Create CITATION.cff

Fix #138 Routing failure

CDN_HOWTO.md

@@ -1,70 +0,0 @@
-# 카페24(cafe24) CDN/스트리밍 사용법
-
-ReasonableFramework v1.6.2 기준 https://github.com/gnh1201/reasonableframework
-
-## 목차
-- 카페24 ([10G 광아우토반 Full SSD](https://www.cafe24.com/?controller=product_page&type=basic&page=autoban) 웹 호스팅 상품 기준)
-- Amazon S3 또는 타사 정적 파일 호스팅/Object Storage 사용자
-- 문의사항
-
-## 카페24 ([10G 광아우토반 Full SSD](https://www.cafe24.com/?controller=product_page&type=basic&page=autoban) 웹 호스팅 상품 기준)
-
-1. 카페24(cafe24.com) 관리자 페이지에 로그인하여, CDN/스트리밍 도메인 정보를 얻는다.
-   1. 메인 웹 사이트 로그인 -> `나의서비스관리` 클릭
-   2. 좌측 메뉴에서 `서비스 접속관리` -> `서비스 접속 정보` 클릭
-   3. CDN/스트리밍 정보 확인
-   
-       ```
-       *** CDN ***
-       CDN 하드 용량: 200M
-       CDN 트래픽 용량: 500M
-       FTP 주소: iup.cdn2.cafe24.com
-       FTP 포트: 21
-       FTP 아이디: [사용자 아이디]
-       
-       *** 스트리밍 ***
-       스트리밍 하드 용량: 200M
-       스트리밍 트래픽 용량: 500M
-       FTP 주소: wm-004.cafe24.com
-       FTP 포트: 5565
-       FTP 아이디: [사용자 아이디]
-       ```
-   4. CDN의 경우, `https://[사용자 아이디].cdn2.cafe24.com`(예시)가 접속 주소가 된다.
-   5. 스트리밍의 경우, `mms://wm-004.cafe24.com/[사용자 아이디]/abc.mp3`(예시)가 접속 주소가 된다.
-
-2. ResonableFramework v1.6.2 설치 및 CDN/스트리밍 설정
-   1. https://github.com/gnh1201/reasonableframework 접속 후 `Release` 탭을 누르고 `v1.6.2` 또는 최신 버전을 내려받는다.
-   2. `storage/config/uri.ini.php` 파일의 CDN/스트리밍 관련 부분을 아래와 같이 수정한다.
-   
-       ```
-       base_cdn_url = https://[사용자 아이디].cdn2.cafe24.com
-       base_vod_url = mms://wm-004.cafe24.com/[사용자 아이디]
-       ```
-       
-   3. `route` 폴더 밑에 `cdntest.php` 이름의 빈 파일을 만들고, 아래와 같이 입력 후 저장한다.
-   
-       ```
-       <?php
-       $data = array(
-           "imageurl" => get_cdn_link("/picture.jpg");
-       );
-       renderView("view_cdntest", $data);
-       ```
-   
-   4. `view` 폴더 밑에 `view_cdntest.php` 이름의 빈 파일을 만들고, 아래와 같이 입력 후 저장한다.
-   
-       ```
-       <img src="<?php echo $imageurl; ?>" alt="this is cdn test">
-       ```
-
-   5. 사용하고 있는 웹 호스팅에 reasonableframework-master 폴더 아래의 모든 파일을 업로드한다.
-   
-   6. 1번에서 얻은 FTP 정보를 이용하여, CDN 서버에 `picture.jpg` 이름으로 임의의 JPG 그림 파일을 업로드한다.
-   
-   7. 웹 브라우저를 열고 `http://[웹 호스팅 주소]/?route=cdntest`에 접속하여 그림이 잘 뜨는지 확인한다.
-
-## Amazon S3 또는 타사 정적 파일 호스팅/Object Storage 사용자
-  - 정적 파일 호스팅을 지원하는 서비스의 경우, `base_cdn_url`의 주소만 바꾸어주면 동일한 방법으로 사용이 가능하다.
-
-## 문의사항
-   - support@exts.kr

CITATION.cff

@@ -0,0 +1,11 @@
+cff-version: 1.2.0
+message: "If you use this software, please cite it as below."
+authors:
+- family-names: "Go"
+  given-names: "Namhyeon"
+  orcid: "https://orcid.org/0009-0006-8421-0911"
+title: "ReasonableFramework"
+version: v1.6.8
+doi: 10.5281/zenodo.11392417
+date-released: 2024-05-30
+url: "https://github.com/gnh1201/reasonableframework"

FUNDING.yml

@@ -1,8 +1,8 @@
 # These are supported funding model platforms
 
-github: gnh1201, catswords # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+github: gnh1201
+open_collective: welsonjs
+liberapay: catswords
+custom: ['https://www.buymeacoffee.com/catswords', 'https://toss.me/catswords']
 patreon: catswords # Replace with a single Patreon username
-open_collective: # Replace with a single Open Collective username
-ko_fi: # Replace with a single Ko-fi username
-tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
-custom: # Replace with a single custom sponsorship URL
+ko_fi: catswords

KOREAN.MD

@@ -1,55 +1,98 @@
-## 기반 소프트웨어
-
-본 웹 소프트웨어는 ReasonableFramework 기반으로 작성되었습니다.
-
-https://github.com/gnh1201/reasonableframework
+# 본 웹 어플리케이션에 대하여
+본 웹 어플리케이션은 ReasonableFramework 기반으로 작성됨. https://github.com/gnh1201/reasonableframework
 
 ## 적재된 모듈 목록
-
 * System: base (시스템 기반)
-
 * System: config (시스템 설정)
-
 * System: database (데이터베이스)
-
 * System: logger (로그)
-
 * System: uri (URI 및 URL 제어)
-
 * System: security (보안)
-
 * Helper: paginate (페이지 네비게이션)
-
 * Helper: gnuboard, gnuboard.config, gnuboard.lib (그누보드 설정 및 라이브러리 연동)
-
 * Helper: vworld (국토교통부 vworld 연동)
-
 * Helper: wprest (워드프레스[wordpress] REST API 클라이언트)
-
 * Hepler: webpagetool (Proxy 설정, UA 설정, JSON/DOM 파서를 지원하는 HTTP 클라이언트)
-
 * Helper: noreporting, allreporting (오류 출력 범위를 설정)
-
 * Helper: isemail.lnk (is_email 지원 -> /vendor/isemail)
-
 * Helper: metaparser.lnk (HTML META 데이터 파싱 지원 -> /vendor/PHP-MetaParser)
-
 * Helper: simple_html_dom (HTML DOM 처리기)
-
 * Helper: oracle (오라클 데이터베이스 접속 및 쿼리)
-
 * Helper: exectool (PHP 명령행 실행 지원)
+* 그 외 다양한 사양 지원을 위한 모듈들
 
-## 기술지원
-
-* Website: https://exts.kr/go/home
-
-* E-mail: support@exts.kr
-
-## 저작권
-
-* LGPL (별도의 오픈소스 라이센스 문서에 기입 요망)
+## 오픈소스 라이선스
+* 이 프로젝트는 LGPL 3.0 오픈소스 라이선스 하에 배포됨.
 
