function ip(): string
{
// Check for proxied IPs
if ($ip = $this->header('x-forwarded-for')) {
return explode(',', $ip)[0];
}
if ($ip = $this->header('x-real-ip')) {
return $ip;
}
if ($ip = $this->header('x-real-ip')) {
return $ip;
}
return $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0';
}
return $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0';
}
/**
* userAgent returns the user agent string
*/
public function userAgent(): string
{
return $this->header('user-agent') ?? '';
}
/**
* userAgent returns the user agent string
*/
public function userAgent(): string
{
return $this->header('user-agent') ?? '';
}
/**
* referer returns the referer URL
*/
public function referer(): ?string
{
return $this->header('referer');
}
/**
* referer returns the referer URL
*/
public function referer(): ?string
{
return $this->header('referer');
}
/**
* isSecure checks if request is over HTTPS
*/
public function isSecure(): bool
{
return (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ||
($_SERVER['SERVER_PORT'] ?? 80) == 443 ||
($this->header('x-forwarded-proto') === 'https');
}
/**
* isSecure checks if request is over HTTPS
*/
public function isSecure(): bool
{
return (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ||
($_SERVER['SERVER_PORT'] ?? 80) == 443 ||
($this->header('x-forwarded-proto') === 'https');
}
/**
* url returns the full URL of the request
*/
public function url(): string
{
$protocol = $this->isSecure() ? 'https' : 'http';
$host = $_SERVER['HTTP_HOST'] ?? 'localhost';
return $protocol . '://' . $host . $this->uri;
}
/**
* url returns the full URL of the request
*/
public function url(): string
{
$protocol = $this->isSecure() ? 'https' : 'http';
$host = $_SERVER['HTTP_HOST'] ?? 'localhost';
return $protocol . '://' . $host . $this->uri;
}
/**
* fullUrl returns the URL with query string
*/
public function fullUrl(): string
{
return $this->url();
}
/**
* fullUrl returns the URL with query string
*/
public function fullUrl(): string
{
return $this->url();
}
/**
* is checks if the request path matches a pattern
*/
public function is(string $pattern): bool
{
$pattern = preg_quote($pattern, '#');
$pattern = str_replace('\*', '.*', $pattern);
return preg_match('#^' . $pattern . '$#', $this->path) === 1;
}
/**
* is checks if the request path matches a pattern
*/
public function is(string $pattern): bool
{
$pattern = preg_quote($pattern, '#');
$pattern = str_replace('\*', '.*', $pattern);
return preg_match('#^' . $pattern . '$#', $this->path) === 1;
}
}

218
Response.php
View File

@ -5,128 +5,128 @@
*/
class Response
{
private int $statusCode = 200;
private array $headers = [];
private string $body = '';
private bool $sent = false;
private int $statusCode = 200;
private array $headers = [];
private string $body = '';
private bool $sent = false;
/**
* Set the HTTP status code for the response
*/
public function status(int $code): Response
{
$this->statusCode = $code;
return $this;
}
/**
* Set the HTTP status code for the response
*/
public function status(int $code): Response
{
$this->statusCode = $code;
return $this;
}
/**
* Set a header for the response
*/
public function header(string $name, string $value): Response
{
$this->headers[$name] = $value;
return $this;
}
/**
* Set a header for the response
*/
public function header(string $name, string $value): Response
{
$this->headers[$name] = $value;
return $this;
}
/**
* Set a JSON response with the given data and status code
*/
public function json(mixed $data, int $status = 200): Response
{
$this->statusCode = $status;
$this->headers['Content-Type'] = 'application/json';
$this->body = json_encode($data);
return $this;
}
/**
* Set a JSON response with the given data and status code
*/
public function json(mixed $data, int $status = 200): Response
{
$this->statusCode = $status;
$this->headers['Content-Type'] = 'application/json';
$this->body = json_encode($data);
return $this;
}
/**
* Set a text response with the given text and status code
*/
public function text(string $text, int $status = 200): Response
{
$this->statusCode = $status;
$this->headers['Content-Type'] = 'text/plain';
$this->body = $text;
return $this;
}
/**
* Set a text response with the given text and status code
*/
public function text(string $text, int $status = 200): Response
{
$this->statusCode = $status;
$this->headers['Content-Type'] = 'text/plain';
$this->body = $text;
return $this;
}
/**
* Set an HTML response with the given HTML and status code
*/
public function html(string $html, int $status = 200): Response
{
$this->statusCode = $status;
$this->headers['Content-Type'] = 'text/html; charset=utf-8';
$this->body = $html;
return $this;
}
/**
* Set an HTML response with the given HTML and status code
*/
public function html(string $html, int $status = 200): Response
{
$this->statusCode = $status;
$this->headers['Content-Type'] = 'text/html; charset=utf-8';
$this->body = $html;
return $this;
}
/**
* Redirect to the given URL with the given status code
*/
public function redirect(string $url, int $status = 302): Response
{
$this->statusCode = $status;
$this->headers['Location'] = $url;
return $this;
}
/**
* Redirect to the given URL with the given status code
*/
public function redirect(string $url, int $status = 302): Response
{
$this->statusCode = $status;
$this->headers['Location'] = $url;
return $this;
}
/**
* Set a cookie with the given name, value, and options
*/
public function cookie(string $name, string $value, array $options = []): Response
{
$options = array_merge([
'expires' => 0,
'path' => '/',
'domain' => '',
'secure' => false,
'httponly' => true,
'samesite' => 'Lax'
], $options);
/**
* Set a cookie with the given name, value, and options
*/
public function cookie(string $name, string $value, array $options = []): Response
{
$options = array_merge([
'expires' => 0,
'path' => '/',
'domain' => '',
'secure' => false,
'httponly' => true,
'samesite' => 'Lax'
], $options);
setcookie($name, $value, [
'expires' => $options['expires'],
'path' => $options['path'],
'domain' => $options['domain'],
'secure' => $options['secure'],
'httponly' => $options['httponly'],
'samesite' => $options['samesite']
]);
setcookie($name, $value, [
'expires' => $options['expires'],
'path' => $options['path'],
'domain' => $options['domain'],
'secure' => $options['secure'],
'httponly' => $options['httponly'],
'samesite' => $options['samesite']
]);
return $this;
}
return $this;
}
/**
* Send the response to the client
*/
public function send(): void
{
if ($this->sent) return;
/**
* Send the response to the client
*/
public function send(): void
{
if ($this->sent) return;
http_response_code($this->statusCode);
http_response_code($this->statusCode);
foreach ($this->headers as $name => $value) header("$name: $value");
foreach ($this->headers as $name => $value) header("$name: $value");
echo $this->body;
$this->sent = true;
}
echo $this->body;
$this->sent = true;
}
/**
* Write the given content to the response body
*/
public function write(string $content): Response
{
$this->body .= $content;
return $this;
}
/**
* Write the given content to the response body
*/
public function write(string $content): Response
{
$this->body .= $content;
return $this;
}
/**
* End the response with the given content
*/
public function end(string $content = ''): void
{
if ($content) $this->body .= $content;
$this->send();
}
/**
* End the response with the given content
*/
public function end(string $content = ''): void
{
if ($content) $this->body .= $content;
$this->send();
}
}

298
Session.php
View File

@ -5,174 +5,174 @@
*/
class Session
{
private bool $started = false;
private array $flashData = [];
private bool $started = false;
