CandygramPHP

an api-centric, multi-client, rapid development framework

Andrew   Canfield

hi.

Overview

  1. Introduction
  2. Background
  3. Current Development
  4. Related Works
  5. CandygramPHP
  6. Conclusion
  7. Future Work
  8. Demonstration

Instead it has evolved into full web applications with dynamic content beyond anything developers in the early 90s could even dream about.

Users expect more.

More devices.

More interactivity.

More functionality.

multi-tier, multi-client development
=
inefficient, insecure, inextensible

inefficient.

Programmers aren't perfect.

insecure.

Users have grown to expect access on all devices.

Somehow this is always a shock to developers.

inextensible.

Web development needs to efficient, secure, extensible.

Web development needs to be simple.

CandygramPHP

an api-centric, multi-client, rapid development framework

Framework

an abstraction of generic functionality that can be used as the foundation of a larger program.

Overview

  1. Introduction
  2. Background
  3. Current Development
  4. Related Works
  5. CandygramPHP
  6. Conclusion
  7. Future Work
  8. Demonstration

Front-End Development

Hyper Text Markup Language (HTML)

A semantic language to structure the content.

Cascading Style Sheets (CSS)

A formatting language used to describe the content.

JavaScript

A programming language for adding behavior to the content.

XMLHttpRequest (XHR)

Allows data to be retrieved from a server without a page refresh.

JavaScript Object Notation (JSON)

A light-weight data-interchange format.

Cross Origin Resource Sharing (CORS)

A W3C recommendation to provide a way for web servers to support cross-site access which has been previously restricted by modern browsers due to security concerns.

Cross Origin Resource Sharing (CORS)

Back-End Development

Model - manages behavior and data

View - manages the display of information

Controller - interprets input and output
and updates model and view

CRUD

Create, Read, Update, and Delete

Overview

  1. Introduction
  2. Background
  3. Current Development
  4. Related Works
  5. CandygramPHP
  6. Conclusion
  7. Future Work
  8. Demonstration

Example blog

authors, articles, comments, tags, and topics

1. Create models and methods in PHP

2. Create database tables in SQL

3. Create standard views in HTML and CSS

4. Create client-side validators in JavaScript

5. Code controllers in PHP 


class Controller {
  
  public function create($params) {
    ...
  }
  
  public function read($params) {
    ...
  }
  
  public function update($params) {
    ...
  }
  
  public function delete($params) {
    ...
  }
}
  1. Create models and methods in PHP
  2. Create database tables in SQL
  3. Create standard views in HTML and CSS
  4. Create client-side validators in JavaScript
  5. Code controllers in PHP

Changes?

New device?

New changes?

Overview

  1. Introduction
  2. Background
  3. Current Development
  4. Related Works
  5. CandygramPHP
  6. Conclusion
  7. Future Work
  8. Demonstration

no set rules.

Overview

  1. Introduction
  2. Background
  3. Current Development
  4. Related Works
  5. CandygramPHP
  6. Conclusion
  7. Future Work
  8. Demonstration

CandygramPHP

an api-centric, multi-client, rapid development framework

Goals

  • Support for multiple clients with maximum code re-use
  • Automatic databases generation including table creation
    and CRUD functionality
  • Automatic data sanitization and validation
  • Automatic view generation for CRUD forms

Current Development

  1. Create models and methods in PHP
  2. Create database tables in SQL
  3. Create standard views in HTML and CSS
  4. Create client-side validators in JavaScript
  5. Code controllers in PHP

CandygramPHP development

  1. Create a declarative model in PHP
  2. Database is automatically generated
  3. Standard views are automatically created
  4. Client-side validators are automatically implemented
  5. Default controller is automatically utilized

Changes?

New device?

New changes?

API-Centric

The API

Simple Object Access Protocol (SOAP)

A specification for exchanging XML-based information by exposing application logic through custom interfaces.

Representative State Transfer (REST)

Ignores the details of implementation and syntax. Provides access to CRUD functionality through a standard interface using existing HTTP methods.

Representative State Transfer (REST)

Resource Get
(read) 		Post
(create) 		Put
(update) 		Delete
(delete)
/blog/ lists all blogs creates a blog n/a n/a
/blog/123 retrieves blog 123 n/a updates blog 123 deletes blog 123

OPTIONS

REST+OPTIONS

Requests information about an entity including default value, validation, and type.

http://www.example.com/blog
METHOD: OPTIONS 



{
    "status": "success",
    "status_code": "200",
    "method": "OPTIONS",
    "data": {
        "author": {
            "value": null,
            "required": true,
            "validation": "^(\\w|\\d|\\s){1,255}$",
            "class": "String"
        },
        "title": {
            "value": null,
            "required": true,
            "validation": "^(\\w|\\d|\\s){1,255}$",
            "class": "String"
        },
        "date": {
            "value": null,
            "required": true,
            "validation": "^\\d{4}-\\d{2}-\\d{2}$",
            "class": "Date"
        },
        "post": {
            "value": null,
            "required": true,
            "validation": "^.*$",
            "class": "TextArea"
        },
        "comments": [

        ],
        "_id": null,
        "groups": [

        ],
        "permission": "private",
        "class": "Blog"
    }
}

Reflection - the ability of a computer program to examine and modify its structure and behavior dynamically.

