gnh1201/reasonableframework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: gnh1201:master
Branches Tags
gnh1201:master
gnh1201:1.6.6
gnh1201:patch-master-20210817
gnh1201:1.6.5.2-kcc
gnh1201:1.6.5.1-kcc
gnh1201:1.6.5
gnh1201:1.6.4
gnh1201:1.6.3
gnh1201:1.6.2
gnh1201:1.5
gnh1201:1.4
gnh1201:1.3
gnh1201:1.2
gnh1201:1.1
gnh1201:v1.6.8
gnh1201:v1.6.7
gnh1201:v1.6.7-preview1
gnh1201:v1.6.6
gnh1201:v1.6.5.2-kcc
gnh1201:v1.6.5.1-kcc
gnh1201:v1.6.5
gnh1201:v1.6.4
gnh1201:v1.6.3
gnh1201:v1.6.2
gnh1201:v1.6.1
gnh1201:1.6-pre20200220-1
gnh1201:1.6-pre20200217-2
gnh1201:1.6-pre20200217-1
gnh1201:1.6-pre20200204-1
gnh1201:v1.6-pre20200125-1
gnh1201:v1.6-pre200117-1
gnh1201:v1.6-pre200109-2
gnh1201:v1.6-pre200109-1
gnh1201:v1.6-pre200108-1
gnh1201:v1.6-pre200102-1
gnh1201:v1.6-pre191230-1
gnh1201:v1.6-pre191117-1
gnh1201:v1.6-pre191115-2
gnh1201:v1.6-pre191115-1
gnh1201:v1.6-pre191114-2
gnh1201:v1.6-pre191114-1
gnh1201:v1.6-pre191108-1
gnh1201:v1.6-pre191013-1
gnh1201:v1.6-pre191011-3
gnh1201:v1.6-pre191011-2
gnh1201:v1.6-pre191011-1
gnh1201:v1.6-pre191008-1
gnh1201:v1.5
gnh1201:v1.4
gnh1201:v1.3
gnh1201:1.2
gnh1201:1.1
..
compare: gnh1201:v1.6.5.1-kcc
Branches Tags
gnh1201:master
gnh1201:1.6.6
gnh1201:patch-master-20210817
gnh1201:1.6.5.2-kcc
gnh1201:1.6.5.1-kcc
gnh1201:1.6.5
gnh1201:1.6.4
gnh1201:1.6.3
gnh1201:1.6.2
gnh1201:1.5
gnh1201:1.4
gnh1201:1.3
gnh1201:1.2
gnh1201:1.1
gnh1201:v1.6.8
gnh1201:v1.6.7
gnh1201:v1.6.7-preview1
gnh1201:v1.6.6
gnh1201:v1.6.5.2-kcc
gnh1201:v1.6.5.1-kcc
gnh1201:v1.6.5
gnh1201:v1.6.4
gnh1201:v1.6.3
gnh1201:v1.6.2
gnh1201:v1.6.1
gnh1201:1.6-pre20200220-1
gnh1201:1.6-pre20200217-2
gnh1201:1.6-pre20200217-1
gnh1201:1.6-pre20200204-1
gnh1201:v1.6-pre20200125-1
gnh1201:v1.6-pre200117-1
gnh1201:v1.6-pre200109-2
gnh1201:v1.6-pre200109-1
gnh1201:v1.6-pre200108-1
gnh1201:v1.6-pre200102-1
gnh1201:v1.6-pre191230-1
gnh1201:v1.6-pre191117-1
gnh1201:v1.6-pre191115-2
gnh1201:v1.6-pre191115-1
gnh1201:v1.6-pre191114-2
gnh1201:v1.6-pre191114-1
gnh1201:v1.6-pre191108-1
gnh1201:v1.6-pre191013-1
gnh1201:v1.6-pre191011-3
gnh1201:v1.6-pre191011-2
gnh1201:v1.6-pre191011-1
gnh1201:v1.6-pre191008-1
gnh1201:v1.5
gnh1201:v1.4
gnh1201:v1.3
gnh1201:1.2
gnh1201:1.1

No commits in common. "master" and "v1.6.5.1-kcc" have entirely different histories.
master ... v1.6.5.1-k

87 changed files with 337 additions and 520 deletions
Show Stats Expand all files Collapse all files

70
CDN_HOWTO.md Normal file
View File

@ -0,0 +1,70 @@
# 카페24(cafe24) CDN/스트리밍 사용법
ReasonableFramework v1.6.2 기준 https://github.com/gnh1201/reasonableframework
## 목차
- 카페24 ([10G 광아우토반 Full SSD](https://www.cafe24.com/?controller=product_page&type=basic&page=autoban) 웹 호스팅 상품 기준)
- Amazon S3 또는 타사 정적 파일 호스팅/Object Storage 사용자
- 문의사항
## 카페24 ([10G 광아우토반 Full SSD](https://www.cafe24.com/?controller=product_page&type=basic&page=autoban) 웹 호스팅 상품 기준)
1. 카페24(cafe24.com) 관리자 페이지에 로그인하여, CDN/스트리밍 도메인 정보를 얻는다.
1. 메인 웹 사이트 로그인 -> `나의서비스관리` 클릭
2. 좌측 메뉴에서 `서비스 접속관리` -> `서비스 접속 정보` 클릭
3. CDN/스트리밍 정보 확인
```
*** CDN ***
CDN 하드 용량: 200M
CDN 트래픽 용량: 500M
FTP 주소: iup.cdn2.cafe24.com
FTP 포트: 21
FTP 아이디: [사용자 아이디]
*** 스트리밍 ***
스트리밍 하드 용량: 200M
스트리밍 트래픽 용량: 500M
FTP 주소: wm-004.cafe24.com
FTP 포트: 5565
FTP 아이디: [사용자 아이디]
```
4. CDN의 경우, `https://[사용자 아이디].cdn2.cafe24.com`(예시)가 접속 주소가 된다.
5. 스트리밍의 경우, `mms://wm-004.cafe24.com/[사용자 아이디]/abc.mp3`(예시)가 접속 주소가 된다.
2. ResonableFramework v1.6.2 설치 및 CDN/스트리밍 설정
1. https://github.com/gnh1201/reasonableframework 접속 후 `Release` 탭을 누르고 `v1.6.2` 또는 최신 버전을 내려받는다.
2. `storage/config/uri.ini.php` 파일의 CDN/스트리밍 관련 부분을 아래와 같이 수정한다.
```
base_cdn_url = https://[사용자 아이디].cdn2.cafe24.com
base_vod_url = mms://wm-004.cafe24.com/[사용자 아이디]
```
3. `route` 폴더 밑에 `cdntest.php` 이름의 빈 파일을 만들고, 아래와 같이 입력 후 저장한다.
```
<?php
$data = array(
"imageurl" => get_cdn_link("/picture.jpg");
);
renderView("view_cdntest", $data);
```
4. `view` 폴더 밑에 `view_cdntest.php` 이름의 빈 파일을 만들고, 아래와 같이 입력 후 저장한다.
```
<img src="<?php echo $imageurl; ?>" alt="this is cdn test">
```
5. 사용하고 있는 웹 호스팅에 reasonableframework-master 폴더 아래의 모든 파일을 업로드한다.
6. 1번에서 얻은 FTP 정보를 이용하여, CDN 서버에 `picture.jpg` 이름으로 임의의 JPG 그림 파일을 업로드한다.
7. 웹 브라우저를 열고 `http://[웹 호스팅 주소]/?route=cdntest`에 접속하여 그림이 잘 뜨는지 확인한다.
## Amazon S3 또는 타사 정적 파일 호스팅/Object Storage 사용자
- 정적 파일 호스팅을 지원하는 서비스의 경우, `base_cdn_url`의 주소만 바꾸어주면 동일한 방법으로 사용이 가능하다.
## 문의사항
- support@exts.kr

