10031 changed files with 1998836 additions and 0 deletions
@ -0,0 +1,13 @@
|
||||
tests/Zend/Db/Table/_files/cachefiles/* |
||||
tests/Zend/Auth/Adapter/OpenId/_files/* |
||||
tests/Zend/Filter/_files/Compress/* |
||||
tests/Zend/Filter/_files/Users/* |
||||
tests/Zend/OpenId/Provider/Storage/_files/* |
||||
tests/Zend/OpenId/_files/* |
||||
tests/Zend/Translate/Adapter/_files/zend_cache---internal-metadatas---testid |
||||
tests/Zend/Translate/Adapter/_files/zend_cache---testid |
||||
tests/TestConfiguration.php |
||||
vendor/* |
||||
composer.lock |
||||
bin/dbunit |
||||
bin/phpunit |
@ -0,0 +1,33 @@
|
||||
language: php |
||||
|
||||
php: |
||||
- 5.2 |
||||
- 5.3 |
||||
- 5.4 |
||||
- 5.5 |
||||
- 5.6 |
||||
- hhvm |
||||
|
||||
env: TMPDIR=/tmp |
||||
|
||||
install: |
||||
- sh ./tests/install_dependencies.sh |
||||
- phpenv rehash |
||||
|
||||
services: |
||||
- memcached |
||||
|
||||
before_script: |
||||
- mysql -e 'create database zftest;' |
||||
- psql -c 'create database zftest;' -U postgres |
||||
- echo "extension = memcache.so" >> ~/.phpenv/versions/$(phpenv version-name)/etc/php.ini |
||||
- echo "extension = memcached.so" >> ~/.phpenv/versions/$(phpenv version-name)/etc/php.ini |
||||
- cp ./tests/TestConfiguration.travis.php ./tests/TestConfiguration.php |
||||
|
||||
script: |
||||
- cd tests/ |
||||
- php runalltests.php |
||||
|
||||
matrix: |
||||
allow_failures: |
||||
- php: hhvm |
@ -0,0 +1,55 @@
|
||||
Development using a virtual machine |
||||
################################### |
||||
|
||||
You can set up a development virtual machine for ZF1 unit testing and library |
||||
development following these simple instructions. |
||||
|
||||
1. Install requirements for VM. (Note: these are not required by ZF1 itself) |
||||
- VirtualBox (https://www.virtualbox.org/) |
||||
- Ruby (http://www.ruby-lang.org/) |
||||
- Vagrant (http://vagrantup.com/) |
||||
|
||||
2. Checkout repository to any location |
||||
> git clone git://github.com:zendframework/zf1.git zf1-dev |
||||
> cd zf1-dev |
||||
|
||||
3. Start the process by running Vagrant. |
||||
> vagrant up |
||||
|
||||
This will take a long while as it has to download a VM image and then |
||||
provision it. Once it has finished, it will exit and leave you back at the |
||||
command prompt. |
||||
|
||||
4. SSH into the VM |
||||
> vagrant ssh |
||||
|
||||
5. Build a version of PHP. |
||||
> php-build.sh 5.3.11 |
||||
|
||||
This also takes a while as it compiles PHP for you! |
||||
|
||||
6. Select PHP to use: |
||||
> pe 5.3.11 |
||||
|
||||
7. Run tests |
||||
> cd /vagrant/tests |
||||
> phpunit --stderr -d memory_limit=-1 Zend/Acl/AclTest.php |
||||
> phpunit --stderr -d memory_limit=-1 Zend/Amf/AllTests.php |
||||
(etc...) |
||||
|
||||
Note that you can repeat items 5 and 6 to create any version if PHP. |
||||
|
||||
|
||||
Notes: |
||||
- The VM will be running in the background as VBoxHeadless |
||||
- HTTP and SSH ports on the VM are forwarded to localhost (22 -> 2222, 80 -> 8081) |
||||
- The zf1-dev directory you checked out will be mounted inside the VM at /vagrant |
||||
- You can develop by editing the files you cloned in the IDE of you choice. |
||||
- To stop the VM do one of the following: |
||||
> vagrant suspend # if you plan on running it later |
||||
> vagrant halt # if you wish to turn off the VM, but keep it around |
||||
> vagrant destroy # if you wish to delete the VM completely |
||||
- Also, when any of of the Puppet manifests change (.pp files), it is a good idea to rerun them: |
||||
> vagrant provision |
||||
|
||||
|
@ -0,0 +1,89 @@
|
||||
INSTALLATION |
||||
------------ |
||||
|
||||
Zend Framework requires no special installation steps. Simply download the framework, |
||||
extract it to the folder you would like to keep it in, and add the library directory |
||||
to your PHP `include_path`. To use components in the extras library, add the extras/library |
||||
directory to your PHP `include_path`, as well. |
||||
If you would like to use `Zend_Tool`, simply add `bin/zf.bat` (for Windows) or |
||||
`bin/zf.sh` (for anything else) to your system executable path. |
||||
|
||||
SYSTEM REQUIREMENTS |
||||
------------------- |
||||
|
||||
Zend Framework requires PHP 5.2.11 or later. Please see the system requirements |
||||
appendix for more detailed information: |
||||
|
||||
- http://framework.zend.com/manual/en/requirements.html |
||||
|
||||
DEVELOPMENT VERSIONS |
||||
-------------------- |
||||
|
||||
If you would like to preview enhancements or bug fixes that have not yet been |
||||
released, you can obtain the current development version of Zend Framework using one |
||||
of the following methods: |
||||
|
||||
* Using a git client. Zend Framework is open source software, and |
||||
the git repository used for its development is publicly available. Consider |
||||
using git to get Zend Framework if you already use git for your application |
||||
development, want to contribute back to the framework, or need to upgrade your |
||||
framework version very often. |
||||
|
||||
Checking out a working copy is necessary if you would like to directly contribute |
||||
to Zend Framework; a working copy can be updated any time with `git fetch && |
||||
git rebase origin/master`. |
||||
|
||||
A git submodules definition is highly convenient for developers already using |
||||
git to manage their application working copies. |
||||
|
||||
The URL for the the Zend Framework 1.X git repository is: |
||||
|
||||
- https://github.com/zendframework/zf1 |
||||
|
||||
For more information about git, please see the official website: |
||||
|
||||
- http://git-scm.com |
||||
|
||||
* Using Subversion. You may pin an svn:externals definition to our repository. |
||||
For versions prior to 1.12.0, use the following URLs: |
||||
|
||||
- http://framework.zend.com/svn/framework/standard/branches/release-1.{minor version} |
||||
- http://framework.zend.com/svn/framework/standard/tags/release-1.{minor version}.{maintenance version} |
||||
- http://framework.zend.com/svn/framework/extras/branches/release-1.{minor version} |
||||
|
||||
For versions 1.12.0 and on, use the following URLs: |
||||
|
||||
- https://github.com/zendframework/zf1/trunk (development version) |
||||
- https://github.com/zendframework/zf1/tags/release-1.12.{maintenance version} |
||||
- https://github.com/zendframework/zf1-extras/trunk |
||||
|
||||
For more information on subversion, please visit the official website: |
||||
|
||||
- http://subversion.apache.org/ |
||||
|
||||
CONFIGURING THE INCLUDE PATH |
||||
---------------------------- |
||||
|
||||
Once you have a copy of Zend Framework available, your application will need to |
||||
access the framework classes. Though there are several ways to achieve this, your |
||||
PHP `include_path` needs to contain the path to the Zend Framework classes under the |
||||
`/library` directory in this distribution. You can find out more about the PHP |
||||
`include_path` configuration directive here: |
||||
|
||||
- http://www.php.net/manual/en/ini.core.php#ini.include-path |
||||
|
||||
Instructions on how to change PHP configuration directives can be found here: |
||||
|
||||
- http://www.php.net/manual/en/configuration.changes.php |
||||
|
||||
GETTING STARTED |
||||
--------------- |
||||
|
||||
A great place to get up-to-speed quickly is the Zend Framework QuickStart: |
||||
|
||||
- http://framework.zend.com/docs/quickstart |
||||
|
||||
