Pith Framework

[Barrikor]

Hey Guys,

I'm been writing a (very) basic framework. (PHP 5 only). Originally I had it written using three arrays (one each for model, view, & controller), but then I rewrote it as OO and it's not so MVC anymore... At the moment it doesn't do much, it can read/write 1d INI files, and that's about it. I've used it for a couple of sites though since it's faster than writing from scratch.

Anyway, I was wondering if any of you guys would feel like looking at the code. Any suggestions are useful.

http://sourceforge.net/projects/pithframework/

I put the license as MPL. I plan on slowly adding to it over the course of the next year, until finishing the planned features listed for 1.0 in the Readme.

[Barrikor]

Update:

I finished version 0.4 and took a break for six months to work on other projects. Now I've about to get started with version 0.5;

Currently

• Normally only needs to load one object to run the framework (the PithFrameworkObject) which loads the views and controllers
• Almost everything is accessible through the $pith variable so as to not clutter up the namespace (there are a couple other vars needed atm but I'll get rid of them soon)
• A file object (currently doesn't do much other then INI files)
• Secure file storage permissions without ending up in file-permission-hell
• An email sending object
• An admin panel that will be closely tied with the rest of the framework (only feature right now is viewing form submissions stored in INI files)

The next version, 0.5, will have:

• A database object
• A database viewer in the admin panel
• A user system object
• User management area in the admin panel
• Some sort of form generation/submission system

As you can see I'm moving from working on the file-based parts to the database now. My goal is to have 0.5 done by August 1st 2012, (since I've got a big deadline for another project on Oct 1st)

[Chris]

1.7 MB for a framework... You do know how to write bloated code Oh well, I will reduce greatly my comments since I'm already very negative to frameworks in general Just note my "silent" protest on this

Licence: do it multiple licence, MPL is a bad one. Add MIT, ZLIB, GPL (or LGPL).

Examples: "0060_DatabaseObject_Connect.php" lesson 6 deals with database connecting? If you need 5 lessons before you can move to something as trivial as database connect then I would say the framework went far away with complexity.

Code: [Select]

public function query( $p_sql )
{
$r = true;
$sql = $this->dbHandle->real_escape_string( $p_sql );
$this->resultHandle = $this->dbHandle->query( $sql , MYSQLI_STORE_RESULT );
if( ! $this->resultHandle )
{
$this->resultHandle->close;
$r = false;
}
return $r;
}How this part of the code works? It looks like you run a SQL query statement via real escape, but it would disallow use of any text fields? Or maybe it is a list of arrays or something (never did MySQLi)? Anyway, check it, it looks suspicious to me.

[Barrikor]

The 1.7 MB includes some images for the admin panel too, not just code =)

On the license, I like MPL but have thought of multi-licensing it with GPL/LGPL, not gonna do MIT or BSD though.

The "lessons" you referred to aren't really lessons, although they can be used that way -- They are where I test the functions after I write them, then I just leave them there as documentation once I have everything working, the newest ones for each object aren't working all the way yet.

$sql = $this->dbHandle->real_escape_string( $p_sql );

LOL, I didn't realize I ever did anything that stupid  That'll totally kill getting anything from the DB. In my defense I haven't used the DB object for anything yet, I started on it one day and then realized I needed to get the file-based part up first. (The DB object is what I'm working on next actually)

[Barrikor]

@ Chris

I have the database object actually working now if you want to look at it

Here's an example of how it would look in the code when using it in a project that uses the framework:

Code: [Select]

<?php
require ( 'pith/init/init.php' ) ; //load the framework
$pith->useDb(); //load the database object
$pith->db->creds('normal'); //which connect info to use
if( $pith->db->connect() )
{
if( $pith->db->query('some sql here') )
{
while( $pith->db->fetchRow() )
{
//some code here, Ex:
$a = $pith->db->row[0]
$b = $pith->db->row[1]
$c = $pith->db->row[2]
}
}
$pith->db->disconnect();
}
?>


[Chris]

Code: [Select]

$password=" '; DROP TABLE users; ";

$sql="SELECT * FROM users WHERE login='$login' AND password='$password'";If this above works and does not make everything go kaboom then it is OK

[Kyle]

Code: [Select]

$password=" '; DROP TABLE users; ";

$sql="SELECT * FROM users WHERE login='$login' AND password='$password'";If this above works and does not make everything go kaboom then it is OK

And if it does consider looking into the mysql_real_escape_string() function lol

[Barrikor]

Actually right now I'm just touching up prepared statements 

So using using that, it would come though OK:

Code: [Select]

<?php
$login = 'something';
$password=" '; DROP TABLE users; ";

$pith->db->query('SELECT * FROM users WHERE login=? AND password=?' , 'ss', $login, $password )
?>

I've got prepared statements working. Unfortunately it's a bit more expensive than it should be, After having to hammer an array into mysqli's bind_param I'm left wondering if mysqli is missing a few functions that it should have...

[Barrikor]

New website for it:

http://www.pith-framework.org/