Update index.php & App class

- Exposed(public instead of private) request and response objects of app object. - Update the sequence of loading components in index.php - Assign PUBLIC_ROOT to a more trusted host value to avoid host header attack #11
OmarElgabry · Oct 17, 2016 · 18ea695 · 18ea695
1 parent 1900ff0
commit 18ea695
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 22 deletions.
diff --git a/app/core/App.php b/app/core/App.php
@@ -33,13 +33,13 @@ class App {
      * request
      * @var Request
      */
-    private $request = null;
+    public $request = null;
 
     /**
      * response
      * @var Response
      */
-    private $response = null;
+    public $response = null;
 
     /**
      * application constructor

diff --git a/public/index.php b/public/index.php
@@ -13,42 +13,43 @@
 
 /*
 |--------------------------------------------------------------------------
-| Register Error & Exception handlers
+| Define Application Configuration Constants
 |--------------------------------------------------------------------------
-|
-| Here we will register the methods that will fire whenever there is an error
-| or an exception has been thrown.
+| 
+| PUBLIC_ROOT: 	the root URL for the application (see below).
+| BASE_DIR: 	path to the directory that has all of your "app", "public", "vendor", ... directories.
+| IMAGES:		path to upload images, don't use it for displaying images, use Config::get('root') . "/img/" instead.
+| APP:			path to app directory.
 |
 */
-Handler::register();
+
+// Config::set('base', str_replace("\\", "/", dirname(__DIR__)));
+// Config::set('images', str_replace("\\", "/", __DIR__) . "/img/");
+// Config::set('app', Config::get('base') . "/app/");
+
+define('BASE_DIR', str_replace("\\", "/", dirname(__DIR__)));
+define('IMAGES',   str_replace("\\", "/", __DIR__) . "/img/");
+define('APP',  BASE_DIR . "/app/");
 
 /*
 |--------------------------------------------------------------------------
-| Define Constants
+| Register Error & Exception handlers
 |--------------------------------------------------------------------------
-| 
-| Define the main paths the application need to run 
+|
+| Here we will register the methods that will fire whenever there is an error
+| or an exception has been thrown.
 |
 */
 
-// path to public root directory where your index.php, css, and js files
-define('PUBLIC_ROOT', 'http://' . Environment::get('HTTP_HOST') . str_replace(['public', '\\'], ['', '/'], dirname(Environment::get('SCRIPT_NAME'))));
-
-// path to the directory that has all of your "app", "public", "vendor", ... directories
-define('BASE_DIR', str_replace("\\", "/", dirname(__DIR__)));
-
-// path to upload images, don't use it for displaying images, use "PUBLIC_ROOT/img/" instead
-define('IMAGES',   str_replace("\\", "/", __DIR__) . "/img/");
-
-// path to app directory
-define('APP',  BASE_DIR . "/app/");
+Handler::register();
 
 /*
 |--------------------------------------------------------------------------
 | Start Session
 |--------------------------------------------------------------------------
 |
 */
+
 Session::init();
 
 /*
@@ -60,5 +61,20 @@
 | the incoming request to the corresponding controller and action method if valid
 |
 */
-(new App())->run();
 
+$app = new App();
+
+// Config::set('root', $app->request->root());
+define('PUBLIC_ROOT', $app->request->root());
+
+/*
+|--------------------------------------------------------------------------
+| Run The Application
+|--------------------------------------------------------------------------
+| 
+| Once we have the application instance, we can handle the incoming request
+| and send a response back to the client's browser.
+|
+*/
+
+$app->run();