The QuickStart covers some of the most commonly used components of ZF. Since |
||||
Zend Framework is designed with a use-at-will architecture and components are |
||||
loosely coupled, you can select and use only those components that are needed for |
||||
your project. |
@ -0,0 +1,27 @@
|
||||
Copyright (c) 2005-2014, Zend Technologies USA, Inc. |
||||
All rights reserved. |
||||
|
||||
Redistribution and use in source and binary forms, with or without modification, |
||||
are permitted provided that the following conditions are met: |
||||
|
||||
* Redistributions of source code must retain the above copyright notice, |
||||
this list of conditions and the following disclaimer. |
||||
|
||||
* Redistributions in binary form must reproduce the above copyright notice, |
||||
this list of conditions and the following disclaimer in the documentation |
||||
and/or other materials provided with the distribution. |
||||
|
||||
* Neither the name of Zend Technologies USA, Inc. nor the names of its |
||||
contributors may be used to endorse or promote products derived from this |
||||
software without specific prior written permission. |
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND |
||||
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |
||||
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR |
||||
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES |
||||
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
||||
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON |
||||
ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
||||
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
@ -0,0 +1,218 @@
|
||||
# USING THE GIT REPOSITORY |
||||
|
||||
## Setup your own public repository |
||||
|
||||
Your first step is to establish a public repository from which we can |
||||
pull your work into the master repository. You have two options: use |
||||
GitHub or other public site, or setup/use your own repository. |
||||
|
||||
While you can use a private repository and utilize ``git format-patch`` to |
||||
submit patches, this is discouraged as it does not facilitate public peer |
||||
review. |
||||
|
||||
### Option 1: GitHub |
||||
|
||||
1. Setup a GitHub account (http://github.com/), if you haven't yet |
||||
2. Fork the ZF1 repository (http://github.com/zendframework/zf1) |
||||
3. Clone your fork locally and enter it (use your own GitHub username |
||||
in the statement below) |
||||
|
||||
```sh |
||||
% git clone git@github.com:<username>/zf1.git |
||||
% cd zf2 |
||||
``` |
||||
|
||||
4. Add a remote to the canonical ZF repository, so you can keep your fork |
||||
up-to-date: |
||||
|
||||
```sh |
||||
% git remote add zf1 https://github.com/zendframework/zf1.git |
||||
% git fetch zf1 |
||||
``` |
||||
|
||||
### Option 2: Personal Repository |
||||
|
||||
We assume you will use gitosis (http://git-scm.com/book/en/Git-on-the-Server-Gitosis) |
||||
or gitolite (http://git-scm.com/book/en/Git-on-the-Server-Gitolite) to host your |
||||
own repository. If you go this route, we will assume you have the knowledge to |
||||
do so, or know where to obtain it. We will not assist you in setting up such a |
||||
repository. |
||||
|
||||
1. Create a new repository |
||||
|
||||
```sh |
||||
% git init |
||||
``` |
||||
|
||||
2. Add an "origin" remote pointing to your gitosis/gitolite repo: |
||||
|
||||
```sh |
||||
% git remote add origin git://yourdomain/yourrepo.git |
||||
``` |
||||
|
||||
3. Add a remote for the ZF repository and fetch it |
||||
|
||||
```sh |
||||
% git remote add zf1 https://github.com/zendframework/zf1.git |
||||
% git fetch zf1 |
||||
``` |
||||
|
||||
4. Create a new branch for the ZF repository (named "zf/master" here) |
||||
|
||||
```sh |
||||
% git checkout -b zf/master zf1/master |
||||
``` |
||||
|
||||
5. Create your master branch off the ZF branch, and push to your |
||||
repository |
||||
|
||||
```sh |
||||
% git checkout -b master |
||||
% git push origin HEAD:master |
||||
``` |
||||
|
||||
## Contributor License Agreement and your git configuration |
||||
|
||||
In order for us to accept your changes to Zend Framework 1.X, you must sign and |
||||
return a Contributors License Agreement (http://framework.zend.com/cla or |
||||
http://framework.zend.com/ccla). For us to verify that you have a CLA on file, |
||||
we need you to do one of the following: |
||||
|
||||
* If your github username matches the username with which you registered on the |
||||
former Zend Framework issue tracker (our old JIRA instance), we should be able |
||||
to look you up fine. |
||||
* Otherwise, please ensure that you set your user email in your working |
||||
directory to match the email we have on file with your CLA. This can be done |
||||
with the following |
||||
|
||||
```sh |
||||
% git config user.email "your-email@example.org" |
||||
``` |
||||
|
||||
We can then look up your CLA status based on your commits. |
||||
|
||||
If we cannot determine your CLA status, we will ask in a comment on the pull |
||||
request for either your username or email. |
||||
|
||||
## Keeping Up-to-Date |
||||
|
||||
Periodically, you should update your fork or personal repository to |
||||
match the canonical ZF repository. In each of the above setups, we have |
||||
added a remote to the Zend Framework repository, which allows you to do |
||||
the following: |
||||
|
||||
|
||||
```sh |
||||
% git checkout master |
||||
% git pull zf1 master |
||||
- OPTIONALLY, to keep your remote up-to-date - |
||||
% git push origin |
||||
``` |
||||
|
||||
## Working on Zend Framework |
||||
|
||||
When working on Zend Framework, we recommend you do each new feature or |
||||
bugfix in a new branch. This simplifies the task of code review as well |
||||
as of merging your changes into the canonical repository. |
||||
|
||||
A typical work flow will then consist of the following: |
||||
|
||||
1. Create a new local branch based off your master branch. |
||||
2. Switch to your new local branch. (This step can be combined with the |
||||
previous step with the use of `git checkout -b`.) |
||||
3. Do some work, commit, repeat as necessary. |
||||
4. Push the local branch to your remote repository. |
||||
5. Send a pull request. |
||||
|
||||
The mechanics of this process are actually quite trivial. Below, we will |
||||
create a branch for fixing an issue in the tracker. |
||||
|
||||
```sh |
||||
% git checkout -b zf9295 |
||||
Switched to a new branch 'zf9295' |
||||
``` |
||||
... do some work ... |
||||
|
||||
```sh |
||||
% git commit |
||||
``` |
||||
... write your log message ... |
||||
|
||||
```sh |
||||
% git push origin HEAD:zf9295 |
||||
Counting objects: 38, done. |
||||
Delta compression using up to 2 threads. |
||||
Compression objects: 100% (18/18), done. |
||||
Writing objects: 100% (20/20), 8.19KiB, done. |
||||
Total 20 (delta 12), reused 0 (delta 0) |
||||
To ssh://git@github.com/weierophinney/zf1.git |
||||
b5583aa..4f51698 HEAD -> master |
||||
``` |
||||
|
||||
|
||||
To send a pull request, you have two options. |
||||
|
||||
If using GitHub, you can do the pull request from there. Navigate to |
||||
your repository, select the branch you just created, and then select the |
||||
"Pull Request" button in the upper right. Select the user |
||||
"zendframework" as the recipient. |
||||
|
||||
If using your own repository - or even if using GitHub - you can send an |
||||
email indicating you have changes to pull: |
||||
|
||||
- Send to <zf-devteam@zend.com> |
||||
|
||||
- In your message, specify: |
