Merge pull request #352 from skipperbent/v3-development

Fixed Input::all when php://input is not available

README.md

@@ -7,9 +7,31 @@ Simple, fast and yet powerful PHP router that is easy to get integrated and in a
 
 The goal of this project is to create a router that is more or less 100% compatible with the Laravel documentation, while remaining as simple as possible, and as easy to integrate and change without compromising either speed or complexity. Being lightweight is the #1 priority.
 
-### Ideas and issues
+### Feedback and development
 
-If you want a great new feature or experience any issues what-so-ever, please feel free to leave an issue and i'll look into it whenever possible.
+If you are missing a feature, experience problems or have ideas or feedback that you want us to hear, please feel free to create an issue.
+
+###### Issues guidelines
+
+- Please be as detailed as possible in the description when creating a new issue. This will help others to more easily understand- and solve your issue.
+For example: if you are experiencing issues, you should provide the necessary steps to reproduce the error within your description.
+
+- We love to hear out any ideas or feedback to the library.
+
+[Create a new issue here](https://github.com/skipperbent/simple-php-router/issues/new)
+
+###### Contribution development guidelines
+
+- Please try to follow the PSR-2 codestyle guidelines.
+
+- Please create your pull requests to the development base that matches the version number you want to change.
+For example when pushing changes to version 3, the pull request should use the `v3-development` base/branch.
+
+- Create detailed descriptions for your commits, as these will be used in the changelog for new releases.
+
+- When changing existing functionality, please ensure that the unit-tests working.
+
+- When adding new stuff, please remember to add new unit-tests for the functionality.
 
 ---
 
@@ -43,6 +65,7 @@ If you want a great new feature or experience any issues what-so-ever, please fe
 		- [Namespaces](#namespaces)
 		- [Subdomain-routing](#subdomain-routing)
 		- [Route prefixes](#route-prefixes)
+	- [Partial groups](#partial-groups)
 	- [Form Method Spoofing](#form-method-spoofing)
 	- [Accessing The Current Route](#accessing-the-current-route)
 	- [Other examples](#other-examples)
@@ -50,6 +73,8 @@ If you want a great new feature or experience any issues what-so-ever, please fe
 - [CSRF-protection](#csrf-protection)
 	- [Adding CSRF-verifier](#adding-csrf-verifier)
 	- [Getting CSRF-token](#getting-csrf-token)
+	- [Custom CSRF-verifier](#custom-csrf-verifier)
+	- [Custom Token-provider](#custom-token-provider)
 
 - [Middlewares](#middlewares)
 	- [Example](#example)
@@ -79,7 +104,6 @@ If you want a great new feature or experience any issues what-so-ever, please fe
 		- [Bootmanager: loading routes dynamically](#bootmanager-loading-routes-dynamically)
 		- [Adding routes manually](#adding-routes-manually)
 	- [Parameters](#parameters)
-        - [Custom default regex for matching parameters](#custom-default-regex-for-matching-parameters)
 	- [Extending](#extending)
 
 - [Credits](#credits)
@@ -212,6 +236,24 @@ Simply create a new `web.config` file in your projects `public` directory and pa
 </configuration>
 ```
 
+#### Troubleshooting
+
+If you do not have a `favicon.ico` file in your project, you can get a `NotFoundHttpException` (404 - not found).
+To add `favicon.ico` to the IIS ignore-list, add the following line to the `<conditions>` group:
+```
+<add input="{REQUEST_FILENAME}" negate="true" pattern="favicon.ico" ignoreCase="true" />
+```
+
+You can also make one exception for files with some extensions:
+```
+<add input="{REQUEST_FILENAME}" pattern="\.ico|\.png|\.css|\.jpg" negate="true" ignoreCase="true" />
+```
+
+If you are using `$_SERVER['ORIG_PATH_INFO']`, you will get `\index.php\` as part of the returned value. For example:
+```
+/index.php/test/mypage.php
+```
+
 ### Configuration
 
 Create a new file, name it `routes.php` and place it in your library folder. This will be the file where you define all the routes for your project.
@@ -249,7 +291,8 @@ We recommend that you add these helper functions to your project. These will all
 To implement the functions below, simply copy the code to a new file and require the file before initializing the router or copy the `helpers.php` we've included in this library.
 
 ```php
-<?php
+use Pecee\SimpleRouter\SimpleRouter as Router;
+
 /**
  * Get url for a route by using either name/alias, class or method name.
  *
@@ -269,7 +312,7 @@ To implement the functions below, simply copy the code to a new file and require
  */
 function url($name = null, $parameters = null, $getParams = null)
 {
-    return SimpleRouter::getUrl($name, $parameters, $getParams);
+    return Router::getUrl($name, $parameters, $getParams);
 }
 
 /**
@@ -277,7 +320,7 @@ function url($name = null, $parameters = null, $getParams = null)
  */
 function response()
 {
-    return SimpleRouter::response();
+    return Router::response();
 }
 
 /**
@@ -285,7 +328,7 @@ function response()
  */
 function request()
 {
-    return SimpleRouter::request();
+    return Router::request();
 }
 
 /**
@@ -297,8 +340,7 @@ function request()
  */
 function input($index = null, $defaultValue = null, $methods = null)
 {
-    if($index !== null)
-    {
+    if ($index !== null) {
         return request()->getInput()->get($index, $defaultValue, $methods);
     }
 
@@ -313,6 +355,20 @@ function redirect($url, $code = null)
 
     response()->redirect($url);
 }
+
+/**
+ * Get current csrf-token
+ * @return string|null
+ */
+function csrf_token()
+{
+    $baseVerifier = Router::router()->getCsrfVerifier();
+    if ($baseVerifier !== null) {
+        return $baseVerifier->getToken();
+    }
+
+    return null;
+}
 ```
 
 ---
@@ -358,7 +414,7 @@ SimpleRouter::any('foo', function() {
 });
 ```
 
-We've created a simple method which matches `GET` and `POST` which is most commenly used:
+We've created a simple method which matches `GET` and `POST` which is most commonly used:
 
 ```php
 SimpleRouter::form('foo', function() {
@@ -542,7 +598,7 @@ SimpleRouter::group(['namespace' => 'Admin'], function () {
 });
 ```
 
-### Subdomain-routing
+### Sub domain-routing
 
 Route groups may also be used to handle sub-domain routing. Sub-domains may be assigned route parameters just like route URIs, allowing you to capture a portion of the sub-domain for usage in your route or controller. The sub-domain may be specified using the `domain` key on the group attribute array:
 