Document-oriented storage, full index support, high availability, auto-sharding, GridFS, ad-hoc querying, and MapReduce.

Routing

mod_rewrite

Used to rewrite or redirect URIs based on a series of rules and conditions consisting of server variables, flags, and regular expressions.

%{VARIABLE_NAME}

%{HTTP:VARIABLE_NAME}

%{HTTP:X-Requested-With}

Andrew Internet
1 0 

# Disallow Directory Listings
Options -Indexes

RewriteEngine On

# API 
# Final
RewriteRule ^api/index.php/(\w+)/(\w+)/? api/index.php [L,NC,QSA,E=CONTROLLER:$1,E=ID:$2]

# API
# :controller/:id
RewriteCond %{REQUEST_METHOD} ^(OPTIONS|PUT|DELETE|POST|GET)
RewriteCond %{HTTP:X-Requested-With} !^$ 
RewriteCond %{REQUEST_URI} !index.php
RewriteRule ^/?(.*)/(.*)/?$ api/index.php/$1/$2 [QSA,L]

# API
# :controller
RewriteCond %{REQUEST_METHOD} ^(OPTIONS|PUT|DELETE|POST|GET)
RewriteCond %{HTTP:X-Requested-With} !^$ 
RewriteCond %{REQUEST_URI} !index.php
RewriteRule ^/?(.*)/?$ api/index.php/$1/NULL [QSA,L]


# CORS preflight
RewriteCond %{REQUEST_METHOD} ^OPTIONS
RewriteRule ^.*$ api/index.php [L,E=CORS:TRUE]

# Block all Request Methods not directed to API
RewriteCond %{REQUEST_METHOD} ^(OPTIONS|PUT|DELETE|POST)
RewriteRule .* - [F]

# Mobile Client
RewriteCond %{HTTP_USER_AGENT} iphone|ipad|android|blackberry [NC]
RewriteCond %{REQUEST_METHOD} ^GET
RewriteCond %{HTTP:X-Requested-With} ^$ 
RewriteCond %{REQUEST_FILENAME} !-f 
RewriteRule ^(.*)$ mobile/index.php?$1 [QSA,L]


# Web Client
RewriteCond %{REQUEST_METHOD} ^GET
RewriteCond %{HTTP:X-Requested-With} ^$ 
RewriteCond %{REQUEST_FILENAME} !-f 
RewriteRule ^(.*)$ web/index.php?$1 [QSA,L]

Each client is responsible for the functionality and presentation required by its implementation.

The JavaScript Library

Standard views

http://www.example.com/blog
METHOD: OPTIONS 



{
    "status": "success",
    "status_code": "200",
    "method": "OPTIONS",
    "data": {
        "author": {
            "value": null,
            "required": true,
            "validation": "^(\\w|\\d|\\s){1,255}$",
            "class": "String"
        },
        "title": {
            "value": null,
            "required": true,
            "validation": "^(\\w|\\d|\\s){1,255}$",
            "class": "String"
        },
        "date": {
            "value": null,
            "required": true,
            "validation": "^\\d{4}-\\d{2}-\\d{2}$",
            "class": "Date"
        },
        "post": {
            "value": null,
            "required": true,
            "validation": "^.*$",
            "class": "TextArea"
        },
        "comments": [

        ],
        "_id": null,
        "groups": [

        ],
        "permission": "private",
        "class": "Blog"
    }
}

Chaining Events 


method(params, callback)
            

method(params, callback, callback)
            

method(params, callback, callback, callback, ..., callback)

Promises

The Promise interface represents a proxy for a value not necessarily known when the promise is created. It allows a programmer to associate handlers to an asynchronous action's eventual success or failure which allows asynchronous methods to return values like synchronous methods: instead of the final value, the asynchronous method returns a promise of having a value at some point in the future.

Promises 


method(params)
  .then(function)
  .then(function)
  ...
  .then(function)

Overview

  1. Introduction
  2. Background
  3. Current Development
  4. Related Works
  5. CandygramPHP
  6. Conclusion
  7. Future Work
  8. Demonstration

Goals

  • Support for multiple clients with maximum code re-use
  • Automatic databases generation including table creation
    and CRUD functionality
  • Automatic data sanitization and validation
  • Automatic view generation for CRUD forms

Overview

  1. Introduction
  2. Background
  3. Current Development
  4. Related Works
  5. CandygramPHP
  6. Conclusion
  7. Future Work
  8. Demonstration

Future Work

  • Real-world testing
  • Additional research into routing
  • Additional database drivers
  • Authentication using OAuth 2.0

Overview

  1. Introduction
  2. Background
  3. Current Development
  4. Related Works
  5. CandygramPHP
  6. Conclusion
  7. Future Work
  8. Demonstration

Let's do this.

CandygramPHP

an api-centric, multi-client, rapid development framework

Andrew   Canfield