11
CITATION.cff
View File

@ -1,11 +0,0 @@
cff-version: 1.2.0
message: "If you use this software, please cite it as below."
authors:
- family-names: "Go"
given-names: "Namhyeon"
orcid: "https://orcid.org/0009-0006-8421-0911"
title: "ReasonableFramework"
version: v1.6.8
doi: 10.5281/zenodo.11392417
date-released: 2024-05-30
url: "https://github.com/gnh1201/reasonableframework"

10
FUNDING.yml
View File

@ -1,8 +1,8 @@
# These are supported funding model platforms
github: gnh1201
open_collective: welsonjs
liberapay: catswords
custom: ['https://www.buymeacoffee.com/catswords', 'https://toss.me/catswords']
github: gnh1201, catswords # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
patreon: catswords # Replace with a single Patreon username
ko_fi: catswords
open_collective: # Replace with a single Open Collective username
ko_fi: # Replace with a single Ko-fi username
tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
custom: # Replace with a single custom sponsorship URL

141
KOREAN.MD
View File

@ -1,98 +1,55 @@
# 본 웹 어플리케이션에 대하여
본 웹 어플리케이션은 ReasonableFramework 기반으로 작성됨. https://github.com/gnh1201/reasonableframework
## 기반 소프트웨어
본 웹 소프트웨어는 ReasonableFramework 기반으로 작성되었습니다.
https://github.com/gnh1201/reasonableframework
## 적재된 모듈 목록
* System: base (시스템 기반)
* System: config (시스템 설정)
* System: database (데이터베이스)
* System: logger (로그)
* System: uri (URI 및 URL 제어)
* System: security (보안)
* Helper: paginate (페이지 네비게이션)
* Helper: gnuboard, gnuboard.config, gnuboard.lib (그누보드 설정 및 라이브러리 연동)
* Helper: vworld (국토교통부 vworld 연동)
* Helper: wprest (워드프레스[wordpress] REST API 클라이언트)
* Hepler: webpagetool (Proxy 설정, UA 설정, JSON/DOM 파서를 지원하는 HTTP 클라이언트)
* Helper: noreporting, allreporting (오류 출력 범위를 설정)
* Helper: isemail.lnk (is_email 지원 -> /vendor/isemail)
* Helper: metaparser.lnk (HTML META 데이터 파싱 지원 -> /vendor/PHP-MetaParser)
* Helper: simple_html_dom (HTML DOM 처리기)
* Helper: oracle (오라클 데이터베이스 접속 및 쿼리)
* Helper: exectool (PHP 명령행 실행 지원)
* 그 외 다양한 사양 지원을 위한 모듈들
## 오픈소스 라이선스
* 이 프로젝트는 LGPL 3.0 오픈소스 라이선스 하에 배포됨.
* System: base (시스템 기반)
* System: config (시스템 설정)
* System: database (데이터베이스)
* System: logger (로그)
* System: uri (URI 및 URL 제어)
* System: security (보안)
* Helper: paginate (페이지 네비게이션)
* Helper: gnuboard, gnuboard.config, gnuboard.lib (그누보드 설정 및 라이브러리 연동)
* Helper: vworld (국토교통부 vworld 연동)
* Helper: wprest (워드프레스[wordpress] REST API 클라이언트)
* Hepler: webpagetool (Proxy 설정, UA 설정, JSON/DOM 파서를 지원하는 HTTP 클라이언트)
* Helper: noreporting, allreporting (오류 출력 범위를 설정)
* Helper: isemail.lnk (is_email 지원 -> /vendor/isemail)
* Helper: metaparser.lnk (HTML META 데이터 파싱 지원 -> /vendor/PHP-MetaParser)
* Helper: simple_html_dom (HTML DOM 처리기)
* Helper: oracle (오라클 데이터베이스 접속 및 쿼리)
* Helper: exectool (PHP 명령행 실행 지원)
## 기술지원
* Website: https://exts.kr/go/home
* E-mail: support@exts.kr
## 저작권
* LGPL (별도의 오픈소스 라이센스 문서에 기입 요망)
## 최근변경
* 2024-05-30
## 정적 파일 호스팅 관련 지침 (카페24 CDN 또는 Amazon S3)
본 지침은 버전 v1.6.8를 기준으로 한다.
### 정적 파일 호스팅 서비스의 예시
- 카페24 ([10G 광아우토반 FullSSD+](https://hosting.cafe24.com/?controller=new_product_page&page=autobahn) 웹 호스팅 상품 기준)
- Amazon S3
- Object Storage
### 카페24 정적 파일 호스팅 사용자
1. 카페24(cafe24.com) 관리자 페이지에 로그인하여, CDN/스트리밍 도메인 정보를 얻는다.
1. 메인 웹 사이트 로그인 -> `나의서비스관리` 클릭
2. 좌측 메뉴에서 `서비스 접속관리` -> `서비스 접속 정보` 클릭
3. CDN/스트리밍 정보 확인
```
*** CDN ***
CDN 하드 용량: 200M
CDN 트래픽 용량: 500M
FTP 주소: iup.cdn2.cafe24.com
FTP 포트: 21
FTP 아이디: [사용자 아이디]
*** 스트리밍 ***
스트리밍 하드 용량: 200M
스트리밍 트래픽 용량: 500M
FTP 주소: wm-004.cafe24.com
FTP 포트: 5565
FTP 아이디: [사용자 아이디]
```
4. CDN의 경우, `https://[사용자 아이디].cdn2.cafe24.com`(예시)가 접속 주소가 된다.
5. 스트리밍의 경우, `mms://wm-004.cafe24.com/[사용자 아이디]/abc.mp3`(예시)가 접속 주소가 된다.
2. ResonableFramework v1.6.8 설치 및 CDN/스트리밍 설정
1. [깃허브 저장소](https://github.com/gnh1201/reasonableframework) 접속 후 `Release` 탭을 누르고 `v1.6.8` 또는 최신 버전을 내려받는다.
2. `storage/config/uri.ini.php` 파일의 CDN/스트리밍 관련 부분을 아래와 같이 수정한다.
```
base_cdn_url = https://[사용자 아이디].cdn2.cafe24.com
base_vod_url = mms://wm-004.cafe24.com/[사용자 아이디]
```
3. `route` 폴더 밑에 `cdntest.php` 이름의 빈 파일을 만들고, 아래와 같이 입력 후 저장한다.
```
<?php
$data = array(
"imageurl" => get_cdn_link("/picture.jpg");
);
renderView("view_cdntest", $data);
```
4. `view` 폴더 밑에 `view_cdntest.php` 이름의 빈 파일을 만들고, 아래와 같이 입력 후 저장한다.
```
<img src="<?php echo $imageurl; ?>" alt="this is cdn test">
```
5. 사용하고 있는 웹 호스팅에 reasonableframework-master 폴더 아래의 모든 파일을 업로드한다.
6. 1번에서 얻은 FTP 정보를 이용하여, CDN 서버에 `picture.jpg` 이름으로 임의의 JPG 그림 파일을 업로드한다.
7. 웹 브라우저를 열고 `http://[웹 호스팅 주소]/?route=cdntest`에 접속하여 그림이 잘 뜨는지 확인한다.
### Amazon S3 또는 Object Storage 사용자
- 해당 정적 파일 호스팅 업체에서 제공하는 공통 링크를 확인한 뒤, 해당 링크를 `storage/config/uri.ini.php` 파일의 `base_cdn_url`에 반영한다.
## 기술지원 및 문의사항
- 웹사이트: https://catswords.social/@catswords_oss
- 이메일: abuse@catswords.net
* 2018-07-22