private array $flashData = [];
/**
* start initializes the session if not already started
*/
public function start(): void
{
if ($this->started || session_status() === PHP_SESSION_ACTIVE) {
$this->started = true;
$this->loadFlashData();
return;
}
/**
* start initializes the session if not already started
*/
public function start(): void
{
if ($this->started || session_status() === PHP_SESSION_ACTIVE) {
$this->started = true;
$this->loadFlashData();
return;
}
session_start();
$this->started = true;
$this->loadFlashData();
}
session_start();
$this->started = true;
$this->loadFlashData();
}
/**
* get retrieves a value from the session
*/
public function get(string $key, mixed $default = null): mixed
{
$this->ensureStarted();
return $_SESSION[$key] ?? $default;
}
/**
* get retrieves a value from the session
*/
public function get(string $key, mixed $default = null): mixed
{
$this->ensureStarted();
return $_SESSION[$key] ?? $default;
}
/**
* set stores a value in the session
*/
public function set(string $key, mixed $value): void
{
$this->ensureStarted();
$_SESSION[$key] = $value;
}
/**
* set stores a value in the session
*/
public function set(string $key, mixed $value): void
{
$this->ensureStarted();
$_SESSION[$key] = $value;
}
/**
* has checks if a key exists in the session
*/
public function has(string $key): bool
{
$this->ensureStarted();
return isset($_SESSION[$key]);
}
/**
* has checks if a key exists in the session
*/
public function has(string $key): bool
{
$this->ensureStarted();
return isset($_SESSION[$key]);
}
/**
* remove deletes a value from the session
*/
public function remove(string $key): void
{
$this->ensureStarted();
unset($_SESSION[$key]);
}
/**
* remove deletes a value from the session
*/
public function remove(string $key): void
{
$this->ensureStarted();
unset($_SESSION[$key]);
}
/**
* flash sets a flash message that will be available only for the next request
*/
public function flash(string $key, mixed $value): void
{
$this->ensureStarted();
$_SESSION['_flash_new'][$key] = $value;
}
/**
* flash sets a flash message that will be available only for the next request
*/
public function flash(string $key, mixed $value): void
{
$this->ensureStarted();
$_SESSION['_flash_new'][$key] = $value;
}
/**
* getFlash retrieves a flash message (available only for current request)
*/
public function getFlash(string $key, mixed $default = null): mixed
{
return $this->flashData[$key] ?? $default;
}
/**
* getFlash retrieves a flash message (available only for current request)
*/
public function getFlash(string $key, mixed $default = null): mixed
{
return $this->flashData[$key] ?? $default;
}
/**
* hasFlash checks if a flash message exists
*/
public function hasFlash(string $key): bool
{
return isset($this->flashData[$key]);
}
/**
* hasFlash checks if a flash message exists
*/
public function hasFlash(string $key): bool
{
return isset($this->flashData[$key]);
}
/**
* csrfToken generates or retrieves the CSRF token for the session
*/
public function csrfToken(): string
{
$this->ensureStarted();
if (!isset($_SESSION['_csrf_token'])) $_SESSION['_csrf_token'] = bin2hex(random_bytes(32));
return $_SESSION['_csrf_token'];
}
/**
* csrfToken generates or retrieves the CSRF token for the session
*/
public function csrfToken(): string
{
$this->ensureStarted();
if (!isset($_SESSION['_csrf_token'])) $_SESSION['_csrf_token'] = bin2hex(random_bytes(32));
return $_SESSION['_csrf_token'];
}
/**
* validateCsrf validates a CSRF token
*/
public function validateCsrf(string $token): bool
{
$this->ensureStarted();
if (!isset($_SESSION['_csrf_token'])) return false;
return hash_equals($_SESSION['_csrf_token'], $token);
}
/**
* validateCsrf validates a CSRF token
*/
public function validateCsrf(string $token): bool
{
$this->ensureStarted();
if (!isset($_SESSION['_csrf_token'])) return false;
return hash_equals($_SESSION['_csrf_token'], $token);
}
/**
* regenerate regenerates the session ID for security
*/
public function regenerate(bool $deleteOldSession = true): bool
{
$this->ensureStarted();
return session_regenerate_id($deleteOldSession);
}
/**
* regenerate regenerates the session ID for security
*/
public function regenerate(bool $deleteOldSession = true): bool
{
$this->ensureStarted();
return session_regenerate_id($deleteOldSession);
}
/**
* destroy destroys the session
*/
public function destroy(): void
{
$this->ensureStarted();
/**
* destroy destroys the session
*/
public function destroy(): void
{
$this->ensureStarted();
$_SESSION = [];
$_SESSION = [];
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
$params["secure"], $params["httponly"]
);
}
session_destroy();
$this->started = false;
$this->flashData = [];
}
session_destroy();
$this->started = false;
$this->flashData = [];
}
/**
* clear removes all session data but keeps the session active
*/
public function clear(): void
{
$this->ensureStarted();
$_SESSION = [];
$this->flashData = [];
}
/**
* clear removes all session data but keeps the session active
*/
public function clear(): void
{
$this->ensureStarted();
$_SESSION = [];
$this->flashData = [];
}
/**
* all returns all session data
*/
public function all(): array
{
$this->ensureStarted();
$data = $_SESSION;
unset($data['_flash_old'], $data['_flash_new'], $data['_csrf_token']);
return $data;
}
/**
* all returns all session data
*/
public function all(): array
{
$this->ensureStarted();
$data = $_SESSION;
unset($data['_flash_old'], $data['_flash_new'], $data['_csrf_token']);
return $data;
}
/**
* ensureStarted ensures the session is started
*/
private function ensureStarted(): void
{
if (!$this->started) $this->start();
}
/**
* ensureStarted ensures the session is started
*/
private function ensureStarted(): void
{
if (!$this->started) $this->start();
}
/**
* loadFlashData loads flash messages and rotates them
*/
private function loadFlashData(): void
{
$this->flashData = $_SESSION['_flash_old'] ?? [];
/**
* loadFlashData loads flash messages and rotates them
*/
private function loadFlashData(): void
{
$this->flashData = $_SESSION['_flash_old'] ?? [];
$_SESSION['_flash_old'] = $_SESSION['_flash_new'] ?? [];
unset($_SESSION['_flash_new']);
}
$_SESSION['_flash_old'] = $_SESSION['_flash_new'] ?? [];
unset($_SESSION['_flash_new']);
}
}

598
Validator.php
View File

@ -5,351 +5,351 @@
*/
class Validator
{
private array $errors = [];
private array $data = [];
private array $rules = [];
private array $messages = [];
private array $errors = [];
private array $data = [];
private array $rules = [];
private array $messages = [];
/**
* Custom validation rules registry
*/
private static array $customRules = [];
/**
* Custom validation rules registry
*/
private static array $customRules = [];
/**
* validate performs validation on data with given rules
*/
public function validate(array $data, array $rules, array $messages = []): bool
{
$this->data = $data;
$this->rules = $rules;
$this->messages = $messages;
$this->errors = [];
/**
* validate performs validation on data with given rules
*/
public function validate(array $data, array $rules, array $messages = []): bool
{
$this->data = $data;
$this->rules = $rules;
$this->messages = $messages;
$this->errors = [];
foreach ($rules as $field => $fieldRules) {
$this->validateField($field, $fieldRules);
}
foreach ($rules as $field => $fieldRules) {
$this->validateField($field, $fieldRules);
}
return empty($this->errors);
}
return empty($this->errors);
}
/**
* validateField validates a single field against its rules
*/
private function validateField(string $field, string|array $rules): void
{
$rules = is_string($rules) ? explode('|', $rules) : $rules;
$value = $this->getValue($field);
/**
