├── .htaccess
├── .travis.yml
├── README
├── config.php
├── controller
    ├── home.php
    ├── home_c.php
    └── index.html
├── index.php
├── library
    ├── cache.php
    ├── controller.php
    ├── db.php
    ├── index.html
    ├── input.php
    ├── load.php
    ├── router.php
    └── session.php
├── model
    └── index.html
├── routes.php
└── view
    ├── footer.php
    ├── header.php
    └── home.php


/.htaccess:
--------------------------------------------------------------------------------
1 | RewriteEngine on
2 | RewriteCond %{REQUEST_FILENAME} !-f
3 | RewriteCond %{REQUEST_FILENAME} !-d
4 | RewriteRule ^(.*)$ /index.php/$1 [L]


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: php
2 | 
3 | php:
4 |   - 5.4
5 |   - 5.5
6 |   - 5.6


--------------------------------------------------------------------------------
/README:
--------------------------------------------------------------------------------
 1 | /* Whats this?? */
 2 | its a No Framework PHP MVC.
 3 | a really really small framework... believe it or not!
 4 | Only 20 kb unzipped
 5 | 
 6 | /* How to Create Routes? */
 7 |  Define your route on routes.php file, and add route by calling,                            
 8 |  // load::l('router')->add('/[uri path]','[template file name]');  
 9 |  
10 |  load::l('router')->add('/','home');
11 |  load::l('router')->add('/home/(.+)/([0-9]+)','home'); //Regex Route
12 | 
13 | /* How to Create Controller? */
14 |  Save your controller file at controller dir, ex: /controller/home_c.php 
15 |  the class name will be Class Home_c{}, and then extend it with Controller abstract class 
16 |  
17 |  Class Home_c extends Controller
18 |  {
19 |   public function __construct()
20 |   {
21 |    //Getting Regex Arguments from URL Segments if exists (optional)
22 |    $reg = load::l('router')->reg_segments;
23 |    
24 |    //Set Template Variable
25 |    $this->setOutput(array('hello'=>"Hello World!"));
26 |   }
27 |  }
28 |  //!important!
29 |  Controller must be load directly on your view file 
30 | 
31 | /* How to Create your Template/View? */
32 |  Save your view file at view dir, ex: /view/home.php 
33 |  
34 |  //Optional (you may want a simple static template)
35 |  On your view file, load the CONTROLLER AT THE VERY TOP OF CODE LINE, by calling 
36 |  extract(load::c('[controller name]')->getOutput());
37 |  and extract it if you have output variables from the controller.
38 |  
39 |  You may load other view/template by calling 
40 |  // load::v('[template file name]');
41 |  
42 |  home.php <<<
43 |  1. <?php extract(load::c('home_c')->getOutput()); //Load and extract controller variables ?>
44 |  2.
45 |  3. <?php load::v('header'); //Begin HTML ?>
46 |  4. <h1><?php echo $hello;?> </h1>
47 |  5. <?php load::v('footer');//End HTML ?>
48 |  
49 | /* How to Create Library/Model? */
50 |  Basically you only need to create a reguler class base on your model/library file,
51 |  its the same like controller does.
52 |  ex : /model/home_m.php , and the class name will be, Class Home_m {}
53 |  ex : /library/mylib_l.php , and the class name will be, Class mylib_l {}
54 | 
55 |  You may load the library or model anytime anywhere by calling 
56 |  // load::m('[model name]')->[method name]
57 |  // load::l('[library name]')->[method name]
58 |   
59 | /* Wrappers */
60 |  load::c('[controller name]',[arguments array optional]);
61 |  load::m('[model name]',[arguments array optional]);
62 |  load::v('[view name]',[arguments array optional]);
63 |  load::l('[library name]',[arguments array optional]); 
64 |   


--------------------------------------------------------------------------------
/config.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | /*
 3 |  * Define All your configuration here
 4 |  *
 5 |  */
 6 | 
 7 | //DEFINE SITE URL
 8 | define('SITE_URL','http://localhost/');
 9 | define('DEFAULT_ROUTE','home');
10 |  
11 | //DEFINED PATH
12 | define('ROOT_DIR',dirname(realpath(__FILE__)).'/');
13 | define('CONTROLLER_DIR',ROOT_DIR.'/controller/');
14 | define('MODEL_DIR',ROOT_DIR.'/model/');
15 | define('VIEW_DIR',ROOT_DIR.'/view/');
16 | define('LIBRARY_DIR',ROOT_DIR.'/library/');
17 | 
18 | //PDO DATABASE CREDENTIAL
19 | define('DB_ENGINE','');
20 | define('DB_NAME','');
21 | define('DB_HOST','');
22 | define('DB_USER','');
23 | define('DB_PASSWORD','');


