picombo 0.1.0

data/lib/classes/router.rb

@@ -0,0 +1,155 @@
+module Picombo
+
+	# Processes the URI to route requests to proper controller
+	#
+	# == Using Routes
+	# Routes are defined in the +config/routes.yaml+:: config file.
+	#
+	# There should always be a 'default' route, which is the route that applies when there are no uri segments. ex: +default: controller/method+::
+	#
+	# The first kind of route is an exact match route. This will look for a URI match in the keys of the routes file. ex: +foobar/baz: controller/method+::
+	#
+	# You can also use regex routes for more powerful routing:
+	# * A catch-all route: .+: controller/method
+	# * Routing all second URI segments to the index method: foobar/(.+): foobar/index
+	# * ([a-z]{2}): chamber/video/\1
+
+	class Router
+		@@req = nil
+
+		# Data writer.
+		def self.routes=(routes)
+			@@routes = routes
+		end
+		def self.current_uri=(current_uri)
+			@@current_uri = current_uri
+		end
+		def self.current_uri
+			@@current_uri
+		end
+		def self.segments=(segments)
+			@@segments = segments
+		end
+		def self.segments
+			@@segments
+		end
+		def self.rsegments=(rsegments)
+			@@rsegments = rsegments
+		end
+		def self.controller=(controller)
+			@@controller = controller
+		end
+		def self.controller
+			@@controller
+		end
+		def self.method=(method)
+			@@method = method
+		end
+		def self.method
+			@@method
+		end
+
+		def initialize(req)
+			@@req = req
+		end
+
+		# Processes the URI
+		def process()
+			Picombo::Bench.instance.start('setup')
+
+			Picombo::Event.run('system.pre_router')
+			# Find the controller and method
+			uri = @@req.path
+			path = uri[0..-(File.extname(uri).length+1)]
+			uri = Picombo::Router.process_uri(path)
+
+			# Let events have the ability to modify the uri array
+			Picombo::Event.run('system.post_router', uri)
+			@@controller = 'Picombo::Controllers::'+uri[:controller]
+			@@method = uri[:method]
+
+			# Try and load the controller class
+			begin
+				controller = Picombo::Controllers::const_get(uri[:controller].capitalize!).new
+			rescue LoadError
+				return Picombo::Controllers::Error_404.new.run_error(@@req.path)
+			end
+
+			controller_methods = controller.methods
+
+			Picombo::Bench.instance.stop('setup')
+
+			# Execute the controller method
+			Picombo::Bench.instance.start('controller_execution')
+
+			Picombo::Event.run('system.pre_controller')
+			if controller_methods.include?(uri[:method])
+				begin
+					if uri[:params].nil? or uri[:params].empty?
+						controller.send(uri[:method])
+					else
+						controller.send(uri[:method], *uri[:params])
+					end
+				rescue Picombo::E404
+					return Picombo::Controllers::Error_404.new.run_error(@@req.path)
+				end
+			else
+				return Picombo::Controllers::Error_404.new.run_error(uri.inspect)
+			end
+			Picombo::Event.run('system.post_controller')
+
+			Picombo::Bench.instance.stop('controller_execution')
+			Picombo::Bench.instance.stop('application')
+
+			Picombo::Core.render
+		end
+
+		# Takes a uri path string and determines the controller, method and any get parameters
+		# Uses the routes config file for translation
+		def self.process_uri(path)
+			router_parts = path == '/' ? ('/'+Picombo::Config.get('routes._default')).split('/') : path.split('/')
+			@@current_uri = path.split('?').at(0)
+			@@segments = @@current_uri.split('/')[1..-1]
+			@@rsegments = router_parts[1..-1]
+			routed_uri = @@current_uri
+
+			# Load routes
+			routes = Picombo::Config.load('routes')
+
+			# Try and find a direct match
+			if routes.key?(@@current_uri)
+				routed_uri = routes[@@current_uri]
+				@@rsegments = routed_uri.split('/')
+			else
+				routes.each do |route, destination|
+					if route != '_default'
+						if Regexp.new(route).match(@@current_uri)
+							routed_uri.gsub!(Regexp.new(route), destination)
+							@@rsegments = routed_uri.split('/')[1..-1]
+						end
+					end
+				end
+			end
+
+			params = @@rsegments.slice(2, router_parts.length)
+
+			if ! params.nil?
+				params.collect! do |param|
+					param.split('?').at(0)
+				end
+			else
+				params = []
+			end
+
+			# Use the default route if nothing has been found
+			if ! @@rsegments[1].nil?
+				@@rsegments[1] = @@rsegments[1].split('?').at(0)
+			else
+				@@rsegments[1] = ('/'+Picombo::Config.get('routes._default')).split('/').at(2)
+			end
+
+			# make sure to remove the GET from any of the parameters
+			{:controller => @@rsegments[0].split('?').at(0), :method => @@rsegments[1], :params => params}
+		end
+	end
+end

