codeguy
diff --git a/‎Log Writers/TimestampLogFileWriter.php‎ ‎Log/DateTimeFileWriter.php‎Log Writers/TimestampLogFileWriter.php renamed to Log/DateTimeFileWriter.php
Lines changed: 19 additions & 12 deletions b/‎Log Writers/TimestampLogFileWriter.php‎ ‎Log/DateTimeFileWriter.php‎Log Writers/TimestampLogFileWriter.php renamed to Log/DateTimeFileWriter.php
Lines changed: 19 additions & 12 deletions
diff --git a/‎Middleware/CsrfGuard.php‎
Lines changed: 21 additions & 13 deletions b/‎Middleware/CsrfGuard.php‎
Lines changed: 21 additions & 13 deletions
diff --git a/‎Middleware/HttpBasicAuth.php‎
Lines changed: 10 additions & 8 deletions b/‎Middleware/HttpBasicAuth.php‎
Lines changed: 10 additions & 8 deletions
diff --git a/‎Middleware/HttpDigestAuth.php‎
Lines changed: 36 additions & 12 deletions b/‎Middleware/HttpDigestAuth.php‎
Lines changed: 36 additions & 12 deletions
@@ -43,7 +43,10 @@
  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  */
-class TimestampLogFileWriter {
+namespace Slim\Extras\Log;
+
+class DateTimeFileWriter
+{
     /**
      * @var resource
      */
@@ -74,7 +77,8 @@ class TimestampLogFileWriter {
      * @param   array $settings
      * @return  void
      */
-    public function __construct( $settings = array() ) {
+    public function __construct($settings = array())
+    {
         //Merge user settings
         $this->settings = array_merge(array(
             'path' => './logs',
@@ -84,9 +88,6 @@ public function __construct( $settings = array() ) {
 
         //Remove trailing slash from log path
         $this->settings['path'] = rtrim($this->settings['path'], DIRECTORY_SEPARATOR);
-
-        //Open resource handle to log file
-        $this->resource = fopen($this->settings['path'] . DIRECTORY_SEPARATOR . date($this->settings['name_format']), 'a');
     }
 
     /**
@@ -96,20 +97,21 @@ public function __construct( $settings = array() ) {
      * @param   int   $level
      * @return  void
      */
-    public function write( $object, $level ) {
+    public function write($object, $level)
+    {
         //Determine label
         $label = 'DEBUG';
-        switch ( $level ) {
-            case 0:
+        switch ($level) {
+            case \Slim\Log::FATAL:
                 $label = 'FATAL';
                 break;
-            case 1:
+            case \Slim\Log::ERROR:
                 $label = 'ERROR';
                 break;
-            case 2:
+            case \Slim\Log::WARN:
                 $label = 'WARN';
                 break;
-            case 3:
+            case \Slim\Log::INFO:
                 $label = 'INFO';
                 break;
         }
@@ -125,7 +127,12 @@ public function write( $object, $level ) {
             (string)$object
         ), $this->settings['message_format']);
 
+        //Open resource handle to log file
+        if (!$this->resource) {
+            $this->resource = fopen($this->settings['path'] . DIRECTORY_SEPARATOR . date($this->settings['name_format']), 'a');
+        }
+
         //Output to resource
         fwrite($this->resource, $message . PHP_EOL);
     }
-}
+}
@@ -1,10 +1,10 @@
 <?php
+namespace Slim\Extras\Middleware;
 
 /**
  * CsrfGuard
  *
  * This middleware provides protection from CSRF attacks
-
  * USAGE
  *
  * // Adding middleware
@@ -17,7 +17,8 @@
  * @author Mikhail Osher, https://github.com/miraage
  * @version 1.0
  */
-class CsrfGuard extends Slim_Middleware {
+class CsrfGuard extends \Slim\Middleware
+{
     /**
      * Request key
      *
@@ -30,9 +31,10 @@ class CsrfGuard extends Slim_Middleware {
      *
      * @param string $key Request key
      */
-    public function __construct( $key = 'csrf_token' ) {
+    public function __construct($key = 'csrf_token')
+    {
         // Validate key (i won't use htmlspecialchars)
-        if ( !is_string($key) || empty($key) || preg_match('/[^a-zA-Z0-9\-\_]/', $key) ) {
+        if (!is_string($key) || empty($key) || preg_match('/[^a-zA-Z0-9\-\_]/', $key)) {
             throw new OutOfBoundsException('Invalid key' . $key);
         }
 
@@ -42,7 +44,8 @@ public function __construct( $key = 'csrf_token' ) {
     /**
      * Call middleware
      */
-    public function call() {
+    public function call()
+    {
         // Attach as hook
         $this->app->hook('slim.before', array($this, 'check'));
 
@@ -53,25 +56,30 @@ public function call() {
     /**
      * Check token
      */
-    public function check() {
+    public function check()
+    {
         // Create token
-        $env = $this->app->environment();
-        $token = sha1($env['REMOTE_ADDR'] . '|' . $env['USER_AGENT']);
+        if (session_id() !== "") {
+            if (!isset($_SESSION[$this->key])) {
+                $_SESSION[$this->key] = sha1(serialize($_SERVER) . rand(0, 0xffffffff));
+            }
+        } else {
+            throw new Exception( "Session are required to use CSRF Guard" );
+        }
+        $token = $_SESSION[$this->key];
 
         // Validate
-        if ( in_array($this->app->request()->getMethod(), array('POST', 'PUT', 'DELETE')) ) {
+        if (in_array($this->app->request()->getMethod(), array('POST', 'PUT', 'DELETE'))) {
             $usertoken = $this->app->request()->post($this->key);
-            if ( $token !== $usertoken ) {
+            if ($token !== $usertoken) {
                 $this->app->halt(400, 'Missing token');
             }
         }
 