--------------------------------------------------------------------------------
/controller/home.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 |  Class Home extends Controller
 3 |  {
 4 |   public function __construct()
 5 |   {
 6 |    //Getting Regex Arguments from URL Segments if exists (optional)
 7 |    $reg = load::l('router')->reg_segments;
 8 |    
 9 |    $this->setVars(array('hello'=>"Hello World!"));
10 |   }
11 |  } 
12 |  


--------------------------------------------------------------------------------
/controller/home_c.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 |  Class Home_c extends Controller
 3 |  {
 4 |   public function __construct()
 5 |   {
 6 |    //Getting Regex Arguments from URL Segments if exists (optional)
 7 |    $reg = load::l('router')->reg_segments;
 8 |    
 9 |    $this->setOutput(array('hello'=>"Hello World!"));
10 |   }
11 |  } 
12 |  


--------------------------------------------------------------------------------
/controller/index.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kh411d/no-framework-php/545265b95e56ba9f723ecfc149b077cec315d360/controller/index.html


--------------------------------------------------------------------------------
/index.php:
--------------------------------------------------------------------------------
 1 | <?php 
 2 | //wowowowowo
 3 | // Initialize !Important!
 4 | include "config.php";
 5 | 
 6 | // Include Loader !Important!
 7 | include LIBRARY_DIR."load.php";
 8 | 
 9 | // Load Session
10 | load::l('session');
11 | 
12 | // Sanitize all input !Important!
13 | load::l('input');
14 | 
15 | // Set Default Route
16 | if(!defined('DEFAULT_ROUTE') || DEFAULT_ROUTE == '')die('Default Route is Missing');
17 | load::l('router')->add('/',DEFAULT_ROUTE);
18 | 
19 | //Include Other Routes
20 | include "routes.php";
21 | 
22 | //Ready get set .... Go!
23 | load::l('router')->run();


--------------------------------------------------------------------------------
/library/cache.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 |  Class Cache 
 3 |  {
 4 |   public function __construct()
 5 |   {
 6 |    if(!function_exists('apc_fetch')) die("PECL APC Not Installed, Cache Library cannot be use");
 7 |   }
 8 |   
 9 |    public function get($key)
10 |   {
11 |     if(empty($key)){
12 |       return null;
13 |     }else{
14 |       $value = apc_fetch($key);
15 |       return $value;
16 |     }
17 |   }
18 | 
19 |   public function set($key = null, $value = null)
20 |   {
21 |     if(empty($key) || $value === null)
22 |       return false;
23 |     apc_store($key, $value);
24 |     return true;
25 |   }
26 |   
27 |   public function clear()
28 |   {
29 |    return apc_clear_cache('user');
30 |   }
31 |   
32 |   public function info()
33 |   {
34 |    return apc_cache_info('user');
35 |   }
36 |  }
37 | ?> 


--------------------------------------------------------------------------------
/library/controller.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | abstract Class Controller 
 3 | {
 4 |  protected $vars = array();
 5 |  
 6 |  public function getOutput()
 7 |  {
 8 |   if($idx = @func_get_arg(0)) 
 9 |    return isset($this->vars[$idx]) ? $this->vars[$idx] : $this->vars;
10 |   
11 |   return $this->vars; 
12 |  }
13 |  
14 |  protected function setOutput($key,$value = NULL)
15 |  {
16 |   if(is_array(func_get_arg(0))){
17 |     foreach(func_get_arg(0) as $key => $value)$this->vars[$key] = $value;
18 |   }else{  
19 | 	$this->vars[$key] = $value;
20 |   }
21 |  }
22 | } 


