1. The document discusses software design concepts for a PHP framework including resource oriented architecture, dependency injection, and aspect oriented programming. 2. It describes the Bear framework which uses a resource, view, page architecture with RESTful resources that can be accessed via HTTP, CLI, or sockets. 3. The resource provides a CRUD interface and can be configured with options like caching, templating, and mocking responses when no backend resource exists.

1. v0.9 (Saturday) for PHP5.2+

2. Key Concept
• Intuitiveness
• Drivability
• Separation of concern
• Minimalism

3. Software Design
•
Page Controller
•
RESTful Resource Oriented Architecture
• Resource(Data) Transfer Object
• Dependency Service Locator
• BEAR_Base

4. •
• Interface oriented design
• Keep It Simple and Stupid

5. • Page
Ro
Resource
Ro
View
• App.php
• Use
Inject
AOP
@OP
Factory
Dependency
• GoF PoEAA
• phpunit

6. • No Impedance mismatch
• Value Document Link
•

7. • UA ( )
• CLI
• jQuery

8. Software Technology
ROA - EDP - AOP - DI - Page

9. Basic
• PHP 5.2+
• +PEAR +Zend

10. •
ROA: Resource Oriented Architecture
•
EDP: Event Driven Programing
•
@OP: Attribute(Annotation) Oriented Programing
•
AOP: Aspect Oriented Programing

11. (PoEAA)
•
× Front Controller
•
• Page
Layout
•
Service Locator
•
DI = Dependency Injection

12. MVC 3 Components
• Model
• View
• Controller

13. Bear 3 Components
• Resource
• View
• Page

14. Resource (Model)
Page (Controller) DB File XML Page
View
Client Resource
CRUD I/F
RO
read User?id=5
Private CRUD Resource Access
Code
Header Page
Body
View GET /user?id=5
Public HTTP Access
HTML Bot
PC JS
JSON Mobile
Game
iPhone
XML

15. Resource Independency

16. Resource (Model)
Page (Controller) DB File XML Page
View
Client Resource
CRUD I/F
RO
read User?id=5
Private CRUD Resource Access
Code
Header Page
Body
View GET /user?id=5 RO
Public HTTP Access
HTML Bot
PC JS Socket CLI REST
JSON Mobile
Game
iPhone
XML

17. DB File XML Page
Resource
read User?id=5
Ro
ROA -int Code API
-array Headers
-array Body
CLI / HTTP / Socket Interface
Shell Socket REST Java / Perl / Ruby / Python

18. • CLI
•

19. REST

20. ULC$SS

21. Client - Server (CS)
Resource
Server
•
Client
Page

22. Client - Stateless - Server (CSS)
Resource
read User?id=5 • 1
•
set id=5; •
get User; •
Page

23. Client - Cache - Stateless - Server (C$SS)
Resource
•
Resource Cache
Page

24. Uniform - Client - Cache - Stateless - Server (UC$SS)
Resource
onCreate onRead onUpdate onDelete
read User?id=5
•
getUserName(5)
Resource Cache
Page

25. Uniform - Layered - Client - Cache - Stateless - Server (ULC$SS)
Profile Follower
•
Cache Cache
User
•
•
•
Cache
Page

26. RESTful
• REST
• REST RESTful

27. BEAR RESTful
Resource
Page
URI
class Page_User_Index extends App_Page Uniform Interfac
Link
{
public function onInit(){ DB, XML, Local/Remote
Create
... Read
->read($params)->set(); Update
} Delete
public function onOutput(){
->display();
} View
<html>
<body>{$user}</body>
</html>

28. Resource

29. Resource
Resource
Page
URI
class Page_User_Index extends App_Page Uniform Interfac
Link
{
public function onInit(){ DB, XML, Local/Remote
Create
... Read
->read($params)->set(); Update
} Delete
public function onOutput(){
->display();
} View
<html>
<body>{$user}</body>
</html>

30. ROA
• Resource Oriented Architecture
•

31. ROA
•
Addressability
•
Statelessness
•
Connectedness
•
Uniform Interface

32. •
•
• URI URN + URL
• URL L Locater URI

33. •
•
• ” ”

34. •
•
•
•
•

35. •
• POST/GET/PUT/DELETE, C/R/U/D

36. RESTful
•= HTML

37. Resource in REST(1)
http://www.excite.co.jp/weather/japan/area/?prid=4400&arid=4410
http://yohei-y.blogspot.com/2005/04/rest-3.html