* validateField validates a single field against its rules
*/
private function validateField(string $field, string|array $rules): void
{
$rules = is_string($rules) ? explode('|', $rules) : $rules;
$value = $this->getValue($field);
foreach ($rules as $rule) {
$this->applyRule($field, $value, $rule);
}
}
foreach ($rules as $rule) {
$this->applyRule($field, $value, $rule);
}
}
/**
* getValue gets a value from data using dot notation
*/
private function getValue(string $field): mixed
{
$keys = explode('.', $field);
$value = $this->data;
/**
* getValue gets a value from data using dot notation
*/
private function getValue(string $field): mixed
{
$keys = explode('.', $field);
$value = $this->data;
foreach ($keys as $key) {
if (!is_array($value) || !array_key_exists($key, $value)) {
return null;
}
$value = $value[$key];
}
foreach ($keys as $key) {
if (!is_array($value) || !array_key_exists($key, $value)) {
return null;
}
$value = $value[$key];
}
return $value;
}
return $value;
}
/**
* applyRule applies a single validation rule
*/
private function applyRule(string $field, mixed $value, string $rule): void
{
$parts = explode(':', $rule, 2);
$ruleName = $parts[0];
$parameters = isset($parts[1]) ? explode(',', $parts[1]) : [];
/**
* applyRule applies a single validation rule
*/
private function applyRule(string $field, mixed $value, string $rule): void
{
$parts = explode(':', $rule, 2);
$ruleName = $parts[0];
$parameters = isset($parts[1]) ? explode(',', $parts[1]) : [];
$passes = match($ruleName) {
'required' => $this->validateRequired($value),
'email' => $this->validateEmail($value),
'url' => $this->validateUrl($value),
'alpha' => $this->validateAlpha($value),
'alphaNum' => $this->validateAlphaNum($value),
'numeric' => $this->validateNumeric($value),
'integer' => $this->validateInteger($value),
'float' => $this->validateFloat($value),
'boolean' => $this->validateBoolean($value),
'array' => $this->validateArray($value),
'json' => $this->validateJson($value),
'date' => $this->validateDate($value),
'min' => $this->validateMin($value, $parameters[0] ?? 0),
'max' => $this->validateMax($value, $parameters[0] ?? 0),
'between' => $this->validateBetween($value, $parameters[0] ?? 0, $parameters[1] ?? 0),
'length' => $this->validateLength($value, $parameters[0] ?? 0),
'in' => $this->validateIn($value, $parameters),
'notIn' => $this->validateNotIn($value, $parameters),
'regex' => $this->validateRegex($value, $parameters[0] ?? ''),
'confirmed' => $this->validateConfirmed($field, $value),
'unique' => $this->validateUnique($value, $parameters),
'exists' => $this->validateExists($value, $parameters),
default => $this->applyCustomRule($ruleName, $value, $parameters)
};
$passes = match($ruleName) {
'required' => $this->validateRequired($value),
'email' => $this->validateEmail($value),
'url' => $this->validateUrl($value),
'alpha' => $this->validateAlpha($value),
'alphaNum' => $this->validateAlphaNum($value),
'numeric' => $this->validateNumeric($value),
'integer' => $this->validateInteger($value),
'float' => $this->validateFloat($value),
'boolean' => $this->validateBoolean($value),
'array' => $this->validateArray($value),
'json' => $this->validateJson($value),
'date' => $this->validateDate($value),
'min' => $this->validateMin($value, $parameters[0] ?? 0),
'max' => $this->validateMax($value, $parameters[0] ?? 0),
'between' => $this->validateBetween($value, $parameters[0] ?? 0, $parameters[1] ?? 0),
'length' => $this->validateLength($value, $parameters[0] ?? 0),
'in' => $this->validateIn($value, $parameters),
'notIn' => $this->validateNotIn($value, $parameters),
'regex' => $this->validateRegex($value, $parameters[0] ?? ''),
'confirmed' => $this->validateConfirmed($field, $value),
'unique' => $this->validateUnique($value, $parameters),
'exists' => $this->validateExists($value, $parameters),
default => $this->applyCustomRule($ruleName, $value, $parameters)
};
if (!$passes) {
$this->addError($field, $ruleName, $parameters);
}
}
if (!$passes) {
$this->addError($field, $ruleName, $parameters);
}
}
/**
* Validation rule methods
*/
private function validateRequired(mixed $value): bool
{
if ($value === null) return false;
if (is_string($value) && trim($value) === '') return false;
if (is_array($value) && empty($value)) return false;
return true;
}
/**
* Validation rule methods
*/
private function validateRequired(mixed $value): bool
{
if ($value === null) return false;
if (is_string($value) && trim($value) === '') return false;
if (is_array($value) && empty($value)) return false;
return true;
}
private function validateEmail(mixed $value): bool
{
if (!is_string($value)) return false;
return filter_var($value, FILTER_VALIDATE_EMAIL) !== false;
}
private function validateEmail(mixed $value): bool
{
if (!is_string($value)) return false;
return filter_var($value, FILTER_VALIDATE_EMAIL) !== false;
}
private function validateUrl(mixed $value): bool
{
if (!is_string($value)) return false;
return filter_var($value, FILTER_VALIDATE_URL) !== false;
}
private function validateUrl(mixed $value): bool
{
if (!is_string($value)) return false;
return filter_var($value, FILTER_VALIDATE_URL) !== false;
}
private function validateAlpha(mixed $value): bool
{
if (!is_string($value)) return false;
return ctype_alpha($value);
}
private function validateAlpha(mixed $value): bool
{
if (!is_string($value)) return false;
return ctype_alpha($value);
}
private function validateAlphaNum(mixed $value): bool
{
if (!is_string($value)) return false;
return ctype_alnum($value);
}
private function validateAlphaNum(mixed $value): bool
{
if (!is_string($value)) return false;
return ctype_alnum($value);
}
private function validateNumeric(mixed $value): bool
{
return is_numeric($value);
}
private function validateNumeric(mixed $value): bool
{
return is_numeric($value);
}
private function validateInteger(mixed $value): bool
{
return filter_var($value, FILTER_VALIDATE_INT) !== false;
}
private function validateInteger(mixed $value): bool
{
return filter_var($value, FILTER_VALIDATE_INT) !== false;
}
private function validateFloat(mixed $value): bool
{
return filter_var($value, FILTER_VALIDATE_FLOAT) !== false;
}
private function validateFloat(mixed $value): bool
{
return filter_var($value, FILTER_VALIDATE_FLOAT) !== false;
}
private function validateBoolean(mixed $value): bool
{
return in_array($value, [true, false, 0, 1, '0', '1', 'true', 'false'], true);
}
private function validateBoolean(mixed $value): bool
{
return in_array($value, [true, false, 0, 1, '0', '1', 'true', 'false'], true);
}
private function validateArray(mixed $value): bool
{
return is_array($value);
}
private function validateArray(mixed $value): bool
{
return is_array($value);
}
private function validateJson(mixed $value): bool
{
if (!is_string($value)) return false;
json_decode($value);
return json_last_error() === JSON_ERROR_NONE;
}
private function validateJson(mixed $value): bool
{
if (!is_string($value)) return false;
json_decode($value);
return json_last_error() === JSON_ERROR_NONE;
}
private function validateDate(mixed $value): bool
{
if (!is_string($value)) return false;
$date = date_parse($value);
return $date['error_count'] === 0 && $date['warning_count'] === 0;
}
private function validateDate(mixed $value): bool
{
if (!is_string($value)) return false;
$date = date_parse($value);
return $date['error_count'] === 0 && $date['warning_count'] === 0;
}
private function validateMin(mixed $value, mixed $min): bool
{
if (is_numeric($value)) return $value >= $min;
if (is_string($value)) return strlen($value) >= $min;
if (is_array($value)) return count($value) >= $min;
return false;
}
private function validateMin(mixed $value, mixed $min): bool