118
README.md
View File

@ -1,18 +1,21 @@
# ReasonableFramework
![License LGPLv3](https://img.shields.io/github/license/gnh1201/reasonableframework.svg)
[![DOI](https://zenodo.org/badge/114566493.svg)](https://zenodo.org/doi/10.5281/zenodo.11392416)
![Discord](https://img.shields.io/discord/359930650330923008.svg)
![View Licence](https://img.shields.io/github/license/gnh1201/reasonableframework.svg)
![Librapay](http://img.shields.io/liberapay/receives/catswords.svg?logo=liberapay)
ReasonableFramework is RVHM structured PHP framework. aka, RSF, VSPF, C-2020-018490
- ReasonableFramework is `RVHM` structured PHP framework with common security
- Prefix code: `RSF` (ReasonableFramework)
- Old prefix code: `VSPF` (Very Simple PHP Framework)
## Specifications
- Various types of database connection drivers. e.g, PHP PDO, MySQLi, Legacy MySQL, MySQL over the shell, Oracle(OCI)
- No OOP, Just `RVHM` structure
- R is Route. like as `controller`
- V is View
- H is Helper. like a `import` on Python, Go, NodeJS
- M is Model. it implemented with `KV bind`(like as `Map` data structure), Model is optional.
- Controllable shared variables: Minimize abuse of global variables. Inspired by the `scope` of AngularJS, and `SharedPreferences` of Android Framework
- CGI style compatibility prepared for industrial applications: This framework can utilize both the latest object-oriented style and the CGI style required in industrial applications.
![This project open source licensed under LGPL version 3](https://github.com/gnh1201/reasonableframework/raw/master/lgplv3-147x51.png)
## Security policy
- [Security policy and techincal support](SECURITY.md)
## Specification
- Database connection (via PDO, MySQLi (MySQL Improved), MySQL Tranditional, MySQL CLI, Oracle(OCI))
- RVHM structure: `R` is Route (like as `controller`), `V` is View, `H` is Helper (like as `import` on Python/Go/NodeJS), `M` is Model and implemented with `KV bind`(like as `Map` data structure), Model is not required.
- Controllable shared variables: Minimize abuse of global variables (Inspired by the `scope` of AngularJS, and `SharedPreferences` of Android Framework)
## Compatible
- Tested in PHP 5.3.3
@ -28,61 +31,68 @@ ReasonableFramework is RVHM structured PHP framework. aka, RSF, VSPF, C-2020-018
## Map of structure
![Map of structure](https://github.com/gnh1201/reasonableframework/raw/master/assets/img/reasonableframework.jpg)
## Roadmap
- Support critial and special-purposed web environment (industry, scientific, legacy, or more)
## Quick Start
1. git clone https://github.com/gnh1201/reasonableframework.git
2. edit database configuration: `/storage/config/database.ini.php`
2. set up database configuration: `/storage/config/database.ini.php`
3. create new file: `/route/example.php`
4. go to `http://:base_url/?route=example` or `http://:base_url/example/`(if set `.htaccess`) in the web browser.
5. code it.
4. go to `http://[base_url]/?route=example` or `http://[base_url]/example/`(if set `.htaccess`) in your web browser.
5. enjoy it.
## Use cases
## Examples
- [Send severities from Zabbix to Grafana](https://gist.github.com/gnh1201/792964e9719d2f62157cf46e394888f5)
- [REST API Integration (Papago Translation REST API)](https://gist.github.com/gnh1201/081484e6f5e10bd3be819093ba5f49c8)
- [Payment Gateway Integration](https://github.com/gnh1201/reasonableframework/blob/master/route/orderpay.pgkcp.php)
- [REST API Integration (Naver Papago Translation REST API)](https://gist.github.com/gnh1201/081484e6f5e10bd3be819093ba5f49c8)
- [Payment Gateway Integration (KCP)](https://github.com/gnh1201/reasonableframework/blob/master/route/orderpay.pgkcp.php)
## Remote logging
- Remote logging feature based on [RFC3164(The BSD Syslog Protocol)](https://tools.ietf.org/html/rfc3164)
## [NEW] Advanced security (only for sponsors)
- CORS, CSRF, XSS, SQL-injection protection is common security, it is free and open-source for everyone.
- Firewall, DDoS protection, and more security tools are available only for sponsors. [more](https://github.com/gnh1201/reasonableframework/blob/master/SECURITY.md)
## Tested on free web hostings
## [NEW] Remote Debugging (free for all)
- Remote debugging feature based on [RFC3164(The BSD Syslog Protocol)](https://catswords.re.kr/go/rfc3164), with [Papertrail](https://catswords.re.kr/go/papertrail)
## Compatible of free web hostings
| Provider | Pass? | Tested version | Note
| ---------------------- | ------ | -------------- | -------------------------- |
| [vultr.com](https://catswords.re.kr/go/vultr) (Vultr Holdings Co.) | :heavy_check_mark: Passed | v1.6.5.2 | Paid, Pre-configured LAMP server |
| cafe24.com (Cafe24 Inc.) | :heavy_check_mark: Passed | v1.6.2 | Paid |
| woobi.co.kr (MyCGI) | :heavy_check_mark: Passed | v1.6.2 | |
| dothome.co.kr (Anysecure Inc.) | :heavy_check_mark: Passed | v1.5 | |
| ivyro.net (Smileserv Inc.) | :heavy_check_mark: Passed | v1.5 | |
| 000webhost.com | :warning: Warn | v1.5 | Advertising logo |
| freewebhostingarea.com | :heavy_check_mark: Passed | v1.5 | |
| infinityfree.net | :warning: Warn | v1.5 | Anti-crawling |
| freehosting.io | :heavy_check_mark: Passed | v1.5 | |
| freehostingeu.com | :warning: Warn | v1.5 | CURL blocked |
| freehostingnoads.net | :warning: Warn | v1.5 | CURL blocked |
| awardspace.com | :warning: Warn | v1.5 | CURL blocked |
| ---------------------- | ------ | -------------- | ------------- |
| cafe24.com (Paid) | Passed | v1.6.2 | |
| woobi.co.kr | Passed | v1.6.2 | |
| dothome.co.kr | Passed | v1.5 | |
| ivyro.net | Passed | v1.5 | |
| 000webhost.com | Warn | v1.5 | Ad logo |
| freewebhostingarea.com | Passed | v1.5 | |
| infinityfree.net | Warn | v1.5 | anti-crawling |
| freehosting.io | Passed | v1.5 | |
| freehostingeu.com | Warn | v1.5 | CURL blocked |
| freehostingnoads.net | Warn | v1.5 | CURL blocked |
| awardspace.com | Warn | v1.5 | CURL blocked |
## How to use CLI (Command-line interface)
## How to use CLI (Command line interface)
```
$ php cli.php --route :route --session-id :session_id
$ php cli.php --route [route name] --session-id [session ID]
```
## Comment about PSR standards
Many people are saying that this project seems to be distant from the [PSR](https://www.php-fig.org/psr/) standards, and that claim is correct.
## 한국어(Korean)
- **리즈너블 프레임워크**는 `불필요한 부작용`에 적절하게 대응하고자 설계된 PHP 프레임워크입니다.
- `불필요한 부작용` 출현 빈도가 높은 프로그래밍 환경(예. 레거시, 미숙련 개발자)에서 최대의 안정성과 보안을 제공합니다.
- PHP를 기반으로 하는 무료 웹 호스팅에서도 원활하게 돌아가도록 지원합니다.
- 객체지향, 모듈러(MVC), 시큐어 코딩 등 현대적인 웹 기술을 모르더라도 **더 견고한** 기준을 제공합니다.
- 리즈너블 프레임워크는 CSRF, XSS, SQL 인젝션 등 기초적인 **보안 위협에 사전 대응**하도록 설계되어 있습니다.
- PHP 버전 4 부터 버전 7까지 다양한 개인 및 기업 **적용 사례**를 보유하고 있습니다.
- [카카오톡 채팅방](https://catswords.re.kr/go/kakaotalk)을 통해 실시간 버그 및 보안 이슈 해결이 가능합니다.
The coding convention of this project is similar to the CGI style that was widely used in the early 2000s. Moreover, this style is still observed in solutions written in PHP that are sold in markets such as [WordPress](https://wordpress.org/) plugins, [a local-optimized CMS](https://github.com/gnuboard/gnuboard5), or [Codecanyon](https://codecanyon.net/) in 2023.
Although this project hardly uses object-oriented concepts and does not use package managers like Composer much, it still incorporates concepts such as Model, View, Controller, Router, and Helper that are proposed in modern frameworks, and we have made efforts to provide a similar experience as much as possible.
We made efforts to address common security vulnerabilities (XSS, CSRF, SQL injection) in web applications, and included many code snippets that were designed to minimize reliance on specific DBMS or communication drivers.
The specifications that this project offers are still in demand in enterprise environments, so it can be a useful solution if you happen to be in such a situation.
Whenever this project was introduced, I received a lot of questions about PSR, and I also made efforts to find customers who were willing to pay for a PSR version, such as holding conferences for existing customers. However, there is still no good news. Until good news comes, my plan is to mainly maintain this project.
If you want to comply with the PSR standards and your colleagues are also ready to learn them humbly, we recommend that you consider [Codeigniter](https://github.com/bcit-ci/CodeIgniter) (which has a similar structure to this project) or [Silm Framework](https://github.com/slimphp/Slim).
## Security Policy
- [Security policy](SECURITY.md)
## English
- **ReasonableFramework** is a PHP framework designed to properly against the `unnecessary side-effects`.
- It provides maximum stability and security in a programming environment with high frequency of the `unnecessary side-effects` (eg. legacy, untrained developers).
- It also works smoothly on free web hosting based on PHP.
- It provides a **stronger standard** even if you don't know modern web technologies, such as object-oriented, modular (MVC), and secure coding.
- Resonable Framework is designed to **proactively respond to fundamental security threats** such as CSRF, XSS, and SQL injection.
- We have **various enterprise cases** from PHP version 4(legacy) to 7(modern).
- You can quickly resolve bugs and security issues in [our chatting room](https://catswords.re.kr/go/kakaotalk).
## Contact us
- abuse@catswords.net
- ActivityPub [@catswords_oss@catswords.social](https://catswords.social/@catswords_oss)
- gnh1201@gmail.com
- support@exts.kr
- catswords@protonmail (if you require confidential)

