CUTCODEDOWN
Minimalist Semantic Markup

Welcome Guest
Please Login or Register

If you have registered but not recieved your activation e-mail in a reasonable amount of time, or have issues with using the registration form, please use our Contact Form for assistance. Include both your username and the e-mail you tried to register with.

Author Topic: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.  (Read 9953 times)

benanamen

  • Full Member
  • ***
  • Posts: 187
  • Karma: +18/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #75 on: 23 Nov 2020, 12:49:36 am »
Quote
Actually you should put them inside /actions/static/pages/dumb_page/, you forgot the "static".

That is exactly where I put it, I didn't "forget" anything. I made a typo in my post.

Quote
also note that you need to have a "dumb_page.ini.php" or "dumb_page.startup.php", otherwise it returns a 404 error because no datasource has been added.

I already have dumb_page.ini.php in /actions/static/pages/dumb_page/ as well as /actions/static/pages/dumb_page/dumb_page.static


Quote
anyway, I found it simple and organized,

If you think this is simple, just wait till I show you something after we get through this code. This code is far from simple and way more complicated than it needs to be.

I will see about "debugging" this code tomorrow. I was trying to go at it without having to step through the code and the way Jason described it, it was supposed to be simple, just do this and that and it works. Not the case. This code already goes against "The Principle of Least Astonishment".


Thank you for your feedback.


EDIT:


Thanks to Johns page I was able to get a static page to work. I had to rename dumb_page.static to dumb_page.content.php and add noExtras=TRUE to dumb_page.ini.php

Much to my astonishment (Thus violating The Principle of Least Astonishment") If you remove noExtras=TRUE it starts spitting out all the sample text stuff. Seriously, WTF is that all about?

@xmohamadx, none of the info you provided was needed and only confused the matter but I appreciate you trying to help.  :)

* Something to come back to later: dumb_page.content does not need function action_content() to output anything. You can just echo something or type plain text outside php tags. I am not sure what the intention is supposed to be.

I digress, lets move on to the DB stuff when Jason has time. There is already a lot of stuff to talk about thus far, but let's wait to see the final product.
« Last Edit: 23 Nov 2020, 01:27:18 am by benanamen »
To save time, let's just assume I am never wrong.

xmohamadx

  • Junior Member
  • *
  • Posts: 23
  • Karma: +2/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #76 on: 23 Nov 2020, 08:04:37 am »
@xmohamadx, none of the info you provided was needed and only confused the matter but I appreciate you trying to help.  :)
Sorry for the confusion.

I had to rename dumb_page.static to dumb_page.content.php
I did it with "*.static" and no problem happened.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1039
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #77 on: 23 Nov 2020, 07:55:52 pm »
Much to my astonishment (Thus violating The Principle of Least Astonishment") If you remove noExtras=TRUE it starts spitting out all the sample text stuff. Seriously, WTF is that all about?
Sidebars / extras for three column layouts? You'll be able to declare them on a /action/ basis in the final, they're hardcoded into the ini file for now just to test that you can load extras.

See /extras/ for their content.

It's a in-built system for multiple pages to share sidebars, such as advertisements, secondary navigation and so forth. The underlying template is three column-ready. On the next copy those will be determined off the database settings for posts and/or the startup setting them instead of the .ini

You are aware some websites have fixed sidebars for things, right?
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

benanamen

  • Full Member
  • ***
  • Posts: 187
  • Karma: +18/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #78 on: 23 Nov 2020, 08:17:35 pm »
Quote
You are aware some websites have fixed sidebars for things, right?

The "surprise" was how it is implemented, not that sidebars exist.

When do you think you might have a database implementation?

« Last Edit: 23 Nov 2020, 08:22:27 pm by benanamen »
To save time, let's just assume I am never wrong.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1039
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #79 on: 24 Nov 2020, 04:30:56 am »
* Something to come back to later: dumb_page.content does not need function action_content() to output anything. You can just echo something or type plain text outside php tags. I am not sure what the intention is supposed to be.
action_content is there for passing $data from the starter, so as to isolate the scope of the data. It would be used for the process > output process, not for static pages.

