From 6cb79e66766d00285fd3460dc1ba3600e1b81a2a Mon Sep 17 00:00:00 2001
From: Taylor Otwell <taylorotwell@gmail.com>
Date: Mon, 10 Oct 2011 21:34:15 -0500
Subject: [PATCH] refactoring

---
 application/config/aliases.php     |  53 -------------
 application/config/application.php | 110 ++++++++++++++++++++-------
 laravel/bootstrap/core.php         |  28 +++++--
 laravel/config.php                 |   3 -
 laravel/controller.php             |   6 +-
 laravel/cookie.php                 |  49 ++++++++++--
 laravel/facades.php                |  35 ---------
 laravel/form.php                   |   4 +-
 laravel/inflector.php              |   8 +-
 laravel/input.php                  |   4 +-
 laravel/language/en/pagination.php |  13 +---
 laravel/language/en/validation.php |  27 +------
 laravel/laravel.php                |  11 ++-
 laravel/paginator.php              |   2 +-
 laravel/redirect.php               |   2 +-
 laravel/request.php                |  53 ++++++++++++-
 laravel/routing/route.php          |   2 +-
 laravel/routing/router.php         |   5 +-
 laravel/security/auth.php          |  45 ++++++-----
 laravel/security/crypter.php       |   6 +-
 laravel/session/manager.php        |  28 +++++++
 laravel/uri.php                    | 118 -----------------------------
 22 files changed, 279 insertions(+), 333 deletions(-)
 delete mode 100644 application/config/aliases.php
 delete mode 100644 laravel/facades.php
 delete mode 100644 laravel/uri.php

diff --git a/application/config/aliases.php b/application/config/aliases.php
deleted file mode 100644
index a6a2103e..00000000
--- a/application/config/aliases.php
+++ /dev/null
@@ -1,53 +0,0 @@
-<?php
-
-return array(
-
-	/*
-	|--------------------------------------------------------------------------
-	| Class Aliases
-	|--------------------------------------------------------------------------
-	|
-	| Here, you can specify any class aliases that you would like registered
-	| when Laravel loads. Aliases are lazy-loaded, so add as many as you want.
-	|
-	| Aliases make it more convenient to use namespaced classes. Instead of
-	| referring to the class using its full namespace, you may simply use
-	| the alias defined here.
-	|
-	| We have already aliased common Laravel classes to make your life easier.
-	|
-	*/
-
-	'Arr'        => 'Laravel\\Arr',
-	'Asset'      => 'Laravel\\Asset',
-	'Auth'       => 'Laravel\\Security\\Auth',
-	'Benchmark'  => 'Laravel\\Benchmark',
-	'Cache'      => 'Laravel\\Cache',
-	'Config'     => 'Laravel\\Config',
-	'Controller' => 'Laravel\\Controller',
-	'Cookie'     => 'Laravel\\Cookie',
-	'Crypter'    => 'Laravel\\Security\\Crypter',
-	'DB'         => 'Laravel\\Database\\Manager',
-	'Eloquent'   => 'Laravel\\Database\\Eloquent\\Model',
-	'File'       => 'Laravel\\File',
-	'Form'       => 'Laravel\\Form',
-	'Hasher'     => 'Laravel\\Security\\Hasher',
-	'HTML'       => 'Laravel\\HTML',
-	'Inflector'  => 'Laravel\\Inflector',
-	'Input'      => 'Laravel\\Input',
-	'IoC'        => 'Laravel\\IoC',
-	'Lang'       => 'Laravel\\Lang',
-	'Loader'     => 'Laravel\\Loader',
-	'Messages'   => 'Laravel\\Validation\\Messages',
-	'Package'    => 'Laravel\\Facades\\Package',
-	'URI'        => 'Laravel\\URI',
-	'URL'        => 'Laravel\\URL',
-	'Redirect'   => 'Laravel\\Redirect',
-	'Request'    => 'Laravel\\Request',
-	'Response'   => 'Laravel\\Response',
-	'Session'    => 'Laravel\\Facades\\Session',
-	'Str'        => 'Laravel\\Str',
-	'Validator'  => 'Laravel\\Validation\\Validator',
-	'View'       => 'Laravel\\View',
-
-);
\ No newline at end of file
diff --git a/application/config/application.php b/application/config/application.php
index 94dc5a3e..39e28720 100644
--- a/application/config/application.php
+++ b/application/config/application.php
@@ -29,27 +29,18 @@
 
