2 /*=====================================================================*\
3 || ################################################################### ||
4 || # Iris Studios Shared Object Framework [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # All parts of this file are ©2003-[#]year[#] Iris Studios, Inc. No # ||
7 || # part of this file may be reproduced in any way: part or whole. # ||
8 || # --------------------------------------------------------------- # ||
9 || # ©2003 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com # ||
10 || ################################################################### ||
11 \*=====================================================================*/
13 define('ERR_FATAL', E_USER_ERROR
);
14 define('ERR_ALERT', E_USER_WARNING
);
15 define('ERR_WARNING', E_USER_NOTICE
);
17 if (PHP_VERSION
< '4.1.0')
19 trigger_error('You need PHP version 4.1.0 or newer to run ISSO', ERR_FATAL
);
23 if (PHP_VERSION
> '5.0.0')
25 if (ini_get('error_reporting') & E_USER_NOTICE
)
27 error_reporting(ini_get('error_reporting') - E_USER_NOTICE
);
31 if (!(ini_get('error_reporting') & E_NOTICE
))
33 error_reporting(ini_get('error_reporting') - E_USER_NOTICE
);
36 if (!(ini_get('error_reporting') & E_WARNING
))
38 error_reporting(ini_get('error_reporting') - E_USER_WARNING
);
41 if (!(ini_get('error_reporting') & E_ERROR
))
43 error_reporting(ini_get('error_reporting') - E_USER_ERROR
);
46 if ((bool)ini_get('register_globals') === true)
48 $superglobals = array('_GET', '_COOKIE', '_FILES', '_POST', '_SERVER', '_ENV');
49 foreach ($superglobals AS $global)
51 if (is_array(${$global}))
53 foreach (${$global} AS $_key => $_val)
65 * Iris Studios Shared Object Framework (ISSO)
67 * This framework allows a common backend to be used amongst all Iris
68 * Studios applications and can is built to be abstract and flexible.
69 * The base framework handles all loading and module management.
71 * @author Iris Studios, Inc.
72 * @copyright Copyright ©2003 - [#]year[#], Iris Studios, Inc.
76 class Shared_Object_Framework
79 * Global environment variables
81 * This is where we keep the global variables that are used within the shared framework
83 * @var version ISSO version
84 * @var sourcepath The location of the framework sources
85 * @var appath The path to the application's location
86 * @var application The name of the application that is using the framework
87 * @var appversion The version of the application
88 * @var debug Variable for debug mode
89 * @var debuginfo Listing of all debug notices
90 * @var modules An array of loaded framework modules
91 * @var input All input data for the system
92 * @var i Short-hand reference to $isso::input
93 * @var in Short-hand reference to $isso::input
94 * @var magicquotes Status of Magic Quotes GPC
95 * @var escapestrings Sets whether or not we escape strings automatically
97 var $version = '[#]version[#]';
100 var $application = '';
101 var $appversion = '';
103 var $debuginfo = array();
104 var $modules = array();
105 var $input = array();
108 var $magicquotes = 0;
109 var $escapestrings = false;
114 function Shared_Object_Framework()
117 set_error_handler(array(&$this, '_error_handler'));
120 $this->magicquotes
= get_magic_quotes_gpc();
121 set_magic_quotes_runtime(0);
123 if (defined('ISSO_ESCAPE_STRINGS'))
125 $this->escapestrings
= (bool)constant('ISSO_ESCAPE_STRINGS');
128 // start input sanitize using variable_order GP
129 if (!$this->escapestrings
)
131 $this->exec_sanitize_data();
134 $this->modules
['kernel'] = 'Shared Object Framework Core';
138 * Prepares a path for being set as the sourcepath
140 * @param str Source path or URL
142 * @return str Prepared source path
144 function fetch_sourcepath($source)
146 if (substr($source, strlen($source) - 1) != '/')
154 * Loads a framework extension
156 * @param str Name of the framework
158 function load($framework)
160 if (!$this->is_loaded($framework))
162 $newobj = $this->locate($framework);
163 $this->$newobj['OBJ'] = new $newobj['CLASS']();
164 $GLOBALS["$newobj[OBJ]"] =& $this->$newobj['OBJ'];
165 $this->modules
["$framework"] = $newobj['OBJECT'];
170 * Includes a framework module. Module definitions need three variables:
171 * class, object, and obj. Class is the name of the class, object is
172 * the name human-readable name, and obj is the name that the module
173 * should be initialized as; this is used in class extensions.
175 * @param str Name of the framework
177 * @return array List of initialization variables
179 function locate($framework)
181 if ($this->sourcepath == '')
183 trigger_error('Invalid sourcepath specified', ERR_FATAL);
186 if (file_exists($this->sourcepath . $framework . '.php'))
188 require_once($this->sourcepath . $framework . '.php');
189 return array('CLASS' => $CLASS, 'OBJECT' => $OBJECT, 'OBJ' => $OBJ);
193 trigger_error('Could not find the framework ' . $this->sourcepath . $framework . '.php', ERR_FATAL);
199 * Prints a list of all currently loaded framework modules
201 * @param bool Return the data as an array?