38. Resource in REST(2)
• Uniform Interface
GET( PUT( POST ), DELETE
•

39. BEAR Resource
BEAR

40. BEAR Resource
“user/profile/?user_id=10”
“post/number.xml”
• URI
“http://example.com/rss.xml”
• CRUD Interface create read update delete
• Link user blog

41. Resource Request
Resource CRUD

42. Resource Request in REST
• HTTP POST/GET/PUT/DELETE
Resource
POST
REST Client
GET
PUT
DELETE
HTTP/1.1 200 OK
GET /user?id=10 HTTP/1.0 Date: Wed, 04 Feb 2009 09:56:24 GMT
Server: Apache/2.2.0 (Unix)
Content-Type: text/html
...

43. Resource Request in BEAR
• BEAR HTTP
• HTTP
Page Resource (Ro)
Resource
POSTCreate class User_Blog extends
Page { onCreate
GETRead
class User_Index extends App_Page onRead
public function onRead($values)
PUTUpdate SQL
{ Delete { onUpdate
DELETE INSERT
public function onInit(){ ... onDelete
SELECT
... return $row;
UPDATE
$resource->read($params)->set(); }
DELETE
} }
Ro
public function onOutput(){
-Code
$this->display();
-Header
}
-Body

45. Resource
read path/to/readme.txt
Resource

46. Resource
create ro://self/Shop/Purchace/id=10
Resource

47. Resource
read myOffice://room/reservation
Java / Perl / Tes
Resource

48. Resource
I am not

49. ID ( )
create ro://self/Shop/Purchace/id=10
ID ( )
HTTP
(WWW)

50. Ro

51. Resource Object −
• Ro
Resource
Create
Page Read class User_Blog extends App_Ro
Update {
class Page_User_Index extends App_Page Delete public function onRead($values)
{ {
public function onInit(){ ...
... return $row;
$resource->read($params)->set(‘user’); }
} Ro }
return $array;
public function onOutput(){ -Code or
$this->display(); -Header return $Ro;
} -Body

52. Ro
• HTTP
• code, header, body
• CRUD
•

53. Ro - Property
• Code (200 OK, 400 Bad Req, 500 Err)
• Header
• Body
• Link URI

54. Resource Code

55. Resource Code
• HTTP
Resource
Page class User_Blog extends
{
class User_Index extends App_Page public function onRead($values)
{ { 500 Internal Error
public function onInit(){ ...
... return $row;
$resource->read($params)->set(); } DB
400 Bad Request
} }
200 OK
public function onOutput(){
$this->display();
URI
}

56. Ro - CRUD Interface
BEAR HTTP SQL
• onCreate($values) create POST CREATE
• onRead($values) read GET SELECT
• onUpdate($values) update PUT UPDATE
• onDelete($values) delete DELETE DELETE

57. Resource Option

58. Template Option
• $code, $body, $headers
Page
$options['template'] = 'user';
$params = array(‘uri’ => $uri, ‘options’ => $options); page template
$resource->read($params)->set(‘user);
value resource template resource html
App/views/elements/user.tpl
+ =

59. Cache Option
• HTML
•
HTML
<p>{$user}</p>
Value
Page
$options['cache']['key'] = 'user';
$options['cache']['life'] = 60;
...
$resource->read($params)->set(‘user’, ‘object’);

60. Resource Request
/

61. Resource Request
• “ ” set()
• lazy onOutput() view
PHP
$ro = $resource->read($params)->getRo();
Eager
$body = $resource->read($params)->getBody();
$resource->read($params)->set(‘user’); Lazy (onOutput)
$resource->read($params)->set(‘user’, ‘lazy’); Lazy (view)
$resource->update($params)->requestOnShutdown(); Lazy (shutdown)

62. Resource Set Option
value / object / lazy

63. set ‘value’
• string
body
Page
$resource->read($params)->set(‘user’, ‘value’);
View
{$user}
without template with template

64. set ‘object’
• view set
Page
$resource->read($params)->set(‘user’, ‘object’);
View
as string as array as object
{$user} {$user.name} {if $user->getCode() == 200}

65. set ‘lazy’
• view
Page
$resource->read($params1)->set(‘user’, ‘value’);
$resource->read($params2)->set(‘profile’, ‘lazy’);
$resource->read($params2)->set(‘friend’, ‘lazy’);
View ( UA )
for PC for iPhone for Mobile
{$user} {$user} {$user}
{$profile} {$profile}
{$friend}