||||
- The URL to your repository (e.g., `git://mwop.net/zf1.git`) |
||||
- The branch containing the changes you want pulled (e.g., `zf9295`) |
||||
- The nature of the changes (e.g., `implements |
||||
Zend_Service_Twitter`, `fixes ZF-9295`, etc.) |
||||
|
||||
### What branch to issue the pull request against? |
||||
|
||||
Which branch should you issue a pull request against? |
||||
|
||||
- For fixes against the stable release, issue the pull request against the |
||||
"master" branch. |
||||
- For new features, or fixes that introduce new elements to the public API (such |
||||
as new public methods or properties), issue the pull request against the |
||||
"develop" branch. |
||||
|
||||
## Branch Cleanup |
||||
|
||||
As you might imagine, if you are a frequent contributor, you'll start to |
||||
get a ton of branches both locally and on your remote. |
||||
|
||||
Once you know that your changes have been accepted to the master |
||||
repository, we suggest doing some cleanup of these branches. |
||||
|
||||
- Local branch cleanup |
||||
|
||||
```sh |
||||
% git branch -d <branchname> |
||||
``` |
||||
|
||||
- Remote branch removal |
||||
|
||||
```sh |
||||
% git push origin :<branchname> |
||||
``` |
||||
|
||||
## FEEDS AND EMAILS |
||||
|
||||
RSS feeds may be found at: |
||||
|
||||
- `https://github.com/zendframework/zf1/commits/<branch>.atom` |
||||
|
||||
where <branch> is a branch in the repository. |
||||
|
||||
To subscribe to git email notifications, simply watch or fork the zf1 repository |
||||
on GitHub. |
||||
|
||||
## CONTRIBUTORS AND COMMITTERS |
||||
|
||||
Both Zend's internal Zend Framework team and the members of the Community Review |
||||
team have push privileges to the ZF1 repository. Additionally, a number of |
||||
members of the community have been vetted to merge pull requests. When in doubt, |
||||
hop into Freenode IRC, and ask in the #zftalk.dev channel for somebody to review |
||||
and/or merge your change. |
@ -0,0 +1,330 @@
|
||||
 |
||||
|
||||
Welcome to the Zend Framework 1.12 Release! |
||||
|
||||
Master: [](https://travis-ci.org/zendframework/zf1) |
||||
|
||||
RELEASE INFORMATION |
||||
=================== |
||||
|
||||
Zend Framework 1.12.6 Release. |
||||
Released on April 15, 2014. |
||||
|
||||
IMPORTANT FIXES FOR 1.12.6 |
||||
-------------------------- |
||||
|
||||
- [#307](https://github.com/zendframework/zf1/pull/307) fixes a backwards |
||||
compatibility break in the `Zend_Locale` component. 1.12.4 updated the |
||||
[CLDR](http://cldr.unicode.org) version used by Zend Framework 1, which |
||||
resulted in the removal of several locales we previously supported. The patch |
||||
in #307 adds locale aliases for these to the new locales supported in recent |
||||
versions of the CLDR, ensuring backwards compatibility for ZF1 users. |
||||
|
||||
SECURITY FIXES FOR 1.12.4 |
||||
------------------------- |
||||
|
||||
- **ZF2014-01:** Potential XXE/XEE attacks using PHP functions: |
||||
`simplexml_load_*`, `DOMDocument::loadXML`, and `xml_parse`. A new component, |
||||
`Zend_Xml`, was introduced to mitigate XML eXternal Entity and XML Entity |
||||
Expansion vectors that are present in older versions of libxml2 and/or PHP. |
||||
Components that could contain these vectors include: |
||||
|
||||
- `Zend_Amf` |
||||
- `Zend_Config` |
||||
- `Zend_Dom` |
||||
- `Zend_Feed` |
||||
- `Zend_Gdata` |
||||
- `Zend_Json` |
||||
- `Zend_Locale` |
||||
- `Zend_Mobile_Push` |
||||
- `Zend_Rest_Client` |
||||
- `Zend_Search_Lucene` |
||||
- `Zend_Serializer_Adapter_Wddx` |
||||
- `Zend_Service_Amazon` |
||||
- `Zend_Service_AudioScrobbler` |
||||
- `Zend_Service_Delicious` |
||||
- `Zend_Service_Ebay` |
||||
- `Zend_Service_Flickr` |
||||
- `Zend_Service_SlideShare` |
||||
- `Zend_Service_SqlAzure` |
||||
- `Zend_Service_Technorati` |
||||
- `Zend_Service_WindowsAzure` |
||||
- `Zend_Service_Yahoo` |
||||
- `Zend_Soap` |
||||
- `Zend_Translate` |
||||
|
||||
If you use one or more of these components, we strongly urge that you upgrade |
||||
immediately. |
||||
|
||||
- **ZF2014-02:** Potential security issue in login mechanism of `Zend_OpenId` |
||||
consumer. Using the Consumer component in conjunction with a malicious OpenID |
||||
provider, one could login to a service using an arbitrary OpenID Identity |
||||
without requiring credentials, allowing impersonation of an OpenID Identity. |
||||
If you use this component, we strongly urge that you upgrade immediately. |
||||
|
||||
IMPORTANT FIXES FOR 1.12.4 |
||||
-------------------------- |
||||
|
||||
|
||||
- [#221](https://github.com/zendframework/zf1/pull/221) removes the TinySrc view |
||||
helper, as the TinySrc service no longer exists. |
||||
- [#222](https://github.com/zendframework/zf1/pull/222) removes the InfoCard |
||||
component, as the CardSpace service no longer exists. |
||||
- [#271](https://github.com/zendframework/zf1/pull/271) removes the Nirvanix |
||||
component, as the Nirvanix service shut down in October 2013. |
||||
|
||||
IMPORTANT FIXES FOR 1.12.3 |
||||
-------------------------- |
||||
|
||||
This release incorporates is primarily aimed to update |
||||
Zend_Service_Twitter to the Twitter v1.1 API: |
||||
|
||||
- http://framework.zend.com/issues/browse/ZF-12530 |
||||
|
||||
Because the Twitter v1.1 API is not backwards compatible with v1.0, the |
||||
API for Zend_Service_Twitter has been changed; if you have been using it |
||||
previously, you will need to update your code accordingly. Both the |
||||
end-user and API documentation have been updated to reflect the changes. |
||||
|
||||
IMPORTANT FIXES FOR 1.12.2 |
||||
-------------------------- |
||||
|
||||
This release incorporates over 40 bugfixes. In particular, the following |
||||
issue has been resolved in Zend_Service_Twitter: |
||||
|
||||
- http://framework.zend.com/issues/browse/ZF-9253 |
||||
|
||||
This fix ensures that Zend_Service_Twitter uses the new versioned API |
||||
endpoint required by Twitter. |
||||
|
||||
SECURITY FIXES FOR 1.12.1 |
||||
------------------------- |
||||
|
||||
This release incorporates fixes for: |
||||
|
||||
- http://framework.zend.com/security/advisory/ZF2012-05 |
||||
|
||||
Zend_Feed_Rss and Zend_Feed_Atom were found to contain XML eXternal |
||||
Entity (XXE) Injection vectors due to insecure usage of the DOM |
||||
extension. External entities could be specified by adding a specific |
||||
DOCTYPE element to XML-RPC requests; exploiting this vulnerability could |
||||
coerce opening arbitrary files and/or TCP connections. |
||||
|
||||
A similar issue was fixed for 1.12.0, in the Zend_Feed::import() method; |
||||
however, the reporter of the issue discovered that the individual |
||||
classes contained similar functionality in their constructors which |
||||
remained vulnerable. |
||||
|
||||
The patch applied removes the XXE vector by calling |
||||
libxml_disable_entity_loader() before attempting to parse the feed via |
||||
DOMDocument::loadXML(). |
||||
|
||||
The above patches are also available in the 1.11 series of releases. |
||||
|
||||
Thanks goes to Yury Dyachenko at Positive Research Center for for |
||||
reporting the XXE vulnerability and reviewing the patches created to fix |
||||
the issue. |
||||
|
||||
SECURITY FIXES FOR 1.12.0 |
||||
------------------------- |
||||
|
||||
This release incorporates fixes for each of: |
||||
|
||||
- http://framework.zend.com/security/advisory/ZF2012-01 |
||||
- http://framework.zend.com/security/advisory/ZF2012-02 |