18
SECURITY.md
View File

@ -7,17 +7,25 @@ currently being supported with security updates.
| Version | Supported |
| ------- | ------------------------------------------ |
| 1.6.x | :white_check_mark: (Current) |
| 1.5.x | :x: (EOL: 2020-08-25) |
| 1.6.x | :white_check_mark: |
| 1.5.x | :white_check_mark: (but, until 2020-08-25) |
| < 1.5 | :x: |
## Reporting a Vulnerability
Use this section to tell people how to report a vulnerability.
Tell them where to go, how often they can expect to get an update on a
reported vulnerability, what to expect if the vulnerability is accepted or
declined, etc.
## Contact us
* ActivityPub [@catswords_oss@catswords.social](https://catswords.social/@catswords_oss)
* abuse@catswords.net
## Paid tier for improving security
the advanced security against XSS, CSRF, SQL injection, DDoS, Webshell (malicious code), weak configurations, which extensions available only for sponsors.
Generally, the default security is sufficient to you in our framework. so, you have to use it after did understand what is this.
### Minimum tier
- 16 USD/monthly (Technical support)
### Link
https://www.patreon.com/posts/advanced-security-27376670

2
VERSION.MD Normal file
View File

@ -0,0 +1,2 @@
# Confirmed version
Last confirmed: 2018-03-09 22:00 (KST, GMT+09:00, Seoul)

3
bootstrap.707.sh Normal file
View File

@ -0,0 +1,3 @@
#!/bin/bash
chmod -R 707 .
cp ./storage/example/_.htaccess ./.htaccess

5
bootstrap.sh
View File

@ -1,5 +1,4 @@
#!/bin/bash
#find . -type d -exec chmod 0755 {} \;
#find . -type f -exec chmod 0644 {} \;
chmod -R u+rwX,go+rX,go-w .
find . -type d -exec chmod 0755 {} \;
find . -type f -exec chmod 0644 {} \;
cp ./storage/example/_.htaccess ./.htaccess

2
cli.php
View File

@ -4,7 +4,7 @@
* @file cli.php
* @created_on 2018-07-22
* @created_on 2020-04-20
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief ReasonableFramework CLI mode
* @cvs http://github.com/gnh1201/reasonableframework
*/

2
composer.json
View File

@ -5,7 +5,7 @@
"authors": [
{
"name": "Go Namhyeon",
"email": "abuse@catswords.net"
"email": "gnh1201@gmail.com"
}
],
"require": {

3
fixindent.sh Normal file
View File

@ -0,0 +1,3 @@
#!/bin/bash
find ./ -type f -name "*.php" -exec sed -i 's/\t/ /g' {} \;
echo "done"

2
helper/api.whois.kr.php
View File

@ -2,7 +2,7 @@
/**
* @file api.whois.kr.php
* @date 2019-05-26
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KISA Whois/Domain/IP/AS Query Helper (https://whois.kr)
*/

2
helper/catsplit.format.php
View File

@ -2,7 +2,7 @@
/**
* @file catsplit.format.php
* @date 2019-05-28
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Catsplit format encoder
* @documentation https://github.com/gnh1201/catsplit-format
*/

2
helper/colona.v1.format.php
View File

@ -1,5 +1,5 @@
<?php
// Go Namhyeon <abuse@catswords.net>
// Go Namhyeon <gnh1201@gmail.com>
// 2019-09-25
if(!is_fn("decode_colona_format")) {

2
helper/compress.zip.php
View File

@ -1,6 +1,6 @@
<?php
// @date 2019-10-13
// @author Go Namhyeon <abuse@catswords.net>
// @author Go Namhyeon <gnh1201@gmail.com>
if(!is_fn("unzip")) {
function unzip($src, $dst, $options=array()) {

2
helper/country.kr.php
View File

@ -2,7 +2,7 @@
/**
* @file country.kr.php
* @date 2018-04-15
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Country Helper (Korean)
*/

41
helper/coupang.api.php
View File

@ -1,41 +0,0 @@
<?php
// Coupang Products Search API
// https://coupa.ng/bZ3Kba
// https://developers.coupangcorp.com/hc/ko/articles/360033461914-HMAC-Signature-%EC%83%9D%EC%84%B1
loadHelper("webpagetool");
if(!is_fn("coupang_get_signature")) {
function coupang_get_signature($method, $path, $query, $ACCESS_KEY, $SECRET_KEY) {
$datetime = date("ymd") . 'T' . date("His") . 'Z';
$message = $datetime . strtoupper($method) . str_replace("?", "", $path) . http_build_query($query);
$algorithm = "HmacSHA256";
$signature = hmacsha256_sign_message($message, $SECRET_KEY);
return "CEA algorithm=HmacSHA256, access-key=" . $ACCESS_KEY . ", signed-date=" . $datetime . ", signature=" . $signature;
}
}
if(!is_fn("coupang_search_items")) {
function coupang_search_items($keyword, $ACCESS_KEY, $SECRET_KEY) {
$URL_PARTS = array("https://api-gateway.coupang.com", "/v2/providers/affiliate_open_api/apis/openapi/v1", "/products/search");
$BASE_URL = $URL_PARTS[0] . $URL_PARTS[1];
$method = "get";
$path = $URL_PARTS[1] . $URL_PARTS[2];
$query = array(
"keyword" => $keyword,
"limit" => 20, // default is 20
//"subId" => "" // default is null
);
$response = get_web_page($BASE_URL . $URL_PARTS[2], $method, array(
"headers" => array(
"Authorization" => coupang_get_signature($method, $path, $query, $ACCESS_KEY, $SECRET_KEY)
),
"data" => $query
));
var_dump($response);
}
}