data/lib/classes/security.rb

@@ -0,0 +1,46 @@
+module Picombo
+	# Helper class for security things like xss
+	class Security
+		# Returns the base URL for use with any internal links.
+		def self.xss_clean(str, driver = nil)
+			driver = 'default' if driver.nil? or driver == true
+
+			Security.send(driver, str)
+		end
+
+		#This is a blacklist method, so ensure this is what you really want
+		def self.bitkeeper(str)
+			# clean any control characters
+			str.gsub!(/[\x00-\x20]*/, '')
+			# clean null byte
+			str.gsub!(/[\0]/, '')
+
+			# Remove javascript: and vbscript: protocols
+			str.gsub!(/([a-z]*)=([`"]*)javascript:/iu, '\1=\2nojavascript....')
+			str.gsub!(/([a-z]*)=([`"]*)vbscript:/iu, '\1=\2novbscript....')
+			str.gsub!(/#([a-z]*)=(["]*)-moz-binding:/u, '\1=\2nomozbinding...')
+
+			# Only works in IE: <span style="width: expression(alert('Ping!'));"></span>
+			str.gsub!(/(<[^>]+?)style=[`"]*.*?expression\([^>]*>/i, '\1>')
+			str.gsub!(/(<[^>]+?)style=[`"]*.*?behaviour\([^>]*>/i, '\1>')
+			str.gsub!(/(<[^>]+?)style=[`"]*.*?script:*[^>]*>/iu, '\1>')
+
+			# Remove namespaced elements (we do not need them)
+			data = str.gsub(/<\/*\w+:\w[^>]*>/i, '')
+
+			begin
+				old_data = data
+				data.gsub!(/<\/*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*>/i, '')
+			end until old_data == data
+
+			data
+		end
+
+		#default cleaner. encodes the strign to prevent xss
+		def self.default(str)
+			require 'htmlentities'
+
+			HTMLEntities.new.encode(str)
+		end
+	end
+end

data/lib/classes/session.rb

@@ -0,0 +1,21 @@
+module Picombo
+	class Session
+		include Singleton
+
+		def init(req)
+			@@req = req
+		end
+
+		def get(key = nil, default = nil)
+			return @@req.session if key.nil?
+
+			result = Picombo::Config.key_string(@@req.session, key)
+
+			return result.nil? ? default : result
+		end
+
+		def set(key, val)
+			@@req.session[key] = val
+		end
+	end
+end

data/lib/classes/url.rb

@@ -0,0 +1,15 @@
+module Picombo
+	# Helper class to assist in URL generation
+	class Url
+		# Returns the base URL for use with any internal links.
+		def self.base(protocol = nil)
+			protocol = Picombo::Config.get('config.protocol') if protocol.nil?
+			protocol+"://"+Picombo::Config.get('config.site_domain')+'/'
+		end
+
+		# Creates a full URL using the base path plus the path passed to the method
+		def self.site(path, protocol = nil)
+			base(protocol)+path
+		end
+	end
+end

data/lib/classes/view/xml.rb

@@ -0,0 +1,17 @@
+module Picombo
+	module View
+		# == XML View
+		#
+		# The core view renders XML to the browser
+		#
+		# See the View documentation for usage specifics
+		class XML < Picombo::View::Core
+			def initialize(filename)
+				super(filename)
+
+				# Changes the content type to xml for the application
+				Picombo::Core.raw_response()['Content-Type'] = 'text/xml'
+			end
+		end
+	end
+end