--------------------------------------------------------------------------------
/library/db.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | Class db
  3 | {
  4 |  public $dbh;
  5 |  public $num_rows;
  6 |  
  7 |  
  8 |  public function __construct()
  9 |  {
 10 |   if(!defined('DB_ENGINE') || !defined('DB_HOST') || !defined('DB_NAME') || !defined('DB_USER') )
 11 |    die('undefined db credential');
 12 | 
 13 | 	try {
 14 | 		$this->dbh = new PDO(DB_ENGINE.':'.'dbname='.DB_NAME.';host='.DB_HOST, DB_USER, DB_PASSWORD);
 15 | 		$this->dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 16 | 	} catch (PDOException $e) {
 17 | 		echo 'Connection failed: ' . $e->getMessage();
 18 | 	}
 19 |  }
 20 |  
 21 |  public function query($sql,$params = NULL,$return = PDO::FETCH_OBJ)
 22 |  {
 23 | 	try 
 24 | 	{
 25 | 	$sth = $this->dbh->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
 26 | 	$sth->execute($params);
 27 | 	return $sth->fetchAll($return);
 28 | 	} 
 29 | 	catch (PDOException $e)
 30 | 	{
 31 | 	 echo $e->getMessage()."-".$sql;
 32 | 	 return false;
 33 | 	}
 34 |  }
 35 |  
 36 |  public function get_row($sql,$params = NULL,$return = PDO::FETCH_OBJ)
 37 |  {
 38 | 	try 
 39 | 	{
 40 | 	 $sth = $this->dbh->prepare($sql);
 41 | 	 $sth->execute($params);
 42 | 	 return $sth->fetch($return);
 43 | 	} 
 44 | 	catch (PDOException $e)
 45 | 	{
 46 | 	 echo $e->getMessage()."-".$sql;
 47 | 	 return false;
 48 | 	}
 49 |  }
 50 |  
 51 |  function get_var($sql,$params = NULL)
 52 |  {
 53 | 	try 
 54 | 	{
 55 | 	$sth = $this->dbh->prepare($sql);
 56 | 	$sth->execute($params);
 57 | 	return $sth->fetchcolumn();
 58 | 	} 
 59 | 	catch (PDOException $e)
 60 | 	{
 61 | 	 echo $e->getMessage()."-".$sql;
 62 | 	 return false;
 63 | 	}
 64 |  }
 65 | 
 66 |  
 67 |  public function insert($table, $data) {
 68 | 		$fields = array_keys($data);
 69 | 		$param_fields = array();
 70 | 		foreach ( $fields as $field ) {
 71 | 			$param_fields[] = ":".addslashes($field);
 72 | 		}
 73 | 		//echo $sql;
 74 | 		$sql = "INSERT INTO `$table` (`" . implode( '`,`', $fields ) . "`) VALUES (" . implode( ",", $param_fields ) . ")";
 75 | 
 76 | 		try 
 77 | 		{
 78 | 		 $sth = $this->dbh->prepare($sql);
 79 | 		 $sth->execute($data);
 80 | 		 return $this->dbh->lastInsertId();
 81 | 		} 
 82 | 		catch (PDOException $e)
 83 | 		{
 84 | 		 echo $e->getMessage()."-".$sql;
 85 | 		 return false;
 86 | 		}
 87 | 	}
 88 | 
 89 | 
 90 |  public	function update($table, $data, $where) {
 91 | 		if ( !is_array( $where ) )
 92 | 			return false;
 93 | 
 94 | 		$bits = $wheres = array();
 95 | 		foreach ( (array) array_keys($data) as $field ) {
 96 | 				$form = ":".addslashes($field);
 97 | 			$bits[] = "`$field` = {$form}";
 98 | 		}
 99 | 
100 | 		foreach ( (array) array_keys($where) as $field ) {
101 | 				$form = ":".addslashes($field);
102 | 			$wheres[] = "`$field` = {$form}";
103 | 		}
104 | 
105 | 		$sql = "UPDATE `$table` SET " . implode( ', ', $bits ) . ' WHERE ' . implode( ' AND ', $wheres );
106 | 		
107 | 		try 
108 | 		{
109 | 		 $sth = $this->dbh->prepare($sql);
110 | 		 $sth->execute($data);
111 | 		 return $this->dbh->rowCount();
112 | 		} 
113 | 		catch (PDOException $e)
114 | 		{
115 | 		 echo $e->getMessage()."-".$sql;
116 | 		 return false;
117 | 		}
118 | 	}
119 |  
120 |  public function start_transact()
121 |  {
122 |  $this->dbh->beginTransaction();
123 |  }
124 |  
125 |  public function end_transact()
126 |  {
127 |   $this->dbh->commit();
128 |  }
129 |  
130 |  public function rollback_transact()
131 |  {
132 |   $this->dbh->rollBack();
133 |  }
134 | 
135 | 
136 | }
137 | 
138 | 


--------------------------------------------------------------------------------
/library/index.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kh411d/no-framework-php/545265b95e56ba9f723ecfc149b077cec315d360/library/index.html


