Need CSRF Protection

Everything working fine but the body is not print out

https://github.com/zestframework/Zest_Framework/blob/master/src/http/Headers.php#L194

that was the same problem with our website

So in this case the view not working

https://github.com/zestframework/Zest_Framework/blob/master/src/View/View.php#L119

i revert this view to this, then the web works fine you can see above Zest framework link.

public static function view($file, array $args = [], bool $minify = false, array $headers = [], $code = 200)
    {
        $headers['Content-Type'] = 'text/html';
        if ($minify === true) {
            $minify = new Minify();
            self::randerTemplate($file, $args);
            /*$config = [
                'code'    => $code,
                'body'    => $minify->htmlMinify(ob_get_clean(), 'code'),
                'headers' => [
                    $headers,
                ],
            ];
            $response = new Response($config);
            //$response->send();
              echo $response->send()*/
            echo $minify->htmlMinify(ob_get_clean(), 'code');
        } else {
            self::randerTemplate($file, $args);
            /*$config = [
                'code'    => $code,
                'body'    => ob_get_clean(),
                'headers' => [
                    $headers,
                ],
            ];
            $response = new Response($config);
            //$response->send();
              echo $response->send()*/
            echo ob_get_clean();
        }
    }
#reference https://github.com/zestframework/Zest_Framework/blob/master/src/View/View.php#L105

Need following features

1. Query Builder
2. Support for more adaptors

Is your feature request related to a problem? Please describe.

Firstly, we look at the Hashing algorithm supports in Zest_Framework/src/Hashing/ folder, it only supports the Bcrypt, Argon2 and Argon2ID.

Describe the solution you'd like

It misses some hashing algorithms on this project and I think we can implement other hashing algorithms.

Consider following algorithms:

• MD5
• SHA

Other hashing algorithms reference is available here.

Deprecation Notice: Class Framework\Tests\EncryptionTest located in ./Tests/Encryption/EncryptionTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\KeyTest located in ./Tests/Site/KeyTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\MailTest located in ./Tests/Mail/MailTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\ConfigurationTest located in ./Tests/Common/ConfigurationTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\RootTest located in ./Tests/Common/RootTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\PasswordManipulationTest located in ./Tests/Common/PasswordManipulationTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\ContainerTest located in ./Tests/Container/ContainerTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\ArraysTest located in ./Tests/Data/ArraysTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\ConversionTest located in ./Tests/Data/ConversionTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\StrTest located in ./Tests/Data/StrTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201
Deprecation Notice: Class Framework\Tests\TimeTest located in ./Tests/Time/TimeTest.php does not comply with psr-4 autoloading standard. It will not autoload anymore in Composer v2.0. in phar:///home/lee/composer.phar/src/Composer/Autoload/ClassMapGenerator.php:201

These above reasons are about namespace is not correct to be compatible with PSR-4 autoloading.

To fix above deprecated message, it should fix the namespaces.

Describe the bug
when we get the time from database its treated as string so this line cause the problem

$time = (is_string($time)) ? strtotime($time) : $time;

https://github.com/zestframework/Zest_Framework/blob/master/src/Common/Formats.php#L88

Same problem in localHost
Requirements

1. Framework version: 3.0.0-dev
2. PHP version: 7..3
3. Enviroment: Hostinger shared hosting + windows xampp localhost
4. Error-log: none

No need of component controller class
the base/main controller class can be used in component perfectly

Is your feature request related to a problem? Please describe.

• Since PHPStan, Psalm or Phan is enabled by some PHP projects to do static code analysis.
• The static code analysis tool can check some issues on PHP codes without writing tests.

Describe the solution you'd like

• Choosing one of static code analysis tools that mentioned on above lists and enable this on this repository.

Describe alternatives you've considered
N/A

Additional context

N/A

Is your feature request related to a problem? Please describe.

I'm not sure we have to provide this component by dafault on our Zest framework.

Describe the solution you'd like

We can look at the ramsey/uuid to know more details about UUID.

And this official uniqid function reference can also let us know UUID.

The error log say that Zest\Contracts\Site\Key is not found

but this file in place and valid.

Also there is no such error in my local

Any idea why this happening?

Consider the following string

#-<ae|9_+0a*a!Q?@(z,3R>.BAb)^%R&*+~RG:$

Upper Case Regx

same regx use in LowerCase

As title, the Travis CI build is failed due to the configuration file path.

Here is the Travis CI build log.

It's also related issue #185 and I think we can consider following approach to solve this:

• Create the mock_config.php file for do unit test in Travis CI build.

I think we can download the config file to the specify file path via wget command and this work can be defined in .travis.yml file.