data/lib/classes/view.rb

@@ -0,0 +1,80 @@
+module Picombo
+	# == View Class
+	#
+	# The Picombo::View class allows for template files to be rendered and displayed in the browser.
+	#
+	# By default, only ERB templating is currently supported.
+	# === Examples
+	#
+	# 	foobar = Picombo::View::Core.new('template')
+	# 	# Sets a view variable
+	# 	foobar.set('bar', 'baz')
+	# 	# Renders the view to the output buffer
+	# 	foobar.render
+	#
+	# You can also nest views like so:
+	# 
+	# 	body = Picombo::View::Core.new('page/body')
+	# 	body.set('content', 'Hello World!')
+	# 	template = Picombo::View::Core.new('template')
+	# 	template.set('body', body.render(true))
+	# 	template.render
+	#
+	# This will render a body subview inside of your template view file
+	module View
+		# == Core View
+		#
+		# The core view renders HTML to the browser using ERB
+		#
+		# See the View documentation for usage specifics
+		class Core
+			@view_file = ''
+			@view_data = []
+
+			# Creates a new view object and sets the filename. Raises an IOError exception if the view file is not found
+			def initialize(filename)
+				@view_data = {}
+				view_location = Picombo::Core.find_file('views', filename, false, 'rhtml').shift
+
+				if view_location.nil?
+					raise IOError
+				end
+
+				@view_file = view_location
+			end
+
+			# Support templating of member data.
+			def get_binding
+				binding
+			end
+
+			# Sets a view variable
+			def set(key, val)
+				instance_variable_set "@#{key}", val
+			end
+
+			# Renders the view to the output buffer, or optionally simply returns it if echo is true
+			def render(echo = false)
+				view = ERB::new(File.read(@view_file))
+
+				if echo
+					view.result(get_binding())
+				else
+					Picombo::Core.response view.result(get_binding())
+				end
+			end
+		end
+
+		def View.const_missing(name)
+			filename = name.to_s
+
+			require 'classes/view/'+filename.downcase
+
+			raise name.to_s+' not found!' if ! const_defined?(name)
+
+			klass = const_get(name)
+			return klass if klass
+			raise klass+" not found!"
+		end
+	end
+end

data/lib/config/cache.yaml

@@ -0,0 +1,3 @@
+default:
+ driver: file
+ lifetime: '86400'

data/lib/config/log.yaml

@@ -0,0 +1,10 @@
+directory: logs/
+
+# Log thresholds:
+#  0 - Disable logging
+#  1 - Errors and exceptions
+#  2 - Warnings
+#  3 - Notices
+#  4 - Debugging
+
+log_threshold: 1