 	/*
 	|--------------------------------------------------------------------------
-	| Application Language
+	| Application Key
 	|--------------------------------------------------------------------------
 	|
-	| The default language of your application. This language will be used by
-	| Lang library as the default language when doing string localization.
+	| The application key should be a random, 32 character string.
+	|
+	| This key is used by the encryption and cookie classes to generate secure
+	| encrypted strings and hashes. It is extremely important that this key
+	| remain secret and should not be shared with anyone.
 	|
 	*/
 
-	'language' => 'en',
-
-	/*
-	|--------------------------------------------------------------------------
-	| Application Timezone
-	|--------------------------------------------------------------------------
-	|
-	| The default timezone of your application. This timezone will be used when
-	| Laravel needs a date, such as when writing to a log file.
-	|
-	*/
-
-	'timezone' => 'UTC',
+	'key' => '',
 
 	/*
 	|--------------------------------------------------------------------------
@@ -63,6 +54,18 @@
 
 	'encoding' => 'UTF-8',
 
+	/*
+	|--------------------------------------------------------------------------
+	| Application Language
+	|--------------------------------------------------------------------------
+	|
+	| The default language of your application. This language will be used by
+	| Lang library as the default language when doing string localization.
+	|
+	*/
+
+	'language' => 'en',
+
 	/*
 	|--------------------------------------------------------------------------
 	| Auto-Loaded Packages
@@ -82,19 +85,6 @@
 
 	'packages' => array(),
 
-	/*
-	|--------------------------------------------------------------------------
-	| Application Key
-	|--------------------------------------------------------------------------
-	|
-	| Your application key should be a 32 character string that is totally
-	| random and secret. This key is used by the encryption class to generate
-	| secure, encrypted strings.
-	|
-	*/
-
-	'key' => '',
-
 	/*
 	|--------------------------------------------------------------------------
 	| SSL Link Generation
@@ -112,4 +102,66 @@
 
 	'ssl' => true,
 
+	/*
+	|--------------------------------------------------------------------------
+	| Application Timezone
+	|--------------------------------------------------------------------------
+	|
+	| The default timezone of your application. This timezone will be used when
+	| Laravel needs a date, such as when writing to a log file.
+	|
+	*/
+
+	'timezone' => 'UTC',
+
+	/*
+	|--------------------------------------------------------------------------
+	| Class Aliases
+	|--------------------------------------------------------------------------
+	|
+	| Here, you can specify any class aliases that you would like registered
+	| when Laravel loads. Aliases are lazy-loaded, so add as many as you want.
+	|
+	| Aliases make it more convenient to use namespaced classes. Instead of
+	| referring to the class using its full namespace, you may simply use
+	| the alias defined here.
+	|
+	| We have already aliased common Laravel classes to make your life easier.
+	|
+	*/
+
+	'aliases' => array(
+		'Arr'        => 'Laravel\\Arr',
+		'Asset'      => 'Laravel\\Asset',
+		'Auth'       => 'Laravel\\Security\\Auth',
+		'Benchmark'  => 'Laravel\\Benchmark',
+		'Cache'      => 'Laravel\\Cache',
+		'Config'     => 'Laravel\\Config',
+		'Controller' => 'Laravel\\Controller',
+		'Cookie'     => 'Laravel\\Cookie',
+		'Crypter'    => 'Laravel\\Security\\Crypter',
+		'DB'         => 'Laravel\\Database\\Manager',
+		'Eloquent'   => 'Laravel\\Database\\Eloquent\\Model',
+		'File'       => 'Laravel\\File',
+		'Form'       => 'Laravel\\Form',
+		'Hasher'     => 'Laravel\\Security\\Hasher',
+		'HTML'       => 'Laravel\\HTML',
+		'Inflector'  => 'Laravel\\Inflector',
+		'Input'      => 'Laravel\\Input',
+		'IoC'        => 'Laravel\\IoC',
+		'Lang'       => 'Laravel\\Lang',
+		'Loader'     => 'Laravel\\Loader',
+		'Messages'   => 'Laravel\\Validation\\Messages',
+		'Package'    => 'Laravel\\Facades\\Package',
+		'URI'        => 'Laravel\\URI',
+		'URL'        => 'Laravel\\URL',
+		'Redirect'   => 'Laravel\\Redirect',
+		'Request'    => 'Laravel\\Request',
+		'Response'   => 'Laravel\\Response',
+		'Session'    => 'Laravel\\Session\\Manager',
+		'Str'        => 'Laravel\\Str',
+		'Validator'  => 'Laravel\\Validation\\Validator',
+		'View'       => 'Laravel\\View',
+	),
+
 );
\ No newline at end of file
diff --git a/laravel/bootstrap/core.php b/laravel/bootstrap/core.php
index e11a52be..b386ed3d 100644
--- a/laravel/bootstrap/core.php
+++ b/laravel/bootstrap/core.php
@@ -30,7 +30,7 @@
  * These are typically classes that are used by the auto-loader or
  * configuration classes, and therefore cannot be auto-loaded.
  */
-require SYS_PATH.'facades'.EXT;
+//require SYS_PATH.'facades'.EXT;
 require SYS_PATH.'config'.EXT;
 require SYS_PATH.'loader'.EXT;
 require SYS_PATH.'arr'.EXT;
@@ -51,18 +51,34 @@
  * let them fall through the Config loader. This will allow us to
  * load these files faster for each request.
  */
-foreach (array('application', 'session', 'aliases') as $file)
+foreach (array('application', 'session') as $file)
 {
 	$config = require CONFIG_PATH.$file.EXT;
 