It's also not a great idea for static to just be blindly vomited up in a .content.php since that's a possible XSS vulnerability based on the data-source. Safe-include helps with that to a degree, but there's a REASON .static is loaded via readfile, and .content.php should contain a function and is loaded via safeInclude.

It's all part of the internal security policy to prevent scope bleed.
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

John_Betong

  • Full Member
  • ***
  • Posts: 218
  • Karma: +24/-1
    • The Fastest Joke Site On The Web
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #80 on: 24 Nov 2020, 08:20:41 am »
@Jason Knight,

If you had used strict_types and set the function parameter to (array $data=[] ) it would have eliminated any confusion :)
« Last Edit: 24 Nov 2020, 08:48:46 am by John_Betong »
Retired in the City of Angels where the weather suits my clothes

benanamen

  • Full Member
  • ***
  • Posts: 187
  • Karma: +18/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #81 on: 24 Nov 2020, 10:25:22 am »
.static is loaded via readfile, and .content.php should contain a function
It's all part of the internal security policy to prevent scope bleed.

That was going to be another one of my questions, why readfile in one place and function in another. Thanks for the explanation.

I will refrain from forming any opinions until I see the "final" product. Still keeping an open mind and hoping to learn some new things. Really interested to see the database implementation.
To save time, let's just assume I am never wrong.

John_Betong

  • Full Member
  • ***
  • Posts: 218
  • Karma: +24/-1
    • The Fastest Joke Site On The Web
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #82 on: 25 Nov 2020, 12:27:02 am »
I have created a the following GitHub Repository:

https://github.com/John-Betong/jb-squire3

Modifications detailed in the README.md

I think there must be more source files required in the "003-sys" folder? Seems too good to be true? If not then I am really growing to like this project because:

1. it is clean and simple now that it is split into three separate folders
2. maintenance should only involve the "003-sys" folder

Looking forward to the database additions.
« Last Edit: 25 Nov 2020, 10:43:54 pm by John_Betong »
Retired in the City of Angels where the weather suits my clothes

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1039
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #83 on: 27 Nov 2020, 09:17:28 am »
Ok, small update.

First I just want to say you folks input and experiences is helping me refine this. The "lack of clarity" of what is and is not squire has resulted in me moving most of what "is" squire into it's own squire.lib.php that replaces common.lib.php

I put the source for that here:
https://cutcodedown.com/for_others/squire3/squire4.beta.lib.phpSource

I actually have the database and installer (which creates the admin user) complete, I'm starting in on the user section after another DDCR and testing pass.

The new index.php looks something like this:

Code: [Select]
<?php

/*
index.php 27NOV20:0908
Paladin X.4 (Squire 4.0) 
"one index to rule them all"
Jason M. Knight, November 2020
*/

include('libs/main.lib.php');

main(
'mysql:dbname=paladinx.3;host=localhost'// dsn
'paladinTesting'// username
''// password
[
PDO::ATTR_EMULATE_PREPARES => false,
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC
], 
// options
'paladin' // table_prefix
);

I reduced it to this to simplify "normals" editing the credentials.

whilst lib/main.lib.php reads: (for now)

Code: [Select]
<?php
/*
main.lib.php
Paladin X.4 (squire 4.0)
Jason M. Knight, November 2020
*/

include('libs/squire.lib.php');
include(
'libs/user.lib.php');

define(
'TEMPLATE_PATH',
'templates/' . (Settings::get('template') ?: 'default') . '/'
);

Load::template('common');

function 
main($dsn$username$password$options$tablePrefix) {

Bomb::ifStarted('main');

define('SQL_ENGINE'strstr($dsn':'true));
safeInclude('database/' SQL_ENGINE '/' SQL_ENGINE '.database.php');
$db = new Database($dsn$username$password$options$tablePrefix);

if (!$db->tableExists('users')) {
define('DB_TABLES_EXIST'false);
if (Request::value() !== 'setup'Bomb::paladin('dbTablesMissing');
} else define('DB_TABLES_EXIST'true);

if (DB_TABLES_EXIST) {
if (!empty($_REQUEST['logout'])) $_SESSION['user'] = null;
User::init($db);
if (User::get('id') < 0Modals::set(
'login''@title_loginModal'htmlspecialchars($_SERVER['REQUEST_URI']), 'POST'
); else Modals::set('userMenu'User::get('name'));
}

action($db);

// main

The template define is probably going to be moved into settings and/or set ny template_header so the user accounts can override it. That way users can change templates once more than one is implemented.