@@ -566,6 +622,29 @@ SimpleRouter::group(['prefix' => '/admin'], function () {
 });
 ```
 
+## Partial groups
+
+Partial router groups has the same benefits as a normal group, but supports parameters and are only rendered once the url has matched.
+
+This can be extremely useful in situations, where you only want special routes to be added, when a certain criteria or logic has been met.
+
+**NOTE:** Use partial groups with caution as routes added within are only rendered and available once the url of the partial-group has matched. This can cause `url()` not to find urls for the routes added within.
+
+**Example:**
+
+```php
+SimpleRouter::partialGroup('/admin/{applicationId}', function ($applicationId) {
+
+    SimpleRouter::get('/', function($applicationId) {
+
+        // Matches The "/admin/applicationId" URL
+
+    });
+
+});
+```
+
+
 ## Form Method Spoofing
 
 HTML forms do not support `PUT`, `PATCH` or `DELETE` actions. So, when defining `PUT`, `PATCH` or `DELETE` routes that are called from an HTML form, you will need to add a hidden `_method` field to the form. The value sent with the `_method` field will be used as the HTTP request method:
@@ -632,11 +711,57 @@ SimpleRouter::get('/page/404', 'ControllerPage@notFound', ['as' => 'page.notfoun
 
 # CSRF Protection
 
-Any forms posting to `POST`, `PUT` or `DELETE` routes should include the CSRF-token. We strongly recommend that you create your enable CSRF-verification on your site.
+Any forms posting to `POST`, `PUT` or `DELETE` routes should include the CSRF-token. We strongly recommend that you enable CSRF-verification on your site to maximize security.
 
-Create a new class and extend the ```BaseCsrfVerifier``` middleware class provided with simple-php-router.
+You can use the `BaseCsrfVerifier` to enable CSRF-validation on all request. If you need to disable verification for specific urls, please refer to the "Custom CSRF-verifier" section below.
 
-Add the property ```except``` with an array of the urls to the routes you would like to exclude/whitelist from the CSRF validation. Using ```*``` at the end for the url will match the entire url.
+By default simple-php-router will use the `CookieTokenProvider` class. This provider will store the security-token in a cookie on the clients machine.
+If you want to store the token elsewhere, please refer to the "Creating custom Token Provider" section below.
+
+## Adding CSRF-verifier
+
+When you've created your CSRF-verifier you need to tell simple-php-router that it should use it. You can do this by adding the following line in your `routes.php` file:
+
+```php
+Router::csrfVerifier(new \Demo\Middlewares\CsrfVerifier());
+```
+
+## Getting CSRF-token
+
+When posting to any of the urls that has CSRF-verification enabled, you need post your CSRF-token or else the request will get rejected.
+
+You can get the CSRF-token by calling the helper method:
+
+```php
+csrf_token();
+```
+
+You can also get the token directly:
+
+```php
+return Router::router()->getCsrfVerifier()->getTokenProvider()->getToken();
+```
+
+The default name/key for the input-field is `csrf_token` and is defined in the `POST_KEY` constant in the `BaseCsrfVerifier` class.
+You can change the key by overwriting the constant in your own CSRF-verifier class.
+
+**Example:**
+
+The example below will post to the current url with a hidden field "`csrf_token`".
+
+```html
+<form method="post" action="<?= url(); ?>">
+    <input type="hidden" name="csrf_token" value="<?= csrf_token(); ?>">
+    <!-- other input elements here -->
+</form>
+```
+
+## Custom CSRF-verifier
+
+Create a new class and extend the `BaseCsrfVerifier` middleware class provided by default with the simple-php-router library.
+
+Add the property `except` with an array of the urls to the routes you want to exclude/whitelist from the CSRF validation.
+Using ```*``` at the end for the url will match the entire url.
 
 **Here's a basic example on a CSRF-verifier class:**
 
@@ -654,22 +779,45 @@ class CsrfVerifier extends BaseCsrfVerifier
 }
 ```
 
-## Adding CSRF-verifier
+## Custom Token Provider
 
-When you've created your CSRF verifier - you need to tell simple-php-router that it should use it. You can do this by adding the following line in your `routes.php` file:
+By default the `BaseCsrfVerifier` will use the `CookieTokenProvider` to store the token in a cookie on the clients machine.
+
+If you need to store the token elsewhere, you can do that by creating your own class and implementing the `ITokenProvider` class.
 
 ```php
-Router::csrfVerifier(new \Demo\Middlewares\CsrfVerifier());
+class SessionTokenProvider implements ITokenProvider
+{
+
+    /**
+     * Refresh existing token
+     */
+    public function refresh()
+    {
+        // Implement your own functionality here...
+    }
+
+    /**
+     * Validate valid CSRF token
+     *
+     * @param string $token
+     * @return bool
+     */
+    public function validate($token)
+    {
+        // Implement your own functionality here...
+    }
+
+}
 ```
 
-## Getting CSRF-token
-
-When posting to any of the urls that has CSRF-verification enabled, you need post your CSRF-token or else the request will get rejected.
-
-You can get the CSRF-token by calling the helper method:
+Next you need to set your custom `ITokenProvider` implementation on your `BaseCsrfVerifier` class in your routes file:
 
 ```php
-csrf_token();
+$verifier = new \dscuz\Middleware\CsrfVerifier();
+$verifier->setTokenProvider(new SessionTokenProvider());
+
+Router::csrfVerifier($verifier);
 ```
 
 ---
@@ -965,6 +1113,7 @@ All object implements the `IInputItem` interface and will always contain these m
 - `getValue()` - returns the value of the input.
 
 `InputFile` has the same methods as above along with some other file-specific methods like:
+- `getFilename` - get the filename.
 - `getTmpName()` - get file temporary name.
 - `getSize()` - get file size.
 - `move($destination)` - move file to destination.
@@ -988,7 +1137,7 @@ $siteId = input('site_id', 2, ['post', 'get']);
 ## Url rewriting
 Sometimes it can be useful to manipulate the route about to be loaded.
 simple-php-router allows you to easily change the route about to be executed.
-All information about the current route is stored in the ```\Pecee\SimpleRouter\Router``` instance's `loadedRoute` property.
+All information about the current route is stored in the `\Pecee\SimpleRouter\Router` instance's `loadedRoute` property.
 
 For easy access you can use the shortcut method `\Pecee\SimpleRouter\SimpleRouter::router()`.
 

helpers.php

@@ -63,4 +63,18 @@ function redirect($url, $code = null)
     }
 
     response()->redirect($url);
+}
+
+/**
+ * Get current csrf-token
+ * @return string|null
+ */
+function csrf_token()
+{
+    $baseVerifier = Router::router()->getCsrfVerifier();
+    if ($baseVerifier !== null) {
+        return $baseVerifier->getTokenProvider()->getToken();
+    }
+
+    return null;
 }

src/Pecee/CsrfToken.php

@@ -1,79 +0,0 @@
-<?php
-namespace Pecee;
-
-class CsrfToken
-{
-    const CSRF_KEY = 'CSRF-TOKEN';
-
-    protected $token;
-
-    /**
-     * Generate random identifier for CSRF token
-     *
-     * @throws \RuntimeException
-     * @return string
-     */
-    public static function generateToken()
-    {
-        if (function_exists('random_bytes')) {
-            return bin2hex(random_bytes(32));
-        }
-
-        $isSourceStrong = false;
-
-        $random = openssl_random_pseudo_bytes(32, $isSourceStrong);
-        if ($isSourceStrong === false || $random === false) {
-            throw new \RuntimeException('IV generation failed');
-        }
-
-        return $random;
-    }
-
-    /**
-     * Validate valid CSRF token
-     *
-     * @param string $token
-     * @return bool
-     */
-    public function validate($token)
-    {
-        if ($token !== null && $this->getToken() !== null) {
-            return hash_equals($token, $this->getToken());
-        }
-
-        return false;
-    }
-
-    /**
-     * Set csrf token cookie
-     *
-     * @param $token
-     */
-    public function setToken($token)
-    {
-        setcookie(static::CSRF_KEY, $token, time() + 60 * 120, '/');
-    }
-
-    /**
-     * Get csrf token
-     * @return string|null
-     */
-    public function getToken()
-    {
-        if ($this->hasToken() === true) {
-            return $_COOKIE[static::CSRF_KEY];
-        }
-
-        return null;
-    }
-
-    /**
-     * Returns whether the csrf token has been defined
-     * @return bool
-     */
-    public function hasToken()
-    {
-        return isset($_COOKIE[static::CSRF_KEY]);
-    }
-
-}

src/Pecee/Http/Input/Input.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Pecee\Http\Input;
 
 use Pecee\Http\Request;
@@ -35,7 +36,7 @@ class Input
     public function parseInputs()
     {
         /* Parse get requests */
-        if (count($_GET) > 0) {
+        if (count($_GET) !== 0) {
             $this->get = $this->handleGetPost($_GET);
         }
 
@@ -46,12 +47,12 @@ class Input
             parse_str(file_get_contents('php://input'), $postVars);
         }
 
-        if (count($postVars) > 0) {
+        if (count($postVars) !== 0) {
             $this->post = $this->handleGetPost($postVars);
         }
 