2
helper/database.alt.php
View File

@ -2,7 +2,7 @@
/**
* @file database.alt.php
* @date 2018-09-10
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Database alternative driver switcher
*/

2
helper/database.mysql.cmd.php
View File

@ -2,7 +2,7 @@
/**
* @file database.mysql.cmd.php
* @date 2019-04-06
* @auther Go Namhyeon <abuse@catswords.net>
* @auther Go Namhyeon <gnh1201@gmail.com>
* @brief MySQL(MariaDB) command line driver
*/

2
helper/database.mysql.imp.php
View File

@ -2,7 +2,7 @@
/**
* @file database.mysql.imp.php
* @date 2018-09-10
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief MySQLi database helper
*/

2
helper/database.mysql.old.php
View File

@ -2,7 +2,7 @@
/**
* @file database.mysql.old.php
* @date 2018-09-14
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief MySQL-old (lower than 5.4) database helper
*/

2
helper/database.oracle.php
View File

@ -2,7 +2,7 @@
/**
* @file oracle.php
* @date 2018-03-27
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Oracle database helper for ReasonableFramework
*/

18
helper/exectool.php
View File

@ -1,9 +1,8 @@
<?php
/**
* @file exectool.php
* @created_on 2018-07-22
* @updated_on 2020-07-10
* @author Go Namhyeon <abuse@catswords.net>
* @date 2018-07-22
* @author Go Namhyeon <gnh1201@gmail.com>
* @forked from https://github.com/scipag/PHPUtilities
* @brief ExecTool helper
*/
@ -134,12 +133,7 @@ if(!is_fn("exec_command")) {
return $return;
}
// An 'async' option will be return PID
if(array_key_equals("async", $options, true)) {
$command = sprintf("%s 1>/dev/null 2>&1 & echo $!;", $command);
}
if (empty($method)) {
if ($method == "") {
// ob_start() will turn on output buffering to collect all output from
// exec_test() and ob_end_clean() will clean the buffer afterwards ("garbage collection")
ob_start();
@ -163,6 +157,7 @@ if(!is_fn("exec_command")) {
case "exec":
exec($command, $output);
var_dump($output);
break;
case "shell_exec":
@ -206,11 +201,6 @@ if(!is_fn("exec_command")) {
$return = ob_get_clean();
// PID is integer
if(array_key_equals("async", $options, true)) {
$return = intval(rtrim($return));
}
return $return;
}
}

2
helper/gnuboard.dbt.php
View File

@ -2,7 +2,7 @@
/**
* @file gnuboard.php
* @date 2018-05-27
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Database Helper for Gnuboard 4, Gnuboard 5
*/

24
helper/hiddentool.php
View File

@ -1,24 +0,0 @@
<?php
/**
* @file hiddentool.php
* @created_on 2021-05-24
* @updated_on 2022-09-13
* @author Go Namhyeon <abuse@catswords.net>
* @brief Tools for Hidden Services (e.g. Tor, I2P, etc...)
*/
if (!is_fn("detect_hidden_service")) {
function detect_hidden_service() {
$score = 0;
$suffixes = array("onion", "i2p", "crypto");
$forwarded_host = get_header_value("X-Forwarded-Host");
if (!empty($forwarded_host)) {
if (in_array(end(explode('.', $forwarded_host)), $suffixes)) {
$score += 1;
}
}
return $score;
};
}

2
helper/hybridauth.dbt.php
View File

@ -2,7 +2,7 @@
/**
* @file hybridauth.dbt.php
* @date 2018-04-15
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief HybridAuth DB Helper
*/

2
helper/hybridauth.lnk.php
View File

@ -2,7 +2,7 @@
/**
* @file hybridauth.lnk.php
* @date 2018-09-26
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief HybridAuth library RSF Linker
***/

2
helper/isemail.lnk.php
View File

@ -2,7 +2,7 @@
/**
* @file isemail.lnk.php
* @date 2018-03-02
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief IsEmail library linker
*/

2
helper/jCryption.lnk.php
View File

@ -2,7 +2,7 @@
/**
* @file jCryption.lnk.php
* @date 2018-09-30
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief jCryption (alternative HTTPS on javascript) Helper
*/

2
helper/json.format.php
View File

@ -1,7 +1,7 @@
<?php
// @created_on 2019-10-13
// @updated_on 2020-01-27
// @author Go Namhyeon <abuse@catswords.net>
// @author Go Namhyeon <gnh1201@gmail.com>
if(!is_fn("json_decode_ex")) {
function json_decode_ex($data, $options=array()) {

2
helper/kimsboard7.dbt.php
View File

@ -2,7 +2,7 @@
/**
* @file kimsboard7.dbt.php
* @date 2018-08-20
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Database Helper for Kimsboard 7 (experimental)
*/

2
helper/lguplus.api.php
View File

@ -2,7 +2,7 @@
/**
* @file lguplus.api.php
* @date 2019-10-07
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief `LGU+`or `LGUPlus` is trandmark of LGUPlus Co. Ltd.
*/

2
helper/lguplus.install.php
View File

@ -2,7 +2,7 @@
/**
* @file lguplus.install.php
* @date 2019-10-13
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief `LGU+`or `LGUPlus` is trandmark of LGUPlus Co. Ltd.
*/

2
helper/mailgun.api.php
View File

@ -2,7 +2,7 @@
/**
* @file mailgun.api.php
* @date 2019-04-12
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Mailgun REST API interface module
* @documentation https://documentation.mailgun.com/en/latest/api-sending.html
*/

2
helper/metaparser.lnk.php
View File

@ -2,7 +2,7 @@
/**
* @file metaparser.lnk.php
* @date 2018-03-21
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief PHP-Metaparser library linker
*/

2
helper/mobiletool.php
View File

@ -2,7 +2,7 @@
/**
* @file mobiletool.php
* @date 2019-04-29
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Mobile Tool
* @documentation https://www.w3.org/Mobile/training/device-detection/mobile_detector.txt
*/

13
helper/networktool.php
View File

@ -1,9 +1,8 @@
<?php
/**
* @file networktool.php
* @created_on 2018-04-11
* @updated_on 2022-09-16
* @author Go Namhyeon <abuse@catswords.net>
* @date 2018-04-11
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Network tool helper
*/
@ -127,11 +126,3 @@ if(!is_fn("get_network_outbound_addr")) {
return $addr;
}
}
if(!is_fn("detect_perf_agent")) {
function detect_perf_agent() {
$evt = get_network_event();
$agent = $evt['agent'];
return preg_match('(PingdomPageSpeed|GTmetrix)', $agent) === 1;
}
}

2
helper/obfuscator.php
View File

@ -2,7 +2,7 @@
/**
* @file obfuscator.php
* @date 2018-10-21
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief PHP Obfuscator for ReasonableFramework
*/

2
helper/paginate.php
View File

@ -2,7 +2,7 @@
/**
* @file pagenate.php
* @date 2018-01-01
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Page navigation helper
*/

2
helper/perftool.php
View File

@ -3,7 +3,7 @@
* @file perftool.php
* @created_on 2020-02-19
* @updated_on 2020-02-24
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief PerfTool helper
*/

2
helper/pgkcp.install.php
View File

@ -2,7 +2,7 @@
/**
* @file pgkcp.install.php
* @date 2019-10-13
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) Auto-Install Tool
*/

2
helper/pgkcp.lnk.php
View File

@ -3,7 +3,7 @@
* @file pgkcp.lnk.php
* @created_on 2018-08-25
* @updated_on 2020-01-13
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) Helper
*/