 ## 최근변경
+* 2024-05-30
 
-* 2018-07-22
+## 정적 파일 호스팅 관련 지침 (카페24 CDN 또는 Amazon S3)
+본 지침은 버전 v1.6.8를 기준으로 한다.
+
+### 정적 파일 호스팅 서비스의 예시
+- 카페24 ([10G 광아우토반 FullSSD+](https://hosting.cafe24.com/?controller=new_product_page&page=autobahn) 웹 호스팅 상품 기준)
+- Amazon S3
+- Object Storage
+
+### 카페24 정적 파일 호스팅 사용자
+
+1. 카페24(cafe24.com) 관리자 페이지에 로그인하여, CDN/스트리밍 도메인 정보를 얻는다.
+   1. 메인 웹 사이트 로그인 -> `나의서비스관리` 클릭
+   2. 좌측 메뉴에서 `서비스 접속관리` -> `서비스 접속 정보` 클릭
+   3. CDN/스트리밍 정보 확인
+
+       ```
+       *** CDN ***
+       CDN 하드 용량: 200M
+       CDN 트래픽 용량: 500M
+       FTP 주소: iup.cdn2.cafe24.com
+       FTP 포트: 21
+       FTP 아이디: [사용자 아이디]
+       
+       *** 스트리밍 ***
+       스트리밍 하드 용량: 200M
+       스트리밍 트래픽 용량: 500M
+       FTP 주소: wm-004.cafe24.com
+       FTP 포트: 5565
+       FTP 아이디: [사용자 아이디]
+       ```
+
+   4. CDN의 경우, `https://[사용자 아이디].cdn2.cafe24.com`(예시)가 접속 주소가 된다.
+   5. 스트리밍의 경우, `mms://wm-004.cafe24.com/[사용자 아이디]/abc.mp3`(예시)가 접속 주소가 된다.
+
+2. ResonableFramework v1.6.8 설치 및 CDN/스트리밍 설정
+   1. [깃허브 저장소](https://github.com/gnh1201/reasonableframework) 접속 후 `Release` 탭을 누르고 `v1.6.8` 또는 최신 버전을 내려받는다.
+   2. `storage/config/uri.ini.php` 파일의 CDN/스트리밍 관련 부분을 아래와 같이 수정한다.
+
+       ```
+       base_cdn_url = https://[사용자 아이디].cdn2.cafe24.com
+       base_vod_url = mms://wm-004.cafe24.com/[사용자 아이디]
+       ```
+
+   3. `route` 폴더 밑에 `cdntest.php` 이름의 빈 파일을 만들고, 아래와 같이 입력 후 저장한다.
+
+       ```
+       <?php
+       $data = array(
+           "imageurl" => get_cdn_link("/picture.jpg");
+       );
+       renderView("view_cdntest", $data);
+       ```
+
+   4. `view` 폴더 밑에 `view_cdntest.php` 이름의 빈 파일을 만들고, 아래와 같이 입력 후 저장한다.
+
+       ```
+       <img src="<?php echo $imageurl; ?>" alt="this is cdn test">
+       ```
+
+   5. 사용하고 있는 웹 호스팅에 reasonableframework-master 폴더 아래의 모든 파일을 업로드한다.
+   6. 1번에서 얻은 FTP 정보를 이용하여, CDN 서버에 `picture.jpg` 이름으로 임의의 JPG 그림 파일을 업로드한다.
+   7. 웹 브라우저를 열고 `http://[웹 호스팅 주소]/?route=cdntest`에 접속하여 그림이 잘 뜨는지 확인한다.
+
+### Amazon S3 또는 Object Storage 사용자
+- 해당 정적 파일 호스팅 업체에서 제공하는 공통 링크를 확인한 뒤, 해당 링크를 `storage/config/uri.ini.php` 파일의 `base_cdn_url`에 반영한다.
+
+## 기술지원 및 문의사항
+- 웹사이트: https://catswords.social/@catswords_oss
+- 이메일: abuse@catswords.net

README.md

@@ -1,21 +1,18 @@
 # ReasonableFramework
-![Discord](https://img.shields.io/discord/359930650330923008.svg)
-![View Licence](https://img.shields.io/github/license/gnh1201/reasonableframework.svg)
-![Librapay](http://img.shields.io/liberapay/receives/catswords.svg?logo=liberapay)
+![License LGPLv3](https://img.shields.io/github/license/gnh1201/reasonableframework.svg)
+[![DOI](https://zenodo.org/badge/114566493.svg)](https://zenodo.org/doi/10.5281/zenodo.11392416)
 
-- ReasonableFramework is `RVHM` structured PHP framework with common security
-- Prefix code: `RSF` (ReasonableFramework)
-- Old prefix code: `VSPF` (Very Simple PHP Framework)
+ReasonableFramework is RVHM structured PHP framework. aka, RSF, VSPF, C-2020-018490
 
-![This project open source licensed under LGPL version 3](https://github.com/gnh1201/reasonableframework/raw/master/lgplv3-147x51.png)
-
-## technical support (donate us)
-- [Technical support and improved web security for ReasonableFramework](https://catswords.re.kr/go/rsfsecurity) ($4/Monthly, pay on Patreon)
-
-## Specification
-- Database connection (via PDO, MySQLi (MySQL Improved), MySQL Tranditional, MySQL CLI, Oracle(OCI))
-- RVHM structure: `R` is Route (like as `controller`), `V` is View, `H` is Helper (like as `import` on Python/Go/NodeJS), `M` is Model and implemented with `KV bind`(like as `Map` data structure), Model is not required.
-- Controllable shared variables: Minimize abuse of global variables (Inspired by the `scope` of AngularJS, and `SharedPreferences` of Android Framework)
+## Specifications
+- Various types of database connection drivers. e.g, PHP PDO, MySQLi, Legacy MySQL, MySQL over the shell, Oracle(OCI)
+- No OOP, Just `RVHM` structure
+  - R is Route. like as `controller`
+  - V is View
+  - H is Helper. like a `import` on Python, Go, NodeJS
+  - M is Model. it implemented with `KV bind`(like as `Map` data structure), Model is optional.
+- Controllable shared variables: Minimize abuse of global variables. Inspired by the `scope` of AngularJS, and `SharedPreferences` of Android Framework
+- CGI style compatibility prepared for industrial applications: This framework can utilize both the latest object-oriented style and the CGI style required in industrial applications.
 
 ## Compatible
 - Tested in PHP 5.3.3
@@ -31,68 +28,61 @@
 ## Map of structure
 ![Map of structure](https://github.com/gnh1201/reasonableframework/raw/master/assets/img/reasonableframework.jpg)
 
-## Roadmap
-- Support critial and special-purposed web environment (industry, scientific, legacy, or more)
-
 ## Quick Start
 1. git clone https://github.com/gnh1201/reasonableframework.git
-2. set up database configuration: `/storage/config/database.ini.php`
+2. edit database configuration: `/storage/config/database.ini.php`
 3. create new file: `/route/example.php`
-4. go to `http://[base_url]/?route=example` or `http://[base_url]/example/`(if set `.htaccess`) in your web browser.
-5. enjoy it.
+4. go to `http://:base_url/?route=example` or `http://:base_url/example/`(if set `.htaccess`) in the web browser.
+5. code it.
 
-## Examples
+## Use cases
 - [Send severities from Zabbix to Grafana](https://gist.github.com/gnh1201/792964e9719d2f62157cf46e394888f5)
-- [REST API Integration (Naver Papago Translation REST API)](https://gist.github.com/gnh1201/081484e6f5e10bd3be819093ba5f49c8)
-- [Payment Gateway Integration (KCP)](https://github.com/gnh1201/reasonableframework/blob/master/route/orderpay.pgkcp.php)
+- [REST API Integration (Papago Translation REST API)](https://gist.github.com/gnh1201/081484e6f5e10bd3be819093ba5f49c8)
+- [Payment Gateway Integration](https://github.com/gnh1201/reasonableframework/blob/master/route/orderpay.pgkcp.php)
 
-## [NEW] Advanced security (only for sponsors)
-- CORS, CSRF, XSS, SQL-injection protection is common security, it is free and open-source for everyone.
-- Firewall, DDoS protection, and more security tools are available only for sponsors. [more](https://github.com/gnh1201/reasonableframework/blob/master/SECURITY.md)
+## Remote logging
+- Remote logging feature based on [RFC3164(The BSD Syslog Protocol)](https://tools.ietf.org/html/rfc3164)
 
