Library Code

I have just uploaded the first batch of code from my library, a few of my form classes, the documentation can be reached here.

Over the next few weeks I will upload additional classes, once I am done with the library code I will start adding the models and controllers for a base site.

G3D Development Website

I’m almost ready to release the first version of my website, hopefully if everything goes to plan I will upload it all on Saturday the 20th, I need to create the contact form, map the authentication system into the controllers and add some content.

As I have already explained the first version of the site will be a little empty, there will be a few classes to download and my blog but other than that not much.

I’m busy with some freelance work for the next few weeks, after that I will start adding more of the framework to the site and writing some small applications to show how the framework works.

Widgets

I have never been a fan of templating engines, in my view they add a whole level of complexity that just isn’t needed, that however is a discussion for another day.

I like to keep thinks simple, PHP is perfectly capable of handling the layout of content. Just before I left Web on High I started creating item classes, think of them as small objects that do specific layout tasks, news item layout, banner block creation etc.

Whilst developing the new system I decided to expand upon the idea and even gave them a new name, yep, you guessed it, widgets, might as well stick with the name thought up by many before me.

Within the framework there are two types of widgets, widgets that sit inside lib/widgets/ and widgets that sit in the root widgets directory. lib/widgets/ is for widgets specific to the framework, widgets/ is for app specific snippets, examples being the layout of the settings management form and the website menu.

What exactly is a widget?

A widget is a simple class that creates a block of html reducing the need for extra code to be placed in either the template classes or the controllers.

The following are all example of widgets, main menu, left menu, footer, login options, latest article/code snippet/doc upload etc. They can even be useful to generate forms, if the number of field on a form is dynamic (site settings) a widget can be useful to query the database and create the required inputs and layout.

Below is the code for widgets/leftmenu, this creates the ul li tree for a side menu, widgets are deliberately simple.

In the snippet below < and > have been replaced with [ and ] so that the code highlighter doesn’t mess up layout.

class widgets_leftmenu extends widgets_base   
{
    private $menuArray = array();
    
    /**
    * Constructor
    */
    public function __construct(array $menuArray) 
    {
        $this->menuArray = $menuArray;
        
        $this->create_left_menu();
    }
    
    /**
    * Create tree menu
    * 
    * Recursive method to create tree from array
    * 
    * @param array $menuArray Array containing one or more menu items
    */
    private function create_menu_tree($menuArray) 
    {
        foreach($menuArray as $menuItem) {
                                    
            if(array_key_exists('Children', $menuItem)) {
                $this->html .= "[li][a href=\"{$menuItem['Controller']}/{$menuItem['Action']}\"]{$menuItem['Name']}[/a]";
                $this->html .= "[ul]";
                $this->create_menu_tree($menuItem['Children']);
                $this->html .= "[/ul]";
                $this->html .= "[/li]";
            } else {
                $this->html .= "[li][a href=\"{$menuItem['Controller']}/{$menuItem['Action']}\"]{$menuItem['Name']}[/a][/li]";
            }
        }        
    }
    
    /**
    * Menu
    * 
    * Build Up the left menu
    */
    private function create_left_menu() 
    {
        $this->html = '[div id="left_menu"]';
        $this->html .= '[ul]';
        $this->html .= $this->create_menu_tree($this->menuArray);
        $this->html .= "[/ul]";
        $this->html .= '[/div]';
    }
}

Security

Authentication is something you can’t afford to get wrong, the last thing I want to do is release the framework and then discover that someone has found a bug which allows anyone to log in by following some simple steps.

I’ve therefore decided on the following.

  1. Passwords are encrypted, salt being a SHA1 of the users email address (which is unique).
  2. Three failed log ins and the user is locked out for 1 hour.
  3. Inactive users are logged out after xx minutes of inactivity (defaults to 30).
  4. SESSION_ID stored against each user to track them through the site.

I’m also thinking about concatenating something to the password before encrypting, also, the position of this (left, right) will change based on the ID of the user, odd, even.