-	if (isset($_SERVER['LARAVEL_ENV']))
+	if (isset($_SERVER['LARAVEL_ENV']) and file_exists($path = ENV_CONFIG_PATH.$file.EXT))
 	{
-		$config = array_merge($config, require ENV_CONFIG_PATH.$file.EXT);
+		$config = array_merge($config, require $path);
 	}
 
 	Config::$items[$file] = $config;
 }
 
+/**
+ * Load the container configuration into the Config class. We load
+ * this file manually to avoid the overhead of Config::load.
+ */
+Config::$items['container'] = require SYS_CONFIG_PATH.'container'.EXT;
+
+if (file_exists($path = CONFIG_PATH.'container'.EXT))
+{
+	Config::$items['container'] = array_merge(Config::$items['container'], require $path);
+}
+
+if (isset($_SERVER['LARAVEL_ENV']) and file_exists($path = ENV_CONFIG_PATH.'container'.EXT))
+{
+	Config::$items['container'] = array_merge(Config::$items['container'], require $path);
+}
+
 /**
  * Bootstrap the application inversion of control (IoC) container.
  * The container provides the convenient resolution of objects and
@@ -71,7 +87,7 @@
  */
 require SYS_PATH.'container'.EXT;
 
-$container = new Container(Config::get('container'));
+$container = new Container(Config::$items['container']);
 
 IoC::$container = $container;
 
@@ -82,7 +98,7 @@
  */
 spl_autoload_register(array('Laravel\\Loader', 'load'));
 
-Loader::$aliases = Config::get('aliases');
+Loader::$aliases = Config::$items['application']['aliases'];
 
 /**
  * Define a few convenient global functions.
diff --git a/laravel/config.php b/laravel/config.php
index 3f038a1c..c52cecb4 100644
--- a/laravel/config.php
+++ b/laravel/config.php
@@ -132,9 +132,6 @@ protected static function load($file)
 			}
 		}
 
-		// If configuration options were actually found, they will be loaded into the
-		// array containing all of the options for all files. The array is keyed by the
-		// configuration file name.
 		if (count($config) > 0) static::$items[$file] = $config;
 
 		return isset(static::$items[$file]);
diff --git a/laravel/controller.php b/laravel/controller.php
index ab3059d7..1b33709f 100644
--- a/laravel/controller.php
+++ b/laravel/controller.php
@@ -24,7 +24,7 @@ abstract class Controller {
 	 */
 	public function filters($name)
 	{
-		return $this->$name;
+		return (array) $this->$name;
 	}
 
 	/**
@@ -47,10 +47,6 @@ public static function resolve(Container $container, $controller, $path)
 			return $container->resolve('controllers.'.$controller);
 		}
 
-		// If the controller was not registered in the container, we will instantiate
-		// an instance of the controller manually. All controllers are suffixed with
-		// "_Controller" to avoid namespacing. Allowing controllers to exist in the
-		// global namespace gives the developer a convenient API for using the framework.
 		$controller = str_replace(' ', '_', ucwords(str_replace('.', ' ', $controller))).'_Controller';
 
 		return new $controller;
diff --git a/laravel/cookie.php b/laravel/cookie.php
index 2fd34915..8e370ec4 100644
--- a/laravel/cookie.php
+++ b/laravel/cookie.php
@@ -1,4 +1,9 @@
-<?php namespace Laravel;
+<?php namespace Laravel; use Closure;
+
+if (trim(Config::get('application.key')) === '')
+{
+	throw new \Exception('The cookie class may not be used without an application key.');
+}
 