         /* Parse get requests */
-        if (count($_FILES) > 0) {
+        if (count($_FILES) !== 0) {
             $this->file = $this->parseFiles();
         }
     }
@@ -65,15 +66,15 @@ class Input
             // Handle array input
             if (is_array($value['name']) === false) {
                 $values['index'] = $key;
-                $list[$key] = InputFile::createFromArray(array_merge($value, $values));
+                $list[$key] = InputFile::createFromArray($values + $value);
                 continue;
             }
 
-            $keys = [];
+            $keys = [$key];
 
             $files = $this->rearrangeFiles($value['name'], $keys, $value);
 
-            if (isset($list[$key])) {
+            if (isset($list[$key]) === true) {
                 $list[$key][] = $files;
             } else {
                 $list[$key] = $files;
@@ -87,40 +88,30 @@ class Input
     protected function rearrangeFiles(array $values, &$index, $original)
     {
 
+        $originalIndex = $index[0];
+        array_shift($index);
+
         $output = [];
 
-        $getItem = function ($key, $property = 'name') use ($original, $index) {
-
-            $path = $original[$property];
-
-            $fileValues = array_values($index);
-
-            foreach ($fileValues as $i) {
-                $path = $path[$i];
-            }
-
-            return $path[$key];
-        };
-
         foreach ($values as $key => $value) {
 
-            if (is_array($getItem($key)) === false) {
+            if (is_array($original['name'][$key]) === false) {
 
                 $file = InputFile::createFromArray([
-                    'index'    => $key,
-                    'filename' => $getItem($key),
-                    'error'    => $getItem($key, 'error'),
-                    'tmp_name' => $getItem($key, 'tmp_name'),
-                    'type'     => $getItem($key, 'type'),
-                    'size'     => $getItem($key, 'size'),
+                    'index' => (empty($key) === true && empty($originalIndex) === false) ? $originalIndex : $key,
+                    'name' => $original['name'][$key],
+                    'error' => $original['error'][$key],
+                    'tmp_name' => $original['tmp_name'][$key],
+                    'type' => $original['type'][$key],
+                    'size' => $original['size'][$key],
                 ]);
 
-                if (isset($output[$key])) {
+                if (isset($output[$key]) === true) {
                     $output[$key][] = $file;
-                } else {
-                    $output[$key] = $file;
+                    continue;
                 }
 
+                $output[$key] = $file;
                 continue;
             }
 
@@ -128,7 +119,7 @@ class Input
 
             $files = $this->rearrangeFiles($value, $index, $original);
 
-            if (isset($output[$key])) {
+            if (isset($output[$key]) === true) {
                 $output[$key][] = $files;
             } else {
                 $output[$key] = $files;
@@ -143,13 +134,7 @@ class Input
     {
         $list = [];
 
-        $max = count($array) - 1;
-        $keys = array_keys($array);
-
-        for ($i = $max; $i >= 0; $i--) {
-
-            $key = $keys[$i];
-            $value = $array[$key];
+        foreach ($array as $key => $value) {
 
             // Handle array input
             if (is_array($value) === false) {
@@ -217,15 +202,15 @@ class Input
 
         $element = null;
 
-        if ($methods === null || in_array('get', $methods)) {
+        if ($methods === null || in_array('get', $methods, false) === true) {
             $element = $this->findGet($index);
         }
 
-        if (($element === null && $methods === null) || ($methods !== null && in_array('post', $methods))) {
+        if (($element === null && $methods === null) || ($methods !== null && in_array('post', $methods, false) === true)) {
             $element = $this->findPost($index);
         }
 
-        if (($element === null && $methods === null) || ($methods !== null && in_array('file', $methods))) {
+        if (($element === null && $methods === null) || ($methods !== null && in_array('file', $methods, false) === true)) {
             $element = $this->findFile($index);
         }
 
@@ -269,21 +254,21 @@ class Input
      */
     public function all(array $filter = null)
     {
-        $output = $_POST;
+        $output = $_GET + $_POST;
 
         if ($this->request->getMethod() === 'post') {
 
             $contents = file_get_contents('php://input');
 
             if (strpos(trim($contents), '{') === 0) {
-                $output = json_decode($contents, true);
-                if ($output === false) {
-                    $output = [];
+                $post = json_decode($contents, true);
+                if ($post !== false) {
+                    $output += $post;
                 }
             }
         }
 
-        return ($filter !== null) ? array_intersect_key($output, array_flip($filter)) : array_merge($_GET, $output);
+        return ($filter !== null) ? array_intersect_key($output, array_flip($filter)) : $output;
     }
 
 }

src/Pecee/Http/Input/InputFile.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Pecee\Http\Input;
 
 class InputFile implements IInputItem
@@ -16,7 +17,7 @@ class InputFile implements IInputItem
         $this->index = $index;
 
         // Make the name human friendly, by replace _ with space
-        $this->name = ucfirst(str_replace('_', ' ', $this->index));
+        $this->name = ucfirst(str_replace('_', ' ', strtolower($this->index)));
     }
 
     /**
@@ -28,19 +29,19 @@ class InputFile implements IInputItem
      */
     public static function createFromArray(array $values)
     {
-        if (!isset($values['index'])) {
+        if (isset($values['index']) === false) {
             throw new \InvalidArgumentException('Index key is required');
         }
 
         /* Easy way of ensuring that all indexes-are set and not filling the screen with isset() */
 
-        $values = array_merge([
+        $values += [
             'tmp_name' => null,
             'type'     => null,
             'size'     => null,
             'name'     => null,
             'error'    => null,
-        ], $values);
+        ];
 
         return (new static($values['index']))
             ->setSize($values['size'])
@@ -267,8 +268,9 @@ class InputFile implements IInputItem
             'tmp_name' => $this->tmpName,
             'type'     => $this->type,
             'size'     => $this->size,
-            'name'     => $this->filename,
+            'name'     => $this->name,
             'error'    => $this->error,
+            'filename' => $this->filename,
         ];
     }
 

src/Pecee/Http/Input/InputItem.php

@@ -13,7 +13,7 @@ class InputItem implements IInputItem
         $this->value = $value;
 
         // Make the name human friendly, by replace _ with space
-        $this->name = ucfirst(str_replace('_', ' ', $this->index));
+        $this->name = ucfirst(str_replace('_', ' ', strtolower($this->index)));
     }
 
     /**

src/Pecee/Http/Middleware/BaseCsrfVerifier.php

@@ -1,9 +1,11 @@
 <?php
+
 namespace Pecee\Http\Middleware;
 
-use Pecee\CsrfToken;
 use Pecee\Http\Middleware\Exceptions\TokenMismatchException;
 use Pecee\Http\Request;
+use Pecee\Http\Security\CookieTokenProvider;
+use Pecee\Http\Security\ITokenProvider;
 
 class BaseCsrfVerifier implements IMiddleware
 {
@@ -11,15 +13,11 @@ class BaseCsrfVerifier implements IMiddleware
     const HEADER_KEY = 'X-CSRF-TOKEN';
 
     protected $except;
-    protected $csrfToken;
-    protected $token;
+    protected $tokenProvider;
 
     public function __construct()
     {
-        $this->csrfToken = new CsrfToken();
-
-        // Generate or get the CSRF-Token from Cookie.
-        $this->token = ($this->hasToken() === false) ? $this->generateToken() : $this->csrfToken->getToken();
+        $this->tokenProvider = new CookieTokenProvider();
     }
 
     /**
@@ -29,7 +27,7 @@ class BaseCsrfVerifier implements IMiddleware
      */
     protected function skip(Request $request)
     {
-        if ($this->except === null || is_array($this->except) === false) {
+        if ($this->except === null || count($this->except) === 0) {
             return false;
         }
 
@@ -54,6 +52,12 @@ class BaseCsrfVerifier implements IMiddleware
         return false;
     }
 
+    /**
+     * Handle request
+     *
+     * @param Request $request
+     * @throws TokenMismatchException
+     */
     public function handle(Request $request)
     {
 
@@ -66,34 +70,29 @@ class BaseCsrfVerifier implements IMiddleware
                 $token = $request->getHeader(static::HEADER_KEY);
             }
 