2
helper/rfc3164.proto.php
View File

@ -1,7 +1,7 @@
<?php
/*
* @file rfc3164.proto.php
* @author Go Namhyeon <abuse@catswords.net> (Modified)
* @author Go Namhyeon <gnh1201@gmail.com> (Modified)
* @author Troy Davis (@tory) - https://gist.github.com/troy/2220679 (Original)
* @brief Helper for RFC3164(The BSD Syslog Protocol) - https://tools.ietf.org/html/rfc3164
* @created_on 2018-03-02

2
helper/socialtool.php
View File

@ -2,7 +2,7 @@
/**
* @file socialtools.php
* @date 2018-09-27
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief SocialTools (refactoring from SocioRouter)
*/

2
helper/spreadsheet-reader.lnk.php
View File

@ -2,7 +2,7 @@
/**
* @file spreadsheet-reader.lnk.php
* @date 2018-09-20
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Excel file parser
***/

2
helper/staticgen.php
View File

@ -1,7 +1,7 @@
/**
* @file staticgen.php
* @date 2018-07-22
* @auther Go Namhyeon <abuse@catswords.net>
* @auther Go Namhyeon <gnh1201@gmail.com>
* @brief Static Web Generation Tool for ResaonableFramework
*/

2
helper/string.utils.php
View File

@ -3,7 +3,7 @@
* @file string.utils.php
* @created_on 2018-05-27
* @updated_on 2020-02-21
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief String utility helper
*/

2
helper/tablewiz.php
View File

@ -2,7 +2,7 @@
/**
* @file tablewiz.php
* @date 2018-02-26
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief TableWiz helper
*/

2
helper/timetool.php
View File

@ -2,7 +2,7 @@
/**
* @file timetool.php
* @date 2018-09-26
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Time tools
*/

2
helper/twilio.api.php
View File

@ -2,7 +2,7 @@
/**
* @file twilio.api.php
* @date 2019-04-08
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Twilio REST API interface module
* @documentation https://www.twilio.com/docs/sms/send-messages
*/

2
helper/vworld.php
View File

@ -2,7 +2,7 @@
/**
* @file vworld.php
* @date 2018-01-11
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Geo Helper based on vWorld (vworld.kr, molit.go.kr)
*/

2
helper/webhooktool.php
View File

@ -2,7 +2,7 @@
/**
* @file webhooktool.php
* @date 2019-05-04
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief WebhookTools
* @trademark
* * `NateOn` is trademark of SK Communications Co Ltd., SK Planet Co Ltd., or other SK businesses.

33
helper/webpagetool.php
View File

@ -2,8 +2,8 @@
/**
* @file webpagetool.php
* @created_on 2018-06-01
* @updated_on 2021-02-01
* @author Go Namhyeon <abuse@catswords.net>
* @updated_on 2020-04-08
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief WebPageTool helper
*/
@ -505,8 +505,8 @@ if(!is_fn("get_web_curl")) {
$options[CURLOPT_CUSTOMREQUEST] = "POST";
$options[CURLOPT_POST] = 1;
$options[CURLOPT_POSTFIELDS] = $_data;
$headers['Content-Type'] = "application/octet-stream";
$headers['Accept'] = "application/octet-stream, */*";
$headers['Content-Type'] = "text/plain;charset=utf-8";
$headers['Accept'] = "text/plain, */*";
$headers['Content-Length'] = strlen($_data);
}
}
@ -514,7 +514,7 @@ if(!is_fn("get_web_curl")) {
if(count($headers) > 0) {
foreach($headers as $k=>$v) {
if(is_array($v)) {
if($k == "Authorization" || $k == "Authentication") {
if($k == "Authentication") {
if($v[0] == "Basic" && check_array_length($v, 3) == 0) {
$options[CURLOPT_USERPWD] = sprintf("%s:%s", make_safe_argument($v[1]), make_safe_argument($v[2]));
} else {
@ -553,12 +553,6 @@ if(!is_fn("get_web_page")) {
$content = false;
$_method = $method;
// check request method
if (!is_string($method)) {
set_error("method must be string");
show_errors();
}
// get process ID
$pid = getmyid();
@ -644,7 +638,7 @@ if(!is_fn("get_web_page")) {
"status" => $status,
"resno" => $resno,
"errno" => $errno,
"id" => get_web_identifier($url, $method, $data),
"id" => get_web_identifier($url, $method, $data, $headers),
"pid" => $pid,
"md5" => get_hashed_text($content, "md5"),
"sha1" => get_hashed_text($content, "sha1"),
@ -654,8 +648,7 @@ if(!is_fn("get_web_page")) {
"gz_sha1" => get_hashed_text($gz_content, "sha1"),
"gz_ratio" => $gz_ratio,
"method" => $_method,
"headers" => $headers,
"params" => $data
"params" => $data,
);
return $response;
@ -726,16 +719,8 @@ if(!is_fn("get_web_cache")) {
}
}
$_method = implode(".", $_new_methods);
$_data = $data;
if(count($headers) > 0) {
$_data = array(
"headers" => $headers,
"data" => $data
);
}
$response = get_web_page($url, $_method, $_data, $proxy, $ua, $ct_out, $t_out);
$response = get_web_page($url, $_method, $data, $proxy, $ua, $ct_out, $t_out);
$content = $response['content'];
if($cache_enabled) {
$gz_content = gzdeflate($content);
@ -884,7 +869,7 @@ if(!is_fn("get_webproxy_url")) {
if(!is_fn("get_web_user_agent")) {
function get_web_user_agent($ua="") {
if(empty($ua)) {
$ua = "ReasonableFramework/1.6.7-preview1 (Server; PHP " . phpversion() . "; https://catswords.social/@catswords_oss; abuse@catswords.net)";
$ua = "ReasonableFramework/1.6-dev (https://github.com/gnh1201/reasonableframework)";
} else {
$ua = make_safe_argument($ua);
}

2
helper/wprest.php
View File

@ -2,7 +2,7 @@
/**
* @file wprest.php
* @date 2018-03-14
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Wordpress Rest API helper
*/

2
helper/zabbix.api.php
View File

@ -3,7 +3,7 @@
* @file zabbix.api.php
* @created_on 2019-04-08
* @updated_on 2020-03-05
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Zabbix JSON-RPC API (3.0) interface module
* @documentation https://www.zabbix.com/documentation/current/ (4.4)
*/

2
helper/zeroboard4.dbt.php
View File

@ -2,7 +2,7 @@
/**
* @file zeroboard4.dbt.php
* @date 2018-08-20
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Database Helper for Zeroboard 4 PL 9 (experimental)
*/

7
index.php
View File

@ -2,8 +2,8 @@
/**
* @file index.php
* @created_on 2018-05-27
* @updated_on 2020-06-14
* @author Go Namhyeon <abuse@catswords.net>
* @updated_on 2020-02-18
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief ReasonableFramework is RVHM structured PHP framework with common security
* @cvs https://github.com/gnh1201/reasonableframework
* @sponsor https://patreon.com/catswords (with advanced security)
@ -127,8 +127,7 @@ $default_timezone = get_value_in_array("timezone", $config, "UTC");
date_default_timezone_set($default_timezone);
// write visit log
$log_mode_visit = get_value_in_array("log_mode_visit", $config, "");
write_visit_log($log_mode_visit);
write_visit_log();
// get requested route
$route = read_route();

BIN
lgplv3-147x51.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.3 KiB

2
route/api.getorder.pgkcp.php
View File

@ -2,7 +2,7 @@
/**
* @file api.getorder.pgkcp.php
* @date 2018-09-24
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) get completed order
*/

2
route/api.gnuboard.php
View File

@ -2,7 +2,7 @@
/**
* @file api.gnuboard.php
* @date 2018-05-31
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Integration controller for Gnuboard CMS 4.x, 5.x
*/

2
route/api.mailgun.php
View File

@ -2,7 +2,7 @@
/**
* @file api.mailgun.php
* @date 2019-04-15
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Mailgun API controller
*/