{
if (is_numeric($value)) return $value >= $min;
if (is_string($value)) return strlen($value) >= $min;
if (is_array($value)) return count($value) >= $min;
return false;
}
private function validateMax(mixed $value, mixed $max): bool
{
if (is_numeric($value)) return $value <= $max;
if (is_string($value)) return strlen($value) <= $max;
if (is_array($value)) return count($value) <= $max;
return false;
}
private function validateMax(mixed $value, mixed $max): bool
{
if (is_numeric($value)) return $value <= $max;
if (is_string($value)) return strlen($value) <= $max;
if (is_array($value)) return count($value) <= $max;
return false;
}
private function validateBetween(mixed $value, mixed $min, mixed $max): bool
{
return $this->validateMin($value, $min) && $this->validateMax($value, $max);
}
private function validateBetween(mixed $value, mixed $min, mixed $max): bool
{
return $this->validateMin($value, $min) && $this->validateMax($value, $max);
}
private function validateLength(mixed $value, mixed $length): bool
{
if (is_string($value)) return strlen($value) == $length;
if (is_array($value)) return count($value) == $length;
return false;
}
private function validateLength(mixed $value, mixed $length): bool
{
if (is_string($value)) return strlen($value) == $length;
if (is_array($value)) return count($value) == $length;
return false;
}
private function validateIn(mixed $value, array $values): bool
{
return in_array($value, $values, true);
}
private function validateIn(mixed $value, array $values): bool
{
return in_array($value, $values, true);
}
private function validateNotIn(mixed $value, array $values): bool
{
return !in_array($value, $values, true);
}
private function validateNotIn(mixed $value, array $values): bool
{
return !in_array($value, $values, true);
}
private function validateRegex(mixed $value, string $pattern): bool
{
if (!is_string($value)) return false;
return preg_match($pattern, $value) === 1;
}
private function validateRegex(mixed $value, string $pattern): bool
{
if (!is_string($value)) return false;
return preg_match($pattern, $value) === 1;
}
private function validateConfirmed(string $field, mixed $value): bool
{
$confirmField = $field . '_confirmation';
return $value === $this->getValue($confirmField);
}
private function validateConfirmed(string $field, mixed $value): bool
{
$confirmField = $field . '_confirmation';
return $value === $this->getValue($confirmField);
}
private function validateUnique(mixed $value, array $parameters): bool
{
// Placeholder for database uniqueness check
// Would require database connection in real implementation
return true;
}
private function validateUnique(mixed $value, array $parameters): bool
{
// Placeholder for database uniqueness check
// Would require database connection in real implementation
return true;
}
private function validateExists(mixed $value, array $parameters): bool
{
// Placeholder for database existence check
// Would require database connection in real implementation
return true;
}
private function validateExists(mixed $value, array $parameters): bool
{
// Placeholder for database existence check
// Would require database connection in real implementation
return true;
}
/**
* applyCustomRule applies a custom validation rule
*/
private function applyCustomRule(string $ruleName, mixed $value, array $parameters): bool
{
if (!isset(self::$customRules[$ruleName])) {
return true; // Unknown rules pass by default
}
/**
* applyCustomRule applies a custom validation rule
*/
private function applyCustomRule(string $ruleName, mixed $value, array $parameters): bool
{
if (!isset(self::$customRules[$ruleName])) {
return true; // Unknown rules pass by default
}
return call_user_func(self::$customRules[$ruleName], $value, $parameters, $this->data);
}
return call_user_func(self::$customRules[$ruleName], $value, $parameters, $this->data);
}
/**
* addError adds a validation error
*/
private function addError(string $field, string $rule, array $parameters = []): void
{
$message = $this->messages["$field.$rule"]
?? $this->messages[$rule]
?? $this->getDefaultMessage($field, $rule, $parameters);
/**
* addError adds a validation error
*/
private function addError(string $field, string $rule, array $parameters = []): void
{
$message = $this->messages["$field.$rule"]
?? $this->messages[$rule]
?? $this->getDefaultMessage($field, $rule, $parameters);
if (!isset($this->errors[$field])) {
$this->errors[$field] = [];
}
if (!isset($this->errors[$field])) {
$this->errors[$field] = [];
}
$this->errors[$field][] = $message;
}
$this->errors[$field][] = $message;
}
/**
* getDefaultMessage gets a default error message
*/
private function getDefaultMessage(string $field, string $rule, array $parameters): string
{
$fieldName = str_replace('_', ' ', $field);
/**
* getDefaultMessage gets a default error message
*/
private function getDefaultMessage(string $field, string $rule, array $parameters): string
{
$fieldName = str_replace('_', ' ', $field);
return match($rule) {
'required' => "The {$fieldName} field is required.",
'email' => "The {$fieldName} must be a valid email address.",
'url' => "The {$fieldName} must be a valid URL.",
'alpha' => "The {$fieldName} may only contain letters.",
'alphaNum' => "The {$fieldName} may only contain letters and numbers.",
'numeric' => "The {$fieldName} must be a number.",
'integer' => "The {$fieldName} must be an integer.",
'float' => "The {$fieldName} must be a float.",
'boolean' => "The {$fieldName} must be a boolean.",
'array' => "The {$fieldName} must be an array.",
'json' => "The {$fieldName} must be valid JSON.",
'date' => "The {$fieldName} must be a valid date.",
'min' => "The {$fieldName} must be at least {$parameters[0]}.",
'max' => "The {$fieldName} must not be greater than {$parameters[0]}.",
'between' => "The {$fieldName} must be between {$parameters[0]} and {$parameters[1]}.",
'length' => "The {$fieldName} must be exactly {$parameters[0]} characters.",
'in' => "The selected {$fieldName} is invalid.",
'notIn' => "The selected {$fieldName} is invalid.",
'regex' => "The {$fieldName} format is invalid.",
'confirmed' => "The {$fieldName} confirmation does not match.",
'unique' => "The {$fieldName} has already been taken.",
'exists' => "The selected {$fieldName} is invalid.",
default => "The {$fieldName} is invalid."
};
}
return match($rule) {
'required' => "The {$fieldName} field is required.",
'email' => "The {$fieldName} must be a valid email address.",
'url' => "The {$fieldName} must be a valid URL.",
'alpha' => "The {$fieldName} may only contain letters.",
'alphaNum' => "The {$fieldName} may only contain letters and numbers.",
'numeric' => "The {$fieldName} must be a number.",
'integer' => "The {$fieldName} must be an integer.",
'float' => "The {$fieldName} must be a float.",
'boolean' => "The {$fieldName} must be a boolean.",
'array' => "The {$fieldName} must be an array.",
'json' => "The {$fieldName} must be valid JSON.",
'date' => "The {$fieldName} must be a valid date.",
'min' => "The {$fieldName} must be at least {$parameters[0]}.",
'max' => "The {$fieldName} must not be greater than {$parameters[0]}.",
'between' => "The {$fieldName} must be between {$parameters[0]} and {$parameters[1]}.",
'length' => "The {$fieldName} must be exactly {$parameters[0]} characters.",
'in' => "The selected {$fieldName} is invalid.",
'notIn' => "The selected {$fieldName} is invalid.",
'regex' => "The {$fieldName} format is invalid.",
'confirmed' => "The {$fieldName} confirmation does not match.",
'unique' => "The {$fieldName} has already been taken.",
'exists' => "The selected {$fieldName} is invalid.",
default => "The {$fieldName} is invalid."