-            if ($this->csrfToken->validate($token) === false) {
-                throw new TokenMismatchException('Invalid csrf-token.');
+            if ($this->tokenProvider->validate($token) === false) {
+                throw new TokenMismatchException('Invalid CSRF-token.');
             }
 
         }
 
+        // Refresh existing token
+        $this->tokenProvider->refresh();
+
     }
 
-    public function generateToken()
+    public function getTokenProvider()
     {
-        $token = CsrfToken::generateToken();
-        $this->csrfToken->setToken($token);
-
-        return $token;
+        return $this->tokenProvider;
     }
 
-    public function hasToken()
+    /**
+     * Set token provider
+     * @param ITokenProvider $provider
+     */
+    public function setTokenProvider(ITokenProvider $provider)
     {
-        if ($this->token !== null) {
-            return true;
-        }
-
-        return $this->csrfToken->hasToken();
-    }
-
-    public function getToken()
-    {
-        return $this->token;
+        $this->tokenProvider = $provider;
     }
 
 }

src/Pecee/Http/Request.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Pecee\Http;
 
 use Pecee\Http\Input\Input;
@@ -30,22 +31,19 @@ class Request
     {
         $this->parseHeaders();
         $this->setHost($this->getHeader('http-host'));
-        $this->setUri(new Uri($this->getHeader('request-uri')));
+
+        // Check if special IIS header exist, otherwise use default.
+        $this->setUri(new Uri($this->getHeader('unencoded-url', $this->getHeader('request-uri'))));
+
         $this->input = new Input($this);
-        $this->method = strtolower($this->input->get('_method', $this->getHeader('request-method'), 'post'));
+        $this->method = strtolower($this->input->get('_method', $this->getHeader('request-method')));
     }
 
     protected function parseHeaders()
     {
         $this->headers = [];
 
-        $max = count($_SERVER) - 1;
-        $keys = array_keys($_SERVER);
-
-        for ($i = $max; $i >= 0; $i--) {
-            $key = $keys[$i];
-            $value = $_SERVER[$key];
-
+        foreach ($_SERVER as $key => $value) {
             $this->headers[strtolower($key)] = $value;
             $this->headers[strtolower(str_replace('_', '-', $key))] = $value;
         }
@@ -164,24 +162,7 @@ class Request
      */
     public function getHeader($name, $defaultValue = null)
     {
-        if (isset($this->headers[strtolower($name)])) {
-            return $this->headers[strtolower($name)];
-        }
-
-        $max = count($_SERVER) - 1;
-        $keys = array_keys($_SERVER);
-
-        for ($i = $max; $i >= 0; $i--) {
-
-            $key = $keys[$i];
-            $name = $_SERVER[$key];
-
-            if ($key === $name) {
-                return $name;
-            }
-        }
-
-        return $defaultValue;
+        return isset($this->headers[strtolower($name)]) ? $this->headers[strtolower($name)] : $defaultValue;
     }
 
     /**
@@ -215,10 +196,14 @@ class Request
     }
 
     /**
-     * @param Uri $uri
+     * @param Uri|string $uri
      */
-    public function setUri(Uri $uri)
+    public function setUri($uri)
     {
+        if (is_string($uri) === true) {
+            $uri = new Uri($uri);
+        }
+
         $this->uri = $uri;
     }
 
@@ -246,26 +231,7 @@ class Request
      */
     public function setRewriteRoute(ILoadableRoute $route)
     {
-        $this->rewriteRoute = $route;
-
-        $callback = $route->getCallback();
-
-        /* Only add default namespace on relative callbacks */
-        if ($callback === null || $callback[0] !== '\\') {
-
-            $namespace = SimpleRouter::getDefaultNamespace();
-
-            if ($namespace !== null) {
-
-                if ($this->rewriteRoute->getNamespace() !== null) {
-                    $namespace .= '\\' . $this->rewriteRoute->getNamespace();
-                }
-
-                $this->rewriteRoute->setDefaultNamespace($namespace);
-
-            }
-
-        }
+        $this->rewriteRoute = SimpleRouter::addDefaultNamespace($route);
 
         return $this;
     }

src/Pecee/Http/Response.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Pecee\Http;
 
 class Response
@@ -82,14 +83,21 @@ class Response
     }
 
     /**
-     * Json encode array
-     * @param array $value
+     * Json encode
+     * @param array|\JsonSerializable $value
+     * @param int $options JSON options Bitmask consisting of JSON_HEX_QUOT, JSON_HEX_TAG, JSON_HEX_AMP, JSON_HEX_APOS, JSON_NUMERIC_CHECK, JSON_PRETTY_PRINT, JSON_UNESCAPED_SLASHES, JSON_FORCE_OBJECT, JSON_PRESERVE_ZERO_FRACTION, JSON_UNESCAPED_UNICODE, JSON_PARTIAL_OUTPUT_ON_ERROR.
+     * @param int $dept JSON debt.
+     * @throws \InvalidArgumentException
      */
-    public function json(array $value)
+    public function json($value, $options = null, $dept = 512)
     {
-        $this->header('Content-Type: application/json');
-        echo json_encode($value);
-        die();
+        if (($value instanceof \JsonSerializable) === false && is_array($value) === false) {
+            throw new \InvalidArgumentException('Invalid type for parameter "value". Must be of type array or object implementing the \JsonSerializable interface.');
+        }
+
+        $this->header('Content-Type: application/json; charset=utf-8');
+        echo json_encode($value, $options, $dept);
+        exit(0);
     }
 
     /**

src/Pecee/Http/Security/CookieTokenProvider.php

@@ -0,0 +1,119 @@
+<?php
+
+namespace Pecee\Http\Security;
+
+class CookieTokenProvider implements ITokenProvider
+{
+    const CSRF_KEY = 'CSRF-TOKEN';
+
+    protected $token;
+    protected $cookieTimeoutMinutes = 120;
+
+    public function __construct()
+    {
+        $this->token = $this->getToken();
+
+        if ($this->token === null) {
+            $this->token = $this->generateToken();
+        }
+    }
+
+    /**
+     * Generate random identifier for CSRF token
+     *
+     * @throws \RuntimeException|\Exception
+     * @return string
+     */
+    public function generateToken()
+    {
+        if (function_exists('random_bytes') === true) {
+            return bin2hex(random_bytes(32));
+        }
+
+        $isSourceStrong = false;
+
+        $random = openssl_random_pseudo_bytes(32, $isSourceStrong);
+        if ($isSourceStrong === false || $random === false) {
+            throw new \RuntimeException('IV generation failed');
+        }
+
+        return $random;
+    }
+
+    /**
+     * Validate valid CSRF token
+     *
+     * @param string $token
+     * @return bool
+     */
+    public function validate($token)
+    {
+        if ($token !== null && $this->getToken() !== null) {
+            return hash_equals($token, $this->getToken());
+        }
+
+        return false;
+    }
+
+    /**
+     * Set csrf token cookie
+     * Overwrite this method to save the token to another storage like session etc.
+     *
+     * @param string $token
+     */
+    public function setToken($token)
+    {
+        $this->token = $token;
+        setcookie(static::CSRF_KEY, $token, time() + 60 * $this->cookieTimeoutMinutes, '/');
+    }
+
+    /**
+     * Get csrf token
+     * @param string|null $defaultValue
+     * @return string|null
+     */
+    public function getToken($defaultValue = null)
+    {
+        $this->token = ($this->hasToken() === true) ? $_COOKIE[static::CSRF_KEY] : null;
+
+        return ($this->token !== null) ? $this->token : $defaultValue;
+    }
+
+    /**
+     * Refresh existing token
+     */
+    public function refresh()
+    {
+        if ($this->token !== null) {
+            $this->setToken($this->token);
+        }
+    }
+
+    /**
+     * Returns whether the csrf token has been defined
+     * @return bool
+     */
+    public function hasToken()
+    {
+        return isset($_COOKIE[static::CSRF_KEY]);
+    }
+
+    /**
+     * Get timeout for cookie in minutes
+     * @return int
+     */
+    public function getCookieTimeoutMinutes()
+    {
+        return $this->cookieTimeoutMinutes;
+    }
+
+    /**
+     * Set cookie timeout in minutes
+     * @param $minutes
+     */
+    public function setCookieTimeoutMinutes($minutes)
+    {
+        $this->cookieTimeoutMinutes = $minutes;
+    }
+
+}