66. AOP

67. Resource - AOP
• Ro (AOP)
• phpdoc
Before Advice
Reource
class Entry extends App_Ro
{
/**
* read
*
* @return array
Around Advice
*
* @aspect before App_Aspect_Auth
* @aspect around App_Aspect_Timer
*/ onRead
public function onRead($values)
{

68. Advice Type
•
•
Before Advice After Advice Around Advice
onRead
onRead
onRead
Return Advice
onRead

69. Annotation
required

70. Resource - Annotation
• @required
• 400(Bad Request)
Reource
class App_Ro_User extends App_Ro
{
/**
* create
*
* @return array
*
* @required name
* @required age
*/
public function onCreate($values)
{

71. Resource link
onlink

72. Ro - onLink
• onLink
Blog Reource
User Reource class App_Ro_ User_Blog extends App_Ro
{
class App_Ro_User extends App_Ro public function onRead($values)
{ {
public function onRead($values) $blogId = $values[‘id’];
{ ...
... }
return $row; }
}
public function onLink($values)
{
$links = array(
‘blog’=>”usr/blog/?id={$values[‘blog_id’]}”);
return $links;
}
}

73. Resource Link
•
class Page_User_Blog_Latest_Comment extends App_Page
{
public function onInit(){ Fluent Interface
...
$resource->read($params)->link(‘blog’)->link(‘latest_entry’)->link(‘comment’)->set();
}
...link(‘comment’)->set()->p();

74. Mock Resource

75. Mock Resource
•
No Resource
View
Page
$options['mock']['name'] = 'test';
$options['mock']['x'] = array('name', 'age', 'gender');
$options['mock']['y'] = 5;
...
$resource->read($params)->set();

76. Pull Resource

77. Pull by View
• Page View Push
View Resource Pull Reource
class App_Ro_News_Today extends App_Ro
{
Page
public function onRead($values)
class Page_User_Index extends App_Page {
{ retrun $news
public function onOutput(){ }
$this->display(); }
} Push Pull
View
{if $showNews}
{resource uri=”news/today” template=”news.tpl” values=$today}
{resource uri=”socket:://example.com/int_news” template=”news.tpl”}
{/if}

78. Pull Resource in Page
view ”Pull”
top/logo top/date
news/pict
top/news ad/media
login/status
stock/today
ad/service
media/topic
ad/recmd ad/pr

79. Static Resource

80. Static Resource
• URI
•
CSV, XML, Yaml
•

81. Resource URI
• URI
• URI = Uniform Resource Indentifier ( )
Local Class Resource
“blog/entry” = “ro://self/blog/entry”
class User_Blog extends App_Ro
{
Page
class User_Index extends App_Page Remote Class Resource (HTTP)
{ “http://example.com/blog/entry”
Create
public function onInit(){
Read Remote Class Resource (Socket)
...
Update “socket://example.com/blog/entry”
$resource->read($params)->set();
Delete
}
public function onOutput(){ Local File Resource
$this->display(); “blog/entry.xml”
} Remote File Resource
“http://example.com/blog/entry.xml”

82. Resource Option
•
• read
• create Once Exactly)
POE (POST

83. Page
Resource
Page
URI
class Page_User_Index extends App_Page Uniform Interfac
Link
{
public function onInit(){ DB, XML, Local/Remote
Create
... Read
->read($params)->set(); Update
} Delete
public function onOutput(){
->display();
} View
<html>
<body>{$user}</body>
</html>

84. Page - Event Driven
•1
•
• on
onClick onInit onOutput onAction
onInject onExpection

85. Page - File Structure
1
<?php
include ‘App.php’; App/BEAR
class Page_Blog_Entry_Latest extends App_Page
{
public function onInit(array $args)
{
...
}
}
BEAR_Main::run('Page_Blog_Entry_Latest');

86. Page Output
HTML

87. Page - output - html
class Page_Blog_Entry_Latest extends App_Page
{
public function onInit(array $args)
{
$resource = BEAR::dependency('BEAR_Resource');
$uri = 'Blog/Entry/Latest'; URI
$values[‘id’] = $args[‘blog_id’]; arguments
$options['cache']['life'] = 60; Cache
$options['pager'] = 5; Pager
// read and set
$params = array('uri'=>$uri, 'values'=>$values, 'options'=>$options);
$resource->read($params)->set();
} What ?
{$blog_entry_latest}
public function onOutput() {$pager.link}
{ Convention Over Configuration
$this->display(); Where ? page/blog/entry/latest.tpl
}
}
BEAR_Main::run('Page_Blog_Entry_Latest');