--------------------------------------------------------------------------------
/library/input.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | /*
  3 |  * This Class was adapted from CodeIgniter1.7.2 Input Library
  4 |  *
  5 |  * Pre-processes global input data for security
  6 |  *
  7 |  * @package		CodeIgniter
  8 |  * @link		http://codeigniter.com/user_guide/libraries/input.html
  9 |  */
 10 | 
 11 |  Class Input 
 12 |  {
 13 |     public $use_xss_clean = TRUE;
 14 | 	
 15 | 	/* never allowed, string replacement */
 16 | 	protected $never_allowed_str = array(
 17 | 									'document.cookie'	=> '[removed]',
 18 | 									'document.write'	=> '[removed]',
 19 | 									'.parentNode'		=> '[removed]',
 20 | 									'.innerHTML'		=> '[removed]',
 21 | 									'window.location'	=> '[removed]',
 22 | 									'-moz-binding'		=> '[removed]',
 23 | 									'<!--'				=> '&lt;!--',
 24 | 									'-->'				=> '--&gt;',
 25 | 									'<![CDATA['			=> '&lt;![CDATA['
 26 | 									);
 27 | 	/* never allowed, regex replacement */
 28 | 	protected $never_allowed_regex = array(
 29 | 										"javascript\s*:"			=> '[removed]',
 30 | 										"expression\s*(\(|&\#40;)"	=> '[removed]', // CSS and IE
 31 | 										"vbscript\s*:"				=> '[removed]', // IE, surprise!
 32 | 										"Redirect\s+302"			=> '[removed]'
 33 | 									);
 34 |  
 35 |   public function __construct()
 36 |   {
 37 |    $this->sanitize();
 38 |   }
 39 |   
 40 |   protected function sanitize()
 41 |   {
 42 |    if(isset($_GET))
 43 | 	$_GET = $this->clean_input_data($_GET);
 44 |    if(isset($_POST))	
 45 | 	$_POST = $this->clean_input_data($_POST);
 46 | 
 47 |     //You will need to use html_entity_decode() for all cookie after sanitizing input
 48 |     //if(isset($_COOKIE))	
 49 | 	//$_COOKIE = $this->clean_input_data($_COOKIE);
 50 | 
 51 |   }
 52 |   
 53 |   public function get($key)
 54 |   {
 55 |    return $_GET[$key];
 56 |   }
 57 |   
 58 |   public function post($key)
 59 |   {
 60 |    return $_POST[$key];
 61 |   }
 62 |   
 63 |   public function clean_input_data($str)
 64 | 	{
 65 | 		if (is_array($str))
 66 | 		{
 67 | 			$new_array = array();
 68 | 			foreach ($str as $key => $val)
 69 | 			{
 70 | 				$new_array[$this->clean_input_keys($key)] = $this->clean_input_data($val);
 71 | 			}
 72 | 			return $new_array;
 73 | 		}
 74 | 
 75 | 		// We strip slashes if magic quotes is on to keep things consistent
 76 | 		if (get_magic_quotes_gpc())
 77 | 		{
 78 | 			$str = stripslashes($str);
 79 | 		}
 80 | 
 81 | 		// Should we filter the input data?
 82 | 		if ($this->use_xss_clean === TRUE)
 83 | 		{
 84 | 			$str = $this->xss_clean($str);
 85 | 		}
 86 | 
 87 | 		// Standardize newlines
 88 | 		if (strpos($str, "\r") !== FALSE)
 89 | 		{
 90 | 			$str = str_replace(array("\r\n", "\r"), "\n", $str);
 91 | 		}
 92 | 		
 93 | 		
 94 | 		/*if(!get_magic_quotes_gpc()) {
 95 | 		  $str = addslashes($str);
 96 | 		}*/
 97 | 		$str = htmlspecialchars($str,ENT_QUOTES);
 98 | 
 99 | 		return $str;
100 | 	}
101 | 
102 | 	protected function clean_input_keys($str)
103 | 	{
104 | 		if ( ! preg_match("/^[a-z0-9:_\/-]+$/i", $str))
105 | 		{
106 | 			die('Disallowed Key Characters.');
107 | 		}
108 | 
109 | 		return $str;
110 | 	}
111 | 	
112 | 	function xss_clean($str, $is_image = FALSE)
113 | 	{
114 | 		if (is_array($str))
115 | 		{
116 | 			while (list($key) = each($str))
117 | 			{
118 | 				$str[$key] = $this->xss_clean($str[$key]);
119 | 			}
120 | 
121 | 			return $str;
122 | 		}
123 | 
124 | 		$str = preg_replace('|\&([a-z\_0-9]+)\=([a-z\_0-9]+)|i', $this->xss_hash()."\\1=\\2", $str);
125 | 		$str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str);
126 | 		$str = preg_replace('#(&\#x?)([0-9A-F]+);?#i',"\\1\\2;",$str);
127 | 		$str = str_replace($this->xss_hash(), '&', $str);
128 | 		$str = rawurldecode($str);
129 | 		$str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str);
130 | 		$str = preg_replace_callback("/<\w+.*?(?=>|<|$)/si", array($this, '_html_entity_decode_callback'), $str);
131 | 		$str = $this->_remove_invisible_characters($str);
132 | 
133 |  		if (strpos($str, "\t") !== FALSE)
134 | 		{
135 | 			$str = str_replace("\t", ' ', $str);
136 | 		}
137 | 
138 | 		$converted_string = $str;
139 | 
140 | 		foreach ($this->never_allowed_str as $key => $val)
141 | 		{
142 | 			$str = str_replace($key, $val, $str);   
143 | 		}
144 | 
145 | 		foreach ($this->never_allowed_regex as $key => $val)
146 | 		{
147 | 			$str = preg_replace("#".$key."#i", $val, $str);   
148 | 		}
149 | 
150 | 		if ($is_image === TRUE)
151 | 		{
152 | 			$str = preg_replace('/<\?(php)/i', "&lt;?\\1", $str);
153 | 		}
154 | 		else
155 | 		{
156 | 			$str = str_replace(array('<?', '?'.'>'),  array('&lt;?', '?&gt;'), $str);
157 | 		}
158 | 
159 | 		$words = array('javascript', 'expression', 'vbscript', 'script', 'applet', 'alert', 'document', 'write', 'cookie', 'window');
160 | 		foreach ($words as $word)
161 | 		{
162 | 			$temp = '';
163 | 
164 | 			for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++)
165 | 			{
166 | 				$temp .= substr($word, $i, 1)."\s*";
167 | 			}
168 | 
169 | 			$str = preg_replace_callback('#('.substr($temp, 0, -3).')(\W)#is', array($this, '_compact_exploded_words'), $str);
170 | 		}
171 | 
172 | 		do
173 | 		{
174 | 			$original = $str;
175 | 
176 | 			if (preg_match("/<a/i", $str))
177 | 			{
178 | 				$str = preg_replace_callback("#<a\s+([^>]*?)(>|$)#si", array($this, '_js_link_removal'), $str);
179 | 			}
180 | 
181 | 			if (preg_match("/<img/i", $str))
182 | 			{
183 | 				$str = preg_replace_callback("#<img\s+([^>]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str);
184 | 			}
185 | 
186 | 			if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str))
187 | 			{
188 | 				$str = preg_replace("#<(/*)(script|xss)(.*?)\>#si", '[removed]', $str);
189 | 			}
190 | 		}
191 | 		while($original != $str);
192 | 
193 | 		unset($original);
194 | 
195 | 		$event_handlers = array('[^a-z_\-]on\w*','xmlns');
196 | 
197 | 		if ($is_image === TRUE)
198 | 		{
199 | 			unset($event_handlers[array_search('xmlns', $event_handlers)]);
200 | 		}
201 | 
202 | 		$str = preg_replace("#<([^><]+?)(".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str);
203 | 
204 | 		$naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss';
205 | 		$str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str);
206 | 
207 | 		$str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\s*)\((.*?)\)#si', "\\1\\2&#40;\\3&#41;", $str);
208 | 
209 | 		foreach ($this->never_allowed_str as $key => $val)
210 | 		{
211 | 			$str = str_replace($key, $val, $str);   
212 | 		}
213 | 
214 | 		foreach ($this->never_allowed_regex as $key => $val)
215 | 		{
216 | 			$str = preg_replace("#".$key."#i", $val, $str);
217 | 		}
218 | 
219 | 		if ($is_image === TRUE)
220 | 		{
221 | 			if ($str == $converted_string)
222 | 			{
223 | 				return TRUE;
224 | 			}
225 | 			else
226 | 			{
227 | 				return FALSE;
228 | 			}
229 | 		}
230 | 		return $str;
231 | 	}
232 | 	
233 | 	function xss_hash()
234 | 	{
235 | 		if ($this->xss_hash == '')
236 | 		{
237 | 			if (phpversion() >= 4.2)
238 | 				mt_srand();
239 | 			else
240 | 				mt_srand(hexdec(substr(md5(microtime()), -8)) & 0x7fffffff);
241 | 
242 | 			$this->xss_hash = md5(time() + mt_rand(0, 1999999999));
243 | 		}
244 | 
245 | 		return $this->xss_hash;
246 | 	}
247 | 
248 | 	function _remove_invisible_characters($str)
249 | 	{
250 | 		static $non_displayables;
251 | 
252 | 		if ( ! isset($non_displayables))
253 | 		{
254 | 			// every control character except newline (dec 10), carriage return (dec 13), and horizontal tab (dec 09),
255 | 			$non_displayables = array(
256 | 										'/%0[0-8bcef]/',			// url encoded 00-08, 11, 12, 14, 15
257 | 										'/%1[0-9a-f]/',				// url encoded 16-31
258 | 										'/[\x00-\x08]/',			// 00-08
259 | 										'/\x0b/', '/\x0c/',			// 11, 12
260 | 										'/[\x0e-\x1f]/'				// 14-31
261 | 									);
262 | 		}
263 | 
264 | 		do
265 | 		{
266 | 			$cleaned = $str;
267 | 			$str = preg_replace($non_displayables, '', $str);
268 | 		}
269 | 		while ($cleaned != $str);
270 | 
271 | 		return $str;
272 | 	}
273 | 
274 | 	function _compact_exploded_words($matches)
275 | 	{
276 | 		return preg_replace('/\s+/s', '', $matches[1]).$matches[2];
277 | 	}
278 | 
279 | 	function _sanitize_naughty_html($matches)
280 | 	{
281 | 		// encode opening brace
282 | 		$str = '&lt;'.$matches[1].$matches[2].$matches[3];
283 | 
284 | 		// encode captured opening or closing brace to prevent recursive vectors
285 | 		$str .= str_replace(array('>', '<'), array('&gt;', '&lt;'), $matches[4]);
286 | 
287 | 		return $str;
288 | 	}
289 | 
290 | 	function _js_link_removal($match)
291 | 	{
292 | 		$attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1]));
293 | 		return str_replace($match[1], preg_replace("#href=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si", "", $attributes), $match[0]);
294 | 	}
295 | 
296 | 	function _js_img_removal($match)
297 | 	{
298 | 		$attributes = $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1]));
299 | 		return str_replace($match[1], preg_replace("#src=.*?(alert\(|alert&\#40;|javascript\:|charset\=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si", "", $attributes), $match[0]);
300 | 	}
301 | 
302 | 	function _convert_attribute($match)
303 | 	{
304 | 		return str_replace(array('>', '<', '\\'), array('&gt;', '&lt;', '\\\\'), $match[0]);
305 | 	}
306 | 
307 | 	function _html_entity_decode_callback($match)
308 | 	{
309 | 		$CFG =& load_class('Config');
310 | 		$charset = $CFG->item('charset');
311 | 
312 | 		return $this->_html_entity_decode($match[0], strtoupper($charset));
313 | 	}
314 | 
315 | 	function _html_entity_decode($str, $charset='UTF-8')
316 | 	{
317 | 		if (stristr($str, '&') === FALSE) return $str;
318 | 
319 | 		if (function_exists('html_entity_decode') && (strtolower($charset) != 'utf-8' OR version_compare(phpversion(), '5.0.0', '>=')))
320 | 		{
321 | 			$str = html_entity_decode($str, ENT_COMPAT, $charset);
322 | 			$str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str);
323 | 			return preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str);
324 | 		}
325 | 
326 | 		// Numeric Entities
327 | 		$str = preg_replace('~&#x(0*[0-9a-f]{2,5});{0,1}~ei', 'chr(hexdec("\\1"))', $str);
328 | 		$str = preg_replace('~&#([0-9]{2,4});{0,1}~e', 'chr(\\1)', $str);
329 | 
330 | 		// Literal Entities - Slightly slow so we do another check
331 | 		if (stristr($str, '&') === FALSE)
332 | 		{
333 | 			$str = strtr($str, array_flip(get_html_translation_table(HTML_ENTITIES)));
334 | 		}
335 | 
336 | 		return $str;
337 | 	}
338 | 
339 | 	function _filter_attributes($str)
340 | 	{
341 | 		$out = '';
342 | 
343 | 		if (preg_match_all('#\s*[a-z\-]+\s*=\s*(\042|\047)([^\\1]*?)\\1#is', $str, $matches))
344 | 		{
345 | 			foreach ($matches[0] as $match)
346 | 			{
347 | 				$out .= preg_replace("#/\*.*?\*/#s", '', $match);
348 | 			}
349 | 		}
350 | 
351 | 		return $out;
352 | 	}
353 |   
354 |  }