 class Cookie {
 
@@ -22,7 +27,27 @@ public static function has($name)
 	 */
 	public static function get($name, $default = null)
 	{
-		return Arr::get($_COOKIE, $name, $default);
+		$value = Arr::get($_COOKIE, $name);
+
+		if ( ! is_null($value))
+		{
+			// All Laravel managed cookies are prefixed with a fingerprint hash.
+			// The hash serves to verify that the contents of the cookie have not
+			// been modified by the user. We can verify the integrity of the cookie
+			// by extracting the value and re-hashing it, then comparing that hash
+			// against the hash stored in the cookie.
+			if (isset($value[40]) and $value[40] === '~')
+			{
+				list($hash, $value) = explode('~', $value, 2);
+
+				if (static::hash($name, $value) === $hash)
+				{
+					return $value;
+				}
+			}
+		}
+
+		return ($default instanceof Closure) ? call_user_func($default) : $default;
 	}
 
 	/**
@@ -65,11 +90,25 @@ public static function put($name, $value, $minutes = 0, $path = '/', $domain = n
 
 		if ($minutes < 0) unset($_COOKIE[$name]);
 
-		// Since PHP needs the cookie lifetime in seconds, we will calculate it here.
-		// A "0" lifetime means the cookie expires when the browser closes.
 		$time = ($minutes !== 0) ? time() + ($minutes * 60) : 0;
 
-		return setcookie($name, $value, $time, $path, $domain, $secure, $http_only);
+		return setcookie($name, static::hash($name, $value).'~'.$value, $time, $path, $domain, $secure, $http_only);
+	}
+
+	/**
+	 * Generate a cookie hash.
+	 *
+	 * Cookie salts are used to verify that the contents of the cookie have not
+	 * been modified by the user, since they serve as a fingerprint of the cookie
+	 * contents. The application key is used to salt the salts.
+	 *
+	 * @param  string  $name
+	 * @param  string  $value
+	 * @return string
+	 */
+	protected static function hash($name, $value)
+	{
+		return sha1($name.$value.Config::get('application.key'));
 	}
 
 	/**
diff --git a/laravel/facades.php b/laravel/facades.php
deleted file mode 100644
index a2e82d9d..00000000
--- a/laravel/facades.php
+++ /dev/null
@@ -1,35 +0,0 @@
-<?php namespace Laravel\Facades;
-
-use Laravel\IoC;
-
-/**
- * The Laravel framework makes thorough use of dependency injection assisted by an application
- * inversion of control container. This allows for great flexibility, easy testing, and better
- * architecture. However, most PHP framework users may be used to accessing classes through
- * a variety of static methods. Laravel provides "facades" to simulate this behavior while
- * still using heavy dependency injection.
- *
- * Each class that is commonly used by the developer has a corresponding facade defined in
- * this file. All of the various facades inherit from the abstract Facade class, which only
- * has a single __callStatic magic method. The facade simply resolves the requested class
- * out of the IoC container and calls the appropriate method.
- */
-abstract class Facade {
-
-	/**
-	 * Magic Method for passing methods to a class registered in the IoC container.
-	 * This provides a convenient method of accessing functions on classes that
-	 * could not otherwise be accessed staticly.
-	 *
-	 * Facades allow Laravel to still have a high level of dependency injection
-	 * and testability while still accomodating the common desire to conveniently
-	 * use classes via static methods.
-	 */
-	public static function __callStatic($method, $parameters)
-	{
-		return call_user_func_array(array(IoC::container()->resolve(static::$resolve), $method), $parameters);
-	}
-
-}
-
-class Session extends Facade { public static $resolve = 'laravel.session'; }
\ No newline at end of file
diff --git a/laravel/form.php b/laravel/form.php
index 67f1671c..592240cc 100644
--- a/laravel/form.php
+++ b/laravel/form.php
@@ -80,7 +80,7 @@ protected static function method($method)
 	 */
 	protected static function action($action, $https)
 	{
-		return HTML::entities(URL::to(((is_null($action)) ? URI::get() : $action), $https));
+		return HTML::entities(URL::to(((is_null($action)) ? Request::uri() : $action), $https));
 	}
 
 	/**
@@ -157,7 +157,7 @@ public static function raw_token()
 			throw new \Exception("A session driver must be specified before using CSRF tokens.");			
 		}
 
-		return IoC::container()->core('session')->get('csrf_token');
+		return Session\Manager::$payload->get('csrf_token');
 	}
 
 	/**
diff --git a/laravel/inflector.php b/laravel/inflector.php
index 2f7e8eb5..5fa90697 100644
--- a/laravel/inflector.php
+++ b/laravel/inflector.php
@@ -136,7 +136,9 @@ public static function plural($value)
 	{
 		$irregular = array_flip(static::$irregular);
 