};
}
/**
* errors returns all validation errors
*/
public function errors(): array
{
return $this->errors;
}
/**
* errors returns all validation errors
*/
public function errors(): array
{
return $this->errors;
}
/**
* failed checks if validation failed
*/
public function failed(): bool
{
return !empty($this->errors);
}
/**
* failed checks if validation failed
*/
public function failed(): bool
{
return !empty($this->errors);
}
/**
* passed checks if validation passed
*/
public function passed(): bool
{
return empty($this->errors);
}
/**
* passed checks if validation passed
*/
public function passed(): bool
{
return empty($this->errors);
}
/**
* firstError gets the first error message
*/
public function firstError(string $field = null): ?string
{
if ($field) {
return $this->errors[$field][0] ?? null;
}
/**
* firstError gets the first error message
*/
public function firstError(string $field = null): ?string
{
if ($field) {
return $this->errors[$field][0] ?? null;
}
foreach ($this->errors as $errors) {
if (!empty($errors)) {
return $errors[0];
}
}
foreach ($this->errors as $errors) {
if (!empty($errors)) {
return $errors[0];
}
}
return null;
}
return null;
}
/**
* extend adds a custom validation rule
*/
public static function extend(string $name, callable $callback): void
{
self::$customRules[$name] = $callback;
}
/**
* extend adds a custom validation rule
*/
public static function extend(string $name, callable $callback): void
{
self::$customRules[$name] = $callback;
}
}

254
Web.php
View File

@ -12,158 +12,158 @@ require_once __DIR__ . '/ErrorHandler.php';
*/
class Web
{
private Router $router;
private array $middleware = [];
private Context $context;
private ErrorHandler $errorHandler;
private Router $router;
private array $middleware = [];
private Context $context;
private ErrorHandler $errorHandler;
public function __construct(bool $debug = false)
{
$this->router = new Router();
$this->errorHandler = new ErrorHandler($debug);
}
public function __construct(bool $debug = false)
{
$this->router = new Router();
$this->errorHandler = new ErrorHandler($debug);
}
public function use(callable $middleware): self
{
$this->middleware[] = $middleware;
return $this;
}
public function use(callable $middleware): self
{
$this->middleware[] = $middleware;
return $this;
}
public function get(string $route, callable $handler): self
{
$this->router->get($route, $handler);
return $this;
}
public function get(string $route, callable $handler): self
{
$this->router->get($route, $handler);
return $this;
}
public function post(string $route, callable $handler): self
{
$this->router->post($route, $handler);
return $this;
}
public function post(string $route, callable $handler): self
{
$this->router->post($route, $handler);
return $this;
}
public function put(string $route, callable $handler): self
{
$this->router->put($route, $handler);
return $this;
}
public function put(string $route, callable $handler): self
{
$this->router->put($route, $handler);
return $this;
}
public function patch(string $route, callable $handler): self
{
$this->router->patch($route, $handler);
return $this;
}
public function patch(string $route, callable $handler): self
{
$this->router->patch($route, $handler);
return $this;
}
public function delete(string $route, callable $handler): self
{
$this->router->delete($route, $handler);
return $this;
}
public function delete(string $route, callable $handler): self
{
$this->router->delete($route, $handler);
return $this;
}
public function head(string $route, callable $handler): self
{
$this->router->head($route, $handler);
return $this;
}
public function head(string $route, callable $handler): self
{
$this->router->head($route, $handler);
return $this;
}
public function route(string $method, string $route, callable $handler): self
{
$this->router->add($method, $route, $handler);
return $this;
}
public function route(string $method, string $route, callable $handler): self
{
$this->router->add($method, $route, $handler);
return $this;
}
public function group(string $prefix, callable $callback): self
{
$originalRouter = $this->router;
$groupRouter = new Router();
public function group(string $prefix, callable $callback): self
{
$originalRouter = $this->router;
$groupRouter = new Router();
$this->router = $groupRouter;
$callback($this);
$this->router = $groupRouter;
$callback($this);
foreach ($groupRouter->dump() as $path => $methods) {
$this->addGroupRoutes($originalRouter, $prefix, $path, $methods);
}
foreach ($groupRouter->dump() as $path => $methods) {
$this->addGroupRoutes($originalRouter, $prefix, $path, $methods);
}
$this->router = $originalRouter;
return $this;
}
$this->router = $originalRouter;
return $this;
}
public function setErrorHandler(int $status, callable $handler): self
{
$this->errorHandler->register($status, $handler);
return $this;
}
public function setErrorHandler(int $status, callable $handler): self
{
$this->errorHandler->register($status, $handler);
return $this;
}
public function setDefaultErrorHandler(callable $handler): self
{
$this->errorHandler->setDefaultHandler($handler);
return $this;
}
public function setDefaultErrorHandler(callable $handler): self
{
$this->errorHandler->setDefaultHandler($handler);
return $this;
}
private function addGroupRoutes(Router $router, string $prefix, string $path, mixed $node, string $currentPath = ''): void
{
if ($path !== '') $currentPath = $currentPath ? "$currentPath/$path" : $path;
private function addGroupRoutes(Router $router, string $prefix, string $path, mixed $node, string $currentPath = ''): void
{
if ($path !== '') $currentPath = $currentPath ? "$currentPath/$path" : $path;
if (!is_array($node)) return;
if (!is_array($node)) return;
foreach ($node as $key => $value) {
if (in_array($key, ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'])) {
$fullPath = rtrim($prefix, '/') . '/' . ltrim($currentPath, '/');
$fullPath = str_replace(':x', ':param', $fullPath);
$router->add($key, $fullPath, $value);
} elseif (is_array($value)) {
$this->addGroupRoutes($router, $prefix, $key, $value, $currentPath);
}
}
}
foreach ($node as $key => $value) {
if (in_array($key, ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'])) {
$fullPath = rtrim($prefix, '/') . '/' . ltrim($currentPath, '/');
$fullPath = str_replace(':x', ':param', $fullPath);
$router->add($key, $fullPath, $value);
} elseif (is_array($value)) {
$this->addGroupRoutes($router, $prefix, $key, $value, $currentPath);
}
}
}
public function run(): void
{
$this->context = new Context();
public function run(): void
{
$this->context = new Context();
try {
$next = function() {
$result = $this->router->lookup(
$this->context->request->method,
$this->context->request->path
);
try {
$next = function() {
$result = $this->router->lookup(
$this->context->request->method,
$this->context->request->path
);
if ($result['code'] === 404) {
$this->errorHandler->handle($this->context, 404);
return;
}
if ($result['code'] === 404) {
$this->errorHandler->handle($this->context, 404);
return;
}
if ($result['code'] === 405) {
$this->errorHandler->handle($this->context, 405);
return;
}
if ($result['code'] === 405) {
$this->errorHandler->handle($this->context, 405);
return;
}
$this->context->request->params = $result['params'];
$this->context->request->params = $result['params'];