--------------------------------------------------------------------------------
/library/load.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | Class Load 
 4 | {  
 5 |    public static $instance = array();
 6 |    public function __construct(){}
 7 |    
 8 | 	public static function c($name,$args = array())
 9 | 	{
10 | 	 if(!file_exists(CONTROLLER_DIR.$name.".php")) die("$name - File Not Found");
11 | 	 require_once LIBRARY_DIR."controller.php";
12 | 	 require_once CONTROLLER_DIR.$name.".php";
13 | 	 return self::get_instance($name,$args);
14 | 	}
15 | 
16 | 	public static function l($name,$args = array())
17 | 	{ 
18 | 	 if(!file_exists(LIBRARY_DIR.$name.".php"))die("$name - File Not Found");
19 | 	 require_once LIBRARY_DIR.$name.".php";
20 | 	 return self::get_instance($name,$args);
21 | 	}
22 | 
23 | 	public static function m($name,$args = array())
24 | 	{
25 | 	 if(!file_exists(MODEL_DIR.$name.".php"))die("$name - File Not Found");
26 | 	 require_once MODEL_DIR.$name.".php";
27 | 	 return self::get_instance($name,$args);
28 | 	}
29 | 
30 | 	public static function v($name,$args = array())
31 | 	{
32 | 	 if(!file_exists(VIEW_DIR.$name.".php"))die("$name - File Not Found");
33 | 	 require_once VIEW_DIR.$name.".php";
34 | 	}
35 | 	
36 | 	public static function get_instance($name, $args = array())
37 | 	{
38 | 	 if (class_exists($name) && !array_key_exists($name,self::$instance)) {
39 | 		  self::$instance[$name] = new $name($args);
40 | 		  return self::$instance[$name];
41 | 	 }elseif(class_exists($name) && array_key_exists($name,self::$instance)){
42 | 	 	  return self::$instance[$name];
43 | 	 }else{
44 | 	  return NULL;
45 | 	 }
46 | 	}
47 | }
48 | 
49 | 


