[OWASP_PHPSEC] Need Help understanding framework

rahul chaudhary rahul300chaudhary400 at gmail.com
Wed Aug 21 12:21:56 UTC 2013


yes yes...I know that...but there is a function called start and
matchRoutes....those two are difficult to understand... :(


On Wed, Aug 21, 2013 at 5:50 PM, Abbas Naderi <abiusx at owasp.org> wrote:

> It is almost correct. There is no rigid definition of borders in these
> three concepts.
> FrontController is in charge of receiving all requests sent to an
> application, and dispatching them to the correct controllers.
> -A
>
> ______________________________________________________________
> *Notice:** *This message is *digitally signed*, its *source* and *
> integrity* are verifiable.
> If you mail client does not support S/MIME verification, it will display a
> file (smime.p7s), which includes the X.509 certificate and the signature
> body.  Read more at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
> AbiusX.com
>
> On Mordad 30, 1392, at 4:45 PM, rahul chaudhary <
> rahul300chaudhary400 at gmail.com> wrote:
>
> Hello All,
>
> Here is what I learned about MVC. There are two ways to make a
> web-application. One way is to create with haste and without planning...and
> another is to create the application with proper planning.
>
> MVC is the second type.
>
> In MVC, there are three main components....controller, model and view. A
> controller is used to mediate controls between model and view. It also
> interprets commands and passes control between model and view.
>
> E.g:
> Lets say there is a bank site. So, obviously, there is a DB. There are
> web-pages and there are charts, graphs etc. To divide an application
> properly, MVC states that you keep all your components in the "view" part
> that shows the output. In our bank application, suppose a user requests a
> slip of its bank details. Then the server would return some data such as
> account number, available balance etc. The role of view is to show this
> data in a proper format. View is also responsible for showing information
> in different formats such as same information can be shown in bar charts as
> well as pie charts....this is the role of view to show data in different
> formats if requested.
>
> The model part is business logic. So you will keep all files that actually
> manage your application. For e.g. a user requests their details, then what
> information is to be given, authorization of users, transactions
> etc....these all components must be kept in the "model". It is also obvious
> that access to the application's DB is also made from inside "model". So,
> in our bank application, if the user is requesting some data from the
> server, then that request must be handled by the "model" part.
>
> The controller is what takes the request and decides how to process it.
> E.g: a user says they want a bank slip. This request will be received by
> the controller. The controller will pass this request to model. The model
> will generate the data and will pass back to the controller. The controller
> will then pass this generated data to the "view". The "view" will then
> generate an output and will then give it back to the controller. The
> controller will send this data back to the user.
>
> *So, guys please tell me if anything is wrong.*
>
> Now in our framework, I understand what is going on (overall). But my
> doubt is with controller. There is a "front controller" in our application
> inside "_core" folder. I am still trying to understand that fully. Rest I
> have understood. Will update you guys on my findings later on this.
>
> Thanks.
>
>
> On Sat, Aug 17, 2013 at 9:33 AM, rahul chaudhary <
> rahul300chaudhary400 at gmail.com> wrote:
>
>> Congratulations Abbas, great news!!!
>>
>>
>> On Sat, Aug 17, 2013 at 2:31 AM, Abbas Naderi <abiusx at owasp.org> wrote:
>>
>>> Ok
>>> Sorry for the vague code! I wanted to polish it more but my US visa got
>>> ready and I'm in the process of moving to US, thats why I left it at that
>>> (not so) fragile state.
>>> loader.php is the environment setup file. It makes the framework work
>>> properly whether its called from command line or the web. Basically
>>> everything that comes from the environment to the framework is set here.
>>> front.php is the FrontController. To know what that is, you need to
>>> learn more about the MVC model. After that, drop another email and describe
>>> it to others, and I can then describe the extended pull MVC model.
>>>
>>> Controller is an abstract class, because the application developer
>>> should create controllers that extend it.
>>>
>>> DefaultController is a controller that handles a bunch of requests, not
>>> just one. Basically each controller is assigned to a single URI, e.g
>>> app/user/login. One might want to have a default controller to control a
>>> lot of requests, e.g
>>> app/posts/post-one-hello-world
>>> app/posts/how-i-started-this
>>>
>>> and everything at app/posts/* to be handled by a single controller.
>>> Those are handled by a default (catch) controller.
>>>
>>> routes define which URI is handled by which controller. everything
>>> outside _core folder is a sample application, and not a necessary part of
>>> the framework (except for files in config folder which are required for
>>> framework configuration, e.g database credentials).
>>>
>>> -Abbas
>>>      ______________________________________________________________
>>> *Notice:** *This message is *digitally signed*, its *source* and *
>>> integrity* are verifiable.
>>> If you mail client does not support S/MIME verification, it will display
>>> a file (smime.p7s), which includes the X.509 certificate and the signature
>>> body.  Read more at Certified E-Mail with Comodo and Thunderbird<http://abiusx.com/certified-e-mail-with-comodo-and-thunderbird/> in
>>> AbiusX.com <http://abiusx.com/>
>>>
>>> On Mordad 25, 1392, at 11:22 PM, rahul chaudhary <
>>> rahul300chaudhary400 at gmail.com> wrote:
>>>
>>> Hello All,
>>>
>>> I need help understanding the overall structure of framework that Abbas
>>> created.
>>>
>>> This is what I have understood this far:
>>>
>>> There is a folder called _core:
>>> 1) There is a file called "autoloader.php" which loads all the core
>>> classes in PHPSEC and then defines path to all other classes. It provides
>>> functions to load any class within framework or PHPSEC.
>>> 2) "Loader.php" prepares the HTTP Requests prior to calling front.php.
>>> E.g setting baseURL
>>> *3) "front.php"---> this is the main doubt. It says that it handles the
>>> application. But handling means what ? What are controllers. Because
>>> Controller class is just an abstract class and DefaultController is also
>>> not that descriptive that I can deduce what is does ?*
>>>
>>> Other classes such as routes.php or default.php...I understand their
>>> meaning not fully but up to like 80%......so can someone please explain me
>>> what is framework about and what is it doing ? (Or you can just point me to
>>> some link...I will learn from there..)
>>>
>>> --
>>> Regards,
>>> Rahul Chaudhary
>>> Ph - 412-519-9634
>>>  _______________________________________________
>>> OWASP_PHP_Security_Project mailing list
>>> OWASP_PHP_Security_Project at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project
>>>
>>>
>>>
>>
>>
>> --
>> Regards,
>> Rahul Chaudhary
>> Ph - 412-519-9634
>>
>
>
>
> --
> Regards,
> Rahul Chaudhary
> Ph - 412-519-9634
>
>
>


-- 
Regards,
Rahul Chaudhary
Ph - 412-519-9634
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130821/9bb14c26/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list