88. Page Output
DATA

89. Page - output
class Page_Blog_Entry_Latest extends App_Page
{
public function onInit(array $args)
{
$resource = BEAR::dependency('BEAR_Resource');
$uri = 'blog/entry/latest';
$values[‘id’] = $args[‘blog_id’];
$options['cache']['life'] = 60;
$options['pager'] = 5;
// read and set
$params = array('uri'=>$uri, 'values'=>$values, 'options'=>$options);
$resource->read($params)->set();
}
public function onOutput()
{
$this->output(‘json’);
}
} XML RSS Excel PHP JSON Flash HTML
BEAR_Main::run('Page_Blog_Entry_Latest');

90. Page Form

91. Form
• PEAR::QuickForm
• FORM A
FORM B
•
• PC/ /...)
{$form.name.error}
{$form.name.html}
{$form}

92. Page Flow
onInject onInject
onInit onInit
Error OK
onOutput onOutput onAction

93. Page - formAction
class Page_Form_Simple extends App_Page
{
secure
public function onAction(array $submit)
{
$this->set('submit', $submit);
$this->display('simple.action.tpl');
}
}
BEAR_Main::run('Page_Form_Simple');

94. Page Arguments

95. Page Arguments
• onInit(array $args) $args
•
$this->injectGet(‘id’);
$id = $_GET[‘id];
$this->injectArg(‘id’, 5);
CLI/

96. Page Flow
injectGet( $_GET
)
onInject() $_COOKIE
injectArg() CLI
onClick(array $args)
onInit(array $args)
onOutput()

97. Page Click

98. Page - Clcik
• “Click” Page
• <a> {a}
• Click

99. Active Link Click
Page Class
class Help extends App_Page
• onClick< > onInit()
{
public function onClickUp(){
$this->_order = 'DESC';
}
template
public function onClickHelp($id){
$this->showHelp($id); {a click=”Up”} {/a}
}
{a click=”Help” val=$helpId} {/a}
public function onInit(){ ...
...
}

100. Redirect Click
• Click
Page B
class Page_Blog_Entry extends
App_Page
{
public function onClickUp($user){
$this->_order = 'DESC';
}
Page A
$options['click'] = 'up';
$options['val'] = $user;
self::redirect('blog/entry', $options);

101. {a} tag
• <a>
• click
{a click=print} {/a}
• val
{a href="/" val=$values} {/a}

102. Page - Cache

103. Page Cache
• Init Cache
• Page Cache

104. Page - Init Cache
• init set
• View
class Page_Today_Index extends App_Page
{
public function onInit() {
....
$resource->set(‘news’);
...
$resource->set(‘weather’);
}
}
$options[‘cache’]['type'] = 'init';
$options[‘cache’]['life'] = '600';
BEAR_Main::run('Page_Today_Index', $options);

105. Page - Page Cache
• HTTP
class Page_Today_Index extends App_Page
{
public function onInit() {
....
$resource->set(‘news’);
...
$resource->set(‘weather’);
}
}
$options[‘cache’]['type'] = 'page';
$options[‘cache’]['life'] = '600';
BEAR_Main::run('Page_Today_Index', $options);

106. View
Resource
Page
URI
class Page_User_Index extends App_Page Uniform Interfac
Link
{
public function onInit(){ DB, XML, Local/Remote
Create
... Read
->read($params)->set(); Update
} Delete
public function onOutput(){
->display();
} View
<html>
<body>{$user}</body>
</html>

107. View

108. View
•
•
•
• UA

109. View - Layout
• page/ layout/ element/
layouts/
<html xmlns="http://www.w3.org/1999/xhtml">
Create elements/
<head> Read
<title> Update
{* *}{$layout.title} Delete <h1>$layout.title</h1>
</title>
</head> pages/
<body>
{* *}{include file="elements/header.tpl"}
{foreach item=row from=$entry}
{* *}{$content_for_layout} $entry.title<br />
$entry.body<br />
{* *}{$layout.footer}
</body>
</html>

110. View - Static and Mobile
• YAML
• {$layout}
• default/mobile PC/
• tpl ” ”
layout/default.tpl layout/default.mobile.tpl
<html>
<header>
<title>{$lauout.title}</title> page/user/blog.yaml
</header> default:
{$content_for_layout} title: Hello PC World.
<body> mobile:
title: Hello Mobile World.
layout:default.tpl
<body>
{$layout.title}
</body> page/user/blog.tpl page/user/blog.mobile.tpl