--------------------------------------------------------------------------------
/library/router.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 |  Class Router 
 3 |  {
 4 | 	protected $routes = array();
 5 | 	protected $regexes = array();
 6 | 	public $uri_string;
 7 | 	public $segments = array();
 8 | 	public $reg_segments = array();
 9 | 	public $permitted_uri_chars = 'a-z 0-9~%.:_\-';
10 | 	
11 |  
12 | 	public function __construct()
13 | 	{
14 | 	 $this->fetch_uri_string();
15 | 	 $this->explode_segments();
16 | 	}
17 | 	
18 | 	public function add($path,$view)
19 | 	{
20 | 	  $this->routes[] = array('path' => $path, 'view' => $view);
21 |       $this->regexes[]= "#^{$path}\$#";
22 | 	}
23 | 	
24 | 	protected function fetch_uri_string()
25 | 	{
26 | 			$path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO');
27 | 			if (trim($path, '/') != '' && $path != "/".SELF)
28 | 			{
29 | 				$this->uri_string = $path;
30 | 				return;
31 | 			}
32 | 
33 | 			$path = str_replace($_SERVER['SCRIPT_NAME'], '', (isset($_SERVER['ORIG_PATH_INFO'])) ? $_SERVER['ORIG_PATH_INFO'] : @getenv('ORIG_PATH_INFO'));
34 | 			if (trim($path, '/') != '' && $path != "/".SELF)
35 | 			{
36 | 				$this->uri_string = $path;
37 | 				return;
38 | 			}
39 | 
40 | 			$this->uri_string = '/';
41 | 			
42 | 	}
43 | 	
44 | 	protected function explode_segments()
45 | 	{
46 | 		foreach(explode("/", preg_replace("|/*(.+?)/*$|", "\\1", $this->uri_string)) as $val)
47 | 		{
48 | 			// Filter segments for security
49 | 			$val = trim($this->filter_uri($val));
50 | 
51 | 			if ($val != '')
52 | 			{
53 | 				$this->segments[] = $val;
54 | 			}
55 | 		}
56 | 	}
57 | 	
58 | 	protected function filter_uri($str)
59 | 	{
60 | 		if ($str != '' && $this->permitted_uri_chars != '' )
61 | 		{
62 | 			// preg_quote() in PHP 5.3 escapes -, so the str_replace() and addition of - to preg_quote() is to maintain backwards
63 | 			// compatibility as many are unaware of how characters in the permitted_uri_chars will be parsed as a regex pattern
64 | 			if ( ! preg_match("|^[".str_replace(array('\\-', '\-'), '-', preg_quote($this->permitted_uri_chars, '-'))."]+$|i", $str))
65 | 			{
66 | 				die('The URI you submitted has disallowed characters.');
67 | 			}
68 | 		}
69 | 
70 | 		// Convert programatic characters to entities
71 | 		$bad	= array('$', 		'(', 		')',	 	'%28', 		'%29');
72 | 		$good	= array('&#36;',	'&#40;',	'&#41;',	'&#40;',	'&#41;');
73 | 
74 | 		return str_replace($bad, $good, $str);
75 | 	}
76 | 
77 | 	
78 | 	 public function run()
79 | 	  { 
80 | 		foreach($this->regexes as $ind => $regex)
81 | 		{
82 | 		  if(preg_match($regex, $this->uri_string, $arguments))
83 | 		  { 
84 | 			array_shift($arguments);
85 | 			$def = $this->routes[$ind];
86 | 			if(file_exists(VIEW_DIR.$def['view'].'.php'))
87 | 			{
88 | 			 $this->reg_segments = load::l('input')->clean_input_data($arguments);
89 | 			 load::v($def['view']);
90 | 			 return;
91 | 			}else{
92 | 			 die('Could not call ' . json_encode($def) . " for route {$regex}");
93 | 			}
94 | 		  }
95 | 		}
96 | 		die("Could not find route {$this->uri_string} from {$_SERVER['REQUEST_URI']}");
97 | 	  }
98 |  }