-## [NEW] Remote Debugging (free for all)
-- Remote debugging feature based on [RFC3164(The BSD Syslog Protocol)](https://catswords.re.kr/go/rfc3164), with [Papertrail](https://catswords.re.kr/go/papertrail)
-
-## Compatible of free web hostings
+## Tested on free web hostings
 
 | Provider               | Pass?  | Tested version | Note
-| ---------------------- | ------ | -------------- | ------------- |
-| cafe24.com (Paid)      | Passed | v1.6.2         |               |
-| woobi.co.kr            | Passed | v1.6.2         |               |
-| dothome.co.kr          | Passed | v1.5           |               |
-| ivyro.net              | Passed | v1.5           |               |
-| 000webhost.com         | Warn   | v1.5           | Ad logo       |
-| freewebhostingarea.com | Passed | v1.5           |               |
-| infinityfree.net       | Warn   | v1.5           | anti-crawling |
-| freehosting.io         | Passed | v1.5           |               |
-| freehostingeu.com      | Warn   | v1.5           | CURL blocked  |
-| freehostingnoads.net   | Warn   | v1.5           | CURL blocked  |
-| awardspace.com         | Warn   | v1.5           | CURL blocked  |
+| ---------------------- | ------ | -------------- | -------------------------- |
+| [vultr.com](https://catswords.re.kr/go/vultr) (Vultr Holdings Co.)       | :heavy_check_mark: Passed | v1.6.5.2       | Paid, Pre-configured LAMP server |
+| cafe24.com (Cafe24 Inc.)      | :heavy_check_mark: Passed | v1.6.2         | Paid                           |
+| woobi.co.kr (MyCGI)            | :heavy_check_mark: Passed | v1.6.2         |                            |
+| dothome.co.kr (Anysecure Inc.)         | :heavy_check_mark: Passed | v1.5           |                            |
+| ivyro.net (Smileserv Inc.)            | :heavy_check_mark: Passed | v1.5           |                            |
+| 000webhost.com         | :warning: Warn   | v1.5           | Advertising logo           |
+| freewebhostingarea.com | :heavy_check_mark: Passed | v1.5           |                            |
+| infinityfree.net       | :warning: Warn   | v1.5           | Anti-crawling              |
+| freehosting.io         | :heavy_check_mark: Passed | v1.5           |                            |
+| freehostingeu.com      | :warning: Warn   | v1.5           | CURL blocked               |
+| freehostingnoads.net   | :warning: Warn   | v1.5           | CURL blocked               |
+| awardspace.com         | :warning: Warn   | v1.5           | CURL blocked               |
 
-## How to use CLI (Command line interface)
+## How to use CLI (Command-line interface)
 ```
-$ php cli.php --route [route name] --session-id [session ID]
+$ php cli.php --route :route --session-id :session_id
 ```
 
-## 한국어(Korean)
-- **리즈너블 프레임워크**는 `불필요한 부작용`에 적절하게 대응하고자 설계된 PHP 프레임워크입니다.
-- `불필요한 부작용` 출현 빈도가 높은 프로그래밍 환경(예. 레거시, 미숙련 개발자)에서 최대의 안정성과 보안을 제공합니다.
-- PHP를 기반으로 하는 무료 웹 호스팅에서도 원활하게 돌아가도록 지원합니다.
-- 객체지향, 모듈러(MVC), 시큐어 코딩 등 현대적인 웹 기술을 모르더라도 **더 견고한** 기준을 제공합니다.
-- 리즈너블 프레임워크는 CSRF, XSS, SQL 인젝션 등 기초적인 **보안 위협에 사전 대응**하도록 설계되어 있습니다.
-- PHP 버전 4 부터 버전 7까지 다양한 개인 및 기업 **적용 사례**를 보유하고 있습니다.
-- [카카오톡 채팅방](https://catswords.re.kr/go/kakaotalk)을 통해 실시간 버그 및 보안 이슈 해결이 가능합니다.
+## Comment about PSR standards
+Many people are saying that this project seems to be distant from the [PSR](https://www.php-fig.org/psr/) standards, and that claim is correct.
 
-## English
-- **ReasonableFramework** is a PHP framework designed to properly against the `unnecessary side-effects`.
-- It provides maximum stability and security in a programming environment with high frequency of the `unnecessary side-effects` (eg. legacy, untrained developers).
-- It also works smoothly on free web hosting based on PHP.
-- It provides a **stronger standard** even if you don't know modern web technologies, such as object-oriented, modular (MVC), and secure coding.
-- Resonable Framework is designed to **proactively respond to fundamental security threats** such as CSRF, XSS, and SQL injection.
-- We have **various enterprise cases** from PHP version 4(legacy) to 7(modern).
-- You can quickly resolve bugs and security issues in [our chatting room](https://catswords.re.kr/go/kakaotalk).
+The coding convention of this project is similar to the CGI style that was widely used in the early 2000s. Moreover, this style is still observed in solutions written in PHP that are sold in markets such as [WordPress](https://wordpress.org/) plugins, [a local-optimized CMS](https://github.com/gnuboard/gnuboard5), or [Codecanyon](https://codecanyon.net/) in 2023.
+
+Although this project hardly uses object-oriented concepts and does not use package managers like Composer much, it still incorporates concepts such as Model, View, Controller, Router, and Helper that are proposed in modern frameworks, and we have made efforts to provide a similar experience as much as possible.
+
+We made efforts to address common security vulnerabilities (XSS, CSRF, SQL injection) in web applications, and included many code snippets that were designed to minimize reliance on specific DBMS or communication drivers.
+
+The specifications that this project offers are still in demand in enterprise environments, so it can be a useful solution if you happen to be in such a situation.
+
+Whenever this project was introduced, I received a lot of questions about PSR, and I also made efforts to find customers who were willing to pay for a PSR version, such as holding conferences for existing customers. However, there is still no good news. Until good news comes, my plan is to mainly maintain this project.
+
+If you want to comply with the PSR standards and your colleagues are also ready to learn them humbly, we recommend that you consider [Codeigniter](https://github.com/bcit-ci/CodeIgniter) (which has a similar structure to this project) or [Silm Framework](https://github.com/slimphp/Slim).
+
+## Security Policy
+- [Security policy](SECURITY.md)
 
 ## Contact us
-- gnh1201@gmail.com
-- support@exts.kr
-- catswords@protonmail (if you require confidential)
+- abuse@catswords.net
+- ActivityPub [@catswords_oss@catswords.social](https://catswords.social/@catswords_oss)

SECURITY.md

@@ -1,15 +1,23 @@
-# Advanced security for ReasonableFramework
-the advanced security against XSS, CSRF, SQL injection, DDoS, Webshell (malicious code), weak configurations, which extensions available only for sponsors . Generally, the default security is sufficient to you in our framework. so, you have to use it after did understand what is this.
+# Security Policy
 
-## Including files
-- index.php
-- helper/php-firewall.php
-- helper/php-ddos.php
-- and more
+## Supported Versions
 
-## Minimum tier
-- 16 USD/monthly (Technical support)
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
 
-Thank you.
+| Version | Supported                                  |
+| ------- | ------------------------------------------ |
+| 1.6.x   | :white_check_mark: (Current)               |
+| 1.5.x   | :x: (EOL: 2020-08-25)                      |
+| < 1.5   | :x:                                        |
 
-https://www.patreon.com/posts/advanced-security-27376670
+## Reporting a Vulnerability
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.
+
+## Contact us
+* ActivityPub [@catswords_oss@catswords.social](https://catswords.social/@catswords_oss)
+* abuse@catswords.net

