[OWASP_PHPSEC] Need Help understanding framework

Abbas Naderi abiusx at owasp.org
Fri Aug 16 21:01:44 UTC 2013

Sorry for the vague code! I wanted to polish it more but my US visa got ready and I'm in the process of moving to US, thats why I left it at that (not so) fragile state.
loader.php is the environment setup file. It makes the framework work properly whether its called from command line or the web. Basically everything that comes from the environment to the framework is set here.
front.php is the FrontController. To know what that is, you need to learn more about the MVC model. After that, drop another email and describe it to others, and I can then describe the extended pull MVC model.

Controller is an abstract class, because the application developer should create controllers that extend it.

DefaultController is a controller that handles a bunch of requests, not just one. Basically each controller is assigned to a single URI, e.g app/user/login. One might want to have a default controller to control a lot of requests, e.g

and everything at app/posts/* to be handled by a single controller. Those are handled by a default (catch) controller.

routes define which URI is handled by which controller. everything outside _core folder is a sample application, and not a necessary part of the framework (except for files in config folder which are required for framework configuration, e.g database credentials).

Notice: This message is digitally signed, its source and integrity are verifiable.
If you mail client does not support S/MIME verification, it will display a file (smime.p7s), which includes the X.509 certificate and the signature body.  Read more at Certified E-Mail with Comodo and Thunderbird in AbiusX.com

On Mordad 25, 1392, at 11:22 PM, rahul chaudhary <rahul300chaudhary400 at gmail.com> wrote:

> Hello All,
> I need help understanding the overall structure of framework that Abbas created.
> This is what I have understood this far:
> There is a folder called _core:
> 1) There is a file called "autoloader.php" which loads all the core classes in PHPSEC and then defines path to all other classes. It provides functions to load any class within framework or PHPSEC.
> 2) "Loader.php" prepares the HTTP Requests prior to calling front.php. E.g setting baseURL
> 3) "front.php"---> this is the main doubt. It says that it handles the application. But handling means what ? What are controllers. Because Controller class is just an abstract class and DefaultController is also not that descriptive that I can deduce what is does ?
> Other classes such as routes.php or default.php...I understand their meaning not fully but up to like 80%......so can someone please explain me what is framework about and what is it doing ? (Or you can just point me to some link...I will learn from there..)
> -- 
> Regards,
> Rahul Chaudhary
> Ph - 412-519-9634
> _______________________________________________
> OWASP_PHP_Security_Project mailing list
> OWASP_PHP_Security_Project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130817/113d056c/attachment-0001.html>

More information about the OWASP_PHP_Security_Project mailing list