I think we need to improve the configuration class and their respective functions

like now in Zest it something following

$language = __config()->config->language
//Or
$language = config()->config->language

This is looking odd it should be something like

$language = __config('app.language');
//Or
$language = config('app.language');

And the function prototype something like this

function config ($key = null, $default = null)
{

}

SO we can provide default value to avoid requiring Zest for tests as well

What do you think @peter279k @Maikuolan

As title, we need to implement package management so thereby we can able to offered many official packages for the things that are most common in php development just for instance Doctrine etc.

But this has to be done after console component (#325), coz after that we can able to offered to registered command for packages .

As title, tests are failing in Scrutinizer to be honest i do not know because tests are passing in my local and in github actions, may be the php zip extension is not installed but there is no such option in Scrutinizer

@peter279k do you have any idea?

Is your feature request related to a problem? Please describe.

According to the Zest_Framework/src/Zip/, it looks like the Archive only supports the Zip.

But it has other archive approaches. For example, the bzip, gzip and so on.

Describe the solution you'd like

Consider creating missed archive components.

Or try considering creating a Archive component to support all available archives in this framework.

As title, the security components is important to this framework.

According to the OWASP, we need to consider the following security issues:

• XSS.
• SQL injection.
• CSRF (it mentioned on issue #140).

example: https://zestframework.xyz/index.php?dad

https://github.com/zestframework/Zest_Framework/blob/master/src/Site/Site.php#L57

Live Demo (when Public is document root)
https://zestframework.xyz/index.php?zestinfo

If Public is not doc root then

Is your feature request related to a problem? Please describe.
I get started to think about the date format inside Time class.

It looks like the date format has the fixed format and developer doesn't have any option to make the date be formatted.

Such as Time::timestampToGmt result will be the d/m/Y H:i:s format.

Describe the solution you'd like
Perhaps we consider have the option to define the date format string.

Possible approach
I suggest the following approach and we should follow this rule.

• Add setDateFormat and getDateFormat methods and define private/protected dateFormat variable.
• Add the validateDateFormat method when setting setDateFormat.

Describe the bug

As title, the directory name should change into Zest_Framework/Tests/Encryption/.

As title need more method to make class more amazing.

We may consider something following methods

• isBase64
• substring
• stripWhitespace
• repeat
• slice
• shuffel

I think we should implement four more methods in our Arrays class

1. Remove duplicate

there should be method namely removeDuplicates() which remove duplicate records in array consider following data set

        $dataSet = [
            'users' => 
            [
                'id' => 1,
                'name' => "Umer",
                'username' => 'peter',
            ],
            [
                'id' => 2,
                'name' => "Peter Khot",
                'username' => 'peter',
            ]
        ];

Look at above problem set and see the username become duplicate, we don't think how it happen, but there should be way/method which remove duplicate by specific key pair.

2. Pluck

To retrieves all of the values for a given key from an array
Consider following dataset

        $array = [
            ['developer' => ['id' => 1, 'name' => 'Umer']],
            ['developer' => ['id' => 2, 'name' => 'Peter']],
        ];

if we do something following Arr:ays:pluck($array, 'developer.name'); it should return both name.

3. Most Occurring

Like anyone wants return most occuring name from array so there should be method that works with every datatype to get most occurring values.
consider the following dataset

        $dataSet = [
            'users' => 
            [
                'id' => 1,
                'name' => "Umer",
                'username' => 'peter',
            ],
            [
                'id' => 2,
                'name' => "Umer",
                'username' => 'umer01'
            ],
            [
                'id' => 3,
                'name' => "Peter Khot",
                'username' => 'peter',
            ]
        ];

so if we wants most occuring name it should return Umer [It should works with every data type even with bool]

4 Least Occurring

Like anyone wants return least occuring name from array so there should be method that works with every datatype to get most occurring values.
consider the following dataset

        $dataSet = [
            'users' => 
            [
                'id' => 1,
                'name' => "Umer",
                'username' => 'peter',
            ],
            [
                'id' => 2,
                'name' => "Umer",
                'username' => 'umer01'
            ],
            [
                'id' => 3,
                'name' => "Peter Khot",
                'username' => 'peter',
            ]
        ];

so if we wants least occuring name it should return Peter Khot [It should works with every data type even with bool]

Here above all are real world problem sets

What do you think @peter279k and @Maikuolan

As title, I notice that the coding style is not united on this project.

We can find that they have the camel-case and underline-based variable declaration.

Do you consider the PSR-2 coding style?

Currently seeing this message from scrutinizer:

Not my area of expertise, so not something I could fix so easily, I think. Probably need to look more closely either at Composer package settings or at the unit tests, I think.