2
route/api.setconfig.pgkcp.php
View File

@ -2,7 +2,7 @@
/**
* @file api.setconfig.pgkcp.php
* @date 2018-09-30
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) set configuration API
*/

2
route/api.social.php
View File

@ -2,7 +2,7 @@
/**
* @file api.social.php
* @date 2018-09-26
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief SocialTools API (refactoring from SocioRouter API)
*/

2
route/api.twilio.php
View File

@ -2,7 +2,7 @@
/**
* @file api.twilio.php
* @date 2019-04-15
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Twilio API controller (or domestic API)
*/

2
route/api.uuid.php
View File

@ -2,7 +2,7 @@
/**
* @file api.uuid.php
* @date 2018-08-19
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief UUID Generator API
*/

2
route/api.zabbix.php
View File

@ -2,7 +2,7 @@
/**
* @file api.zabbix.php
* @date 2019-04-15
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Zabbix API
*/

2
route/mobileswitcher.php
View File

@ -2,7 +2,7 @@
/**
* @file mobileswitcher.php
* @date 2019-04-29
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief mobile device switcher
*/

2
route/ordercomplete.pgkcp.php
View File

@ -3,7 +3,7 @@
* @file ordercomplete.pgkcp.php
* @created_on 2018-09-03
* @updated_on 2020-01-25
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) contoller when completed
*/

2
route/orderform.php
View File

@ -2,7 +2,7 @@
/**
* @file orderform.php
* @date 2018-09-03
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief order form
*/

2
route/orderpay.pgkcp.php
View File

@ -3,7 +3,7 @@
* @file orderpay.pgkcp.php
* @date 2018-08-25
* @updated 2019-10-14
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) Controller
*/

2
route/orderpay.step2.pgkcp.php
View File

@ -3,7 +3,7 @@
* @file orderpay.step2.pgkcp.php
* @created_on 2018-08-27
* @updated_on 2020-01-25
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) contoller when done
*/

2
route/orderpay.step3.pgkcp.php
View File

@ -2,7 +2,7 @@
/**
* @file orderpay.step3.pgkcp.php
* @date 2018-08-27
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) contoller when done
*/

2
route/payman.example.php
View File

@ -3,7 +3,7 @@ if(!defined("_DEF_RSF_")) set_error_exit("do not allow access");
$data = array(
"name" => "Hong gil dong",
"email" => "abuse@catswords.net",
"email" => "support@exts.kr",
"tel" => ""01000000000",
"base_url" => base_url()
);

2
route/webapp.php
View File

@ -2,7 +2,7 @@
/**
* @file webapp.php
* @date 2019-02-23
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Isolator(Compatibility mode) for legacy application
*/

6
storage/config/l10n.ini.php
View File

@ -1,6 +0,0 @@
<?php
return <<<EOF
[l10n]
l10n_enabled=0
l10n_default_language=ko
EOF;

4
storage/config/logger.ini.php → storage/config/log.ini.php
View File

@ -1,9 +1,7 @@
<?php
return <<<EOF
[logger]
[log]
rfc3164_enabled=0
rfc3164_host=logs6.papertrailapp.com
rfc3164_port=42986
log_rotate_size=104857600
log_rotate_ratio=0.9
EOF;

4
storage/config/security.ini.php
View File

@ -9,7 +9,5 @@ adjectives=warty,hoary,breezy,dapper,edgy,feisty,gutsy,hardy,intrepid,jaunty,kar
animals=warthog,hedgehog,badger,drake,eft,fawn,gibbon,heron,ibex,jackalope,koala,lynx,meerkat,narwhal,ocelot,pangolin,quetzal,ringtail,salamander,tahr,unicorn,vervet,werewolf,xerus,yak,zapus
https=auto
hashalgos=md5,sha1,crypt,crc32,base64,sql_password
sandboxdisabled=1
allowextensionsdisabled=1
allowextensions=png,gif,jpg,jpeg,tif,xls,ppt,doc,xlsx,pptx,docx,odt,odp,ods,xlsm,tiff,pdf,xlsm,mp3,ogg,m4a,wma,wav
sandboxdisabled=0
EOF;

2
system/base.php
View File

@ -3,7 +3,7 @@
* @file base.php
* @created_on 2018-04-13
* @updated_on 2020-02-10
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Base module
*/

2
system/config.php
View File

@ -3,7 +3,7 @@
* @file config.php
* @date 2018-04-13
* @updated 2020-03-25
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Configuration module
*/

4
system/database.php
View File

@ -3,7 +3,7 @@
* @file database.php
* @created_on 2018-04-13
* @updated_on 2020-04-16
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Database module
*/
@ -132,7 +132,7 @@ if(!is_fn("get_db_last_id")) {
if(in_array($db_driver, array("mysql", "mysql.pdo"))) {
$last_id = $dbc->lastInsertId();
} elseif(loadHelper("database.alt")) {
} elseif(loadHelper("database.dbt")) {
$last_id = call_user_func("get_db_alt_last_id", $db_driver);
}

59
system/logger.php
View File

@ -2,79 +2,38 @@
/**
* @file logger.php
* @created_on 2018-05-27
* @updated_on 2020-06-21
* @author Go Namhyeon <abuse@catswords.net>
* @updated_on 2020-01-23
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Logger module for ReasonableFramework
*/
if(!is_fn("append_log_to_file")) {
function append_log_to_file($data, $filename) {
$config = get_config();
$rotate_size = get_value_in_array("log_rotate_size", $config, 0);
$rotate_ratio = get_value_in_array("log_rotate_ratio", $config, 0.9);
return append_storage_file($data, array(
"storage_type" => "logs",
"filename" => $filename,
"chmod" => 0644,
"nl" => "<",
"rotate_size" => $rotate_size,
"rotate_ratio" => $rotate_ratio,
));
}
}
if(!is_fn("write_visit_log")) {
function write_visit_log($mode="") {
function write_visit_log() {
$fw = false;
$nevt = false;
$data = "";
if(loadHelper("networktool")) {
$nevt = get_network_event();
}
if($nevt === false) return $fw;
if($mode == "database") {
$tablename = exec_db_table_create(array(
"datetime" => array("datetime"),
"server" => array("varchar", 255),
"hostname" => array("varchar", 255),
"client" => array("varchar", 255),
"agent" => array("text"),
"referrer" => array("text"),
"self" => array("varchar", 255),
"method" => array("varchar", 255)
), "rsf_visit_log", array(
"setindex" => array(
"index_1" => array("datetime"),
"index_2" => array("client")
)
));
$bind = array(
"datetime" => $nevt['datetime'],
"server" => $nevt['server'],
"hostname" => $nevt['hostname'],
"client" => $nevt['client'],
"agent" => $nevt['agent'],
"referrer" => $nevt['referrer'],
"self" => $nevt['self'],
"method" => $nevt['method']
);
$sql = get_bind_to_sql_insert($tablename, $bind);
exec_db_query($sql, $bind);
} else {
$line = "";
if(loadHelper("catsplit.format")) {
$line = catsplit_encode($nevt);
$data = catsplit_encode($nevt);
} else {
$line = json_encode($nevt);
$data = json_encode($nevt);
}
$fw = append_log_to_file($line, "network.log");
$fw = append_log_to_file($data, "network.log");
}
return $fw;
}
}

9
system/security.php
View File

@ -3,7 +3,7 @@
* @file security.php
* @created_on 2018-05-27
* @updated_on 2020-02-04
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Security module for ReasonableFramework
* @sponsor https://patreon.com/catswords (with advanced security)
*/
@ -702,10 +702,3 @@ if(!is_fn("expire_isolated_session")) {
session_destroy();
}
}
// Add support HmacSHA256 algorithm #137
if(!is_fn("hmacsha256_sign_message")) {
function hmacsha256_sign_message($message, $secret_key) {
return hash_hmac("sha256", $message, $secret_key);
}
}