111. View - Mobile
• .mobile.
tpl
• UTF-8
•
layout/default.tpl layout/default.mobile.tpl
page/index.tpl page/index.mobile.tpl

112. Other Libraries

113. Image
•
GD( ),
iMagic( ),
Cairo( )
Cairo
iMagic
GD

114. Cache
Client
resource
init
page
Unified Cache Layer
PEAR:Cache_Lite APC memcached

115. Cache - File & APC
•
•
• web APC>memcached
IP

116. Cache - Memcached
•
memcached
cluster
IP
IP

117. Auto Loader
• require, include
•
• PEAR (PSR-0)
App_DB_Oracle App/Db/Oracle.php

118. Java Script
• bear.jquery.js BEAR
• AJAX
• QuickForm AJAX

119. DI (Dependency Injection)
•” ”
•
•
•

120. DI -
class App_Foo extends BEAR_Base
{
public function __construct(array $config) 1.
{
parent::__construct($config);
}
public function onInject() 2.
{
$this->_bar = BEAR::dependency('App_Bar');
}
public function getBar(){ 3.
return $this->_bar->get();
}
}
__construct() onInject()
factory()

121. DI -
$foo = BEAR::dependency('App_Foo', $config, $options);
echo $foo->getBar();
• new dependency
• array $config1
•

122. DB
• BEAR_Query
• URI method
dsn
• DB SELECT
LIMIT
/Limit
• AOP create/update

123. BEAR_Query
class App_Ro_User_Entry extends App_Ro
{
public function onInject()
{
parent::onInject();
0=LIMIT 1=DB
$this->_queryConfig['pager'] = 1;
$this->_queryConfig['perPage'] = 5;
$this->_query = BEAR::dependency('BEAR_Query', $this->_queryConfig,
false);
}
public function onCreate($values)
{
$result = $this->_query->insert($values);
}
$values SQL
public function onRead($values)
{ $values
...
return $result = $this->_query->select($sql, $values);
}
DB LIMIT

124. DB - Transaction
class App_Ro_User extends App_Ro
{
/**
*
* @aspect around App_Aspect_Transaction
*/
public function onCreate($values)
{
$this->_query->insert($values);
}

125. onPull
• onPull
class App_Ro_User_Blog extends App_Ro
{
class App_Ro_User_Blog_Entry_Latest extends App_Ro /**
{ *
* @required user_id
*/
/** public function onRead($values){}
*
* @required blog_id
*/
public function onRead($values){}
public function onPull($values)
{
// ask, map
$pull = self::pullLink('user/blog');
$values['blog_id'] = $pull['id'];
return $values
}
}

126. Error
Panda

127. Dev
•
•
•

128. Dev - Log
Application Log
Smarty Variables
Ajax Log
Registry
$_GLOBALS
Include files

129. Dev - Code
PEAR / Zend

130. BEAR Shell
• CLI
• AJAX web shell
•
phpdoc

132. Security (1)
• XSS
Smaty {$val|escape}
• SQL
Mdb2::quote() Prepared Statement
• CSRF ( )
One Time Token Post Once Exactly
AJAX Cookie Verify

133. Security (2) - Form
HTML_QuickForm::exportValues()
•
setDefaults() /
setConstants()
public function(array $submit){
• }
...
” ”
Are you sure ?
Maybe
YES NO

134. Security (3) - Log
• CRUD + URI + Val
2009/02/02 12:20AM [00ff] CREATE entry?title=my+big+day
2009/02/02 12:30AM [00ff] UPDATECREATE blog?title=great+blog
2009/02/02 12:20AM [00ff] user?name=giro&id=10
2009/02/02 12:30AM [00ff] DELETE UPDATE user?name=giro&id=10
2009/02/02 12:30AM [00ff] user?id=10
2009/02/02 12:20AM [00ff] CREATE user?name=taro&age=20&gender=m
2009/02/02 12:30AM [00ff] DELETE user?id=10
2009/02/02 12:30AM [00ff] UPDATE user?name=giro&id=10
2009/02/02 12:30AM [00ff] DELETE user?id=10

135. Security (4) - ACL
•” ”
Zend::ACL
• ACL

136. Security (5) - CSRF
•
• bear.jquery.js CSRF
Double-Submit Cookie CSRF defense

137. Next
• web
• (Android iPhone
•
• (AJAX)
•

138. Thank you for joining.