Template handling also needs some expansion so that it cascades back to default so you don't have to clone every file, you can just "overload" the ones you want to change.

Code: [Select]
<?php
/*
mysql.database.php 27NOV20:0914
Paladin X.4 (Squire 4) 
Jason M. Knight, November 2020
*/

final class Database extends PDO {

private
$authorizations = [],
$queries = [];

// START PUBLIC OVERLOADS

public function __construct(
$dsn,
$username,
$password,
$options = [],
$tablePrefix false
) {

if (defined('DB_CONSTRUCTED')) Bomb::lang(
'HACKING ATTEMPT DETECTED',
'Attempt to create "Database" more than once'
);
define('DB_CONSTRUCTED'1);

$options[PDO::ATTR_STATEMENT_CLASS] = [ 'DatabaseStatement', [ $this ] ];

try {
parent::__construct($dsn$username$password$options);
} catch (PDOException $e) {
Bomb::lang('Database Connection Error'$e );
}

define('DB_TABLE_PREFIX'$tablePrefix $tablePrefix '_' '');
define('DB_QUERY_DIR''database/' SQL_ENGINE '/queries/');

// Database::__construct

public function exec($name$module 'common'$tableName false) {
return $this->dryStatement('exec'$name$module$tableName);
// Database::exec

public function prepare($name$module 'common'$tableName "wtf") {
return $this->dryStatement('prepare'$name$module$tableName);
// Database::prepare

public function query($name$module 'common'$tableName false) {
return $this->dryStatement('query'$name$module$tableName);
// Database::query

// END PUBLIC OVERLOADS

// START PUBLIC EXTENSIONS

public function prepExec($data = [], $name$module 'common'$tableName false) {
$stmt $this->prepare($name$module$tableName);
$stmt->execute($data);
return $stmt;
// Database::prepExec

public function rowCount($tableName) {
$stmt $this->query('rowCount''common'$tableName);
return $result->fetchColumn();
// Database::rowCount

public function safeName($name) {
return $name preg_replace('/[^a-z0-9_]/'''$name);
// Database::safeName

public function tableExists($name) {
$stmt $this->query('tableExists''common'$name);
return $stmt->fetch();
// Database::tableExists

// END PUBLIC EXTENSIONS

// START PRIVATE EXTENSIONS

private function auth($name$module) {

if ($module === 'common') return true;

if (!array_key_exists($module$this->authorizations)) {
if (file_exists(
$fn DB_QUERY_DIR $module '/' $module '.auth.ini.php'
)) $this->authorizations[$module] = parse_ini_file($fn);
else return true;
}

return (
($this->authorizations[$module][$name] ?? 0) ||
($this->authorizations[$module]['all'] ?? 0)
) !== 0;

// Database::auth

private function dryStatement($method$name$module$tableName) {
try {
$stmt parent::$method($this->namedQuery($name$module$tableName));
} catch (PDOException $e) {
$errorMessage $e->getMessage();
echo $errorMessage'<br>wtf<br>';
}
if (
$method !== 'exec' &&
($stmt->errorCode() > 0)
$errorMessage $stmt->errorInfo()[2];
if (empty($errorMessage)) return $stmt;
Bomb::lang(
'db' ucFirst($method) . 'Error',
$name$module$errorMessage ]
);
// Database::dryStatement

private function namedQuery($name$module "common"$tableName false) {

if (!$this->auth($name$module)) Bomb::lang(
'unauthorizedQuery', [ $name$module ]
);

if (!array_key_exists($module$this->queries)) {
$this->queries[$module] = file_exists(
$fn DB_QUERY_DIR $module '/' $module '.queries.ini.php'
) ?  parse_ini_file($fn) : [];
}

if (!array_key_exists($name$this->queries[$module])) {
if (file_exists(
$fn DB_QUERY_DIR $module '/' $module '.' $name '.sql'
)) $this->queries[$module][$name] = file_get_contents($fn);
else Bomb::lang('queryNotFound', [ $name$module ]);
}