data/lib/config/mimes.yaml

@@ -0,0 +1,210 @@
+323:  [text/h323]
+7z:   [application/x-7z-compressed]
+abw:  [application/x-abiword]
+acx:  [application/internet-property-stream]
+ai:   [application/postscript]
+aif:  [audio/x-aiff]
+aifc: [audio/x-aiff]
+aiff: [audio/x-aiff]
+asf:  [video/x-ms-asf]
+asr:  [video/x-ms-asf]
+asx:  [video/x-ms-asf]
+atom: [application/atom+xml]
+avi:  [video/avi, video/msvideo, video/x-msvideo]
+bin:  [application/octet-stream, application/macbinary]
+bmp:  [image/bmp]
+c:    [text/x-csrc]
+c++:  [text/x-c++src]
+cab:  [application/x-cab]
+cc:   [text/x-c++src]
+cda:  [application/x-cdf]
+class: [application/octet-stream]
+cpp:  [text/x-c++src]
+cpt:  [application/mac-compactpro]
+csh:  [text/x-csh]
+css:  [text/css]
+csv:  [text/x-comma-separated-values, application/vnd.ms-excel, text/comma-separated-values, text/csv]
+dbk:  [application/docbook+xml]
+dcr:  [application/x-director]
+deb:  [application/x-debian-package]
+diff: [text/x-diff]
+dir:  [application/x-director]
+divx: [video/divx]
+dll:  [application/octet-stream, application/x-msdos-program]
+dmg:  [application/x-apple-diskimage]
+dms:  [application/octet-stream]
+doc:  [application/msword]
+dvi:  [application/x-dvi]
+dxr:  [application/x-director]
+eml:  [message/rfc822]
+eps:  [application/postscript]
+evy:  [application/envoy]
+exe:  [application/x-msdos-program, application/octet-stream]
+fla:  [application/octet-stream]
+flac: [application/x-flac]
+flc:  [video/flc]
+fli:  [video/fli]
+flv:  [video/x-flv]
+gif:  [image/gif]
+gtar: [application/x-gtar]
+gz:   [application/x-gzip]
+h:    [text/x-chdr]
+h++:  [text/x-c++hdr]
+hh:   [text/x-c++hdr]
+hpp:  [text/x-c++hdr]
+hqx:  [application/mac-binhex40]
+hs:   [text/x-haskell]
+htm:  [text/html]
+html: [text/html]
+ico:  [image/x-icon]
+ics:  [text/calendar]
+iii:  [application/x-iphone]
+ins:  [application/x-internet-signup]
+iso:  [application/x-iso9660-image]
+isp:  [application/x-internet-signup]
+jar:  [application/java-archive]
+java: [application/x-java-applet]
+jpe:  [image/jpeg, image/pjpeg]
+jpeg: [image/jpeg, image/pjpeg]
+jpg:  [image/jpeg, image/pjpeg]
+js:   [application/x-javascript]
+json: [application/json]
+latex: [application/x-latex]
+lha:  [application/octet-stream]
+log:  [text/plain, text/x-log]
+lzh:  [application/octet-stream]
+m4a:  [audio/mpeg]
+m4p:  [video/mp4v-es]
+m4v:  [video/mp4]
+man:  [application/x-troff-man]
+mdb:  [application/x-msaccess]
+midi: [audio/midi]
+mid:  [audio/midi]
+mif:  [application/vnd.mif]
+mka:  [audio/x-matroska]
+mkv:  [video/x-matroska]
+mov:  [video/quicktime]
+movie: [video/x-sgi-movie]
+mp2:  [audio/mpeg]
+mp3:  [audio/mpeg]
+mp4:  [application/mp4, audio/mp4, video/mp4]
+mpa:  [video/mpeg]
+mpe:  [video/mpeg]
+mpeg: [video/mpeg]
+mpg:  [video/mpeg]
+mpg4: [video/mp4]
+mpga: [audio/mpeg]
+mpp:  [application/vnd.ms-project]
+mpv:  [video/x-matroska]
+mpv2: [video/mpeg]
+ms:   [application/x-troff-ms]
+msg:  [application/msoutlook, application/x-msg]
+msi:  [application/x-msi]
+nws:  [message/rfc822]
+oda:  [application/oda]
+odb:  [application/vnd.oasis.opendocument.database]
+odc:  [application/vnd.oasis.opendocument.chart]
+odf:  [application/vnd.oasis.opendocument.forumla]
+odg:  [application/vnd.oasis.opendocument.graphics]
+odi:  [application/vnd.oasis.opendocument.image]
+odm:  [application/vnd.oasis.opendocument.text-master]
+odp:  [application/vnd.oasis.opendocument.presentation]
+ods:  [application/vnd.oasis.opendocument.spreadsheet]
+odt:  [application/vnd.oasis.opendocument.text]
+oga:  [audio/ogg]
+ogg:  [application/ogg]
+ogv:  [video/ogg]
+otg:  [application/vnd.oasis.opendocument.graphics-template]
+oth:  [application/vnd.oasis.opendocument.web]
+otp:  [application/vnd.oasis.opendocument.presentation-template]
+ots:  [application/vnd.oasis.opendocument.spreadsheet-template]
+ott:  [application/vnd.oasis.opendocument.template]
+p:    [text/x-pascal]
+pas:  [text/x-pascal]
+patch: [text/x-diff]
+pbm:  [image/x-portable-bitmap]
+pdf:  [application/pdf, application/x-download]
+php:  [application/x-httpd-php]
+php3: [application/x-httpd-php]
+php4: [application/x-httpd-php]
+php5: [application/x-httpd-php]
+phps: [application/x-httpd-php-source]
+phtml: [application/x-httpd-php]
+pl:   [text/x-perl]
+pm:   [text/x-perl]
+png:  [image/png, image/x-png]
+po:   [text/x-gettext-translation]
+pot:  [application/vnd.ms-powerpoint]
+pps:  [application/vnd.ms-powerpoint]
+ppt:  [application/powerpoint]
+ps:   [application/postscript]
+psd:  [application/x-photoshop, image/x-photoshop]
+pub:  [application/x-mspublisher]
+py:   [text/x-python]
+qt:   [video/quicktime]
+ra:   [audio/x-realaudio]
+ram:  [audio/x-realaudio, audio/x-pn-realaudio]
+rar:  [application/rar]
+rgb:  [image/x-rgb]
+rm:   [audio/x-pn-realaudio]
+rpm:  [audio/x-pn-realaudio-plugin, application/x-redhat-package-manager]
+rss:  [application/rss+xml]
+rtf:  [text/rtf]
+rtx:  [text/richtext]
+rv:   [video/vnd.rn-realvideo]
+sea:  [application/octet-stream]
+sh:   [text/x-sh]
+shtml: [text/html]
+sit:  [application/x-stuffit]
+smi:  [application/smil]
+smil: [application/smil]
+so:   [application/octet-stream]
+src:  [application/x-wais-source]
+svg:  [image/svg+xml]
+swf:  [application/x-shockwave-flash]
+t:    [application/x-troff]
+tar:  [application/x-tar]
+tcl:  [text/x-tcl]
+tex:  [application/x-tex]
+text: [text/plain]
+texti: [application/x-texinfo]
+textinfo: [application/x-texinfo]
+tgz:  [application/x-tar]
+tif:  [image/tiff]
+tiff: [image/tiff]
+torrent: [application/x-bittorrent]
+tr:   [application/x-troff]
+tsv:  [text/tab-separated-values]
+txt:  [text/plain]
+wav:  [audio/x-wav]
+wax:  [audio/x-ms-wax]
+wbxml: [application/wbxml]
+wm:   [video/x-ms-wm]
+wma:  [audio/x-ms-wma]
+wmd:  [application/x-ms-wmd]
+wmlc: [application/wmlc]
+wmv:  [video/x-ms-wmv, application/octet-stream]
+wmx:  [video/x-ms-wmx]
+wmz:  [application/x-ms-wmz]
+word: [application/msword, application/octet-stream]
+wp5:  [application/wordperfect5.1]
+wpd:  [application/vnd.wordperfect]
+wvx:  [video/x-ms-wvx]
+xbm:  [image/x-xbitmap]
+xcf:  [image/xcf]
+xhtml: [application/xhtml+xml]
+xht:  [application/xhtml+xml]
+xl:   [application/excel, application/vnd.ms-excel]
+xla:  [application/excel, application/vnd.ms-excel]
+xlc:  [application/excel, application/vnd.ms-excel]
+xlm:  [application/excel, application/vnd.ms-excel]
+xls:  [application/excel, application/vnd.ms-excel]
+xlt:  [application/excel, application/vnd.ms-excel]
+xml:  [text/xml]
+xof:  [x-world/x-vrml]
+xpm:  [image/x-xpixmap]
+xsl:  [text/xml]
+xvid: [video/x-xvid]
+xwd:  [image/x-xwindowdump]
+z:    [application/x-compress]
+zip:  [application/x-zip, application/zip, application/x-zip-compressed]