||||
|
||||
Several components were found to be vulnerable to XML eXternal Entity |
||||
(XXE) Injection attacks due to insecure usage of the SimpleXMLElement |
||||
class (SimpleXML PHP extension). External entities could be specified |
||||
by adding a specific DOCTYPE element to XML-RPC requests; exploiting |
||||
this vulnerability could coerce opening arbitrary files and/or TCP |
||||
connections. |
||||
|
||||
Additionally, these same components were found to be vulnerable to XML |
||||
Entity Expansion (XEE) vectors. XEE attacks define custom entities |
||||
within the DOCTYPE that refer to themselves, leading to recursion; the |
||||
end result is excessive consumption of CPU and RAM, making Denial of |
||||
Service (DoS) attacks easier to implement. |
||||
|
||||
Vulnerable components included: |
||||
|
||||
- Zend_Dom |
||||
- Zend_Feed |
||||
- Zend_Soap |
||||
- Zend_XmlRpc |
||||
|
||||
The patches applied do the following: |
||||
|
||||
- To remove XXE vectors, libxml_disable_entity_loader() is called |
||||
before any SimpleXML calls are executed. |
||||
|
||||
- To remove XEE vectors, we loop through the DOMDocument child nodes, |
||||
ensuring none are of type XML_DOCUMENT_TYPE_NODE, and raising an |
||||
exception if any are. If SimpleXML is used, a DOMDocument is created |
||||
first, processed as above, and then passed to simplexml_import_dom. |
||||
|
||||
The above patches are also available in the 1.11 series of releases. |
||||
|
||||
Thanks goes to Johannes Greil and Kestutis Gudinavicius of SEC-Consult |
||||
for reporting the original XXE vulnerability against Zend_XmlRpc and |
||||
working with us to provide a working solution. Thanks goes to Pádraic |
||||
Brady for helping us identify other XXE vectors, as well as identifying |
||||
and patching the XEE vectors. |
||||
|
||||
NEW FEATURES |
||||
============ |
||||
|
||||
Zend_Loader changes |
||||
------------------- |
||||
|
||||
A number of autoloaders and autoloader facilities were back ported from |
||||
ZF2 to provide performant alternatives to those already available in the |
||||
1.X releases. These include: Zend_Loader_StandardAutoloader, which |
||||
improves on Zend_Loader_Autoloader by allowing the ability to specify a |
||||
specific path to associate with a vendor prefix or namespace; |
||||
Zend_Loader_ClassMapAutoloader, which provides the ability to use lookup |
||||
tables for autoloading (which are typically the fastest possible way to |
||||
autoload); and Zend_Loader_AutoloaderFactory, which can both create and |
||||
update autoloaders for you, as well as register them with |
||||
spl_autoload_register(). |
||||
|
||||
The Zend_Loader changes were back ported from ZF2 by Matthew Weier |
||||
O’Phinney |
||||
|
||||
Zend_EventManager |
||||
----------------- |
||||
|
||||
Zend_EventManager is a component that allows you to attach and detach |
||||
listeners to named events, both on a per-instance basis as well as via |
||||
shared collections; trigger events; and interrupt execution of |
||||
listeners. |
||||
|
||||
Zend_EventManager was back ported from ZF2 by Matthew Weier O’Phinney |
||||
|
||||
Zend_Http_UserAgent_Features_Adapter_Browscap |
||||
--------------------------------------------- |
||||
|
||||
This class provides a features adapter that calls get_browser() in order |
||||
to discover mobile device capabilities to inject into UserAgent device |
||||
instances. |
||||
|
||||
Browscap (http://browsers.garykeith.com/) is an open project dedicated |
||||
to collecting an disseminating a “database” of browser capabilities. PHP |
||||
has built-in support for using these files via the get_browser() |
||||
function. This function requires that your php.ini provides a browscap |
||||
entry pointing to the PHP-specific php_browscap.ini file which is |
||||
available at http://browsers.garykeith.com/stream.asp?PHP_BrowsCapINI. |
||||
|
||||
Zend_Http_UserAgent_Features_Adapter_Browscap was created by Matthew |
||||
Weier O’Phinney |
||||
|
||||
Zend_Mobile_Push |
||||
---------------- |
||||
|
||||
Zend_Mobile_Push is a component for implementing push notifications for |
||||
the 3 major push notification platforms (Apple (Apns), Google (C2dm) and |
||||
Microsoft (Mpns). |
||||
|
||||
Zend_Mobile_Push was contributed by Mike Willbanks. |
||||
|
||||
Zend_Gdata_Analytics |
||||
-------------------- |
||||
|
||||
Zend_Gdata_Analytics is an extension to Zend_Gdata to allow interaction |
||||
with Google’s Analytics Data Export API. This extension does not |
||||
encompass any major changes in the overall operation of Zend_Gdata |
||||
components. |
||||
|
||||
Zend_Gdata_Analytics was contributed by Daniel Hartmann. |
||||
|
||||
Removed features |
||||
================ |
||||
|
||||
Zend_Http_UserAgent_Features_Adapter_WurflApi |
||||
--------------------------------------------- |
||||
|
||||
Due to the changes in licensing of WURFL, we have removed the WurflApi |
||||
adapter. We will be providing the WurflApi adapter to ScientiaMobile so |
||||
that users of WURFL will still have that option. |
||||
|
||||
Bug Fixes |
||||
========= |
||||
|
||||
In addition, over 200 reported issues in the tracker have been fixed. |
||||
We’d like to particularly thank Adam Lundrigan, Frank Brückner and |
||||
Martin Hujer for their efforts in making this happen. Thanks also to the |
||||
many people who ran the ZF1 unit tests and reported their results! |
||||
|
||||
For a complete list of closed issues beginning with 1.12.3, visit: |
||||
|
||||
* https://github.com/zendframework/zf1/issues?labels=&milestone=&page=1&state=closed |
||||
* http://framework.zend.com/changelog/ |
||||
|
||||
MIGRATION NOTES |
||||
=============== |
||||
|
||||
A detailed list of migration notes may be found at: |
||||
|
||||
http://framework.zend.com/manual/en/migration.html |
||||
|
||||
SYSTEM REQUIREMENTS |
||||
=================== |
||||
|
||||
Zend Framework requires PHP 5.2.11 or later. Please see our reference |
||||
guide for more detailed system requirements: |
||||
|
||||
http://framework.zend.com/manual/en/requirements.html |
||||
|
||||
INSTALLATION |
||||
============ |
||||
|
||||
Please see [INSTALL.md](INSTALL.md). |
||||
|
||||
REPOSITORY HISTORY |
||||
================== |
||||
|
||||
This repository was created based on the release-1.12 branch of a Subversion |
||||
repository, http://framework.zend.com/svn/framework/standard/. It contains a |
||||
subset of the project history, dating from between the 1.5.0 and 1.6.0 releases, |
||||
and only contains the tags for the 1.12 series. If you would like an older |
||||
version, you may access the subversion repository linked above, or download an |
||||
older version from http://framework.zend.com/downloads/archives. |
||||
|
||||
CONTRIBUTING |
||||
============ |
||||
|
||||
Please see [README-GIT.md](README-GIT.md) and |
||||
[DEVELOPMENT_README.md](DEVELOPMENT_README.md). |
||||
|
||||
QUESTIONS AND FEEDBACK |
||||
====================== |
||||
|
||||
Online documentation can be found at http://framework.zend.com/manual. |
||||
Questions that are not addressed in the manual should be directed to the |
||||
appropriate mailing list: |
||||
|
||||
- http://framework.zend.com/wiki/display/ZFDEV/Mailing+Lists |
||||
|
||||
If you find code in this release behaving in an unexpected manner or |
||||
contrary to its documented behavior, please create an issue in the Zend |
||||
Framework issue tracker at: |
||||
|
||||