VERSION.MD

@@ -1,2 +0,0 @@
-# Confirmed version
-Last confirmed: 2018-03-09 22:00 (KST, GMT+09:00, Seoul)

bootstrap.707.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-chmod -R 707 .
-cp ./storage/example/_.htaccess ./.htaccess

bootstrap.sh

@@ -1,4 +1,5 @@
 #!/bin/bash
-find . -type d -exec chmod 0755 {} \;
-find . -type f -exec chmod 0644 {} \;
+#find . -type d -exec chmod 0755 {} \;
+#find . -type f -exec chmod 0644 {} \;
+chmod -R u+rwX,go+rX,go-w .
 cp ./storage/example/_.htaccess ./.htaccess

cli.php

@@ -4,7 +4,7 @@
  * @file cli.php
  * @created_on 2018-07-22
  * @created_on 2020-04-20
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief ReasonableFramework CLI mode
  * @cvs http://github.com/gnh1201/reasonableframework
  */

composer.json

@@ -5,7 +5,7 @@
     "authors": [
         {
             "name": "Go Namhyeon",
-            "email": "gnh1201@gmail.com"
+            "email": "abuse@catswords.net"
         }
     ],
     "require": {

fixindent.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-find ./ -type f -name "*.php" -exec sed -i 's/\t/    /g' {} \;
-echo "done"

helper/api.whois.kr.php

@@ -2,7 +2,7 @@
 /**
  * @file api.whois.kr.php
  * @date 2019-05-26
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KISA Whois/Domain/IP/AS Query Helper (https://whois.kr)
  */
  

helper/catsplit.format.php

@@ -2,7 +2,7 @@
 /**
  * @file catsplit.format.php
  * @date 2019-05-28
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Catsplit format encoder
  * @documentation https://github.com/gnh1201/catsplit-format
  */

helper/colona.v1.format.php

@@ -1,5 +1,5 @@
 <?php
-// Go Namhyeon <gnh1201@gmail.com>
+// Go Namhyeon <abuse@catswords.net>
 // 2019-09-25
 
 if(!is_fn("decode_colona_format")) {

helper/compress.zip.php

@@ -1,6 +1,6 @@
 <?php
 // @date 2019-10-13
-// @author Go Namhyeon <gnh1201@gmail.com>
+// @author Go Namhyeon <abuse@catswords.net>
 
 if(!is_fn("unzip")) {
     function unzip($src, $dst, $options=array()) {

helper/country.kr.php

@@ -2,7 +2,7 @@
 /**
  * @file country.kr.php
  * @date 2018-04-15
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Country Helper (Korean)
  */
 

helper/coupang.api.php

@@ -0,0 +1,41 @@
+<?php
+// Coupang Products Search API
+// https://coupa.ng/bZ3Kba
+// https://developers.coupangcorp.com/hc/ko/articles/360033461914-HMAC-Signature-%EC%83%9D%EC%84%B1
+
+loadHelper("webpagetool");
+
+if(!is_fn("coupang_get_signature")) {
+    function coupang_get_signature($method, $path, $query, $ACCESS_KEY, $SECRET_KEY) {
+        $datetime = date("ymd") . 'T' . date("His") . 'Z';
+        $message = $datetime . strtoupper($method) . str_replace("?", "", $path) . http_build_query($query);
+        $algorithm = "HmacSHA256";
+        $signature = hmacsha256_sign_message($message, $SECRET_KEY);
+
+        return "CEA algorithm=HmacSHA256, access-key=" . $ACCESS_KEY . ", signed-date=" . $datetime . ", signature=" . $signature;
+    }
+}
+
+if(!is_fn("coupang_search_items")) {
+    function coupang_search_items($keyword, $ACCESS_KEY, $SECRET_KEY) {
+        $URL_PARTS = array("https://api-gateway.coupang.com", "/v2/providers/affiliate_open_api/apis/openapi/v1", "/products/search");
+        $BASE_URL = $URL_PARTS[0] . $URL_PARTS[1];
+
+		$method = "get";
+        $path = $URL_PARTS[1] . $URL_PARTS[2];
+		$query = array(
+			"keyword" => $keyword,
+			"limit" => 20,     // default is 20
+			//"subId" => ""    // default is null
+		);
+
+        $response = get_web_page($BASE_URL . $URL_PARTS[2], $method, array(
+            "headers" => array(
+                "Authorization" => coupang_get_signature($method, $path, $query, $ACCESS_KEY, $SECRET_KEY)
+            ),
+			"data" => $query
+        ));
+		
+		var_dump($response);
+    }
+}

helper/database.alt.php

@@ -2,7 +2,7 @@
 /**
  * @file database.alt.php
  * @date 2018-09-10
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Database alternative driver switcher
  */
 

helper/database.mysql.cmd.php

@@ -2,7 +2,7 @@
 /**
  * @file database.mysql.cmd.php
  * @date 2019-04-06
- * @auther Go Namhyeon <gnh1201@gmail.com>
+ * @auther Go Namhyeon <abuse@catswords.net>
  * @brief MySQL(MariaDB) command line driver
  */
 

helper/database.mysql.imp.php

@@ -2,7 +2,7 @@
 /**
  * @file database.mysql.imp.php
  * @date 2018-09-10
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief MySQLi database helper
  */
 

helper/database.mysql.old.php

@@ -2,7 +2,7 @@
 /**
  * @file database.mysql.old.php
  * @date 2018-09-14
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief MySQL-old (lower than 5.4) database helper
  */
 

helper/database.oracle.php

@@ -2,7 +2,7 @@
 /**
  * @file oracle.php
  * @date 2018-03-27
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Oracle database helper for ReasonableFramework
  */
 

helper/exectool.php

@@ -1,8 +1,9 @@
 <?php
 /**
  * @file exectool.php
- * @date 2018-07-22
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @created_on 2018-07-22
+ * @updated_on 2020-07-10
+ * @author Go Namhyeon <abuse@catswords.net>
  * @forked from https://github.com/scipag/PHPUtilities
  * @brief ExecTool helper
  */
@@ -133,7 +134,12 @@ if(!is_fn("exec_command")) {
             return $return;
         }
 
-        if ($method == "") {
+        // An 'async' option will be return PID
+        if(array_key_equals("async", $options, true)) {
+            $command = sprintf("%s 1>/dev/null 2>&1 & echo $!;", $command);
+        }
+
+        if (empty($method)) {
             // ob_start() will turn on output buffering to collect all output from
             // exec_test() and ob_end_clean() will clean the buffer afterwards ("garbage collection") 
             ob_start();
@@ -157,7 +163,6 @@ if(!is_fn("exec_command")) {
 
             case "exec":
                 exec($command, $output);
-                var_dump($output);  
                 break;
 
             case "shell_exec":
@@ -201,6 +206,11 @@ if(!is_fn("exec_command")) {
 
         $return = ob_get_clean();
 
+        // PID is integer
+        if(array_key_equals("async", $options, true)) {
+            $return = intval(rtrim($return));
+        }
+
         return $return;
     }
 }

helper/gnuboard.dbt.php

@@ -2,7 +2,7 @@
 /**
  * @file gnuboard.php
  * @date 2018-05-27
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Database Helper for Gnuboard 4, Gnuboard 5
  */
 

helper/hiddentool.php

@@ -0,0 +1,24 @@
+<?php
+/**
+ * @file hiddentool.php
+ * @created_on 2021-05-24
+ * @updated_on 2022-09-13
+ * @author Go Namhyeon <abuse@catswords.net>
+ * @brief Tools for Hidden Services (e.g. Tor, I2P, etc...)
+ */
+
+if (!is_fn("detect_hidden_service")) {
+    function detect_hidden_service() {
+        $score = 0;
+
+        $suffixes = array("onion", "i2p", "crypto");
+        $forwarded_host = get_header_value("X-Forwarded-Host");
+        if (!empty($forwarded_host)) {
+            if (in_array(end(explode('.', $forwarded_host)), $suffixes)) {
+                $score += 1;
+            }
+        }
+        
+        return $score;
+    };
+}

helper/hybridauth.dbt.php

@@ -2,7 +2,7 @@
 /**
  * @file hybridauth.dbt.php
  * @date 2018-04-15
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief HybridAuth DB Helper
  */
 

helper/hybridauth.lnk.php

@@ -2,7 +2,7 @@
 /**
   * @file hybridauth.lnk.php
   * @date 2018-09-26
-  * @author Go Namhyeon <gnh1201@gmail.com>
+  * @author Go Namhyeon <abuse@catswords.net>
   * @brief HybridAuth library RSF Linker
 ***/
 