$query str_replace(
'!PREFIX!',
DB_TABLE_PREFIX,
$this->queries[$module][$name]
);

if ($tableName) {
if ($this->safeName($name)) {
$query str_replace('!TABLE!'$tableName$query);
} else Bomb::lang('invalidTableName', [ $tableName ]);
}

return $query;

// Database::namedQuery

// END PRIVATE EXTENSIONS

// Database

class DatabaseStatement extends PDOStatement {

private
$pdo,
$locked false;

protected final function __construct($pdo) {
$this->pdo $pdo;
// DatabaseStatement:__construct

public final function execute($input_parameters Null) {
if ($this->lockedBomb::lang('executeLockedStmt');
return parent::execute($input_parameters);
// DatabaseStatement::execute

public final function lock() {
$this->locked true;
// DatabaseStatement::lock

// DatabaseStatement

Side note, once I get this thing further along, anyone want to take a stab at writing a MSSQL version, or perhaps other ports? Should be as "easy" as making a new /sql/SQL_ENGINE directory and double-checking the queries.

That's one of my big "features" is how if PDO is going to be portable, let's make it PORTABLE!
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1039
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #84 on: 29 Nov 2020, 09:50:09 pm »
Noticed you guys seem to like having a full directory structure listing in the various posts about this, so I've added that to my milestone script, generating both HTML and TXT versions.

Sample output here:
https://cutcodedown.com/paladinX/milestone_30_Nov_2020_02_44/

Work on users has FINALLY started, hopefully I won't fall asleep before I'm done. So tired lately.

Note, rather than relying fully version codes, the primary tracking for this system is going to be milestone dates.
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

John_Betong

  • Full Member
  • ***
  • Posts: 218
  • Karma: +24/-1
    • The Fastest Joke Site On The Web
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #85 on: 29 Nov 2020, 11:41:16 pm »
@Jason Knight,
> Sample output here:
https://cutcodedown.com/paladinX/milestone_30_Nov_2020_02_44/

Not another link and once again with no back link :(

How do you keep track?

I'm getting more confused everyday! 

The project started November 9th and a complete version was envisaged in a couple of days. Since then there has been very little updates and only discussions?

As mentioned in my "Proposal" thread... is it possible to consolidate the vast amount of waffle and to simplify the task in hand... pretty please :)



Retired in the City of Angels where the weather suits my clothes

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1039
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #86 on: 30 Nov 2020, 04:51:53 am »
Not another link and once again with no back link :(
Back link to what? That's just a preview of what the milestone generator outputs alongside the backup.

How do you keep track?
Of what?

I'm getting more confused everyday! 
You and me both brother.

The project started November 9th and a complete version was envisaged in a couple of days.
That was NOT a "complete version", I had thought it was enough to give @benanamen something for his "router or not" thread, but it clearly was not. I only broke it out into a continuing project because so many of you seemed to be interested in picking it up and running with it... before it was really ready for anyone but me to even work with.

Though I must have done SOMETHING right given how many of you are trying to use it months before it's ready... or at least months given the 20 or so minutes a day I'm able to work on it.  I'd LOVE to just have one day where I could sit down and put 8-10 straight hours into it, but that's just not happening.

As mentioned in my "Proposal" thread... is it possible to consolidate the vast amount of waffle and to simplify the task in hand... pretty please :)
Thing is all these threads are NOT even about the real system which I've not even come close to finishing. What you've seen so far was a quick belt together of half-assed code to try and answer a question. The interest on you folks part is what has be upping the ante and building it "for real".

I'm not sure what part of this people aren't understanding. I mean, if we're going to have these attitudes I could just drop it and devote the time to writing more medium articles, which are now paying monthly more than adsense has paid me in a decade.