- https://github.com/zendframework/zf1/issues |
||||
|
||||
If you would like to be notified of new releases, you can subscribe to |
||||
the fw-announce mailing list by sending a blank message to: |
||||
|
||||
- fw-announce-subscribe@lists.zend.com. |
||||
|
||||
LICENSE |
||||
======= |
||||
|
||||
The files in this archive are released under the Zend Framework license. |
||||
You can find a copy of this license in [LICENSE.txt](LICENSE.txt). |
||||
|
||||
ACKNOWLEDGEMENTS |
||||
================ |
||||
|
||||
The Zend Framework team would like to thank all the contributors to the Zend |
||||
Framework project, our corporate sponsor, and you, the Zend Framework user. |
||||
Please visit us sometime soon at http://framework.zend.com. |
@ -0,0 +1,90 @@
|
||||
# -*- mode: ruby -*- |
||||
# vi: set ft=ruby : |
||||
|
||||
Vagrant::Config.run do |config| |
||||
# All Vagrant configuration is done here. The most common configuration |
||||
# options are documented and commented below. For a complete reference, |
||||
# please see the online documentation at vagrantup.com. |
||||
|
||||
# Every Vagrant virtual environment requires a box to build off of. |
||||
config.vm.box = "lucid32" |
||||
|
||||
# The url from where the 'config.vm.box' box will be fetched if it |
||||
# doesn't already exist on the user's system. |
||||
config.vm.box_url = "http://files.vagrantup.com/lucid32.box" |
||||
|
||||
# Boot with a GUI so you can see the screen. (Default is headless) |
||||
#config.vm.boot_mode = :gui |
||||
|
||||
# Assign this VM to a host-only network IP, allowing you to access it |
||||
# via the IP. Host-only networks can talk to the host machine as well as |
||||
# any other machines on the same network, but cannot be accessed (through this |
||||
# network interface) by any external networks. |
||||
# config.vm.network :hostonly, "192.168.33.10" |
||||
|
||||
# Assign this VM to a bridged network, allowing you to connect directly to a |
||||
# network using the host's network device. This makes the VM appear as another |
||||
# physical device on your network. |
||||
# config.vm.network :bridged |
||||
|
||||
# Forward a port from the guest to the host, which allows for outside |
||||
# computers to access the VM, whereas host only networking does not. |
||||
config.vm.forward_port 80, 8081 |
||||
|
||||
# Hostname |
||||
config.vm.host_name = "zf1.dev" |
||||
|
||||
# Pass custom arguments to VBoxManage before booting VM |
||||
config.vm.customize [ |
||||
# 'modifyvm', :id, '--chipset', 'ich9', # solves kernel panic issue on some host machines |
||||
# '--uartmode1', 'file', 'C:\\base6-console.log' # uncomment to change log location on Windows |
||||
"setextradata", :id, "VBoxInternal2/SharedFoldersEnableSymlinksCreate/v-root", "1" |
||||
] |
||||
|
||||
# Share an additional folder to the guest VM. The first argument is |
||||
# an identifier, the second is the path on the guest to mount the |
||||
# folder, and the third is the path on the host to the actual folder. |
||||
# config.vm.share_folder "v-data", "/vagrant_data", "../data" |
||||
|
||||
# Enable provisioning with Puppet stand alone. Puppet manifests |
||||
# are contained in a directory path relative to this Vagrantfile. |
||||
# You will need to create the manifests directory and a manifest in |
||||
# the file lucid32.pp in the manifests_path directory. |
||||
# |
||||
# An example Puppet manifest to provision the message of the day: |
||||
# |
||||
# # group { "puppet": |
||||
# # ensure => "present", |
||||
# # } |
||||
# # |
||||
# # File { owner => 0, group => 0, mode => 0644 } |
||||
# # |
||||
# # file { '/etc/motd': |
||||
# # content => "Welcome to your Vagrant-built virtual machine! |
||||
# # Managed by Puppet.\n" |
||||
# # } |
||||
# |
||||
# config.vm.provision :puppet do |puppet| |
||||
# puppet.manifests_path = "manifests" |
||||
# puppet.manifest_file = "lucid32.pp" |
||||
# end |
||||
|
||||
|
||||
config.vm.provision :puppet do |puppet| |
||||
puppet.manifests_path = "puppet/manifests" |
||||
puppet.manifest_file = "default.pp" |
||||
end |
||||
|
||||
# config.vm.provision :puppet do |puppet| |
||||
# puppet.manifests_path = "puppet/manifests" |
||||
# puppet.module_path = "puppet/modules" |
||||
# puppet.manifest_file = "zf1.pp" |
||||
# puppet.options = [ |
||||
# '--verbose', |
||||
# #'--debug', |
||||
# # '--graph', |
||||
# # '--graphdir=/vagrant/puppet/graphs' |
||||
# ] |
||||
# end |
||||
|
||||
end |
@ -0,0 +1,242 @@
|
||||
<?php |
||||
/** |
||||
* Zend Framework |
||||
* |
||||
* LICENSE |
||||
* |
||||
* This source file is subject to the new BSD license that is bundled |
||||
* with this package in the file LICENSE.txt. |
||||
* It is also available through the world-wide-web at this URL: |
||||
* http://framework.zend.com/license/new-bsd |
||||
* If you did not receive a copy of the license and are unable to |
||||
* obtain it through the world-wide-web, please send an email |
||||
* to license@zend.com so we can send you a copy immediately. |
||||
* |
||||
* @category Zend |
||||
* @package Zend_Loader |
||||
* @subpackage Exception |
||||
* @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com) |
||||
* @license http://framework.zend.com/license/new-bsd New BSD License |
||||
*/ |
||||
|
||||
/** |
||||
* Generate class maps for use with autoloading. |
||||
* |
||||
* Usage: |
||||
* --help|-h Get usage message |
||||
* --library|-l [ <string> ] Library to parse; if none provided, assumes |
||||
* current directory |
||||
* --output|-o [ <string> ] Where to write autoload file; if not provided, |
||||
* assumes "autoload_classmap.php" in library directory |
||||
* --append|-a Append to autoload file if it exists |
||||
* --overwrite|-w Whether or not to overwrite existing autoload |
||||
* file |
||||
* --ignore|-i [ <string> ] Comma-separated namespaces to ignore |
||||
*/ |
||||
|
||||
$libPath = dirname(__FILE__) . '/../library'; |
||||
if (!is_dir($libPath)) { |
||||
// Try to load StandardAutoloader from include_path |
||||
if (false === include('Zend/Loader/StandardAutoloader.php')) { |
||||
echo "Unable to locate autoloader via include_path; aborting" . PHP_EOL; |
||||
exit(2); |
||||
} |
||||
} else { |
||||
// Try to load StandardAutoloader from library |
||||
if (false === include(dirname(__FILE__) . '/../library/Zend/Loader/StandardAutoloader.php')) { |
||||
echo "Unable to locate autoloader via library; aborting" . PHP_EOL; |
||||
exit(2); |
||||
} |
||||
} |
||||
|
||||
$libraryPath = getcwd(); |
||||
|
||||
// Setup autoloading |
||||
$loader = new Zend_Loader_StandardAutoloader(array('autoregister_zf' => true)); |
||||
$loader->setFallbackAutoloader(true); |
||||
$loader->register(); |
||||
|
||||
$rules = array( |
||||
'help|h' => 'Get usage message', |
||||
'library|l-s' => 'Library to parse; if none provided, assumes current directory', |
||||
'output|o-s' => 'Where to write autoload file; if not provided, assumes "autoload_classmap.php" in library directory', |
||||
'append|a' => 'Append to autoload file if it exists', |
||||
'overwrite|w' => 'Whether or not to overwrite existing autoload file', |
||||
'ignore|i-s' => 'Comma-separated namespaces to ignore', |
||||
); |
||||
|
||||
try { |
||||
$opts = new Zend_Console_Getopt($rules); |
||||
$opts->parse(); |
||||
} catch (Zend_Console_Getopt_Exception $e) { |
||||
echo $e->getUsageMessage(); |
||||
exit(2); |
||||
} |
||||
|
||||
if ($opts->getOption('h')) { |
||||
echo $opts->getUsageMessage(); |
||||
exit(0); |
||||
} |
||||