$handler = $result['handler'];
$response = $handler($this->context, ...$result['params']);
$handler = $result['handler'];
$response = $handler($this->context, ...$result['params']);
if ($response instanceof Response) {
$response->send();
} elseif (is_array($response) || is_object($response)) {
$this->context->json($response);
} elseif (is_string($response)) {
$this->context->text($response);
}
};
if ($response instanceof Response) {
$response->send();
} elseif (is_array($response) || is_object($response)) {
$this->context->json($response);
} elseif (is_string($response)) {
$this->context->text($response);
}
};
$chain = array_reduce(
array_reverse($this->middleware),
function($next, $middleware) {
return function() use ($middleware, $next) {
$middleware($this->context, $next);
};
},
$next
);
$chain = array_reduce(
array_reverse($this->middleware),
function($next, $middleware) {
return function() use ($middleware, $next) {
$middleware($this->context, $next);
};
},
$next
);
$chain();
} catch (Exception $e) {
$this->errorHandler->handleException($this->context, $e);
}
}
$chain();
} catch (Exception $e) {
$this->errorHandler->handleException($this->context, $e);
}
}
}

410
auth/Auth.php
View File

@ -8,245 +8,237 @@ require_once __DIR__ . '/../Session.php';
*/
class Auth
{
private Session $session;
private ?User $user = null;
private array $config;
private Session $session;
private ?User $user = null;
private array $config;
const SESSION_KEY = 'auth_user_data';
const REMEMBER_COOKIE = 'remember_token';
const REMEMBER_DURATION = 2592000; // 30 days in seconds
const SESSION_KEY = 'auth_user_data';
const REMEMBER_COOKIE = 'remember_token';
const REMEMBER_DURATION = 2592000; // 30 days in seconds
public function __construct(Session $session, array $config = [])
{
$this->session = $session;
$this->config = array_merge([
'cookie_name' => self::REMEMBER_COOKIE,
'cookie_lifetime' => self::REMEMBER_DURATION,
'cookie_path' => '/',
'cookie_domain' => '',
'cookie_secure' => false,
'cookie_httponly' => true,
'cookie_samesite' => 'Lax'
], $config);
public function __construct(Session $session, array $config = [])
{
$this->session = $session;
$this->config = array_merge([
'cookie_name' => self::REMEMBER_COOKIE,
'cookie_lifetime' => self::REMEMBER_DURATION,
'cookie_path' => '/',
'cookie_domain' => '',
'cookie_secure' => false,
'cookie_httponly' => true,
'cookie_samesite' => 'Lax'
], $config);
$this->initializeFromSession();
}
$this->initializeFromSession();
}
/**
* Login with externally verified user data
*/
public function login(array $userData, bool $remember = false): void
{
$this->user = new User($userData);
$this->session->set(self::SESSION_KEY, $userData);
$this->session->regenerate();
/**
* Login with externally verified user data
*/
public function login(array $userData, bool $remember = false): void
{
$this->user = new User($userData);
$this->session->set(self::SESSION_KEY, $userData);
$this->session->regenerate();
if ($remember) {
$this->createRememberToken($userData);
}
}
if ($remember) $this->createRememberToken($userData);
}
/**
* Login using user data directly
*/
public function loginUser(User $user, bool $remember = false): void
{
$this->user = $user;
$this->session->set(self::SESSION_KEY, $user->toArray());
$this->session->regenerate();
/**
* Login using user data directly
*/
public function loginUser(User $user, bool $remember = false): void
{
$this->user = $user;
$this->session->set(self::SESSION_KEY, $user->toArray());
$this->session->regenerate();
if ($remember) {
$this->createRememberToken($user->toArray());
}
}
if ($remember) $this->createRememberToken($user->toArray());
}
/**
* Logout the current user
*/
public function logout(): void
{
$this->user = null;
$this->session->remove(self::SESSION_KEY);
$this->session->regenerate();
$this->clearRememberCookie();
}
/**
* Logout the current user
*/
public function logout(): void
{
$this->user = null;
$this->session->remove(self::SESSION_KEY);
$this->session->regenerate();
$this->clearRememberCookie();
}
/**
* Check if user is authenticated
*/
public function check(): bool
{
return $this->user() !== null;
}
/**
* Check if user is authenticated
*/
public function check(): bool
{
return $this->user() !== null;
}
/**
* Check if user is guest (not authenticated)
*/
public function guest(): bool
{
return !$this->check();
}
/**
* Check if user is guest (not authenticated)
*/
public function guest(): bool
{
return !$this->check();
}
/**
* Get the currently authenticated user
*/
public function user(): ?User
{
if ($this->user) {
return $this->user;
}
/**
* Get the currently authenticated user
*/
public function user(): ?User
{
if ($this->user) return $this->user;
// Try to load from session
$userData = $this->session->get(self::SESSION_KEY);
if ($userData) {
$this->user = new User($userData);
return $this->user;
}
// Try to load from session
$userData = $this->session->get(self::SESSION_KEY);
if ($userData) {
$this->user = new User($userData);
return $this->user;
}
// Try to load from remember cookie
$userData = $this->getUserDataFromRememberCookie();
if ($userData) {
$this->user = new User($userData);
$this->session->set(self::SESSION_KEY, $userData);
}
// Try to load from remember cookie
$userData = $this->getUserDataFromRememberCookie();
if ($userData) {
$this->user = new User($userData);
$this->session->set(self::SESSION_KEY, $userData);
}
return $this->user;
}
return $this->user;
}
/**
* Get user ID
*/
public function id(): int|string|null
{
return $this->user()?->getId();
}
/**
* Get user ID
*/
public function id(): int|string|null
{
return $this->user()?->getId();
}
/**
* Set user data after external verification
*/
public function setUserData(array $userData): void
{
$this->user = new User($userData);
$this->session->set(self::SESSION_KEY, $userData);
}
/**
* Set user data after external verification
*/
public function setUserData(array $userData): void
{
$this->user = new User($userData);
$this->session->set(self::SESSION_KEY, $userData);
}
/**
* Hash a password
*/
public function hashPassword(string $password): string
{
return password_hash($password, PASSWORD_BCRYPT, ['cost' => 10]);
}
/**
* Hash a password
*/
public function hashPassword(string $password): string
{
return password_hash($password, PASSWORD_BCRYPT, ['cost' => 10]);
}
/**
* Verify a password against hash
*/
public function verifyPassword(string $password, string $hash): bool
{
return password_verify($password, $hash);
}
/**
* Verify a password against hash
*/
public function verifyPassword(string $password, string $hash): bool
{
return password_verify($password, $hash);
}
/**
* Initialize user from session
*/
private function initializeFromSession(): void
{
$this->session->start();
$this->user();
}
/**
* Initialize user from session
*/
private function initializeFromSession(): void
{
$this->session->start();
$this->user();
}
/**
* Create remember token for user
*/
private function createRememberToken(array $userData): void
{
$token = $this->generateRememberToken();
$hashedToken = hash('sha256', $token);
/**
* Create remember token for user
*/
private function createRememberToken(array $userData): void
{
$token = $this->generateRememberToken();
$hashedToken = hash('sha256', $token);
$userData['remember_token'] = $hashedToken;
$this->session->set('remember_user_data', $userData);