data/lib/config/routes.yaml

@@ -0,0 +1 @@
+_default: test/index

data/lib/controllers/error_404.rb

@@ -0,0 +1,11 @@
+module Picombo
+	module Controllers
+		class Error_404
+			def run_error(uri)
+				body = Picombo::View::Core.new('404')
+				body.set('uri', uri)
+				return [404, {'Content-Type' => 'text/html'}, body.render(true)]
+			end
+		end
+	end
+end

data/lib/controllers/template.rb

@@ -0,0 +1,34 @@
+module Picombo
+	module Controllers
+		# == Template Controller
+		#
+		# The template controller enables your application to take advantage of view templating and auto rendering.
+		#
+		# To use it, simply tell your controllers to extend Picombo::Controllers::Template.
+		# You must also explicitly call the parent initialize method in your controllers:
+		#
+		# 	def initialize
+		# 		super
+		# 	end
+		#
+		# The default template view is called 'template' which is located in views/template.rhtml. You can change this on a per controller basis by changing the @@template vartiable in the controller:
+		#
+		# 	@@template = 'foobar_template'
+		#
+		# Now, you can use @@template in your controller and it will always use the same template. The template will automatically render at the end of the controller execution, so there is no need to call @@template.render manually
+		class Template
+			@@template = 'template'
+			@@auto_render = true
+
+			def initialize
+				@@template = Picombo::View::Core.new(@@template) if @@template.is_a?(String)
+
+				Picombo::Event.add('system.post_controller', 'Picombo::Controllers::Template.render') if @@auto_render
+			end
+
+			def self.render
+				@@template.render if @@auto_render
+			end
+		end
+	end
+end