Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/oop/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
用php实现自动url请求_Php_Oop_Routing_Automation - Fatal编程技术网
Fatal编程技术网
  • php/
  • 用php实现自动url请求

用php实现自动url请求

php oop routing automation

用php实现自动url请求,php,oop,routing,automation,Php,Oop,Routing,Automation,好的,我一直在考虑为特定市场开发我自己的定制CMS系统,我一直在研究一些框架,我遇到的问题是它们不能自动路由。在laravel中,如果我没有记错响应这样的url,您会这样做: Route::get('/user', function() { return "This is a user"; }); class router { public $url; public $protectedPaths = array('admin','users','client')

好的,我一直在考虑为特定市场开发我自己的定制CMS系统,我一直在研究一些框架,我遇到的问题是它们不能自动路由。在laravel中,如果我没有记错响应这样的url,您会这样做:

Route::get('/user', function()
{
    return "This is a user";
});

class router {

     public $url;
     public $protectedPaths = array('admin','users','client');

     public function __construct() {
          $this -> url = explode('/', $_GET['url']);

          if($this -> url[0] == '') {
               $this -> loadDefaultView();
          } else {
               // Check to ensure that the path is not protected
               if(in_array($this -> url[0], $this -> protectedPaths)) {

                    // check to ensure user is logged in
                    if($_COOKIE['isLogged']) {

                         // This means that there is no action or model needed just a returned view
                         if($this -> url[2] == '') {

                              $this -> loadViewWithoutAction();

                         } else {
                              // we check to ensure there is a controller
                              if(file_exists(baseControllers .'controller.'. $this -> url[1] .'.php')) {

                                   // require that controller and instantiate it
                                   require baseControllers .'controller.'. $this -> url[1] .'.php';
                                   $obj = new $this -> url[1];

                                   // check to see if method exists
                                   if(method_exists($obj, $this -> url[2])) {

                                        if($_POST) {
                                             $data = $_POST;
                                        } else {
                                             $data = array($this -> url[3]);
                                        }

                                        // run method if necessary
                                        $data = call_user_func_array(array($obj, $this -> url[2]), $data);
                                        $this -> loadAdminView( $data );

                                   } else {
                                        $this -> loadErrorView();
                                   }

                              } else {
                                   $this -> loadErrorView();
                              }
                         }
                    } else {
                         header("Location: /auth/form");
                    }

               } else {

                    // we check to ensure there is a controller
                    if(file_exists(baseControllers .'controller.'. $this -> url[0] .'.php')) {

                         // require that controller and instantiate it
                         require baseControllers .'controller.'. $this -> url[0] .'.php';
                         $obj = new $this -> url[0];

                         // check to see if method exists
                         if(method_exists($obj, $this -> url[1])) {

                              // run method if necessary
                              $data = call_user_func_array(array($obj, $this -> url[1]), array($this -> url[2]));
                              $this -> loadPublicView( $data );


                         } else {
                              $this -> loadErrorView();
                         }

                    } else {
                         $this -> loadErrorView();
                    }

               }

          }
     }
这实质上是监听一个特定的请求。现在我简化的想法是创建一个自动化路由器。所以我所做的是设置一个.htaccess文件,它接收每个请求并将其定向到index.php。它还接受了.com之后的任何内容,比如
www.testsite.com/admin/pages/edit/5
,并将其附加为get变量

因此,在上面的示例中,我传递了单个请求的四个参数:

admin   -   request path / used to signify a login check must be done before passing 
            them on to their request
pages   -   This would be the class or object
edit    -   This would be the method called from the class / object
5       -   This would be the actual row of the record in the database being edited
所以我开发了一个路由器类,看起来像这样:

Route::get('/user', function()
{
    return "This is a user";
});

class router {

     public $url;
     public $protectedPaths = array('admin','users','client');

     public function __construct() {
          $this -> url = explode('/', $_GET['url']);

          if($this -> url[0] == '') {
               $this -> loadDefaultView();
          } else {
               // Check to ensure that the path is not protected
               if(in_array($this -> url[0], $this -> protectedPaths)) {

                    // check to ensure user is logged in
                    if($_COOKIE['isLogged']) {

                         // This means that there is no action or model needed just a returned view
                         if($this -> url[2] == '') {

                              $this -> loadViewWithoutAction();

                         } else {
                              // we check to ensure there is a controller
                              if(file_exists(baseControllers .'controller.'. $this -> url[1] .'.php')) {

                                   // require that controller and instantiate it
                                   require baseControllers .'controller.'. $this -> url[1] .'.php';
                                   $obj = new $this -> url[1];

                                   // check to see if method exists
                                   if(method_exists($obj, $this -> url[2])) {

                                        if($_POST) {
                                             $data = $_POST;
                                        } else {
                                             $data = array($this -> url[3]);
                                        }

                                        // run method if necessary
                                        $data = call_user_func_array(array($obj, $this -> url[2]), $data);
                                        $this -> loadAdminView( $data );

                                   } else {
                                        $this -> loadErrorView();
                                   }

                              } else {
                                   $this -> loadErrorView();
                              }
                         }
                    } else {
                         header("Location: /auth/form");
                    }

               } else {

                    // we check to ensure there is a controller
                    if(file_exists(baseControllers .'controller.'. $this -> url[0] .'.php')) {

                         // require that controller and instantiate it
                         require baseControllers .'controller.'. $this -> url[0] .'.php';
                         $obj = new $this -> url[0];

                         // check to see if method exists
                         if(method_exists($obj, $this -> url[1])) {

                              // run method if necessary
                              $data = call_user_func_array(array($obj, $this -> url[1]), array($this -> url[2]));
                              $this -> loadPublicView( $data );


                         } else {
                              $this -> loadErrorView();
                         }

                    } else {
                         $this -> loadErrorView();
                    }

               }

          }
     }
因此,我会使用许多不同的if-else语句,也许还有一个开关来区分不同的请求等。最后,我的问题是,自动加载类并运行方法是一种不好的做法。从我在框架中看到的情况来看,这都是手动的,我不是专家,所以我认为这可能是有原因的。此外,我发现在web上的OOP中自动化PHP请求几乎没有什么意义

我真的很想自动化这一点,但同时我也不想引起安全问题。哦,对于用户输入的任何表单或个人信息,所有内容都将是post或ajax,以防止对url的攻击

提前感谢您的任何建议或回答

一些安全问题:1)路由器如何“自动”确定路由?2) 用户可以轻松更改$_COOKIE['isLogged']之类的COOKIE,最好在数据库中存储这样的值。3) POST和AJAX不能抵御XSS攻击(或者人们向您的网站提交他们自己的表单)。出于安全和路由方面的原因,您可能需要一个类似于白名单的系统。创建不同路由请求及其处理程序的数组?基本上,每个请求都将在url中定义,类似于laravel,但会自动定义,例如:

公共url请求示例:
www.testsite.com/users/view/6
用户将是对象,视图将是对象中的方法,6将是用户id

管理员url请求示例:
www.testsite.com/Admin/pages/edit/34
管理员将表示在运行方法或对象之前进行登录检查的受保护路径。Pages将是对象,edit将是方法,34将是您要更新的记录。
这有意义吗?@sman591感谢您的提醒,我从来没有真正遇到过XSS攻击,我以前读过一些关于它们的文章,但并不完全理解它们是什么。我肯定会做更多的研究。因此,如果我在数据库中存储了$_COOKIE['isLogged']值,我该如何将其从一页拉到另一页?@sman591嘿,谢谢,伙计,这是一个很好的例子,我一定会研究这个!