|
||||
$ignoreNamespaces = array(); |
||||
if (isset($opts->i)) { |
||||
$ignoreNamespaces = explode(',', $opts->i); |
||||
} |
||||
|
||||
$relativePathForClassmap = ''; |
||||
if (isset($opts->l)) { |
||||
if (!is_dir($opts->l)) { |
||||
echo 'Invalid library directory provided' . PHP_EOL |
||||
. PHP_EOL; |
||||
echo $opts->getUsageMessage(); |
||||
exit(2); |
||||
} |
||||
$libraryPath = $opts->l; |
||||
} |
||||
$libraryPath = str_replace(DIRECTORY_SEPARATOR, '/', realpath($libraryPath)); |
||||
|
||||
$usingStdout = false; |
||||
$appending = $opts->getOption('a'); |
||||
$output = $libraryPath . '/autoload_classmap.php'; |
||||
if (isset($opts->o)) { |
||||
$output = $opts->o; |
||||
if ('-' == $output) { |
||||
$output = STDOUT; |
||||
$usingStdout = true; |
||||
} elseif (is_dir($output)) { |
||||
echo 'Invalid output file provided' . PHP_EOL |
||||
. PHP_EOL; |
||||
echo $opts->getUsageMessage(); |
||||
exit(2); |
||||
} elseif (!is_writeable(dirname($output))) { |
||||
echo "Cannot write to '$output'; aborting." . PHP_EOL |
||||
. PHP_EOL |
||||
. $opts->getUsageMessage(); |
||||
exit(2); |
||||
} elseif (file_exists($output) && !$opts->getOption('w') && !$appending) { |
||||
echo "Autoload file already exists at '$output'," . PHP_EOL |
||||
. "but 'overwrite' or 'appending' flag was not specified; aborting." . PHP_EOL |
||||
. PHP_EOL |
||||
. $opts->getUsageMessage(); |
||||
exit(2); |
||||
} else { |
||||
// We need to add the $libraryPath into the relative path that is created in the classmap file. |
||||
$classmapPath = str_replace(DIRECTORY_SEPARATOR, '/', realpath(dirname($output))); |
||||
|
||||
// Simple case: $libraryPathCompare is in $classmapPathCompare |
||||
if (strpos($libraryPath, $classmapPath) === 0) { |
||||
$relativePathForClassmap = substr($libraryPath, strlen($classmapPath) + 1) . '/'; |
||||
} else { |
||||
$libraryPathParts = explode('/', $libraryPath); |
||||
$classmapPathParts = explode('/', $classmapPath); |
||||
|
||||
// Find the common part |
||||
$count = count($classmapPathParts); |
||||
for ($i = 0; $i < $count; $i++) { |
||||
if (!isset($libraryPathParts[$i]) || $libraryPathParts[$i] != $classmapPathParts[$i]) { |
||||
// Common part end |
||||
break; |
||||
} |
||||
} |
||||
|
||||
// Add parent dirs for the subdirs of classmap |
||||
$relativePathForClassmap = str_repeat('../', $count - $i); |
||||
|
||||
// Add library subdirs |
||||
$count = count($libraryPathParts); |
||||
for (; $i < $count; $i++) { |
||||
$relativePathForClassmap .= $libraryPathParts[$i] . '/'; |
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
if (!$usingStdout) { |
||||
if ($appending) { |
||||
echo "Appending to class file map '$output' for library in '$libraryPath'..." . PHP_EOL; |
||||
} else { |
||||
echo "Creating class file map for library in '$libraryPath'..." . PHP_EOL; |
||||
} |
||||
} |
||||
|
||||
// Get the ClassFileLocator, and pass it the library path |
||||
$l = new Zend_File_ClassFileLocator($libraryPath); |
||||
|
||||
// Iterate over each element in the path, and create a map of |
||||
// classname => filename, where the filename is relative to the library path |
||||
$map = new stdClass; |
||||
foreach ($l as $file) { |
||||
$filename = str_replace($libraryPath . '/', '', str_replace(DIRECTORY_SEPARATOR, '/', $file->getPath()) . '/' . $file->getFilename()); |
||||
|
||||
// Add in relative path to library |
||||
$filename = $relativePathForClassmap . $filename; |
||||
|
||||
foreach ($file->getClasses() as $class) { |
||||
foreach ($ignoreNamespaces as $ignoreNs) { |
||||
if ($ignoreNs == substr($class, 0, strlen($ignoreNs))) { |
||||
continue 2; |
||||
} |
||||
} |
||||
|
||||
$map->{$class} = $filename; |
||||
} |
||||
} |
||||
|
||||
if ($appending) { |
||||
$content = var_export((array) $map, true) . ';'; |
||||
|
||||
// Prefix with dirname(__FILE__); modify the generated content |
||||
$content = preg_replace("#(=> ')#", "=> dirname(__FILE__) . '/", $content); |
||||
|
||||
// Fix \' strings from injected DIRECTORY_SEPARATOR usage in iterator_apply op |
||||
$content = str_replace("\\'", "'", $content); |
||||
|
||||
// Convert to an array and remove the first "array(" |
||||
$content = explode("\n", $content); |
||||
array_shift($content); |
||||
|
||||
// Load existing class map file and remove the closing "bracket ");" from it |
||||
$existing = file($output, FILE_IGNORE_NEW_LINES); |
||||
array_pop($existing); |
||||
|
||||
// Merge |
||||
$content = implode("\n", array_merge($existing, $content)); |
||||
} else { |
||||
// Create a file with the class/file map. |
||||
// Stupid syntax highlighters make separating < from PHP declaration necessary |
||||
$content = '<' . "?php\n" |
||||
. "// Generated by ZF's ./bin/classmap_generator.php\n" |
||||
. 'return ' . var_export((array) $map, true) . ';'; |
||||
|
||||
// Prefix with dirname(__FILE__); modify the generated content |
||||
$content = preg_replace("#(=> ')#", "=> dirname(__FILE__) . '/", $content); |
||||
|
||||
// Fix \' strings from injected DIRECTORY_SEPARATOR usage in iterator_apply op |
||||
$content = str_replace("\\'", "'", $content); |
||||
} |
||||
|
||||
// Remove unnecessary double-backslashes |
||||
$content = str_replace('\\\\', '\\', $content); |
||||
|
||||
// Exchange "array (" width "array(" |
||||
$content = str_replace('array (', 'array(', $content); |
||||
|
||||
// Align "=>" operators to match coding standard |
||||
preg_match_all('(\n\s+([^=]+)=>)', $content, $matches, PREG_SET_ORDER); |
||||
$maxWidth = 0; |
||||
|
||||
foreach ($matches as $match) { |
||||
$maxWidth = max($maxWidth, strlen($match[1])); |
||||
} |
||||
|
||||
$content = preg_replace('(\n\s+([^=]+)=>)e', "'\n \\1' . str_repeat(' ', " . $maxWidth . " - strlen('\\1')) . '=>'", $content); |
||||
|
||||
// Make the file end by EOL |
||||
$content = rtrim($content, "\n") . "\n"; |
||||
|
||||
// Write the contents to disk |
||||
file_put_contents($output, $content); |
||||
|
||||
if (!$usingStdout) { |
||||
echo "Wrote classmap file to '" . realpath($output) . "'" . PHP_EOL; |
||||
} |
@ -0,0 +1,44 @@
|
||||
@ECHO off |
||||
REM Zend Framework |
||||
REM |
||||
REM LICENSE |
||||
REM |
||||
REM This source file is subject to the new BSD license that is bundled |
||||
REM with this package in the file LICENSE.txt. |
||||
REM It is also available through the world-wide-web at this URL: |
||||
REM http://framework.zend.com/license/new-bsd |
||||
REM If you did not receive a copy of the license and are unable to |
||||
REM obtain it through the world-wide-web, please send an email |
||||
REM to license@zend.com so we can send you a copy immediately. |
||||
REM |
||||
REM Zend |
||||
REM Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com) |
||||
REM http://framework.zend.com/license/new-bsd New BSD License |
||||
|
||||
|
||||
REM Test to see if this was installed via pear |
||||
SET ZTMPZTMPZTMPZ=@ph |
||||
SET TMPZTMPZTMP=%ZTMPZTMPZTMPZ%p_bin@ |
||||
REM below @php_bin@ |
||||
FOR %%x IN ("@php_bin@") DO (if %%x=="%TMPZTMPZTMP%" GOTO :NON_PEAR_INSTALLED) |
||||
|
||||
GOTO PEAR_INSTALLED |
||||
|
||||
:NON_PEAR_INSTALLED |
||||
REM Assume php.exe is executable, and that zf.php will reside in the |
||||
REM same file as this one |
||||
SET PHP_BIN=php.exe |
||||
SET PHP_DIR=%~dp0 |
||||
GOTO RUN |
||||
|
||||
:PEAR_INSTALLED |
||||
REM Assume this was installed via PEAR and use replacements php_bin & php_dir |
||||
SET PHP_BIN=@php_bin@ |
||||
SET PHP_DIR=@php_dir@ |
||||
GOTO RUN |
||||
|
||||