Describe the bug
The Travis CI config file contains the CODECOV_TOKEN, this goes against standards to keep tokens in the runtime config of the service dashboard and not commit this data to git or revision control.

The way to fix this is to remove the config details and add it as an environment variable under Travis Ci:

Projects > Zest Framework Repo > Settings > Environment Variables.

Add the token there and it will still work.

Requirements
Applies to the repo, not the running of main framework

As title, we should implement unit tests for Time Class

Need improvement in Container class the current container class is damn

SystemMessage class error count(): Parameter must be an array or an object that implements Countable

v2.0.3 was released 26th August 2018, and there's been numerous changes to the codebase since that time.

Given there was some new changes as recently as last week (renaming the default branch from master to main), maybe it would be worthwhile to create a new tag/release around now? @lablnet

As title, it's important to developers because they can use Docker to build the development environment easily.

Perhaps we can provide the Dockerfile to let developers build the Zest_Framework development environment easily.

There should be package that allow to handle task scheduler / cron job cross platform

As title, enchantment of str Class

Need encoding support.

May need more methods like

1. hasUpperCase
2. hasLowerCase
3. ConvertCase
4. etc...

Describe the bug
As title.

Requirements

1. Zest Framework Version: 3.0.
2. PHP Version: 7.3.9.
3. Apache version: N/A.
4. PlatForm version and name: Travis CI build environment.
5. ErrorLog. The failed Travis CI build log is available here.

Additional context
The failed error message is as follows during Travis CI build:

1) Framework\Tests\EncryptionTest::testSodiumEncrypt
SodiumException: key size should be SODIUM_CRYPTO_SECRETBOX_KEYBYTES bytes
/home/travis/build/zestframework/Zest_Framework/src/Encryption/Adapter/SodiumEncryption.php:84
/home/travis/build/zestframework/Zest_Framework/Tests/Encryption/EncryptionTest.php:26

It seems that the we should use the SODIUM_CRYPTO_SECRETBOX_KEYBYTES const to generate the cipher text and nonce.

The problematic code is on this line.

Let consider the following DataSet

        $dataSets =    [
       'files' => [
           //Default file mine type
           'mine' => [
               'type' => [
                   'application/x-zip-compressed',
                   'application/msword',
                   'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
                   'image/gif',
                   'image/jpeg',
                   'image/jpeg',
                   'audio/mpeg',
                   'video/mp4',
                   'application/pdf',
                   'image/png',
                   'application/zip',
                   'application/et-stream',
                   'image/x-icon',
                   'image/icon',
                   'image/svg+xml',                
               ],
           ],
   
           //Default types
           'types' => [
               'image' => ['jpg', 'png', 'jpeg', 'gif', 'ico', 'svg'],
               'zip'   => ['zip', 'tar', '7zip', 'rar'],
               'docs'  => ['pdf', 'docs', 'docx'],
               'media' => ['mp4', 'mp3', 'wav', '3gp'],
           ],
        ]];

then consider following statement

        $array = new Arrays;
        var_dump($array->dot($dataSets));

It produce something like that result

Which is wrong, it should produce something like that

'files.mine.type. => array.'

There should be flag if we want to return array from specific key.

@peter279k what do you think?

https://github.com/zestframework/Zest_Framework/blob/master/src/Data/Arrays.php#L269

As title, need test's for container class

It should return error msg with more details like

• Environment Detail
• Requests
• App
• User Data
• Framework info
• Debug
• Suggestion..

Premission dined because whenever user first run zest framework it created default directories

here is order

 ../Storage
/Storage/Data
/Storage/Logs
/Storage/Session
/Storage/Cache
/Storage/Backup

In the file

https://github.com/zestframework/Zest_Framework/blob/master/src/Files/Files.php#L78

Consider the following method/function:

    public function systemDirs()
    {
        $this->mkDir('../Storage');
        $this->mkDir('../Storage/Data');
        $this->mkDir('../Storage/Logs');
        $this->mkDir('../Storage/Session');
        $this->mkDir('../Storage/Backup');
        $this->mkDIr('../Storage/Cache');
    }

I change it to following:

    public function systemDirs()
    {
        $this->permission(route()->root, 0775);
        $this->mkDir(route()->root.'Storage', null, 0775);
        $this->mkDir(route()->root.'Storage/Data', null, 0775);
        $this->mkDir(route()->root.'Storage/Logs', null, 0775);
        $this->mkDir(route()->root.'Storage/Session', null, 0775);
        $this->mkDir(route()->root.'Storage/Backup', null, 0775);
        $this->mkDIr(route()->root.'Storage/Cache', null, 0775);
    }

But its not working at all

### This issue only occurs when we use Linux based operating system or Macintosh

Here is snapshort