CUTCODEDOWN
Minimalist Semantic Markup

Welcome Guest
Please Login or Register

If you have registered but not recieved your activation e-mail in a reasonable amount of time, or have issues with using the registration form, please use our Contact Form for assistance. Include both your username and the e-mail you tried to register with.

Author Topic: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.  (Read 10027 times)

xmohamadx

  • Junior Member
  • *
  • Posts: 23
  • Karma: +2/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #60 on: 20 Nov 2020, 07:47:07 pm »
Now, to help secure things there are going to be some standard practices in how SQL stuff should be named.

Is this a matter of style or it is to secure things? I know there was a time when most people did not have the possibility of encoding anything beyond upper case letters because ASCII was not yet invented. while SQL is more recent, lower case letters were not common practice in programming yet. but not a good reason today.


In template_extraPart:
Code: [Select]
function template_extrasPart($id, $extras) {

echo '

<div id="', $id, '">';

foreach ($extras as $id => $section) {
if (is_array($section)) {
template_sectionHeader($id, $section['title']);
if (array_key_exists('php', $section)) {
include_once('extras/' . $section['php'] . '.extra.content.php');
($section['php'] . '_SectionRun')();
$include = null;
}
if (array_key_exists('static', $section)) readFile(
'extras/' . $section['static'] . '.extra.static'
);
} else {
template_sectionHeader($id, $section);
readFile('extras/' . $id . '.extra.static');
}
template_sectionFooter($id);
}

echo '
<!-- #', $id, ' --></div>';

} // template_extrasPart


using $id in "foreach" make a conflict with the $id in argument, so the last echo "<!-- #', $id, ' --></div>" print wrong $id.
Also, "$include = null;" seems lost his way!
And if extra content be DB driven, there is no way here to send data from action_startup to extra template, so I added $data to "($section['php'] . '_SectionRun')($data);", and the data for extra can be merged to Settings::get('extra1') in template_footer. it seems better than to fetch data in ..._SectionRun() function.


In these three functions:
Code: [Select]
public function exec($name, $module = 'common', $tableName = false) {
return $this->dryStatement('exec', func_get_args());
} // Database::exec

public function prepare($name, $module = 'common', $tableName = false) {
return $this->dryStatement('prepare', func_get_args());
} // Database::prepare

public function query($name, $module = 'common', $tableName = false) {
return $this->dryStatement('query', func_get_args());
} // Database::query
the "func_get_args()" will not pass optional parameters and makes error.


Noticed some typos after testing:
in namedQuery:
Code: [Select]
if ($tableName) {
if ($this->safeName($name)) {
$query = str_replace('!TABLE!', $tableName, $query);
} else Bomb::paladin('invalidTableName', [ $tableName ]);
}
the $name need to change to $tableName in if ($this->safeName($name)).

in "httpError.php" and "paladinError.php", template_section need to change to template_sectionHeader. also template_sectionFooter(); need $id as argument.
« Last Edit: 21 Nov 2020, 10:17:55 am by xmohamadx »

John_Betong

  • Full Member
  • ***
  • Posts: 218
  • Karma: +24/-1
    • The Fastest Joke Site On The Web
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #61 on: 20 Nov 2020, 08:21:12 pm »
@Jason Knight,
May I suggest during the update to possibly add three links in top menu, body and footer. Each link to describe how to add a new page with additional CSS and JavaScript.


Edit:
Please also include responsive images, etc
« Last Edit: 20 Nov 2020, 08:26:19 pm by John_Betong »
Retired in the City of Angels where the weather suits my clothes

John_Betong

  • Full Member
  • ***
  • Posts: 218
  • Karma: +24/-1
    • The Fastest Joke Site On The Web
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #62 on: 21 Nov 2020, 05:04:55 am »
@xmohamadx,
> Noticed some typos after testing: in namedQuery:

I think a broad outline would have been adequate and once the script is throughly debugged then explain the details along with the debugged script.

Also think that using .ini files could have been far simplified by using php classes.

I look forward to a complete version and shudder to think about updates :(
Retired in the City of Angels where the weather suits my clothes

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1049
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #63 on: 21 Nov 2020, 12:15:44 pm »
May I suggest during the update to possibly add three links in top menu, body and footer. Each link to describe how to add a new page with additional CSS and JavaScript.
Again the front-end / current template is placeholder ripped from something else, just so I could hit the ground running. Needs a rewrite or a lot of loving that comes a LOT later in the process.

I probably should have just had it spitting up vanilla markup instead of styled... but that doesn't "impress" the normies.

We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1049
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #64 on: 21 Nov 2020, 12:22:09 pm »
Is this a matter of style or it is to secure things?
Little from column A, little from column B. Mostly it comes from some SQL backup systems mangling case due to filesystem differences; such as linux being case sensitive when windows is not.