:RUN |
||||
SET ZF_SCRIPT=%PHP_DIR%\zf.php |
||||
"%PHP_BIN%" -d safe_mode=Off -f "%ZF_SCRIPT%" -- %* |
||||
|
||||
|
@ -0,0 +1,624 @@
|
||||
<?php |
||||
/** |
||||
* Zend Framework |
||||
* |
||||
* LICENSE |
||||
* |
||||
* This source file is subject to the new BSD license that is bundled |
||||
* with this package in the file LICENSE.txt. |
||||
* It is also available through the world-wide-web at this URL: |
||||
* http://framework.zend.com/license/new-bsd |
||||
* If you did not receive a copy of the license and are unable to |
||||
* obtain it through the world-wide-web, please send an email |
||||
* to license@zend.com so we can send you a copy immediately. |
||||
* |
||||
* @category Zend |
||||
* @package Zend_Tool |
||||
* @subpackage Framework |
||||
* @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com) |
||||
* @license http://framework.zend.com/license/new-bsd New BSD License |
||||
* @version $Id$ |
||||
*/ |
||||
|
||||
/** |
||||
* ZF |
||||
* |
||||
* @category Zend |
||||
* @package Zend_Tool |
||||
* @subpackage Framework |
||||
* @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com) |
||||
* @license http://framework.zend.com/license/new-bsd New BSD License |
||||
*/ |
||||
class ZF |
||||
{ |
||||
|
||||
/** |
||||
* @var bool |
||||
*/ |
||||
protected $_clientLoaded = false; |
||||
|
||||
/** |
||||
* @var string |
||||
*/ |
||||
protected $_mode = 'runTool'; |
||||
|
||||
/** |
||||
* @var array of messages |
||||
*/ |
||||
protected $_messages = array(); |
||||
|
||||
/** |
||||
* @var string |
||||
*/ |
||||
protected $_homeDirectory = null; |
||||
|
||||
/** |
||||
* @var string |
||||
*/ |
||||
protected $_storageDirectory = null; |
||||
|
||||
/** |
||||
* @var string |
||||
*/ |
||||
protected $_configFile = null; |
||||
|
||||
/** |
||||
* main() |
||||
* |
||||
* @return void |
||||
*/ |
||||
public static function main() |
||||
{ |
||||
$zf = new self(); |
||||
$zf->bootstrap(); |
||||
$zf->run(); |
||||
} |
||||
|
||||
/** |
||||
* bootstrap() |
||||
* |
||||
* @return ZF |
||||
*/ |
||||
public function bootstrap() |
||||
{ |
||||
// detect settings |
||||
$this->_mode = $this->_detectMode(); |
||||
$this->_homeDirectory = $this->_detectHomeDirectory(); |
||||
$this->_storageDirectory = $this->_detectStorageDirectory(); |
||||
$this->_configFile = $this->_detectConfigFile(); |
||||
|
||||
// setup |
||||
$this->_setupPHPRuntime(); |
||||
$this->_setupToolRuntime(); |
||||
} |
||||
|
||||
/** |
||||
* run() |
||||
* |
||||
* @return ZF |
||||
*/ |
||||
public function run() |
||||
{ |
||||
switch ($this->_mode) { |
||||
case 'runError': |
||||
$this->_runError(); |
||||
$this->_runInfo(); |
||||
break; |
||||
case 'runSetup': |
||||
if ($this->_runSetup() === false) { |
||||
$this->_runInfo(); |
||||
} |
||||
break; |
||||
case 'runInfo': |
||||
$this->_runInfo(); |
||||
break; |
||||
case 'runTool': |
||||
default: |
||||
$this->_runTool(); |
||||
break; |
||||
} |
||||
|
||||
return $this; |
||||
} |
||||
|
||||
/** |
||||
* _detectMode() |
||||
* |
||||
* @return ZF |
||||
*/ |
||||
protected function _detectMode() |
||||
{ |
||||
$arguments = $_SERVER['argv']; |
||||
|
||||
$mode = 'runTool'; |
||||
|
||||
if (!isset($arguments[0])) { |
||||
return $mode; |
||||
} |
||||
|
||||
if ($arguments[0] == $_SERVER['PHP_SELF']) { |
||||
$this->_executable = array_shift($arguments); |
||||
} |
||||
|
||||
if (!isset($arguments[0])) { |
||||
return $mode; |
||||
} |
||||
|
||||
if ($arguments[0] == '--setup') { |
||||
$mode = 'runSetup'; |
||||
} elseif ($arguments[0] == '--info') { |
||||
$mode = 'runInfo'; |
||||
} |
||||
|
||||
return $mode; |
||||
} |
||||
|
||||
|
||||
/** |
||||
* _detectHomeDirectory() - detect the home directory in a variety of different places |
||||
* |
||||
* @param bool $mustExist Should the returned value already exist in the file system |
||||
* @param bool $returnMessages Should it log messages for output later |
||||
* @return string |
||||
*/ |
||||
protected function _detectHomeDirectory($mustExist = true, $returnMessages = true) |
||||
{ |
||||
$homeDirectory = null; |
||||
|
||||
$homeDirectory = getenv('ZF_HOME'); // check env var ZF_HOME |
||||
if ($homeDirectory) { |
||||
$this->_logMessage('Home directory found in environment variable ZF_HOME with value ' . $homeDirectory, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($homeDirectory))) { |
||||
return $homeDirectory; |
||||
} else { |
||||
$this->_logMessage('Home directory does not exist at ' . $homeDirectory, $returnMessages); |
||||
} |
||||
} |
||||
|
||||
$homeDirectory = getenv('HOME'); // HOME environment variable |
||||
|
||||
if ($homeDirectory) { |
||||
$this->_logMessage('Home directory found in environment variable HOME with value ' . $homeDirectory, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($homeDirectory))) { |
||||
return $homeDirectory; |
||||
} else { |
||||
$this->_logMessage('Home directory does not exist at ' . $homeDirectory, $returnMessages); |
||||
} |
||||
|
||||
} |
||||
|
||||
$homeDirectory = getenv('HOMEPATH'); |
||||
|
||||
if ($homeDirectory) { |
||||
$this->_logMessage('Home directory found in environment variable HOMEPATH with value ' . $homeDirectory, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($homeDirectory))) { |
||||
return $homeDirectory; |
||||
} else { |
||||
$this->_logMessage('Home directory does not exist at ' . $homeDirectory, $returnMessages); |
||||
} |
||||
} |
||||
|
||||
$homeDirectory = getenv('USERPROFILE'); |
||||
|
||||
if ($homeDirectory) { |
||||
$this->_logMessage('Home directory found in environment variable USERPROFILE with value ' . $homeDirectory, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($homeDirectory))) { |
||||
return $homeDirectory; |
||||
} else { |
||||
$this->_logMessage('Home directory does not exist at ' . $homeDirectory, $returnMessages); |
||||
} |
||||
} |
||||
|
||||
return false; |
||||
} |
||||
|
||||
/** |
||||
* _detectStorageDirectory() - Detect where the storage directory is from a variaty of possiblities |
||||
* |
||||
* @param bool $mustExist Should the returned value already exist in the file system |
||||
* @param bool $returnMessages Should it log messages for output later |
||||
* @return string |
||||
*/ |
||||
protected function _detectStorageDirectory($mustExist = true, $returnMessages = true) |
||||
{ |
||||
$storageDirectory = false; |
||||
|
||||
$storageDirectory = getenv('ZF_STORAGE_DIR'); |
||||
if ($storageDirectory) { |
||||
$this->_logMessage('Storage directory path found in environment variable ZF_STORAGE_DIR with value ' . $storageDirectory, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($storageDirectory))) { |
||||
return $storageDirectory; |
||||
} else { |
||||
$this->_logMessage('Storage directory does not exist at ' . $storageDirectory, $returnMessages); |
||||
} |
||||
} |
||||
|
||||
$homeDirectory = ($this->_homeDirectory) ? $this->_homeDirectory : $this->_detectHomeDirectory(true, false); |
||||
|
||||
if ($homeDirectory) { |
||||
$storageDirectory = $homeDirectory . '/.zf/'; |
||||
$this->_logMessage('Storage directory assumed in home directory at location ' . $storageDirectory, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($storageDirectory))) { |
||||
return $storageDirectory; |
||||
} else { |
||||
$this->_logMessage('Storage directory does not exist at ' . $storageDirectory, $returnMessages); |
||||
} |
||||
} |
||||
|
||||
return false; |
||||
} |
||||
|
||||
/** |
||||