src/Pecee/Http/Security/ITokenProvider.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace Pecee\Http\Security;
+
+interface ITokenProvider
+{
+
+    /**
+     * Refresh existing token
+     */
+    public function refresh();
+
+    /**
+     * Validate valid CSRF token
+     *
+     * @param string $token
+     * @return bool
+     */
+    public function validate($token);
+
+}

src/Pecee/Http/Uri.php

@@ -6,20 +6,20 @@ class Uri
 {
     private $originalUrl;
     private $data = [
-        'scheme',
-        'host',
-        'port',
-        'user',
-        'pass',
-        'path',
-        'query',
-        'fragment',
+        'scheme'   => null,
+        'host'     => null,
+        'port'     => null,
+        'user'     => null,
+        'pass'     => null,
+        'path'     => null,
+        'query'    => null,
+        'fragment' => null,
     ];
 
     public function __construct($url)
     {
         $this->originalUrl = $url;
-        $this->data = array_merge($this->data, $this->parseUrl($url));
+        $this->data = $this->parseUrl($url) + $this->data;
 
         if (isset($this->data['path']) === true && $this->data['path'] !== '/') {
             $this->data['path'] = rtrim($this->data['path'], '/') . '/';
@@ -135,7 +135,7 @@ class Uri
     public function parseUrl($url, $component = -1)
     {
         $encodedUrl = preg_replace_callback(
-            '%[^:/@?&=#]+%u',
+            '/[^:\/@?&=#]+/u',
             function ($matches) {
                 return urlencode($matches[0]);
             },
@@ -148,11 +148,7 @@ class Uri
             throw new \InvalidArgumentException('Malformed URL: ' . $url);
         }
 
-        foreach ((array)$parts as $name => $value) {
-            $parts[$name] = urldecode($value);
-        }
-
-        return $parts;
+        return array_map('urldecode', $parts);
     }
 
     /**

src/Pecee/SimpleRouter/Route/IPartialGroupRoute.php

@@ -0,0 +1,8 @@
+<?php
+
+namespace Pecee\SimpleRouter\Route;
+
+interface IPartialGroupRoute
+{
+
+}

src/Pecee/SimpleRouter/Route/IRoute.php

@@ -21,7 +21,7 @@ interface IRoute
      *
      * @param Request $request
      * @throws \Pecee\SimpleRouter\Exceptions\NotFoundHttpException
-     * @return void
+     * @return string
      */
     public function renderRoute(Request $request);
 

src/Pecee/SimpleRouter/Route/LoadableRoute.php

@@ -30,22 +30,23 @@ abstract class LoadableRoute extends Route implements ILoadableRoute
     {
         $max = count($this->getMiddlewares());
 
-        if ($max > 0) {
+        if ($max === 0) {
+            return;
+        }
 
-            for ($i = 0; $i < $max; $i++) {
+        for ($i = 0; $i < $max; $i++) {
 
-                $middleware = $this->getMiddlewares()[$i];
+            $middleware = $this->getMiddlewares()[$i];
 
-                if (is_object($middleware) === false) {
-                    $middleware = $this->loadClass($middleware);
-                }
-
-                if (($middleware instanceof IMiddleware) === false) {
-                    throw new HttpException($middleware . ' must be inherit the IMiddleware interface');
-                }
-
-                $middleware->handle($request);
+            if (is_object($middleware) === false) {
+                $middleware = $this->loadClass($middleware);
             }
+
+            if (($middleware instanceof IMiddleware) === false) {
+                throw new HttpException($middleware . ' must be inherit the IMiddleware interface');
+            }
+
+            $middleware->handle($request);
         }
     }
 
@@ -74,7 +75,7 @@ abstract class LoadableRoute extends Route implements ILoadableRoute
 
             $regex = sprintf(static::PARAMETERS_REGEX_FORMAT, $this->paramModifiers[0], $this->paramOptionalSymbol, $this->paramModifiers[1]);
 
-            if (preg_match_all('/' . $regex . '/', $this->url, $matches)) {
+            if (preg_match_all('/' . $regex . '/u', $this->url, $matches) > 0) {
                 $this->parameters = array_fill_keys($matches[1], null);
             }
         }
@@ -102,7 +103,7 @@ abstract class LoadableRoute extends Route implements ILoadableRoute
 
         $group = $this->getGroup();
 
-        if ($group !== null && count($group->getDomains()) > 0) {
+        if ($group !== null && count($group->getDomains()) !== 0) {
             $url = '//' . $group->getDomains()[0] . $url;
         }
 
@@ -124,7 +125,7 @@ abstract class LoadableRoute extends Route implements ILoadableRoute
         for ($i = $max; $i >= 0; $i--) {
             $param = $keys[$i];
 
-            if ($parameters === '' || (is_array($parameters) && count($parameters) === 0)) {
+            if ($parameters === '' || (is_array($parameters) === true && count($parameters) === 0)) {
                 $value = '';
             } else {
                 $p = (array)$parameters;
@@ -145,7 +146,7 @@ abstract class LoadableRoute extends Route implements ILoadableRoute
         }
 
         $url = '/' . ltrim($url, '/');
-        $url .= join('/', $unknownParams);
+        $url .= implode('/', $unknownParams);
 
         return rtrim($url, '/') . '/';
     }
@@ -229,15 +230,18 @@ abstract class LoadableRoute extends Route implements ILoadableRoute
      */
     public function setSettings(array $values, $merge = false)
     {
-        if (isset($values['as'])) {
+        if (isset($values['as']) === true) {
+
+            $name = $values['as'];
+
             if ($this->name !== null && $merge !== false) {
-                $this->setName($values['as'] . '.' . $this->name);
-            } else {
-                $this->setName($values['as']);
+                $name .= '.' . $this->name;
             }
+
+            $this->setName($name);
         }
 
-        if (isset($values['prefix'])) {
+        if (isset($values['prefix']) === true) {
             $this->setUrl($values['prefix'] . $this->getUrl());
         }
 

src/Pecee/SimpleRouter/Route/Route.php

@@ -33,7 +33,7 @@ abstract class Route implements IRoute
      *
      * @var bool
      */
-    protected $filterEmptyParams = false;
+    protected $filterEmptyParams = true;
 
     /**
      * Default regular expression used for parsing parameters.
@@ -42,6 +42,7 @@ abstract class Route implements IRoute
     protected $defaultParameterRegex;
     protected $paramModifiers = '{}';
     protected $paramOptionalSymbol = '?';
+    protected $urlRegex = '/^%s\/?$/u';
     protected $group;
     protected $parent;
     protected $callback;
@@ -55,6 +56,12 @@ abstract class Route implements IRoute
     protected $originalParameters = [];
     protected $middlewares = [];
 
+    /**
+     * Load class by name
+     * @param string $name
+     * @return mixed
+     * @throws NotFoundHttpException
+     */
     protected function loadClass($name)
     {
         if (class_exists($name) === false) {
@@ -64,20 +71,35 @@ abstract class Route implements IRoute
         return new $name();
     }
 
+    /**
+     * Render route
+     *
+     * @param Request $request
+     * @return string|mixed
+     * @throws NotFoundHttpException
+     */
     public function renderRoute(Request $request)
     {
         $callback = $this->getCallback();
 
         if ($callback === null) {
-            return;
+            return null;
+        }
+
+        $parameters = $this->getParameters();
+
+        /* Filter parameters with null-value */
+
+        if ($this->filterEmptyParams === true) {
+            $parameters = array_filter($parameters, function ($var) {
+                return ($var !== null);
+            });
         }
 