In template_extraPart:

Mistakes I already caught when I actually started testing the code.

Though I've been finding myself making a lot of silly mistakes and flubs because I'd been away from PHP and SQL for six or seven months. Amazing how quickly skills and memory can fade from lack of use.
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1049
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #65 on: 21 Nov 2020, 12:32:57 pm »
Anything beyond this should have a good reason for being there.

Which the reasons it has all the extra stuff:

1) block willy-nilly queries

2) allow named queries to allow for multi-engine coding. There's more in the world than mysql

3) embed better error handling that automatically logs and bombs hiding information from the client-side.

4) pre-build some checks we'd use frequently. ->tableExists for example can be used to detect if the database has already been set up, locking you out of setup or locking general users out of the system before setup has been run.

5) isolate and clean things prepare/execute doesn't let you placeholder, like table names

6) automatically add table prefixes.

Named queries and helper methods have a lot of benefits.

Code: [Select]
if (!$db->tableExists('users')) Bomb::paladin('dbTablesMissing');

For example. Should be relatively clear what that line does, even if you don't know all the methods.

Just as:

Code: [Select]
private static function touch() {
if (
array_key_exists('id', self::$data) &&
(self::$data['id'] !== -1)
) self::$db->prepExec([ self::$data['id'] ], 'touch', 'user');
} // User::touch

Is nicer than:

Code: [Select]
private static function touch() {
if (
array_key_exists('id', self::$data) &&
(self::$data['id'] !== -1)
) {
$stmt = $db->prepare('
UPDATE ', DB_TABLE_PREFIX, 'users
SET last_access = CURRENT_TIMESTAMP
WHERE id = ?
');
$stmt->exec([ self::$data['id'] ]);
}
} // User::touch

Especially if you want the possibility of multi-engine support in the mix. Again, there's a world outside mysql.

Note, since the primary call is self::touch(); that should be done in private.

We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

John_Betong

  • Full Member
  • ***
  • Posts: 218
  • Karma: +24/-1
    • The Fastest Joke Site On The Web
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #66 on: 21 Nov 2020, 07:56:21 pm »
@Jason Knight,
This may be of interest...

In my last project I have a PDO Class with methods that use strict_types and especially for the return $result. Each method  accepts at least a string query and returns either bool, numeric, string, array or object.

When testing for a valid user I would try something similar to:

$ok = $this -> pdo -> _tryBool( ‘UPDATE ‘users‘ WHERE ‘id‘=‘ .$id );



Edit:
MySQL has a built in feature that automatically sets ‘last_access‘ with a TIMESTAMP.
MySQL has a built in feature that sets ‘last_access‘ with a TIMESTAMP automatically.

« Last Edit: 21 Nov 2020, 08:02:54 pm by John_Betong »
Retired in the City of Angels where the weather suits my clothes

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1049
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #67 on: 21 Nov 2020, 10:11:26 pm »
MySQL has a built in feature that automatically sets ‘last_access‘ with a TIMESTAMP.
Unfortunately it does so even on a casual access, making it useless for our purposes. I don't want failed logins or accesses that merely read some data about a user to trigger last access.

It's also an engine specific feature, which I want to avoid.

As to the asshat pedantic strict_types rubbish, NOT INTERESTED. Besides, fetchColumn isn't exactly rocket science.
« Last Edit: 21 Nov 2020, 10:12:57 pm by Jason Knight »
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

John_Betong

  • Full Member
  • ***
  • Posts: 218
  • Karma: +24/-1
    • The Fastest Joke Site On The Web
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #68 on: 22 Nov 2020, 02:40:32 am »
@Jason Knight


My point is that when I know either a true of false will be returned then why unnecessarily increase complexity? Just test for a valid user?
« Last Edit: 22 Nov 2020, 02:44:34 am by John_Betong »
Retired in the City of Angels where the weather suits my clothes

benanamen

  • Full Member
  • ***
  • Posts: 188
  • Karma: +18/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #69 on: 22 Nov 2020, 01:38:49 pm »
What are the exact steps to add a new page?
To save time, let's just assume I am never wrong.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1049
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #70 on: 22 Nov 2020, 02:35:47 pm »
What are the exact steps to add a new page?
Assuming you want a static content page, you go to /actions/static/ and make a new directory for the new page that's the identifier you want the page to be. For example let's make a "/dumb_page"

So make the folder:

/actions/static/dumb_page

make these two files:

/actions/static/pages/dumb_page/dumb_page.ini.php
/actions/static/pages/dumb_page/dumb_page.static

The first one contains information unique to the page such as the keywords or description, the latter contains the static markup to be plugged into <main>.