--------------------------------------------------------------------------------
/library/session.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 |  Class Session 
 3 |  {
 4 | 	public function __construct()
 5 | 	{
 6 | 	 session_start();
 7 | 	}
 8 | 	
 9 | 	public function set($key,$value = NULL,$overwrite = TRUE)
10 | 	{
11 | 	 if($overwrite)
12 | 	 $_SESSION[$key] = $value;
13 | 	 
14 | 	 return $_SESSION[$key];
15 | 	}
16 | 	
17 | 	public function get($key,$prefix = false)
18 | 	{
19 | 	 if($prefix)
20 | 	 { 
21 | 	  $tmp = array();
22 | 	  foreach($_SESSION as $k => $v){
23 | 	   if(strpos($k, $key) === 0)
24 | 	     $tmp[$k] = $_SESSION[$k];
25 | 	  }
26 | 	  return $tmp;
27 | 	 }
28 | 	 
29 | 	 return $_SESSION[$key];
30 | 	}
31 | 	
32 | 	public function is_set($key)
33 | 	{
34 | 	 if(!is_array($key)){
35 | 	   $key = func_num_args() > 0 ? func_get_args() : array($key);
36 | 	 }else{
37 | 	  $key = array_values($key);
38 | 	 }
39 | 	 foreach ($key as $v){
40 | 	  if(!isset($_SESSION[$v]) || empty($_SESSION[$v]))return false; 
41 | 	 }
42 | 	 return true;
43 | 	}
44 | 	
45 | 	public function clear($key,$prefix = false)
46 | 	{
47 | 	 if($prefix)
48 | 	 {
49 | 	  foreach($_SESSION as $k => $v){
50 | 	   if(strpos($k, $key) === 0) unset($_SESSION[$k]);
51 | 	  }
52 | 	  return;
53 | 	 }
54 | 	 unset($_SESSION[$key]);
55 | 	 return;
56 | 	}
57 | 	
58 | 	public function end()
59 | 	{
60 | 	 $_SESSION = array();
61 | 	 session_destroy();
62 | 	}
63 |  }