helper/isemail.lnk.php

@@ -2,7 +2,7 @@
 /**
  * @file isemail.lnk.php
  * @date 2018-03-02
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief IsEmail library linker
  */
 

helper/jCryption.lnk.php

@@ -2,7 +2,7 @@
 /**
  * @file jCryption.lnk.php
  * @date 2018-09-30
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief jCryption (alternative HTTPS on javascript) Helper
  */
 

helper/json.format.php

@@ -1,7 +1,7 @@
 <?php
 // @created_on 2019-10-13
 // @updated_on 2020-01-27
-// @author Go Namhyeon <gnh1201@gmail.com>
+// @author Go Namhyeon <abuse@catswords.net>
 
 if(!is_fn("json_decode_ex")) {
     function json_decode_ex($data, $options=array()) {

helper/kimsboard7.dbt.php

@@ -2,7 +2,7 @@
 /**
  * @file kimsboard7.dbt.php
  * @date 2018-08-20
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Database Helper for Kimsboard 7 (experimental)
  */
  

helper/lguplus.api.php

@@ -2,7 +2,7 @@
 /**
  * @file lguplus.api.php
  * @date 2019-10-07
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief `LGU+`or `LGUPlus` is trandmark of LGUPlus Co. Ltd.
  */
 

helper/lguplus.install.php

@@ -2,7 +2,7 @@
 /**
  * @file lguplus.install.php
  * @date 2019-10-13
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief `LGU+`or `LGUPlus` is trandmark of LGUPlus Co. Ltd.
  */
 

helper/mailgun.api.php

@@ -2,7 +2,7 @@
 /**
  * @file mailgun.api.php
  * @date 2019-04-12
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Mailgun REST API interface module
  * @documentation https://documentation.mailgun.com/en/latest/api-sending.html
  */

helper/metaparser.lnk.php

@@ -2,7 +2,7 @@
 /**
  * @file metaparser.lnk.php
  * @date 2018-03-21
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief PHP-Metaparser library linker
  */
 

helper/mobiletool.php

@@ -2,7 +2,7 @@
 /**
  * @file mobiletool.php
  * @date 2019-04-29
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Mobile Tool
  * @documentation https://www.w3.org/Mobile/training/device-detection/mobile_detector.txt
  */

helper/networktool.php

@@ -1,8 +1,9 @@
 <?php
 /**
  * @file networktool.php
- * @date 2018-04-11
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @created_on 2018-04-11
+ * @updated_on 2022-09-16
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Network tool helper
  */
 
@@ -126,3 +127,11 @@ if(!is_fn("get_network_outbound_addr")) {
         return $addr;
     }
 }
+
+if(!is_fn("detect_perf_agent")) {
+    function detect_perf_agent() {
+        $evt = get_network_event();
+        $agent = $evt['agent'];
+        return preg_match('(PingdomPageSpeed|GTmetrix)', $agent) === 1;
+    }
+}

helper/obfuscator.php

@@ -2,7 +2,7 @@
 /**
  * @file obfuscator.php
  * @date 2018-10-21
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief PHP Obfuscator for ReasonableFramework
  */
 

helper/paginate.php

@@ -2,7 +2,7 @@
 /**
  * @file pagenate.php
  * @date 2018-01-01
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Page navigation helper
  */
 

helper/perftool.php

@@ -3,7 +3,7 @@
  * @file perftool.php
  * @created_on 2020-02-19
  * @updated_on 2020-02-24
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief PerfTool helper
  */
 

helper/pgkcp.install.php

@@ -2,7 +2,7 @@
 /**
  * @file pgkcp.install.php
  * @date 2019-10-13
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) Auto-Install Tool
  */
 

helper/pgkcp.lnk.php

@@ -3,7 +3,7 @@
  * @file pgkcp.lnk.php
  * @created_on 2018-08-25
  * @updated_on 2020-01-13
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) Helper
  */
 

helper/rfc3164.proto.php

@@ -1,7 +1,7 @@
 <?php
 /*
  * @file rfc3164.proto.php
- * @author Go Namhyeon <gnh1201@gmail.com> (Modified)
+ * @author Go Namhyeon <abuse@catswords.net> (Modified)
  * @author Troy Davis (@tory) - https://gist.github.com/troy/2220679 (Original)
  * @brief Helper for RFC3164(The BSD Syslog Protocol) - https://tools.ietf.org/html/rfc3164
  * @created_on 2018-03-02

helper/socialtool.php

@@ -2,7 +2,7 @@
 /**
  * @file socialtools.php
  * @date 2018-09-27
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief SocialTools (refactoring from SocioRouter)
  */
  

helper/spreadsheet-reader.lnk.php

@@ -2,7 +2,7 @@
 /**
   * @file spreadsheet-reader.lnk.php
   * @date 2018-09-20
-  * @author Go Namhyeon <gnh1201@gmail.com>
+  * @author Go Namhyeon <abuse@catswords.net>
   * @brief Excel file parser
 ***/
 

helper/staticgen.php

@@ -1,7 +1,7 @@
 /**
  * @file staticgen.php
  * @date 2018-07-22
- * @auther Go Namhyeon <gnh1201@gmail.com>
+ * @auther Go Namhyeon <abuse@catswords.net>
  * @brief Static Web Generation Tool for ResaonableFramework
  */
 

helper/string.utils.php

@@ -3,7 +3,7 @@
  * @file string.utils.php
  * @created_on 2018-05-27
  * @updated_on 2020-02-21
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief String utility helper
  */
 
@@ -293,6 +293,18 @@ if(!is_fn("get_floating_percentage")) {
     }
 }
 
+// https://stackoverflow.com/questions/13108157
+if(!is_fn("get_csv_from_array")) {
+    function get_csv_from_array($data, $delimiter = ',', $enclosure = '"', $escape_char = "\\") {
+        $f = fopen('php://memory', 'r+');
+        foreach ($data as $item) {
+            fputcsv($f, $item, $delimiter, $enclosure, $escape_char);
+        }
+        rewind($f);
+        return stream_get_contents($f);
+    }
+}
+
 if(!is_fn("eregi")) {
     function eregi($pattern, $subject, &$matches=NULL) {
         return preg_match(sprintf("/%s/i", $pattern), $subject, $matches);

helper/tablewiz.php

@@ -2,7 +2,7 @@
 /**
  * @file tablewiz.php
  * @date 2018-02-26
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief TableWiz helper
  */
 

helper/timetool.php

@@ -2,7 +2,7 @@
 /**
  * @file timetool.php
  * @date 2018-09-26
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Time tools
  */
 

helper/twilio.api.php

@@ -2,7 +2,7 @@
 /**
  * @file twilio.api.php
  * @date 2019-04-08
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Twilio REST API interface module
  * @documentation https://www.twilio.com/docs/sms/send-messages
  */

helper/vworld.php

@@ -2,7 +2,7 @@
 /**
  * @file vworld.php
  * @date 2018-01-11
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Geo Helper based on vWorld (vworld.kr, molit.go.kr)
  */
 

helper/webhooktool.php

@@ -2,7 +2,7 @@
 /**
  * @file webhooktool.php
  * @date 2019-05-04
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief WebhookTools
  * @trademark
  * * `NateOn` is trademark of SK Communications Co Ltd., SK Planet Co Ltd., or other SK businesses.

helper/webpagetool.php

@@ -2,8 +2,8 @@
 /**
  * @file webpagetool.php
  * @created_on 2018-06-01
- * @updated_on 2020-04-08
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @updated_on 2021-02-01
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief WebPageTool helper
  */
 