         /* Render callback function */
         if (is_callable($callback) === true) {
-
             /* When the callback is a function */
-            return call_user_func_array($callback, $this->getParameters());
-
+            return call_user_func_array($callback, $parameters);
         }
 
         /* When the callback is a class + method */
@@ -94,16 +116,6 @@ abstract class Route implements IRoute
             throw new NotFoundHttpException(sprintf('Method "%s" does not exist in class "%s"', $method, $className), 404);
         }
 
-        $parameters = $this->getParameters();
-
-        /* Filter parameters with null-value */
-
-        if ($this->filterEmptyParams === true) {
-            $parameters = array_filter($parameters, function ($var) {
-                return ($var !== null);
-            });
-        }
-
         return call_user_func_array([$class, $method], $parameters);
     }
 
@@ -116,9 +128,9 @@ abstract class Route implements IRoute
         // Ensures that hostnames/domains will work with parameters
         $url = '/' . ltrim($url, '/');
 
-        if (preg_match_all('/' . $regex . '/', $route, $parameters)) {
+        if (preg_match_all('/' . $regex . '/u', $route, $parameters) > 0) {
 
-            $urlParts = preg_split('/((\-?\/?)\{[^}]+\})/', rtrim($route, '/'));
+            $urlParts = preg_split('/((\-?\/?)\{[^}]+\})/', $route);
 
             foreach ($urlParts as $key => $t) {
 
@@ -148,20 +160,20 @@ abstract class Route implements IRoute
                 $urlParts[$key] = preg_quote($t, '/') . $regex;
             }
 
-            $urlRegex = join('', $urlParts);
+            $urlRegex = implode('', $urlParts);
 
         } else {
             $urlRegex = preg_quote($route, '/');
         }
 
-        if (preg_match('/^' . $urlRegex . '\/?$/', $url, $matches) > 0) {
+        if (preg_match(sprintf($this->urlRegex, $urlRegex), $url, $matches) > 0) {
 
             $values = [];
 
             if (isset($parameters[1]) === true) {
 
                 /* Only take matched parameters with name */
-                foreach ($parameters[1] as $name) {
+                foreach ((array)$parameters[1] as $name) {
                     $values[$name] = (isset($matches[$name]) && $matches[$name] !== '') ? $matches[$name] : null;
                 }
             }
@@ -360,15 +372,15 @@ abstract class Route implements IRoute
             $values['namespace'] = $this->namespace;
         }
 
-        if (count($this->requestMethods) > 0) {
+        if (count($this->requestMethods) !== 0) {
             $values['method'] = $this->requestMethods;
         }
 
-        if (count($this->where) > 0) {
+        if (count($this->where) !== 0) {
             $values['where'] = $this->where;
         }
 
-        if (count($this->middlewares) > 0) {
+        if (count($this->middlewares) !== 0) {
             $values['middleware'] = $this->middlewares;
         }
 
@@ -388,28 +400,28 @@ abstract class Route implements IRoute
      */
     public function setSettings(array $values, $merge = false)
     {
-        if ($this->namespace === null && isset($values['namespace'])) {
+        if ($this->namespace === null && isset($values['namespace']) === true) {
             $this->setNamespace($values['namespace']);
         }
 
-        if (isset($values['method'])) {
+        if (isset($values['method']) === true) {
             $this->setRequestMethods(array_merge($this->requestMethods, (array)$values['method']));
         }
 
-        if (isset($values['where'])) {
+        if (isset($values['where']) === true) {
             $this->setWhere(array_merge($this->where, (array)$values['where']));
         }
 
-        if (isset($values['parameters'])) {
+        if (isset($values['parameters']) === true) {
             $this->setParameters(array_merge($this->parameters, (array)$values['parameters']));
         }
 
         // Push middleware if multiple
-        if (isset($values['middleware'])) {
+        if (isset($values['middleware']) === true) {
             $this->setMiddlewares(array_merge((array)$values['middleware'], $this->middlewares));
         }
 
-        if (isset($values['defaultParameterRegex'])) {
+        if (isset($values['defaultParameterRegex']) === true) {
             $this->setDefaultParameterRegex($values['defaultParameterRegex']);
         }
 
@@ -462,7 +474,7 @@ abstract class Route implements IRoute
         /* Sort the parameters after the user-defined param order, if any */
         $parameters = [];
 
-        if (count($this->originalParameters) > 0) {
+        if (count($this->originalParameters) !== 0) {
             $parameters = $this->originalParameters;
         }
 
@@ -481,7 +493,7 @@ abstract class Route implements IRoute
          * If this is the first time setting parameters we store them so we
          * later can organize the array, in case somebody tried to sort the array.
          */
-        if (count($parameters) > 0 && count($this->originalParameters) === 0) {
+        if (count($parameters) !== 0 && count($this->originalParameters) === 0) {
             $this->originalParameters = $parameters;
         }
 

src/Pecee/SimpleRouter/Route/RouteController.php

@@ -1,4 +1,5 @@
 <?php
+
 namespace Pecee\SimpleRouter\Route;
 
 use Pecee\Http\Request;
@@ -76,11 +77,11 @@ class RouteController extends LoadableRoute implements IControllerRoute
 
         $group = $this->getGroup();
 
-        if ($group !== null && count($group->getDomains()) > 0) {
+        if ($group !== null && count($group->getDomains()) !== 0) {
             $url .= '//' . $group->getDomains()[0];
         }
 
-        $url .= '/' . trim($this->getUrl(), '/') . '/' . strtolower($method) . join('/', $parameters);
+        $url .= '/' . trim($this->getUrl(), '/') . '/' . strtolower($method) . implode('/', $parameters);
 
         return '/' . trim($url, '/') . '/';
     }
@@ -97,7 +98,7 @@ class RouteController extends LoadableRoute implements IControllerRoute
         $strippedUrl = trim(str_ireplace($this->url, '/', $url), '/');
         $path = explode('/', $strippedUrl);
 
-        if (count($path) > 0) {
+        if (count($path) !== 0) {
 
             $method = (isset($path[0]) === false || trim($path[0]) === '') ? $this->defaultMethod : $path[0];
             $this->method = $request->getMethod() . ucfirst($method);
@@ -168,7 +169,7 @@ class RouteController extends LoadableRoute implements IControllerRoute
      */
     public function setSettings(array $values, $merge = false)
     {
-        if (isset($values['names'])) {
+        if (isset($values['names']) === true) {
             $this->names = $values['names'];
         }
 

src/Pecee/SimpleRouter/Route/RouteGroup.php

@@ -28,7 +28,7 @@ class RouteGroup extends Route implements IGroupRoute
 
             $parameters = $this->parseParameters($domain, $request->getHost(), '.*');
 
-            if ($parameters !== null && count($parameters) > 0) {
+            if ($parameters !== null && count($parameters) !== 0) {
 
                 $this->parameters = $parameters;
 
@@ -146,24 +146,27 @@ class RouteGroup extends Route implements IGroupRoute
     public function setSettings(array $values, $merge = false)
     {
 
-        if (isset($values['prefix'])) {
+        if (isset($values['prefix']) === true) {
             $this->setPrefix($values['prefix'] . $this->prefix);
         }
 
-        if (isset($values['exceptionHandler'])) {
+        if ($merge === false && isset($values['exceptionHandler']) === true) {
             $this->setExceptionHandlers((array)$values['exceptionHandler']);
         }
 
-        if (isset($values['domain'])) {
+        if ($merge === false && isset($values['domain']) === true) {
             $this->setDomains((array)$values['domain']);
         }
 
-        if (isset($values['as'])) {
+        if (isset($values['as']) === true) {
+
+            $name = $values['as'];
+
             if ($this->name !== null && $merge !== false) {
-                $this->name = $values['as'] . '.' . $this->name;
-            } else {
-                $this->name = $values['as'];
+                $name .= '.' . $this->name;
             }
+
+            $this->name = $name;
         }
 
         parent::setSettings($values, $merge);
@@ -188,7 +191,7 @@ class RouteGroup extends Route implements IGroupRoute
             $values['as'] = $this->name;
         }
 