53
system/storage.php
View File

@ -2,8 +2,8 @@
/**
* @file storage.php
* @date 2018-05-27
* @updated 2020-06-16
* @author Go Namhyeon <abuse@catswords.net>
* @updated 2020-05-04
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief Stroage module for ReasonableFramework
*/
@ -28,13 +28,14 @@ if(!is_fn("get_current_working_dir")) {
break;
case "windows":
if(loadHelper("exectool")) {
$exec_contents = implode("\r\n", array("@echo off", "ECHO %cd%"));
$exec_contents = implode("\r\n", array("@echo off", "SET var=%cd%", "ECHO %var%"));
$exec_file = write_storage_file($exec_contents, array(
"filename" => "pwd.bat"
));
$working_dir = exec_command($exec_file);
}
break;
}
return $working_dir;
@ -55,11 +56,11 @@ if(!is_fn("get_safe_path")) {
if(!is_fn("get_storage_path")) {
function get_storage_path($type="data") {
$dir_path = sprintf("%s/%s/%s", get_current_working_dir(), get_storage_dir(), get_safe_path($type));
$dir_path = sprintf("./%s/%s", get_storage_dir(), get_safe_path($type));
if(!is_dir($dir_path)) {
if(!@mkdir($dir_path, 0777)) {
set_error("Could not create directory. " . $dir_path);
set_error("can not create directory. " . $dir_path);
show_errors();
}
}
@ -78,20 +79,31 @@ if(!is_fn("allocate_uploaded_files")) {
$response = array(
"files" => array()
);
$config = get_config();
$requests = get_requests();
$files = $requests['_FILES'];
$storage_type = get_value_in_array("storage_type", $options, "data");
$upload_base_path = get_storage_path($storage_type);
$upload_base_url = get_storage_url($storage_type);
$upload_allow_ext = array();
// storage/config/security.ini -> allowextensionsdisabled, allowextensions
$allow_extensions_disabled = get_value_in_array("allowextensionsdisabled", $config, 0);
if(empty($allow_extensions_disabled)) {
$allow_extensions = get_value_in_array("allowextensions", $config, $upload_allow_ext);
if(!array_key_empty("only_image", $options)) {
$upload_allow_ext = array(
"png", "gif", "jpg", "jpeg", "tif"
);
} elseif(!array_key_empty("only_docs", $options)) {
$upload_allow_ext = array(
"png", "gif", "jpg", "jpeg", "tif",
"xls", "ppt", "doc", "xlsx", "pptx",
"docx", "odt", "odp", "ods", "xlsm",
"tiff", "pdf", "xlsm"
);
} elseif(!array_key_empty("only_audio", $options)) {
$upload_allow_ext = array(
"mp3", "ogg", "m4a", "wma", "wav"
);
} else {
$upload_allow_ext = array();
}
foreach($files as $k=>$file) {
@ -333,23 +345,6 @@ if(!is_fn("write_storage_file")) {
if($mode == "fake") {
$result = $upload_filename;
} elseif($fhandle = fopen($upload_filename, $mode)) {
// if it is append, check the `rotate_size` option
if($mode == "a") {
$rotate_size = intval(get_value_in_array("rotate_size", $options, 0));
$rotate_ratio = floatval(get_value_in_array("rotate_ratio", $options, 0.9));
$size_limit = floor($rotate_size * $rotate_ratio);
if($rotate_size > 0) {
if($rotate_size > filesize($upload_filename)) {
if(loadHelper("exectool")) {
exec_command(sprintf("tail -c %s '%s' > '%s'", $size_limit, $upload_filename, $upload_filename));
} else {
write_common_log("failed load exectool helper", "system/storage");
}
}
}
}
// write a file
if(fwrite($fhandle, $data)) {
$result = $upload_filename;
if(!array_key_empty("chmod", $options)) {

77
system/uri.php
View File

@ -2,26 +2,17 @@
/**
* @file uri.php
* @created_on 2018-04-13
* @updated_on 2024-04-29
* @author Go Namhyeon <abuse@catswords.net>
* @updated_on 2020-05-21
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief URI module
*/
if(!is_fn("base_url")) {
function base_url() {
$base_url = "";
// #133 Add support 'X-Forwarded-Host' header
$forwarded_host = get_header_value("X-Forwarded-Host");
if(!empty($forwarded_host)) {
$base_url = sprintf("https://%s", $forwarded_host);
} else {
$base_url = get_config_value("base_url");
if(empty($base_url)) {
$base_url = sprintf("https://%s", $_SERVER['HTTP_HOST']);
}
$base_url = get_config_value("base_url");
if(empty($base_url)) {
$base_url = sprintf("https://%s", $_SERVER['HTTP_HOST']);
}
return $base_url;
}
}
@ -61,7 +52,7 @@ if(!is_fn("read_route")) {
// get route in URI
if(empty($route)) {
if(loadHelper("networktool")) {
//$nevt = get_network_event(); // unused
$nevt = get_network_event();
$uri = $requests['_URI'];
if(strpos($uri, '?') !== false) {
@ -69,7 +60,7 @@ if(!is_fn("read_route")) {
}
if(strpos($uri, $base_route) == 0) {
$_routes = explode("/", substr($uri, strlen($base_route)));
$_routes = explode("/", substr($nevt['self'], strlen($base_route)));
foreach($_routes as $_route) {
if($_route != "index.php") {
$route = $_route;
@ -115,7 +106,6 @@ if(!is_fn("read_requests")) {
"_YAML" => false,
"_CSPT" => false,
"_SERVER" => array_map("make_safe_argument", get_array($_SERVER)),
"_HEADER" => getallheaders()
);
// check if json or serialized request
@ -298,26 +288,8 @@ if(!is_fn("redirect_uri")) {
show_errors();
}
}
if(array_key_equals("method", $options, "html")) {
echo <<<EOF
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="refresh" content="1;url=$uri">
<title>Redirect</title>
</head>
<body>
<a id="goto" href="$uri">Go to the page</a>
<script>window.onload = function() { document.getElementById("goto").click(); };</script>
</body>
</html>
EOF;
} else {
header("Location: " . $uri, true, $permanent ? 301 : 302);
}
header("Location: " . $uri, true, $permanent ? 301 : 302);
exit();
}
}
@ -450,36 +422,3 @@ if(!is_fn("set_header_content_type")) {
}
}
}
if(!is_fn("get_header_value")) {
function get_header_value($name) {
$value = false;
$requests = get_requests();
foreach ($requests['_HEADER'] as $k=>$v) {
if (strtolower($k) == strtolower($name)) {
$value = $v;
}
}
return $value;
}
}
if(!is_fn("test_user_agent")) {
function test_user_agent($ua, $tua) {
$result = false;
if (!empty($ua)) {
$words = explode(" ", str_replace("/", " ", $ua));
foreach($words as $word) {
if (in_array($word, $tua)) {
$result = true;
break;
}
}
}
return $result;
}
}

2
view/view_orderform.php
View File

@ -18,7 +18,7 @@
<div class="content">
<h2 id="default-form" class="content-subhead">결제 환불 문의</h2>
<p>결제 환불 관련 문의는 <code>abuse@catswords.net</code>으로 해주시기 바랍니다.</p>
<p>결제 환불 관련 문의는 <code>support@exts.kr</code>으로 해주시기 바랍니다.</p>
<form id="orderform" name="orderform" method="post" class="pure-form pure-form-aligned" action="<?php echo base_url(); ?>">
<fieldset>

2
view/view_orderpay.pgkcp.php
View File

@ -2,7 +2,7 @@
/**
* @file view_orderpay.pgkcp.php
* @date 2018-08-25
* @author Go Namhyeon <abuse@catswords.net>
* @author Go Namhyeon <gnh1201@gmail.com>
* @brief KCP PG(Payment Gateway) View
*/