@@ -505,8 +505,8 @@ if(!is_fn("get_web_curl")) {
                 $options[CURLOPT_CUSTOMREQUEST] = "POST";
                 $options[CURLOPT_POST] = 1;
                 $options[CURLOPT_POSTFIELDS] = $_data;
-                $headers['Content-Type'] = "text/plain;charset=utf-8";
-                $headers['Accept'] = "text/plain, */*";
+                $headers['Content-Type'] = "application/octet-stream";
+                $headers['Accept'] = "application/octet-stream, */*";
                 $headers['Content-Length'] = strlen($_data);
             }
         }
@@ -514,7 +514,7 @@ if(!is_fn("get_web_curl")) {
         if(count($headers) > 0) {
             foreach($headers as $k=>$v) {
                 if(is_array($v)) {
-                    if($k == "Authentication") {
+                    if($k == "Authorization" || $k == "Authentication") {
                         if($v[0] == "Basic" && check_array_length($v, 3) == 0) {
                             $options[CURLOPT_USERPWD] = sprintf("%s:%s", make_safe_argument($v[1]), make_safe_argument($v[2]));
                         } else {
@@ -552,6 +552,15 @@ if(!is_fn("get_web_page")) {
         $errno = false;
         $content = false;
         $_method = $method;
+        
+        // check request method
+        if (!is_string($method)) {
+            set_error("method must be string");
+            show_errors();
+        }
+
+        // get process ID
+        $pid = getmyid();
 
         // set user agent
         $ua = get_web_user_agent($ua);
@@ -586,7 +595,8 @@ if(!is_fn("get_web_page")) {
         if(in_array("cache", $req_methods)) {
             $content = get_web_cache($url, $method, $data, $proxy, $ua, $ct_out, $t_out, $headers);
         } elseif(in_array("async", $req_methods)) {
-            $content = get_web_async($url, $req_methods[0], $data, $proxy, $ua, $ct_out, $t_out, $headers);
+            $pid = get_web_async($url, $req_methods[0], $data, $proxy, $ua, $ct_out, $t_out, $headers);
+            $content = posix_getpgid($pid);
         } elseif(in_array("cmd", $req_methods)) {
             $content = get_web_cmd($url, $req_methods[0], $data, $proxy, $ua, $ct_out, $t_out, $headers);
         } elseif(in_array("fgc", $req_methods)) {
@@ -634,7 +644,8 @@ if(!is_fn("get_web_page")) {
             "status"     => $status,
             "resno"      => $resno,
             "errno"      => $errno,
-            "id"         => get_web_identifier($url, $method, $data, $headers),
+            "id"         => get_web_identifier($url, $method, $data),
+            "pid"        => $pid,
             "md5"        => get_hashed_text($content, "md5"),
             "sha1"       => get_hashed_text($content, "sha1"),
             "gz_content" => get_hashed_text($gz_content, "base64"),
@@ -643,7 +654,8 @@ if(!is_fn("get_web_page")) {
             "gz_sha1"    => get_hashed_text($gz_content, "sha1"),
             "gz_ratio"   => $gz_ratio,
             "method"     => $_method,
-            "params"     => $data,
+            "headers"    => $headers,
+            "params"     => $data
         );
 
         return $response;
@@ -661,9 +673,7 @@ if(!is_fn("get_web_identifier")) {
         if($checksum_header != "*") { // compatible below 1.6
             $checksums[] = $checksum_header;
         }
-
-        //write_common_log(json_encode($checksums), "get_web_identifier");
-
+        
         return get_hashed_text(implode(".", $checksums));
     }
 }
@@ -716,8 +726,16 @@ if(!is_fn("get_web_cache")) {
                 }
             }
             $_method = implode(".", $_new_methods);
+
+            $_data = $data;
+            if(count($headers) > 0) {
+                $_data = array(
+                    "headers" => $headers,
+                    "data" => $data
+                );
+            }
  
-            $response = get_web_page($url, $_method, $data, $proxy, $ua, $ct_out, $t_out);
+            $response = get_web_page($url, $_method, $_data, $proxy, $ua, $ct_out, $t_out);
             $content = $response['content'];
             if($cache_enabled) {
                 $gz_content = gzdeflate($content);
@@ -866,7 +884,7 @@ if(!is_fn("get_webproxy_url")) {
 if(!is_fn("get_web_user_agent")) {
     function get_web_user_agent($ua="") {
         if(empty($ua)) {
-            $ua = "ReasonableFramework/1.6-dev (https://github.com/gnh1201/reasonableframework)";
+            $ua = "ReasonableFramework/1.6.7-preview1 (Server; PHP " . phpversion() . "; https://catswords.social/@catswords_oss; abuse@catswords.net)";
         } else {
             $ua = make_safe_argument($ua);
         }

helper/wprest.php

@@ -2,7 +2,7 @@
 /**
  * @file wprest.php
  * @date 2018-03-14
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Wordpress Rest API helper
  */
 

helper/zabbix.api.php

@@ -3,7 +3,7 @@
  * @file zabbix.api.php
  * @created_on 2019-04-08
  * @updated_on 2020-03-05
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Zabbix JSON-RPC API (3.0) interface module
  * @documentation https://www.zabbix.com/documentation/current/ (4.4)
  */

helper/zeroboard4.dbt.php

@@ -2,7 +2,7 @@
 /**
  * @file zeroboard4.dbt.php
  * @date 2018-08-20
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Database Helper for Zeroboard 4 PL 9 (experimental)
  */
 

index.php

@@ -2,8 +2,8 @@
 /**
  * @file index.php
  * @created_on 2018-05-27
- * @updated_on 2020-02-18
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @updated_on 2020-06-14
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief ReasonableFramework is RVHM structured PHP framework with common security
  * @cvs https://github.com/gnh1201/reasonableframework
  * @sponsor https://patreon.com/catswords (with advanced security)
@@ -127,7 +127,8 @@ $default_timezone = get_value_in_array("timezone", $config, "UTC");
 date_default_timezone_set($default_timezone);
 
 // write visit log
-write_visit_log();
+$log_mode_visit = get_value_in_array("log_mode_visit", $config, "");
+write_visit_log($log_mode_visit);
 
 // get requested route
 $route = read_route();

route/api.getorder.pgkcp.php

@@ -2,7 +2,7 @@
 /**
  * @file api.getorder.pgkcp.php
  * @date 2018-09-24
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) get completed order
  */
 

route/api.gnuboard.php

@@ -2,7 +2,7 @@
 /**
  * @file api.gnuboard.php
  * @date 2018-05-31
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Integration controller for Gnuboard CMS 4.x, 5.x
  */
 

route/api.mailgun.php

@@ -2,7 +2,7 @@
 /**
  * @file api.mailgun.php
  * @date 2019-04-15
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Mailgun API controller
  */
 

route/api.setconfig.pgkcp.php

@@ -2,7 +2,7 @@
 /**
  * @file api.setconfig.pgkcp.php
  * @date 2018-09-30
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) set configuration API
  */
 

route/api.social.php

@@ -2,7 +2,7 @@
 /**
  * @file api.social.php
  * @date 2018-09-26
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief SocialTools API (refactoring from SocioRouter API)
  */
 

route/api.twilio.php

@@ -2,7 +2,7 @@
 /**
  * @file api.twilio.php
  * @date 2019-04-15
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Twilio API controller (or domestic API)
   */
 

route/api.uuid.php

@@ -2,7 +2,7 @@
 /**
  * @file api.uuid.php
  * @date 2018-08-19
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief UUID Generator API
  */
 

route/api.zabbix.php

@@ -2,7 +2,7 @@
 /**
  * @file api.zabbix.php
  * @date 2019-04-15
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Zabbix API
  */
 

route/mobileswitcher.php

@@ -2,7 +2,7 @@
 /**
  * @file mobileswitcher.php
  * @date 2019-04-29
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief mobile device switcher
  */
 

route/ordercomplete.pgkcp.php

@@ -3,7 +3,7 @@
  * @file ordercomplete.pgkcp.php
  * @created_on 2018-09-03
  * @updated_on 2020-01-25
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) contoller when completed
  */
 

route/orderform.php

@@ -2,7 +2,7 @@
 /**
  * @file orderform.php
  * @date 2018-09-03
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief order form
  */
 

route/orderpay.pgkcp.php

@@ -3,7 +3,7 @@
  * @file orderpay.pgkcp.php
  * @date 2018-08-25
  * @updated 2019-10-14
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) Controller
  */
 

route/orderpay.step2.pgkcp.php

@@ -3,7 +3,7 @@
  * @file orderpay.step2.pgkcp.php
  * @created_on 2018-08-27
  * @updated_on 2020-01-25
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) contoller when done
  */
 

route/orderpay.step3.pgkcp.php

@@ -2,7 +2,7 @@
 /**
  * @file orderpay.step3.pgkcp.php
  * @date 2018-08-27
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) contoller when done
  */
 

route/payman.example.php

@@ -3,7 +3,7 @@ if(!defined("_DEF_RSF_")) set_error_exit("do not allow access");
 