-        if (count($this->parameters) > 0) {
+        if (count($this->parameters) !== 0) {
             $values['parameters'] = $this->parameters;
         }
 

src/Pecee/SimpleRouter/Route/RoutePartialGroup.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace Pecee\SimpleRouter\Route;
+
+use Pecee\Http\Request;
+
+class RoutePartialGroup extends RouteGroup implements IPartialGroupRoute
+{
+    protected $urlRegex = '/^%s\/?/u';
+
+    /**
+     * Method called to check if route matches
+     *
+     * @param string $url
+     * @param Request $request
+     * @return bool
+     */
+    public function matchRoute($url, Request $request)
+    {
+        if ($this->prefix !== null) {
+            /* Parse parameters from current route */
+            $parameters = $this->parseParameters($this->prefix, $url);
+
+            /* If no custom regular expression or parameters was found on this route, we stop */
+            if ($parameters === null) {
+                return false;
+            }
+
+            /* Set the parameters */
+            $this->setParameters((array)$parameters);
+        }
+
+        return $this->matchDomain($request);
+    }
+
+}

src/Pecee/SimpleRouter/Route/RouteResource.php

@@ -206,11 +206,11 @@ class RouteResource extends LoadableRoute implements IControllerRoute
      */
     public function setSettings(array $values, $merge = false)
     {
-        if (isset($values['names'])) {
+        if (isset($values['names']) === true) {
             $this->names = $values['names'];
         }
 
-        if (isset($values['methods'])) {
+        if (isset($values['methods']) === true) {
             $this->methodNames = $values['methods'];
         }
 

src/Pecee/SimpleRouter/Router.php

@@ -10,6 +10,7 @@ use Pecee\SimpleRouter\Exceptions\NotFoundHttpException;
 use Pecee\SimpleRouter\Route\IControllerRoute;
 use Pecee\SimpleRouter\Route\IGroupRoute;
 use Pecee\SimpleRouter\Route\ILoadableRoute;
+use Pecee\SimpleRouter\Route\IPartialGroupRoute;
 use Pecee\SimpleRouter\Route\IRoute;
 
 class Router
@@ -124,37 +125,10 @@ class Router
 
         $url = ($this->request->getRewriteUrl() !== null) ? $this->request->getRewriteUrl() : $this->request->getUri()->getPath();
 
-        /* @var $route IRoute */
         for ($i = $max; $i >= 0; $i--) {
 
             $route = $routes[$i];
 
-            /* @var $route IGroupRoute */
-            if ($route instanceof IGroupRoute) {
-
-                $group = $route;
-
-                $this->processingRoute = true;
-                $route->renderRoute($this->request);
-                $this->processingRoute = false;
-
-                if ($route->matchRoute($url, $this->request) === true) {
-
-                    /* Add exception handlers */
-                    if (count($route->getExceptionHandlers()) > 0) {
-                        /** @noinspection AdditionOperationOnArraysInspection */
-                        $exceptionHandlers += $route->getExceptionHandlers();
-                    }
-
-                }
-            }
-
-            if ($group !== null) {
-
-                /* Add the parent group */
-                $route->setGroup($group);
-            }
-
             if ($parent !== null) {
 
                 /* Add the parent route */
@@ -165,13 +139,48 @@ class Router
 
             }
 
+            if ($group !== null) {
+
+                /* Add the parent group */
+                $route->setGroup($group);
+            }
+
+            /* @var $route IGroupRoute */
+            if ($route instanceof IGroupRoute) {
+
+                $group = $route;
+
+                if ($route->matchRoute($url, $this->request) === true) {
+
+                    /* Add exception handlers */
+                    if (count($route->getExceptionHandlers()) !== 0) {
+                        /** @noinspection AdditionOperationOnArraysInspection */
+                        $exceptionHandlers += $route->getExceptionHandlers();
+                    }
+
+                    /* Only render partial group if it matches */
+                    if ($route instanceof IPartialGroupRoute) {
+                        $this->processingRoute = true;
+                        $route->renderRoute($this->request);
+                        $this->processingRoute = false;
+                    }
+
+                }
+
+                if (($route instanceof IPartialGroupRoute) === false) {
+                    $this->processingRoute = true;
+                    $route->renderRoute($this->request);
+                    $this->processingRoute = false;
+                }
+            }
+
             if ($route instanceof ILoadableRoute) {
 
                 /* Add the route to the map, so we can find the active one when all routes has been loaded */
                 $this->processedRoutes[] = $route;
             }
 
-            if (count($this->routeStack) > 0) {
+            if (count($this->routeStack) !== 0) {
 
                 /* Pop and grab the routes added when executing group callback earlier */
                 $stack = $this->routeStack;
@@ -193,7 +202,7 @@ class Router
     public function loadRoutes()
     {
         /* Initialize boot-managers */
-        if (count($this->bootManagers) > 0) {
+        if (count($this->bootManagers) !== 0) {
 
             $max = count($this->bootManagers) - 1;
 
@@ -208,6 +217,14 @@ class Router
         $this->processRoutes($this->routes);
     }
 
+    /**
+     * Routes the request
+     *
+     * @param bool $rewrite
+     * @return string|mixed
+     * @throws HttpException
+     * @throws \Exception
+     */
     public function routeRequest($rewrite = false)
     {
         $routeNotAllowed = false;
@@ -237,7 +254,7 @@ class Router
                 if ($route->matchRoute($url, $this->request) === true) {
 
                     /* Check if request method matches */
-                    if (count($route->getRequestMethods()) > 0 && in_array($this->request->getMethod(), $route->getRequestMethods(), false) === false) {
+                    if (count($route->getRequestMethods()) !== 0 && in_array($this->request->getMethod(), $route->getRequestMethods(), false) === false) {
                         $routeNotAllowed = true;
                         continue;
                     }
@@ -258,9 +275,8 @@ class Router
                     if ($rewriteUrl !== null && $rewriteUrl !== $url) {
                         unset($this->processedRoutes[$i]);
                         $this->processedRoutes = array_values($this->processedRoutes);
-                        $this->routeRequest(true);
 
-                        return;
+                        return $this->routeRequest(true);
                     }
 
                     /* Render route */
@@ -268,8 +284,6 @@ class Router
                     $this->request->setLoadedRoute($route);
 
                     return $route->renderRoute($this->request);
-
-                    break;
                 }
             }
 
@@ -278,7 +292,8 @@ class Router
         }
 
         if ($routeNotAllowed === true) {
-            $this->handleException(new HttpException('Route or method not allowed', 403));
+            $message = sprintf('Route "%s" or method "%s" not allowed.', $this->request->getUri()->getPath(), $this->request->getMethod());
+            $this->handleException(new HttpException($message, 403));
         }
 
         if ($this->request->getLoadedRoute() === null) {
@@ -293,23 +308,22 @@ class Router
 
             $this->handleException(new NotFoundHttpException($message, 404));
         }
+
+        return null;
     }
 
     /**
      * @param \Exception $e
      * @throws HttpException
      * @throws \Exception
+     * @return string
      */
     protected function handleException(\Exception $e)
     {
         $url = ($this->request->getRewriteUrl() !== null) ? $this->request->getRewriteUrl() : $this->request->getUri()->getPath();
 
-        $max = count($this->exceptionHandlers);
-
         /* @var $handler IExceptionHandler */
-        for ($i = 0; $i < $max; $i++) {
-
-            $handler = $this->exceptionHandlers[$i];
+        foreach ($this->exceptionHandlers as $key => $handler) {
 
             if (is_object($handler) === false) {
                 $handler = new $handler();
@@ -319,26 +333,31 @@ class Router
                 throw new HttpException('Exception handler must implement the IExceptionHandler interface.', 500);
             }
 
-            if ($handler->handleError($this->request, $e) !== null) {
+            try {
 