look at the default.ini.php:

Code: [Select]
; <?php die(); // prevent direct calls just in case

currentPage "Home"

[meta]
keywords[name] = "keywords"
keywords[content] = "Default, Template, Poor, Man, Content, Management"

description[name] = "description"
description[content] = "Default Demo for Poor Man's Content Management"

currentPage is the text content of the menu item you want the "current" class to highlight.  [meta] holds any meta you want set, the index of each you can make up so long as it's unique, [name] is the name attribute, [content] is the content attribute. I didn't go with name="content" because some ****wits at various search engines up and decided to make up their own blasted "property" attribute instead of using "name" so they could use otherwise invalid values. (aka "wah wah, I want a colon in name because I can't live with a hyphen" -- see the asshattery that is opengraph)

If you look at /test/ you can see that it uses a .content.php instead of a .static, where you have a function (action_content) example for when/if you need to plug values -- HTTP_ROOT for example -- into the markup with PHP, building semi-static sites.

The big difference being that .static is loaded via readfile, and .content.php is loaded via safeInclude.

But really, create that directory, create those two files, boom, new page.

If you want to make a dynamic page, you make a /action/actionName directory, create a actionName.startup.php that returns the $data of the operation. This $data array should include:

'contentFilePath' => 'actions/actionName/actionName[.result]'

That will be used to load the corresponding .static or .content.php files.

Look at /actions/contact for an example. Note that "actions" can use both .content.php and .static (which load in that order), whilst with static it's either-or.

Basically, make a directory, make two files, done. Note that these files correspond to how one would/should access / store things in the database if one moves from file driven to content driven.
« Last Edit: 23 Nov 2020, 12:05:06 am by Jason Knight »
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

benanamen

  • Full Member
  • ***
  • Posts: 188
  • Karma: +18/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #71 on: 22 Nov 2020, 04:30:20 pm »
Quote
Basically, make a directory, make two files, done.

Yeah, apparently not.

Code: [Select]
404 - Not Found

Your request "/static/dumb_page" could not be served at this time.

I moved the dumb_folder and files to /actions/pages/dumb_page/ where the test folder is and a page loads at URL http://squire3.test/static/dumb_page with sample 1 and sample 2 data from the extras folder that I nowhere told it to load. Additionally, the text in sample 2 is mangled. WTF?

So far I give this "architecture" a big fail. But....I will keep on and see it through to the end, that is if I can even do the simple task of adding a static page.
« Last Edit: 22 Nov 2020, 05:02:48 pm by benanamen »
To save time, let's just assume I am never wrong.

xmohamadx

  • Junior Member
  • *
  • Posts: 23
  • Karma: +2/-0
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #72 on: 22 Nov 2020, 05:57:26 pm »
@benanamen, sorry for interfering, but as I'm already using this architecture for my back-end, with some dynamic and static pages, I can help to fix those problems.

I moved the dumb_folder and files to /actions/pages/dumb_page/
Actually you should put them inside /actions/static/pages/dumb_page/, you forgot the "static".

also note that you need to have a "dumb_page.ini.php" or "dumb_page.startup.php", otherwise it returns a 404 error because no datasource has been added.

with sample 1 and sample 2 data from the extras folder that I nowhere told it to load. Additionally, the text in sample 2 is mangled. WTF?
well, then this is odd! because in httpError page this line should exist:
Code: [Select]
Settings::set(true, 'noExtras');and this line overrides the default behavior in "user.ini" which says there is two extra.

anyway, I found it simple and organized, just need to trace from the index to find out how it works.
« Last Edit: 23 Nov 2020, 09:08:49 am by xmohamadx »

John_Betong

  • Full Member
  • ***
  • Posts: 218
  • Karma: +24/-1
    • The Fastest Joke Site On The Web
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #73 on: 22 Nov 2020, 11:00:11 pm »
I added a "Info" link in the page header and managed to create a new "info" web-page along with a direcory screendump:

https://thisisatesttoseeifitworks.tk/deathshadow/static/info
Retired in the City of Angels where the weather suits my clothes

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 1049
  • Karma: +188/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Squire 3 / Paladin X.3 -- Rebuilding from the ground up.
« Reply #74 on: 23 Nov 2020, 12:06:13 am »
Actually you should put them inside /actions/static/pages/dumb_page/, you forgot the "static".
Actually that's a my bad, I forgot the /pages/ in the instructions. I'm so used to just doing it that I documented it poorly. That's entirely on me.

I edited the post to reflect that. What I get for posting half-asleep with insomnia.
We are all, we are all, we are all FRIENDS! For today we're all brothers, tonight we're all friends. Our moment of peace in a war that never ends.

 

SMF spam blocked by CleanTalk

Advertisement