 $data = array(
   "name" => "Hong gil dong",
-  "email" => "support@exts.kr",
+  "email" => "abuse@catswords.net",
   "tel" => ""01000000000",
   "base_url" => base_url()
 );

route/webapp.php

@@ -2,7 +2,7 @@
 /**
  * @file webapp.php
  * @date 2019-02-23
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Isolator(Compatibility mode) for legacy application
  */
 

storage/config/l10n.ini.php

@@ -0,0 +1,6 @@
+<?php
+return <<<EOF
+[l10n]
+l10n_enabled=0
+l10n_default_language=ko
+EOF;

storage/config/logger.ini.php

@@ -1,7 +1,9 @@
 <?php
 return <<<EOF
-[log]
+[logger]
 rfc3164_enabled=0
 rfc3164_host=logs6.papertrailapp.com
 rfc3164_port=42986
+log_rotate_size=104857600
+log_rotate_ratio=0.9
 EOF;

storage/config/security.ini.php

@@ -9,5 +9,7 @@ adjectives=warty,hoary,breezy,dapper,edgy,feisty,gutsy,hardy,intrepid,jaunty,kar
 animals=warthog,hedgehog,badger,drake,eft,fawn,gibbon,heron,ibex,jackalope,koala,lynx,meerkat,narwhal,ocelot,pangolin,quetzal,ringtail,salamander,tahr,unicorn,vervet,werewolf,xerus,yak,zapus
 https=auto
 hashalgos=md5,sha1,crypt,crc32,base64,sql_password
-sandboxdisabled=0
+sandboxdisabled=1
+allowextensionsdisabled=1
+allowextensions=png,gif,jpg,jpeg,tif,xls,ppt,doc,xlsx,pptx,docx,odt,odp,ods,xlsm,tiff,pdf,xlsm,mp3,ogg,m4a,wma,wav
 EOF;

system/base.php

@@ -3,7 +3,7 @@
  * @file base.php
  * @created_on 2018-04-13
  * @updated_on 2020-02-10
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Base module
  */
 

system/config.php

@@ -3,7 +3,7 @@
  * @file config.php
  * @date 2018-04-13
  * @updated 2020-03-25
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Configuration module
  */
 

system/database.php

@@ -3,7 +3,7 @@
  * @file database.php
  * @created_on 2018-04-13
  * @updated_on 2020-04-16
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Database module
  */
 
@@ -132,7 +132,7 @@ if(!is_fn("get_db_last_id")) {
 
         if(in_array($db_driver, array("mysql", "mysql.pdo"))) {
             $last_id = $dbc->lastInsertId();
-        } elseif(loadHelper("database.dbt")) {
+        } elseif(loadHelper("database.alt")) {
             $last_id = call_user_func("get_db_alt_last_id", $db_driver);
         }
 

system/logger.php

@@ -2,38 +2,79 @@
 /**
  * @file logger.php
  * @created_on 2018-05-27
- * @updated_on 2020-01-23
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @updated_on 2020-06-21
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Logger module for ReasonableFramework
  */
 
 if(!is_fn("append_log_to_file")) {
     function append_log_to_file($data, $filename) {
+        $config = get_config();
+
+        $rotate_size = get_value_in_array("log_rotate_size", $config, 0);
+        $rotate_ratio = get_value_in_array("log_rotate_ratio", $config, 0.9);
+
         return append_storage_file($data, array(
             "storage_type" => "logs",
             "filename" => $filename,
             "chmod" => 0644,
             "nl" => "<",
+            "rotate_size" => $rotate_size,
+            "rotate_ratio" => $rotate_ratio,
         ));
     }
 }
 
 if(!is_fn("write_visit_log")) {
-    function write_visit_log() {
+    function write_visit_log($mode="") {
         $fw = false;
 
-        $data = "";
+        $nevt = false;
         if(loadHelper("networktool")) {
             $nevt = get_network_event();
-            if(loadHelper("catsplit.format")) {
-                $data = catsplit_encode($nevt);
-            } else {
-                $data = json_encode($nevt);
-            }
-
-            $fw = append_log_to_file($data, "network.log");
         }
 
+        if($nevt === false) return $fw;
+
+        if($mode == "database") {
+            $tablename = exec_db_table_create(array(
+                "datetime" => array("datetime"),
+                "server" => array("varchar", 255),
+                "hostname" => array("varchar", 255),
+                "client" => array("varchar", 255),
+                "agent" => array("text"),
+                "referrer" => array("text"),
+                "self" => array("varchar", 255),
+                "method" => array("varchar", 255)
+            ), "rsf_visit_log", array(
+                "setindex" => array(
+                    "index_1" => array("datetime"),
+                    "index_2" => array("client")
+                )
+            ));
+            
+            $bind = array(
+                "datetime" => $nevt['datetime'],
+                "server" => $nevt['server'],
+                "hostname" => $nevt['hostname'],
+                "client" => $nevt['client'],
+                "agent" => $nevt['agent'],
+                "referrer" => $nevt['referrer'],
+                "self" => $nevt['self'],
+                "method" => $nevt['method']
+            );
+            $sql = get_bind_to_sql_insert($tablename, $bind);
+            exec_db_query($sql, $bind);
+        } else {
+            $line = "";
+            if(loadHelper("catsplit.format")) {
+                $line = catsplit_encode($nevt);
+            } else {
+                $line = json_encode($nevt);
+            }
+            $fw = append_log_to_file($line, "network.log"); 
+        }
+        
         return $fw;
     }
 }

system/security.php

@@ -3,7 +3,7 @@
  * @file security.php
  * @created_on 2018-05-27
  * @updated_on 2020-02-04
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Security module for ReasonableFramework
  * @sponsor https://patreon.com/catswords (with advanced security)
  */
@@ -702,3 +702,10 @@ if(!is_fn("expire_isolated_session")) {
         session_destroy();
     }
 }
+
+// Add support HmacSHA256 algorithm #137
+if(!is_fn("hmacsha256_sign_message")) {
+    function hmacsha256_sign_message($message, $secret_key) {
+        return hash_hmac("sha256", $message, $secret_key);
+    }
+}

system/storage.php

@@ -2,8 +2,8 @@
 /**
  * @file storage.php
  * @date 2018-05-27
- * @updated 2020-05-04
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @updated 2020-06-16
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief Stroage module for ReasonableFramework
  */
 