-                $rewriteRoute = $this->request->getRewriteRoute();
+                if ($handler->handleError($this->request, $e) !== null) {
 
-                if ($rewriteRoute !== null) {
-                    $rewriteRoute->loadMiddleware($this->request);
+                    $rewriteRoute = $this->request->getRewriteRoute();
 
-                    return $rewriteRoute->renderRoute($this->request);
+                    if ($rewriteRoute !== null) {
+                        $rewriteRoute->loadMiddleware($this->request);
+
+                        return $rewriteRoute->renderRoute($this->request);
+                    }
+
+                    $rewriteUrl = $this->request->getRewriteUrl();
+
+                    /* If the request has changed */
+                    if ($rewriteUrl !== null && $rewriteUrl !== $url) {
+                        unset($this->exceptionHandlers[$key]);
+                        $this->exceptionHandlers = array_values($this->exceptionHandlers);
+
+                        return $this->routeRequest(true);
+                    }
                 }
 
-                $rewriteUrl = $this->request->getRewriteUrl();
+            } catch (\Exception $e) {
 
-                /* If the request has changed */
-                if ($rewriteUrl !== null && $rewriteUrl !== $url) {
-                    unset($this->exceptionHandlers[$i]);
-                    $this->exceptionHandlers = array_values($this->exceptionHandlers);
-                    $this->routeRequest(true);
-
-                    return;
-                }
             }
         }
 
@@ -347,7 +366,7 @@ class Router
 
     public function arrayToParams(array $getParams = [], $includeEmpty = true)
     {
-        if (count($getParams) > 0) {
+        if (count($getParams) !== 0) {
 
             if ($includeEmpty === false) {
                 $getParams = array_filter($getParams, function ($item) {
@@ -481,7 +500,7 @@ class Router
                 $route = $this->processedRoutes[$i];
 
                 /* Check if the route contains the name/alias */
-                if ($route->hasName($controller)) {
+                if ($route->hasName($controller) === true) {
                     return $route->findUrl($method, $parameters, $name) . $this->arrayToParams($getParams);
                 }
 
@@ -494,7 +513,7 @@ class Router
         }
 
         /* No result so we assume that someone is using a hardcoded url and join everything together. */
-        $url = trim(join('/', array_merge((array)$name, (array)$parameters)), '/');
+        $url = trim(implode('/', array_merge((array)$name, (array)$parameters)), '/');
 
         return (($url === '') ? '/' : '/' . $url . '/') . $this->arrayToParams($getParams);
     }
@@ -526,6 +545,16 @@ class Router
         $this->bootManagers[] = $bootManager;
     }
 
+    /**
+     * Get routes that has been processed.
+     *
+     * @return array
+     */
+    public function getProcessedRoutes()
+    {
+        return $this->processedRoutes;
+    }
+
     /**
      * @return array
      */
@@ -579,4 +608,4 @@ class Router
         return $this;
     }
 
-}
+}

src/Pecee/SimpleRouter/SimpleRouter.php

@@ -16,6 +16,7 @@ use Pecee\Http\Response;
 use Pecee\SimpleRouter\Exceptions\HttpException;
 use Pecee\SimpleRouter\Exceptions\NotFoundHttpException;
 use Pecee\SimpleRouter\Route\IRoute;
+use Pecee\SimpleRouter\Route\RoutePartialGroup;
 use Pecee\SimpleRouter\Route\RouteController;
 use Pecee\SimpleRouter\Route\RouteGroup;
 use Pecee\SimpleRouter\Route\RouteResource;
@@ -44,8 +45,7 @@ class SimpleRouter
     /**
      * Start/route request
      *
-     * @throws HttpException
-     * @throws NotFoundHttpException
+     * @throws HttpException|NotFoundHttpException|\Exception
      */
     public static function start()
     {
@@ -171,14 +171,41 @@ class SimpleRouter
      */
     public static function group(array $settings = [], \Closure $callback)
     {
+        if (is_callable($callback) === false) {
+            throw new \InvalidArgumentException('Invalid callback provided. Only functions or methods supported');
+        }
+
         $group = new RouteGroup();
         $group->setCallback($callback);
         $group->setSettings($settings);
 
+        static::router()->addRoute($group);
+
+        return $group;
+    }
+
+    /**
+     * Special group that has the same benefits as group but supports
+     * parameters and which are only rendered when the url matches.
+     *
+     * @param string $url
+     * @param array $settings
+     * @param \Closure $callback
+     * @throws \InvalidArgumentException
+     * @return RoutePartialGroup
+     */
+    public static function partialGroup($url, \Closure $callback, array $settings = [])
+    {
         if (is_callable($callback) === false) {
             throw new \InvalidArgumentException('Invalid callback provided. Only functions or methods supported');
         }
 
+        $settings['prefix'] = $url;
+
+        $group = new RoutePartialGroup();
+        $group->setSettings($settings);
+        $group->setCallback($callback);
+
         static::router()->addRoute($group);
 
         return $group;
@@ -392,14 +419,14 @@ class SimpleRouter
      * @param IRoute $route
      * @return IRoute
      */
-    protected static function addDefaultNamespace(IRoute $route)
+    public static function addDefaultNamespace(IRoute $route)
     {
         if (static::$defaultNamespace !== null) {
 
             $callback = $route->getCallback();
 
             /* Only add default namespace on relative callbacks */
-            if ($callback === null || $callback[0] !== '\\') {
+            if ($callback === null || (is_string($callback) === true && $callback[0] !== '\\')) {
 
                 $namespace = static::$defaultNamespace;
 

test/RouterPartialGroupTest.php

@@ -0,0 +1,29 @@
+<?php
+
+require_once 'Dummy/DummyMiddleware.php';
+require_once 'Dummy/DummyController.php';
+require_once 'Dummy/Handler/ExceptionHandler.php';
+require_once 'Helpers/TestRouter.php';
+
+class RouterPartialGroupTest extends PHPUnit_Framework_TestCase
+{
+
+    public function testParameters()
+    {
+        $result1 = null;
+        $result2 = null;
+
+        TestRouter::partialGroup('{param1}/{param2}', function ($param1 = null, $param2 = null) use (&$result1, &$result2) {
+            $result1 = $param1;
+            $result2 = $param2;
+
+            TestRouter::get('/', 'DummyController@method1');
+        });
+
+        TestRouter::debug('/param1/param2', 'get');
+
+        $this->assertEquals('param1', $result1);
+        $this->assertEquals('param2', $result2);
+    }
+
+}

test/RouterRouteTest.php

@@ -125,6 +125,20 @@ class RouterRouteTest extends PHPUnit_Framework_TestCase
         TestRouter::debug('/my/custom-path', 'get');
     }
 
+    public function testParameterDefaultValue() {
+
+        $defaultVariable = null;
+
+        TestRouter::get('/my/{path?}', function($path = 'working') use(&$defaultVariable) {
+            $defaultVariable = $path;
+        });
+
+        TestRouter::debug('/my/');
+
+        $this->assertEquals('working', $defaultVariable);
+
+    }
+
     public function testDefaultParameterRegex()
     {
         TestRouter::get('/my/{path}', 'DummyController@param', ['defaultParameterRegex' => '[\w\-]+']);

test/RouterUrlTest.php

@@ -31,7 +31,7 @@ class RouterUrlTest extends PHPUnit_Framework_TestCase
     public function testUnicodeCharacters()
     {
         // Test spanish characters
-        TestRouter::get('/cursos/listado/{listado?}/{category?}', 'DummyController@method1', ['defaultParameterRegex' => '[\w\p{L}\s-\í]+']);
+        TestRouter::get('/cursos/listado/{listado?}/{category?}', 'DummyController@method1', ['defaultParameterRegex' => '[\w\p{L}\s-]+']);
         TestRouter::debugNoReset('/cursos/listado/especialidad/cirugía local', 'get');
         $this->assertEquals('/cursos/listado/{listado?}/{category?}/', TestRouter::router()->getRequest()->getLoadedRoute()->getUrl());