203 * @return mixed HTML output or an array of loaded modules
205 function show_modules($return = false)
209 return $this->modules;
213 $output = "\n\n
<ul
>\n\t<li
>";
214 $output .= implode("</li
>\n\t<li
>", $this->modules);
215 $output .= "</li
>\n</ul
>\n\n";
216 $this->_message('Loaded Modules', $output, 1);
221 * Verifies to see if a framework has been loaded
223 * @param str Framework name
225 * @return bool Whether or not the framework has been loaded
227 function is_loaded($framework)
229 if (isset($this->modules["$framework"]))
240 * Prints an ISSO message
242 * @param str The title of the message
243 * @param str The content of the message
244 * @param int Type of message to be printed
245 * @param bool Return the output?
247 * @return mixed Output or null
249 function _message($title, $message, $type, $return = false)
274 $output = "\n<br />\n<table cellpadding=\"4\" cellspacing=\"1\" border=\"0\" width=\"500\" style=\"background-color: $color; font-family: Verdana, sans-serif; font-size: 12px;\">";
275 $output .= "\n<tr style=\"color: $font\">\n\t<td><strong>$prefix: $title</strong></td>\n</tr>";
276 $output .= "\n<tr style=\"background-color: #FFFFFF\">\n\t<td>$message</td>\n</tr>\n</table>\n<br />\n";
289 * Custom error handler for ISSO
291 * @param int Error number
292 * @param str Error message string
293 * @param str File that contains the error
294 * @param str The line number of the error
295 * @param str The active symbol table at which point the error occurred
297 function _error_handler($errno, $errstr, $errfile, $errline)
304 if (!(ini_get('error_reporting') & ERR_FATAL
))
313 if (!(ini_get('error_reporting') & ERR_ALERT
))
323 if (!(ini_get('error_reporting') & ERR_WARNING
))
330 $errstr .= " in <strong>$errfile</strong> on line <strong>$errline</strong>";
332 $this->_message($title, $errstr, 3);
334 if ($errno == ERR_FATAL
)
341 * Logs a debug message for verbose output
345 function debug($message)
349 $this->debuginfo
[] = $message;
354 * Recursive XSS cleaner
356 * @param mixed Unsanitized REQUEST data
358 * @return mixed Sanitized data
360 function _sanitize_input_recursive($data)
362 foreach($data AS $key => $value)
364 if (is_array($value))
366 $data["$key"] = $this->_sanitize_input_recursive($value);
370 if ($this->escapestrings)
372 $data["$key"] = $this->escape($this->sanitize($value));
376 $data["$key"] = $this->sanitize($value);
384 * Simple way to protect against HTML attacks with Unicode support
386 * @param str Unsanitzed text
388 * @return str Properly protected text that only encodes potential threats
390 function sanitize($text)
392 if ($this->magicquotes)
394 return str_replace(array('<', '>', '\"', '"'), array('<
;', '>
;', '"
;', '"
;'), $text);
398 return str_replace(array('<', '>', '"'), array('<', '>', '"'), $text);
403 * Takes text that has been processed for HTML and unsanitizes it
405 * @param str Text that needs to be turned back into HTML
407 * @return str Unsanitized text
409 function unsanitize($text)
411 if ($this->magicquotes)
413 return str_replace(array('<', '>', '"'), array('<', '>', '\"'), $text);
417 return str_replace(array('<', '>', '"'), array('<', '>', '"'), $text);
422 * Smart addslashes() that only applies itself it the Magic Quotes GPC is off
424 * @param str Some string
426 * @return str String that has slashes added
428 function escape($str)
432 if ($this->magicquotes)
434 if (isset($_isso->db))
436 if (is_resource($_isso->db->link_id))
438 return $_isso->db->escape_string(stripslashes($str));
452 if (isset($_isso->db))
454 if (is_resource($_isso->db->link_id))
456 return $_isso->db->escape_string($str);
460 return addslashes($str);
465 return addslashes($str);
471 * Runs through all of the input data and sanitizes it.
473 function exec_sanitize_data()
475 $this->input = $this->_sanitize_input_recursive(array_merge($_GET, $_POST));
476 $this->i =& $this->input;
477 $this->in =& $this->input;
478 // we're now using magic quotes
479 $this->magicquotes
= 1;
484 * Global callback used for module calls back to the kernel
486 $_isso = new Shared_Object_Framework();
489 * Wrapper for ternary operator that has to be in the global scope
491 * @param expr Expression
492 * @param mixed If the expression is true
493 * @param mixed If the expression is false
495 * @return mixed True or false data
497 function iff($condition, $iftrue, $iffalse = null)
499 return ($condition) ? ($iftrue) : ($iffalse);
502 /*=====================================================================*\
503 || ###################################################################
506 || ###################################################################
507 \*=====================================================================*/