$userData['remember_token'] = $hashedToken;
$this->session->set('remember_user_data', $userData);
$this->setRememberCookie($userData['id'] . '|' . $token);
}
$this->setRememberCookie($userData['id'] . '|' . $token);
}
/**
* Generate a random remember token
*/
private function generateRememberToken(): string
{
return bin2hex(random_bytes(32));
}
/**
* Generate a random remember token
*/
private function generateRememberToken(): string
{
return bin2hex(random_bytes(32));
}
/**
* Set remember cookie
*/
private function setRememberCookie(string $value): void
{
setcookie(
$this->config['cookie_name'],
$value,
[
'expires' => time() + $this->config['cookie_lifetime'],
'path' => $this->config['cookie_path'],
'domain' => $this->config['cookie_domain'],
'secure' => $this->config['cookie_secure'],
'httponly' => $this->config['cookie_httponly'],
'samesite' => $this->config['cookie_samesite']
]
);
}
/**
* Set remember cookie
*/
private function setRememberCookie(string $value): void
{
setcookie(
$this->config['cookie_name'],
$value,
[
'expires' => time() + $this->config['cookie_lifetime'],
'path' => $this->config['cookie_path'],
'domain' => $this->config['cookie_domain'],
'secure' => $this->config['cookie_secure'],
'httponly' => $this->config['cookie_httponly'],
'samesite' => $this->config['cookie_samesite']
]
);
}
/**
* Clear remember cookie
*/
private function clearRememberCookie(): void
{
setcookie(
$this->config['cookie_name'],
'',
[
'expires' => time() - 3600,
'path' => $this->config['cookie_path'],
'domain' => $this->config['cookie_domain'],
'secure' => $this->config['cookie_secure'],
'httponly' => $this->config['cookie_httponly'],
'samesite' => $this->config['cookie_samesite']
]
);
}
/**
* Clear remember cookie
*/
private function clearRememberCookie(): void
{
setcookie(
$this->config['cookie_name'],
'',
[
'expires' => time() - 3600,
'path' => $this->config['cookie_path'],
'domain' => $this->config['cookie_domain'],
'secure' => $this->config['cookie_secure'],
'httponly' => $this->config['cookie_httponly'],
'samesite' => $this->config['cookie_samesite']
]
);
}
/**
* Get user data from remember cookie
*/
private function getUserDataFromRememberCookie(): ?array
{
$cookie = $_COOKIE[$this->config['cookie_name']] ?? null;
/**
* Get user data from remember cookie
*/
private function getUserDataFromRememberCookie(): ?array
{
$cookie = $_COOKIE[$this->config['cookie_name']] ?? null;
if (!$cookie || !str_contains($cookie, '|')) {
return null;
}
if (!$cookie || !str_contains($cookie, '|')) return null;
[$id, $token] = explode('|', $cookie, 2);
$hashedToken = hash('sha256', $token);
[$id, $token] = explode('|', $cookie, 2);
$hashedToken = hash('sha256', $token);
$userData = $this->session->get('remember_user_data');
$userData = $this->session->get('remember_user_data');
if (!$userData || $userData['id'] != $id || ($userData['remember_token'] ?? null) !== $hashedToken) {
$this->clearRememberCookie();
return null;
}
if (!$userData || $userData['id'] != $id || ($userData['remember_token'] ?? null) !== $hashedToken) {
$this->clearRememberCookie();
return null;
}
return $userData;
}
return $userData;
}
/**
* Clear user data and session
*/
public function clear(): void
{
$this->user = null;
$this->session->remove(self::SESSION_KEY);
$this->session->remove('remember_user_data');
$this->clearRememberCookie();
}
/**
* Clear user data and session
*/
public function clear(): void
{
$this->user = null;
$this->session->remove(self::SESSION_KEY);
$this->session->remove('remember_user_data');
$this->clearRememberCookie();
}
}

330
auth/AuthMiddleware.php
View File

@ -7,198 +7,198 @@ require_once __DIR__ . '/Auth.php';
*/
class AuthMiddleware
{
private Auth $auth;
private Auth $auth;
public function __construct(Auth $auth)
{
$this->auth = $auth;
}
public function __construct(Auth $auth)
{
$this->auth = $auth;
}
/**
* Require authentication
*/
public function requireAuth(): callable
{
return function(Context $context, callable $next) {
if ($this->auth->guest()) {
// Check if request expects JSON
if ($context->request->expectsJson()) {
$context->json(['error' => 'Unauthenticated'], 401);
return;
}
/**
* Require authentication
*/
public function requireAuth(): callable
{
return function(Context $context, callable $next) {
if ($this->auth->guest()) {
// Check if request expects JSON
if ($context->request->expectsJson()) {
$context->json(['error' => 'Unauthenticated'], 401);
return;
}
// Redirect to login page
$context->redirect('/login');
return;
}
// Redirect to login page
$context->redirect('/login');
return;
}
// Add user to context
$context->set('user', $this->auth->user());
$next();
};
}
// Add user to context
$context->set('user', $this->auth->user());
$next();
};
}
/**
* Require guest (not authenticated)
*/
public function requireGuest(): callable
{
return function(Context $context, callable $next) {
if ($this->auth->check()) {
// Check if request expects JSON
if ($context->request->expectsJson()) {
$context->json(['error' => 'Already authenticated'], 403);
return;
}
/**
* Require guest (not authenticated)
*/
public function requireGuest(): callable
{
return function(Context $context, callable $next) {
if ($this->auth->check()) {
// Check if request expects JSON
if ($context->request->expectsJson()) {
$context->json(['error' => 'Already authenticated'], 403);
return;
}
// Redirect to home or dashboard
$context->redirect('/');
return;
}
// Redirect to home or dashboard
$context->redirect('/');
return;
}
$next();
};
}
$next();
};
}
/**
* Optional authentication (sets user if authenticated)
*/
public function optional(): callable
{
return function(Context $context, callable $next) {
if ($this->auth->check()) $context->set('user', $this->auth->user());
$next();
};
}
/**
* Optional authentication (sets user if authenticated)
*/
public function optional(): callable
{
return function(Context $context, callable $next) {
if ($this->auth->check()) $context->set('user', $this->auth->user());
$next();
};
}
/**
* Check if user has specific role
*/
public function requireRole(string|array $roles): callable
{
$roles = is_array($roles) ? $roles : [$roles];
/**
* Check if user has specific role
*/
public function requireRole(string|array $roles): callable
{
$roles = is_array($roles) ? $roles : [$roles];
return function(Context $context, callable $next) use ($roles) {
if ($this->auth->guest()) {
if ($context->request->expectsJson()) {
$context->json(['error' => 'Unauthenticated'], 401);
return;
}
$context->redirect('/login');
return;
}
return function(Context $context, callable $next) use ($roles) {
if ($this->auth->guest()) {
if ($context->request->expectsJson()) {
$context->json(['error' => 'Unauthenticated'], 401);
return;
}
$context->redirect('/login');
return;
}
$user = $this->auth->user();
$userRole = $user->role;
$user = $this->auth->user();
$userRole = $user->role;
if (!in_array($userRole, $roles)) {
if ($context->request->expectsJson()) {
$context->json(['error' => 'Insufficient permissions'], 403);
return;
}
$context->error(403, 'Forbidden');
return;
}
if (!in_array($userRole, $roles)) {
if ($context->request->expectsJson()) {
$context->json(['error' => 'Insufficient permissions'], 403);
return;
}
$context->error(403, 'Forbidden');
return;
}
$context->set('user', $user);
$next();
};
}
$context->set('user', $user);