--------------------------------------------------------------------------------
/model/index.html:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kh411d/no-framework-php/545265b95e56ba9f723ecfc149b077cec315d360/model/index.html


--------------------------------------------------------------------------------
/routes.php:
--------------------------------------------------------------------------------
1 | <?php
2 | if(!defined('ROOT_DIR'))die('Access Denied');
3 | // NEED TO DEFINE ALL ROUTE HERE! !Important!
4 | // http://www.xxx.com/index.php/home
5 | // with htaccess: http://www.xxx.com/home
6 | // load::l('router')->add('/[YOUR URI PATH]','[YOUR VIEW/TEMPLATE FILE NAME]');
7 | 
8 | load::l('router')->add('/home/(.+)/([0-9]+)','home');
9 | 


--------------------------------------------------------------------------------
/view/footer.php:
--------------------------------------------------------------------------------
1 |  </body>
2 | </html>


--------------------------------------------------------------------------------
/view/header.php:
--------------------------------------------------------------------------------
1 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
2 |         "http://www.w3.org/TR/html4/loose.dtd">
3 | <html lang="en">
4 |  <head>
5 |   <title>No Framework</title>
6 |  </head>
7 |  <body>


--------------------------------------------------------------------------------
/view/home.php:
--------------------------------------------------------------------------------
1 | <?php extract(load::c('home_c')->getOutput()); //Load and extract controller variables ?>
2 | 
3 | <?php load::v('header'); //Begin HTML ?>
4 | <h1><?php echo $hello;?> </h1>
5 | <?php load::v('footer');//End HTML ?>
6 | 


--------------------------------------------------------------------------------