Opened 11 years ago

Closed 7 years ago

Last modified 7 years ago

#593 closed new feature (invalid)

Sandbox for bw legacy scripts

Reported by: lemon-head Owned by:
Priority: major Milestone: Legacy Resolved
Component: FrameWork Keywords:


Inversion of control for bw scripts.

Instead of including the roxlauncher stuff with htdocs/bw/lib/tbinit.php, we begin with RoxLauncher? and let it include the requested bw file. This can be considered safer.


Change History (8)

comment:1 Changed 11 years ago by lemon-head

Some problems we can still run into:

  • bw global scope is turned into rox method scope. This means, all the variables declared in bw global scope will become local function variables, and can no longer be used as "global $x" inside bw functions. This does not apply to PHP superglobals ($_GET, $_SESSION, etc), and to $_SYSHCVOL (which is declared in RoxLauncher?)

comment:2 Changed 11 years ago by lemon-head

oops, the above explanation is not really helpful.

What actually happens is this:

Traditional way, for

  • we start with htdocs/bw/mymessages.php
  • from there we include htdocs/bw/lib/tbinit.php
  • from there we include roxlauncher/roxlauncher.php, create a fresh RoxLauncher, and say $launcher->initBW();
  • the launcher does all the TB stuff and global settings that are needed for BW.

Sandboxed way, for

  • we start with htdocs/index.php (thanks to apache rewrite rule and .htaccess)
  • from there the roxlauncher is started, as described in RequestRouting and InversionOfControl.
  • the RoxFrontRouter? looks at the request and the build/bw/alias.ini, and decides that this request should be handled by the BwController
  • The BwController (in build/bw) returns a BwPage, which finally includes the htdocs/bw/mymessages.php, as if it was a template
  • The mymessages.php includes the tbinit.php, which does nothing in this case (because it finds that the class RoxLauncher? already exists)
  • The mymessages.php includes some other files from htdocs/bw...

comment:3 Changed 11 years ago by philipp

is it really worth to invest time and energy into this? it worked fairly well so far (I am sure there are more severe security issues than this one) and we should rather spend the time on getting rid of the bw part than integrating it better.

comment:4 Changed 11 years ago by guaka

This can be used to partly get rid of /bw/ stuff, for example the whole layout stuff. And it can be used to gradually make a transition towards Rox. See MigrationToRox

comment:5 Changed 10 years ago by globetrotter_tt

What's the status here? Is this ticket still valid?

comment:6 Changed 7 years ago by globetrotter_tt

  • follow_up changed from test to none

comment:7 Changed 7 years ago by TimLoal

  • Resolution set to invalid
  • Status changed from new to closed

Resolving due to age and lack of interest, in recent years.

Please create a new ticket and link to this historical ticket, if you discover has continuing issues with this issue.

bW Housekeeping


comment:8 Changed 7 years ago by TimLoal

  • Milestone changed from unassigned to Legacy Resolved
Note: See TracTickets for help on using tickets.