But really between writing articles on medium which pays, paying clients, a holiday that takes 2 days of prep and 3 days of cleanup... right now I look at code I get dizzy... and I'm making rookie mistakes. (good gravy, I can't seem to type non-alphanumeric characters anymore! Parkinson's a bitch. Seriously, @ through & I have to stop and actually look at the keyboard now.)

Let me upload a proper milestone with the admin system gutted out of it, that way you can see database, login, and an installer.

Though to simplify the process, maybe I should make a forum category for squire/paladin where a unique topic can be created for each milestone (subversion). That way discussion unique to each release can be isolated. (with old versions locked).

Could also make topics

BUT, once I have what I'd consider a beta release, I will likely document all the files and sub-calls the same way I did elementals.js. Might not be the best JS library, but I'm proud of its documentation. Just like my x86 asssembler reference.  I'm planning to document this the same way when/if I have the time. That directory output from the milestone generator will likely aid in that, particularly since I'm likely going to have it also create a cross-reference of the objects and their methods. Though I'm a bit uncertain how to go about that with PHP. Classic tool I've not seen a version for modern languages in like two decades! Might have to brute force it.

I wonder if I could create general descriptions as .txt and have the directory tree link / ajax them into modals. Well, I could create that, when/if I'm able to sit down at the workstation and code properly.

Which is also a bit of a wonk since I need to take that machine apart for an upgrade... whilst I sit here flat on my back in bed and unlikely to get up for the next 48 hours to do anything more than take a whiz... since I'm SUPPOSED to have the first visit from a new caregiver tomorrow; which I'm SUPPOSED to have but have gone without since the stupid human malware problem started.
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

benanamen

  • Full Member
  • ***
  • Posts: 187
  • Karma: +18/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #87 on: 30 Nov 2020, 01:41:11 pm »
I really like the output of the html directory tree here https://cutcodedown.com/paladinX/milestone_30_Nov_2020_02_44/

Do you have some generator to do that? If so, would you willing to provide the code? Thanks
To save time, let's just assume I am never wrong.

mmerlinn

  • Jr. Member
  • **
  • Posts: 77
  • Karma: +9/-0
  • Nutcake
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #88 on: 30 Nov 2020, 11:36:05 pm »
I really like the output of the html directory tree here https://cutcodedown.com/paladinX/milestone_30_Nov_2020_02_44/

Do you have some generator to do that? If so, would you willing to provide the code? Thanks

I like it, too.  Looks like it would be useful everywhere that directories are used. Might even code something in FoxPro to keep track of all of its directories. Only problem I have is knowing what all of the 01F-4C1 and 01F-5CF notes mean.
The soul purr pus of a spell cheque cur is two valley date hour ignore ants.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1039
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #89 on: 1 Dec 2020, 12:02:51 am »
Do you have some generator to do that?

It's part and parcel of my milestone generator.

I have:

/paladinX -- project root
/paladinX/milestone.php
/paladinX/paladin -- working directory

when I run milestone.php, it:

1) copies /paladin to miliestone_datestamp/paladin, updating the comment timestamps in all code files

2) makes a copy to /sources where all .php files are renamed phpsource to show code instead of executing

3) makes a "milestone_datestamp/milestone_datestamp.zip" of the contents of /milestone_datestamp/paladin

4) makes those two directory listings

5) optionally FTP uploads it to where you guys can access it.

Pretty routine stuff I have for a lot of projects. Elementals.js is self updating in a similar fashion.

Oh and sorry this milestone was broken, self-pressured myself into uploading before it was ready. Hopefully this next one -- which should include a rough draft admin panel with user creation -- will be less of a mess.

REALLY hoping that I am able to actually code this tonight. I seem to be having a lot of problems typing right now; my fingers are all over the place on anything that's not alphanumeric.

That I'm not on the model M at the workstation likely isn't helping.
« Last Edit: 1 Dec 2020, 12:05:32 am by Jason Knight »
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

 

SMF spam blocked by CleanTalk

Advertisement