* _detectConfigFile() - Detect config file location from a variety of possibilities |
||||
* |
||||
* @param bool $mustExist Should the returned value already exist in the file system |
||||
* @param bool $returnMessages Should it log messages for output later |
||||
* @return string |
||||
*/ |
||||
protected function _detectConfigFile($mustExist = true, $returnMessages = true) |
||||
{ |
||||
$configFile = null; |
||||
|
||||
$configFile = getenv('ZF_CONFIG_FILE'); |
||||
if ($configFile) { |
||||
$this->_logMessage('Config file found environment variable ZF_CONFIG_FILE at ' . $configFile, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($configFile))) { |
||||
return $configFile; |
||||
} else { |
||||
$this->_logMessage('Config file does not exist at ' . $configFile, $returnMessages); |
||||
} |
||||
} |
||||
|
||||
$homeDirectory = ($this->_homeDirectory) ? $this->_homeDirectory : $this->_detectHomeDirectory(true, false); |
||||
if ($homeDirectory) { |
||||
$configFile = $homeDirectory . '/.zf.ini'; |
||||
$this->_logMessage('Config file assumed in home directory at location ' . $configFile, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($configFile))) { |
||||
return $configFile; |
||||
} else { |
||||
$this->_logMessage('Config file does not exist at ' . $configFile, $returnMessages); |
||||
} |
||||
} |
||||
|
||||
$storageDirectory = ($this->_storageDirectory) ? $this->_storageDirectory : $this->_detectStorageDirectory(true, false); |
||||
if ($storageDirectory) { |
||||
$configFile = $storageDirectory . '/zf.ini'; |
||||
$this->_logMessage('Config file assumed in storage directory at location ' . $configFile, $returnMessages); |
||||
if (!$mustExist || ($mustExist && file_exists($configFile))) { |
||||
return $configFile; |
||||
} else { |
||||
$this->_logMessage('Config file does not exist at ' . $configFile, $returnMessages); |
||||
} |
||||
} |
||||
|
||||
return false; |
||||
} |
||||
|
||||
|
||||
/** |
||||
* _setupPHPRuntime() - parse the config file if it exists for php ini values to set |
||||
* |
||||
* @return void |
||||
*/ |
||||
protected function _setupPHPRuntime() |
||||
{ |
||||
// set php runtime settings |
||||
ini_set('display_errors', true); |
||||
|
||||
// support the changing of the current working directory, necessary for some providers |
||||
$cwd = getenv('ZEND_TOOL_CURRENT_WORKING_DIRECTORY'); |
||||
if ($cwd != '' && realpath($cwd)) { |
||||
chdir($cwd); |
||||
} |
||||
|
||||
if (!$this->_configFile) { |
||||
return; |
||||
} |
||||
$zfINISettings = parse_ini_file($this->_configFile); |
||||
$phpINISettings = ini_get_all(); |
||||
foreach ($zfINISettings as $zfINIKey => $zfINIValue) { |
||||
if (substr($zfINIKey, 0, 4) === 'php.') { |
||||
$phpINIKey = substr($zfINIKey, 4); |
||||
if (array_key_exists($phpINIKey, $phpINISettings)) { |
||||
ini_set($phpINIKey, $zfINIValue); |
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* _setupToolRuntime() - setup the tools include_path and load the proper framwork parts that |
||||
* enable Zend_Tool to work. |
||||
* |
||||
* @return void |
||||
*/ |
||||
protected function _setupToolRuntime() |
||||
{ |
||||
|
||||
$includePathPrepend = getenv('ZEND_TOOL_INCLUDE_PATH_PREPEND'); |
||||
$includePathFull = getenv('ZEND_TOOL_INCLUDE_PATH'); |
||||
|
||||
// check if the user has not provided anything |
||||
if (!($includePathPrepend || $includePathFull)) { |
||||
if ($this->_tryClientLoad()) { |
||||
return; |
||||
} |
||||
} |
||||
|
||||
// if ZF is not in the include_path, but relative to this file, put it in the include_path |
||||
if ($includePathPrepend || $includePathFull) { |
||||
if (isset($includePathPrepend) && ($includePathPrepend !== false)) { |
||||
set_include_path($includePathPrepend . PATH_SEPARATOR . get_include_path()); |
||||
} elseif (isset($includePathFull) && ($includePathFull !== false)) { |
||||
set_include_path($includePathFull); |
||||
} |
||||
} |
||||
|
||||
if ($this->_tryClientLoad()) { |
||||
return; |
||||
} |
||||
|
||||
$zfIncludePath['relativePath'] = dirname(__FILE__) . '/../library/'; |
||||
if (file_exists($zfIncludePath['relativePath'] . 'Zend/Tool/Framework/Client/Console.php')) { |
||||
set_include_path(realpath($zfIncludePath['relativePath']) . PATH_SEPARATOR . get_include_path()); |
||||
} |
||||
|
||||
if (!$this->_tryClientLoad()) { |
||||
$this->_mode = 'runError'; |
||||
return; |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* _tryClientLoad() - Attempt to load the Zend_Tool_Framework_Client_Console to enable the tool to run. |
||||
* |
||||
* This method will return false if its not loaded to allow the consumer to alter the environment in such |
||||
* a way that it can be called again to try loading the proper file/class. |
||||
* |
||||
* @return bool if the client is actuall loaded or not |
||||
*/ |
||||
protected function _tryClientLoad() |
||||
{ |
||||
$this->_clientLoaded = false; |
||||
$fh = @fopen('Zend/Tool/Framework/Client/Console.php', 'r', true); |
||||
if (!$fh) { |
||||
return $this->_clientLoaded; // false |
||||
} else { |
||||
fclose($fh); |
||||
unset($fh); |
||||
include 'Zend/Tool/Framework/Client/Console.php'; |
||||
$this->_clientLoaded = class_exists('Zend_Tool_Framework_Client_Console'); |
||||
} |
||||
|
||||
return $this->_clientLoaded; |
||||
} |
||||
|
||||
/** |
||||
* _runError() - Output the error screen that tells the user that the tool was not setup |
||||
* in a sane way |
||||
* |
||||
* @return void |
||||
*/ |
||||
protected function _runError() |
||||
{ |
||||
|
||||
echo <<<EOS |
||||
|
||||
***************************** ZF ERROR ******************************** |
||||
In order to run the zf command, you need to ensure that Zend Framework |
||||
is inside your include_path. There are a variety of ways that you can |
||||
ensure that this zf command line tool knows where the Zend Framework |
||||
library is on your system, but not all of them can be described here. |
||||
|
||||
The easiest way to get the zf command running is to give it the include |
||||
path via an environment variable ZEND_TOOL_INCLUDE_PATH or |
||||
ZEND_TOOL_INCLUDE_PATH_PREPEND with the proper include path to use, |
||||
then run the command "zf --setup". This command is designed to create |
||||
a storage location for your user, as well as create the zf.ini file |
||||
that the zf command will consult in order to run properly on your |
||||
system. |
||||
|
||||
Example you would run: |
||||
|
||||
$ ZEND_TOOL_INCLUDE_PATH=/path/to/library zf --setup |
||||
|
||||
Your are encourged to read more in the link that follows. |
||||
|
||||
EOS; |
||||
|
||||
} |
||||
|
||||
/** |
||||
* _runInfo() - this command will produce information about the setup of this script and |
||||
* Zend_Tool |
||||
* |
||||
* @return void |
||||
*/ |
||||
protected function _runInfo() |
||||
{ |
||||
echo 'Zend_Tool & CLI Setup Information' . PHP_EOL |
||||
. '(available via the command line "zf --info")' |
||||
. PHP_EOL; |
||||
|
||||
echo ' * ' . implode(PHP_EOL . ' * ', $this->_messages) . PHP_EOL; |
||||
|
||||
echo PHP_EOL; |
||||
|
||||
echo 'To change the setup of this tool, run: "zf --setup"'; |
||||
|
||||
echo PHP_EOL; |
||||
|
||||
} |
||||
|
||||
/** |
||||
* _runSetup() - parse the request to see which setup command to run |
||||
* |
||||
* @return void |
||||
*/ |
||||
protected function _runSetup() |
||||
{ |
||||
$setupCommand = (isset($_SERVER['argv'][2])) ? $_SERVER['argv'][2] : null; |
||||
|
||||
switch ($setupCommand) { |
||||
case 'storage-directory': |