         // Assign to view
-        $this->app->view()->setData(array(
+        $this->app->view()->appendData(array(
             'csrf_key' => $this->key,
             'csrf_token' => $token,
         ));
     }
 }
-
-?>
 
@@ -35,7 +35,10 @@
  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  */
-class HttpBasicAuth extends Slim_Middleware {
+namespace Slim\Extras\Middleware;
+
+class HttpBasicAuth extends \Slim\Middleware
+{
     /**
      * @var string
      */
@@ -57,9 +60,9 @@ class HttpBasicAuth extends Slim_Middleware {
      * @param   string  $username   The HTTP Authentication username
      * @param   string  $password   The HTTP Authentication password
      * @param   string  $realm      The HTTP Authentication realm
-     * @return  void
      */
-    public function __construct( $username, $password, $realm = 'Protected Area' ) {
+    public function __construct($username, $password, $realm = 'Protected Area')
+    {
         $this->username = $username;
         $this->password = $password;
         $this->realm = $realm;
@@ -71,19 +74,18 @@ public function __construct( $username, $password, $realm = 'Protected Area' ) {
      * This method will check the HTTP request headers for previous authentication. If
      * the request has already authenticated, the next middleware is called. Otherwise,
      * a 401 Authentication Required response is returned to the client.
-     *
-     * @return void
      */
-    public function call() {
+    public function call()
+    {
         $req = $this->app->request();
         $res = $this->app->response();
         $authUser = $req->headers('PHP_AUTH_USER');
         $authPass = $req->headers('PHP_AUTH_PW');
-        if ( $authUser && $authPass && $authUser === $this->username && $authPass === $this->password ) {
+        if ($authUser && $authPass && $authUser === $this->username && $authPass === $this->password) {
             $this->next->call();
         } else {
             $res->status(401);
             $res->header('WWW-Authenticate', sprintf('Basic realm="%s"', $this->realm));
         }
     }
-}
+}
@@ -38,7 +38,10 @@
  * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  */
-class HttpDigestAuth extends Slim_Middleware {
+namespace Slim\Extras\Middleware;
+
+class HttpDigestAuth extends \Slim\Middleware
+{
     /**
      * @var string
      */
@@ -62,7 +65,8 @@ class HttpDigestAuth extends Slim_Middleware {
      * @param   string  $realm      The HTTP Authentication realm
      * @return  void
      */
-    public function __construct( $username, $password, $realm = 'Protected Area' ) {
+    public function __construct($username, $password, $realm = 'Protected Area')
+    {
         $this->username = $username;
         $this->password = $password;
         $this->realm = $realm;
@@ -77,14 +81,15 @@ public function __construct( $username, $password, $realm = 'Protected Area' ) {
      *
      * @return void
      */
-    public function call() {
+    public function call()
+    {
         //Check header and header username
-        if ( empty($_SERVER['PHP_AUTH_DIGEST']) ) {
+        if (empty($_SERVER['PHP_AUTH_DIGEST'])) {
             $this->fail();
             return;
         } else {
             $data = $this->parseHttpDigest($_SERVER['PHP_AUTH_DIGEST']);
-            if ( !$data || $data['username'] !== $this->username ) {
+            if (!$data || $data['username'] !== $this->username) {
                 $this->fail();
                 return;
             }
@@ -94,7 +99,7 @@ public function call() {
         $A1 = md5($data['username'] . ':' . $this->realm . ':' . $this->password);
         $A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
         $validResponse = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
-        if ( $data['response'] !== $validResponse ) {
+        if ($data['response'] !== $validResponse) {
             $this->fail();
             return;
         }
@@ -108,25 +113,44 @@ public function call() {
      *
      * @return void
      */
-    protected function fail() {
+    protected function fail()
+    {
         $this->app->response()->status(401);
-        $this->app->response()->header('WWW-Authenticate', sprintf('Digest realm="%s",qop="auth",nonce="%s",opaque="%s"', $this->realm, uniqid(), md5($this->realm)));
+        $this->app->response()->header(
+            'WWW-Authenticate',
+            sprintf(
+                'Digest realm="%s",qop="auth",nonce="%s",opaque="%s"',
+                $this->realm,
+                uniqid(),
+                md5($this->realm)
+            )
+        );
     }
 
     /**
      * Parse HTTP Digest Authentication header
      *
      * @return array|false
      */
-    protected function parseHttpDigest( $headerValue ) {
-        $needed_parts = array('nonce' => 1, 'nc' => 1, 'cnonce' => 1, 'qop' => 1, 'username' => 1, 'uri' => 1, 'response' => 1);
+    protected function parseHttpDigest($headerValue)
+    {
+        $needed_parts = array(
+            'nonce' => 1,
+            'nc' => 1,
+            'cnonce' => 1,
+            'qop' => 1,
+            'username' => 1,
+            'uri' => 1,
+            'response' => 1
+        );
         $data = array();
         $keys = implode('|', array_keys($needed_parts));
         preg_match_all('@(' . $keys . ')=(?:([\'"])([^\2]+?)\2|([^\s,]+))@', $headerValue, $matches, PREG_SET_ORDER);
-        foreach ( $matches as $m ) {
+        foreach ($matches as $m) {
             $data[$m[1]] = $m[3] ? $m[3] : $m[4];
             unset($needed_parts[$m[1]]);
         }
+
         return $needed_parts ? false : $data;
     }
-}
+}