@@ -28,14 +28,13 @@ if(!is_fn("get_current_working_dir")) {
                 break;
             case "windows":
                 if(loadHelper("exectool")) {
-                    $exec_contents = implode("\r\n", array("@echo off", "SET var=%cd%", "ECHO %var%"));
+                    $exec_contents = implode("\r\n", array("@echo off", "ECHO %cd%"));
                     $exec_file = write_storage_file($exec_contents, array(
                         "filename" => "pwd.bat"
                     ));
                     $working_dir = exec_command($exec_file);
                 }
                 break;
-                
         }
 
         return $working_dir;
@@ -56,11 +55,11 @@ if(!is_fn("get_safe_path")) {
 
 if(!is_fn("get_storage_path")) {
     function get_storage_path($type="data") {
-        $dir_path = sprintf("./%s/%s", get_storage_dir(), get_safe_path($type));
+        $dir_path = sprintf("%s/%s/%s", get_current_working_dir(), get_storage_dir(), get_safe_path($type));
 
         if(!is_dir($dir_path)) {
             if(!@mkdir($dir_path, 0777)) {
-                set_error("can not create directory. " . $dir_path);
+                set_error("Could not create directory. " . $dir_path);
                 show_errors();
             }
         }
@@ -79,31 +78,20 @@ if(!is_fn("allocate_uploaded_files")) {
         $response = array(
             "files" => array()
         );
-
+        
+        $config = get_config();
         $requests = get_requests();
         $files = $requests['_FILES'];
 
         $storage_type = get_value_in_array("storage_type", $options, "data");
         $upload_base_path = get_storage_path($storage_type);
         $upload_base_url = get_storage_url($storage_type);
+        $upload_allow_ext = array();
 
-        if(!array_key_empty("only_image", $options)) {
-            $upload_allow_ext = array(
-                "png", "gif", "jpg", "jpeg", "tif"
-            );
-        } elseif(!array_key_empty("only_docs", $options)) {
-            $upload_allow_ext = array(
-                "png", "gif", "jpg", "jpeg", "tif",
-                "xls", "ppt", "doc", "xlsx", "pptx",
-                "docx", "odt", "odp", "ods", "xlsm",
-                "tiff", "pdf", "xlsm"
-            );
-        } elseif(!array_key_empty("only_audio", $options)) {
-            $upload_allow_ext = array(
-                "mp3", "ogg", "m4a", "wma", "wav"
-            );
-        } else {
-            $upload_allow_ext = array();
+        // storage/config/security.ini -> allowextensionsdisabled, allowextensions
+        $allow_extensions_disabled = get_value_in_array("allowextensionsdisabled", $config, 0);
+        if(empty($allow_extensions_disabled)) {
+            $allow_extensions = get_value_in_array("allowextensions", $config, $upload_allow_ext);
         }
 
         foreach($files as $k=>$file) {
@@ -345,6 +333,23 @@ if(!is_fn("write_storage_file")) {
             if($mode == "fake") {
                 $result = $upload_filename;
             } elseif($fhandle = fopen($upload_filename, $mode)) {
+                // if it is append, check the `rotate_size` option
+                if($mode == "a") {
+                    $rotate_size = intval(get_value_in_array("rotate_size", $options, 0));
+                    $rotate_ratio = floatval(get_value_in_array("rotate_ratio", $options, 0.9));
+                    $size_limit = floor($rotate_size * $rotate_ratio);
+                    if($rotate_size > 0) {
+                        if($rotate_size > filesize($upload_filename)) {
+                            if(loadHelper("exectool")) {
+                                exec_command(sprintf("tail -c %s '%s' > '%s'", $size_limit, $upload_filename, $upload_filename));
+                            } else {
+                                write_common_log("failed load exectool helper", "system/storage");
+                            }
+                        }
+                    }
+                }
+
+                // write a file
                 if(fwrite($fhandle, $data)) {
                     $result = $upload_filename;
                     if(!array_key_empty("chmod", $options)) {

system/uri.php

@@ -2,17 +2,26 @@
 /**
  * @file uri.php
  * @created_on 2018-04-13
- * @updated_on 2020-05-21
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @updated_on 2024-04-29
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief URI module
  */
 
 if(!is_fn("base_url")) {
     function base_url() {
-        $base_url = get_config_value("base_url");
-        if(empty($base_url)) {
-            $base_url = sprintf("https://%s", $_SERVER['HTTP_HOST']);
+        $base_url = "";
+
+        // #133 Add support 'X-Forwarded-Host' header 
+        $forwarded_host = get_header_value("X-Forwarded-Host");
+        if(!empty($forwarded_host)) {
+            $base_url = sprintf("https://%s", $forwarded_host);
+        } else {
+            $base_url = get_config_value("base_url");
+            if(empty($base_url)) {
+                $base_url = sprintf("https://%s", $_SERVER['HTTP_HOST']);
+            }
         }
+
         return $base_url;
     }
 }
@@ -52,7 +61,7 @@ if(!is_fn("read_route")) {
         // get route in URI
         if(empty($route)) {
             if(loadHelper("networktool")) {
-                $nevt = get_network_event();
+                //$nevt = get_network_event();   // unused
 
                 $uri = $requests['_URI'];
                 if(strpos($uri, '?') !== false) {
@@ -60,7 +69,7 @@ if(!is_fn("read_route")) {
                 }
 
                 if(strpos($uri, $base_route) == 0) {
-                    $_routes = explode("/", substr($nevt['self'], strlen($base_route)));
+                    $_routes = explode("/", substr($uri, strlen($base_route)));
                     foreach($_routes as $_route) {
                         if($_route != "index.php") {
                             $route = $_route;
@@ -106,6 +115,7 @@ if(!is_fn("read_requests")) {
             "_YAML"   => false,
             "_CSPT"   => false,
             "_SERVER" => array_map("make_safe_argument", get_array($_SERVER)),
+            "_HEADER" => getallheaders()
         );
 
         // check if json or serialized request
@@ -288,8 +298,26 @@ if(!is_fn("redirect_uri")) {
                 show_errors();
             }
         }
+        
+        if(array_key_equals("method", $options, "html")) {
+            echo <<<EOF
+<!doctype html>
+<html>
+    <head>
+        <meta charset="utf-8">
+        <meta http-equiv="refresh" content="1;url=$uri">
+        <title>Redirect</title>
+    </head>
+    <body>
+        <a id="goto" href="$uri">Go to the page</a>
+        <script>window.onload = function() { document.getElementById("goto").click(); };</script>
+    </body>
+</html>
+EOF;
+        } else {
+            header("Location: " . $uri, true, $permanent ? 301 : 302);
+        }
 
-        header("Location: " . $uri, true, $permanent ? 301 : 302);
         exit();
     }
 }
@@ -422,3 +450,36 @@ if(!is_fn("set_header_content_type")) {
         }
     }
 }
+
+if(!is_fn("get_header_value")) {
+    function get_header_value($name) {
+        $value = false;
+
+        $requests = get_requests();
+        foreach ($requests['_HEADER'] as $k=>$v) {
+            if (strtolower($k) == strtolower($name)) {
+                $value = $v;
+            }
+        }
+
+        return $value;
+    }
+}
+
+if(!is_fn("test_user_agent")) {
+    function test_user_agent($ua, $tua) {
+        $result = false;
+
+        if (!empty($ua)) {
+            $words = explode(" ", str_replace("/", " ", $ua));
+            foreach($words as $word) {
+                if (in_array($word, $tua)) {
+                    $result = true;
+                    break;
+                }
+            }
+        }
+
+        return $result;
+    }
+}

view/view_orderform.php

@@ -18,7 +18,7 @@
             
             <div class="content">
                 <h2 id="default-form" class="content-subhead">결제 및 환불 문의</h2>
-                <p>결제 및 환불 관련 문의는 <code>support@exts.kr</code>으로 해주시기 바랍니다.</p>
+                <p>결제 및 환불 관련 문의는 <code>abuse@catswords.net</code>으로 해주시기 바랍니다.</p>
 
                 <form id="orderform" name="orderform" method="post" class="pure-form pure-form-aligned" action="<?php echo base_url(); ?>">
                     <fieldset>

view/view_orderpay.pgkcp.php

@@ -2,7 +2,7 @@
 /**
  * @file view_orderpay.pgkcp.php
  * @date 2018-08-25
- * @author Go Namhyeon <gnh1201@gmail.com>
+ * @author Go Namhyeon <abuse@catswords.net>
  * @brief KCP PG(Payment Gateway) View
  */