$next();
};
}
/**
* Rate limiting per user
*/
public function rateLimit(int $maxAttempts = 60, int $decayMinutes = 1): callable
{
return function(Context $context, callable $next) use ($maxAttempts, $decayMinutes) {
if ($this->auth->guest()) {
$identifier = $context->request->ip();
} else {
$identifier = 'user:' . $this->auth->id();
}
/**
* Rate limiting per user
*/
public function rateLimit(int $maxAttempts = 60, int $decayMinutes = 1): callable
{
return function(Context $context, callable $next) use ($maxAttempts, $decayMinutes) {
if ($this->auth->guest()) {
$identifier = $context->request->ip();
} else {
$identifier = 'user:' . $this->auth->id();
}
$key = 'rate_limit:' . $identifier . ':' . $context->request->path;
$attempts = $context->session->get($key, 0);
$resetTime = $context->session->get($key . ':reset', 0);
$key = 'rate_limit:' . $identifier . ':' . $context->request->path;
$attempts = $context->session->get($key, 0);
$resetTime = $context->session->get($key . ':reset', 0);
// Reset counter if decay time has passed
if (time() > $resetTime) {
$attempts = 0;
$context->session->set($key . ':reset', time() + ($decayMinutes * 60));
}
// Reset counter if decay time has passed
if (time() > $resetTime) {
$attempts = 0;
$context->session->set($key . ':reset', time() + ($decayMinutes * 60));
}
if ($attempts >= $maxAttempts) {
$retryAfter = $resetTime - time();
$context->response->header('X-RateLimit-Limit', (string)$maxAttempts);
$context->response->header('X-RateLimit-Remaining', '0');
$context->response->header('Retry-After', (string)$retryAfter);
if ($attempts >= $maxAttempts) {
$retryAfter = $resetTime - time();
$context->response->header('X-RateLimit-Limit', (string)$maxAttempts);
$context->response->header('X-RateLimit-Remaining', '0');
$context->response->header('Retry-After', (string)$retryAfter);
if ($context->request->expectsJson()) {
$context->json([
'error' => 'Too many requests',
'retry_after' => $retryAfter
], 429);
return;
}
if ($context->request->expectsJson()) {
$context->json([
'error' => 'Too many requests',
'retry_after' => $retryAfter
], 429);
return;
}
$context->error(429, 'Too Many Requests');
return;
}
$context->error(429, 'Too Many Requests');
return;
}
// Increment attempts
$context->session->set($key, $attempts + 1);
// Increment attempts
$context->session->set($key, $attempts + 1);
// Add rate limit headers
$context->response->header('X-RateLimit-Limit', (string)$maxAttempts);
$context->response->header('X-RateLimit-Remaining', (string)($maxAttempts - $attempts - 1));
// Add rate limit headers
$context->response->header('X-RateLimit-Limit', (string)$maxAttempts);
$context->response->header('X-RateLimit-Remaining', (string)($maxAttempts - $attempts - 1));
$next();
};
}
$next();
};
}
/**
* CSRF protection
*/
public function verifyCsrf(): callable
{
return function(Context $context, callable $next) {
// Skip CSRF for safe methods
if (in_array($context->request->method, ['GET', 'HEAD', 'OPTIONS'])) {
$next();
return;
}
/**
* CSRF protection
*/
public function verifyCsrf(): callable
{
return function(Context $context, callable $next) {
// Skip CSRF for safe methods
if (in_array($context->request->method, ['GET', 'HEAD', 'OPTIONS'])) {
$next();
return;
}
$token = $context->request->input('_token')
?? $context->request->header('X-CSRF-TOKEN')
?? $context->request->header('X-XSRF-TOKEN');
$token = $context->request->input('_token')
?? $context->request->header('X-CSRF-TOKEN')
?? $context->request->header('X-XSRF-TOKEN');
if (!$context->session->validateCsrf($token)) {
if ($context->request->expectsJson()) {
$context->json(['error' => 'CSRF token mismatch'], 419);
return;
}
$context->error(419, 'CSRF token mismatch');
return;
}
if (!$context->session->validateCsrf($token)) {
if ($context->request->expectsJson()) {
$context->json(['error' => 'CSRF token mismatch'], 419);
return;
}
$context->error(419, 'CSRF token mismatch');
return;
}
$next();
};
}
$next();
};
}
/**
* Remember user from cookie
*/
public function remember(): callable
{
return function(Context $context, callable $next) {
// Auth class already handles remember cookies in constructor
// This middleware can be used to refresh the remember token if needed
/**
* Remember user from cookie
*/
public function remember(): callable
{
return function(Context $context, callable $next) {
// Auth class already handles remember cookies in constructor
// This middleware can be used to refresh the remember token if needed
if ($this->auth->check()) {
$context->set('user', $this->auth->user());
}
if ($this->auth->check()) {
$context->set('user', $this->auth->user());
}
$next();
};
}
$next();
};
}
}

118
auth/User.php
View File

@ -5,68 +5,68 @@
*/
class User
{
public int|string $id;
public string $username;
public string $email;
public string $password;
public ?string $rememberToken;
public string $role;
public ?string $lastLogin;
public int|string $id;
public string $username;
public string $email;
public string $password;
public ?string $rememberToken;
public string $role;
public ?string $lastLogin;
public function __construct(array $data = [])
{
$this->id = $data['id'] ?? 0;
$this->username = $data['username'] ?? '';
$this->email = $data['email'] ?? '';
$this->password = $data['password'] ?? '';
$this->rememberToken = $data['remember_token'] ?? $data['rememberToken'] ?? null;
$this->role = $data['role'] ?? 'user';
$this->lastLogin = $data['last_login'] ?? $data['lastLogin'] ?? null;
}
public function __construct(array $data = [])
{
$this->id = $data['id'] ?? 0;
$this->username = $data['username'] ?? '';
$this->email = $data['email'] ?? '';
$this->password = $data['password'] ?? '';
$this->rememberToken = $data['remember_token'] ?? $data['rememberToken'] ?? null;
$this->role = $data['role'] ?? 'user';
$this->lastLogin = $data['last_login'] ?? $data['lastLogin'] ?? null;
}
/**
* Get user identifier (email or username)
*/
public function getIdentifier(): string
{
return $this->email ?: $this->username;
}
/**
* Get user identifier (email or username)
*/
public function getIdentifier(): string
{
return $this->email ?: $this->username;
}
/**
* Get user ID
*/
public function getId(): int|string
{
return $this->id;
}
/**
* Get user ID
*/
public function getId(): int|string
{
return $this->id;
}
/**
* Convert to array
*/
public function toArray(): array
{
return [
'id' => $this->id,
'username' => $this->username,
'email' => $this->email,
'password' => $this->password,
'remember_token' => $this->rememberToken,
'role' => $this->role,
'last_login' => $this->lastLogin,
];
}
/**
* Convert to array
*/
public function toArray(): array
{
return [
'id' => $this->id,
'username' => $this->username,
'email' => $this->email,
'password' => $this->password,
'remember_token' => $this->rememberToken,
'role' => $this->role,
'last_login' => $this->lastLogin,
];
}
/**
* Convert to safe array (without sensitive data)
*/
public function toSafeArray(): array
{
return [
'id' => $this->id,
'username' => $this->username,
'email' => $this->email,
'role' => $this->role,
'last_login' => $this->lastLogin,
];
}
/**
* Convert to safe array (without sensitive data)
*/
public function toSafeArray(): array
{
return [
'id' => $this->id,
'username' => $this->username,
'email' => $this->email,
'role' => $this->role,
'last_login' => $this->lastLogin,
];
}
}