-		return static::$plural_cache[$value] = static::inflect($value, static::$plural_cache, $irregular, static::$plural);
+		$plural = static::inflect($value, static::$plural_cache, $irregular, static::$plural);
+
+		return static::$plural_cache[$value] = $plural;
 	}
 
 	/**
@@ -147,7 +149,9 @@ public static function plural($value)
 	 */
 	public static function singular($value)
 	{
-		return static::$singular_cache[$value] = static::inflect($value, static::$singular_cache, static::$irregular, static::$singular);
+		$singular = static::inflect($value, static::$singular_cache, static::$irregular, static::$singular);
+
+		return static::$singular_cache[$value] = $singular;
 	}
 
 	/**
diff --git a/laravel/input.php b/laravel/input.php
index 76b91b84..06ad8cd0 100644
--- a/laravel/input.php
+++ b/laravel/input.php
@@ -107,9 +107,7 @@ public static function old($key = null, $default = null)
 			throw new \Exception('A session driver must be specified in order to access old input.');
 		}
 
-		$driver = IoC::container()->core('session');
-
-		return Arr::get($driver->get(Input::old_input, array()), $key, $default);
+		return Arr::get(Session\Manager::$payload->get(Input::old_input, array()), $key, $default);
 	}
 
 	/**
diff --git a/laravel/language/en/pagination.php b/laravel/language/en/pagination.php
index db1e08a6..c4e503d6 100644
--- a/laravel/language/en/pagination.php
+++ b/laravel/language/en/pagination.php
@@ -1,15 +1,6 @@
-<?php return array(
+<?php 
 
-	/*
-	|--------------------------------------------------------------------------
-	| Pagination Elements
-	|--------------------------------------------------------------------------
-	|
-	| These simple language lines provide the text for the Paginator class.
-	| Each line corresponds with an element of the pagination links generated
-	| by the class, and may be changed freely by the developer.
-	|
-	*/
+return array(
 
 	'first'    => 'First',
 	'previous' => '&larr; Previous',
diff --git a/laravel/language/en/validation.php b/laravel/language/en/validation.php
index 6092bc0f..ace0e194 100644
--- a/laravel/language/en/validation.php
+++ b/laravel/language/en/validation.php
@@ -2,21 +2,10 @@
 
 return array(
 
-	/*
-	|--------------------------------------------------------------------------
-	| Validation Error Messages
-	|--------------------------------------------------------------------------
-	|
-	| These error messages will be used by the Validator class if no other
-	| messages are provided by the developer. They may be overriden by the
-	| developer in the application language directory.
-	|
-	*/
-
 	"accepted"   => "The :attribute must be accepted.",
-	"active_url" => "The :attribute is not an active URL.",
+	"active_url" => "The :attribute is not a valid URL.",
 	"alpha"      => "The :attribute may only contain letters.",
-	"alpha_dash" => "The :attribute may only contain letters, numbers, dashes, and underscores.",
+	"alpha_dash" => "The :attribute may only contain letters, numbers, and dashes.",
 	"alpha_num"  => "The :attribute may only contain letters and numbers.",
 	"between"    => "The :attribute must be between :min - :max.",
 	"confirmed"  => "The :attribute confirmation does not match.",
@@ -32,17 +21,7 @@
 	"required"   => "The :attribute field is required.",
 	"size"       => "The :attribute must be :size.",
 	"unique"     => "The :attribute has already been taken.",
-	"url"        => "The :attribute format is invalid.",	
-
-	/*
-	|--------------------------------------------------------------------------
-	| Validation Units
-	|--------------------------------------------------------------------------
-	|
-	| The following words are appended to the "size" messages when applicable,
-	| such as when validating string lengths or the size of file uploads.
-	|
-	*/
+	"url"        => "The :attribute format is invalid.",
 
 	"characters" => "characters",
 	"kilobytes"  => "kilobytes",
diff --git a/laravel/laravel.php b/laravel/laravel.php
index 4af26395..35c3fd7d 100644
--- a/laravel/laravel.php
+++ b/laravel/laravel.php
@@ -17,25 +17,24 @@
 /**
  * Set the application's default timezone.
  */
-date_default_timezone_set(Config::get('application.timezone'));
+date_default_timezone_set(Config::$items['application']['timezone']);
 
 /**
  * Load the session and session manager instance. The session
  * payload will be registered in the IoC container as an instance
  * so it can be retrieved easily throughout the application.
  */
-if (Config::get('session.driver') !== '')
+if (Config::$items['session']['driver'] !== '')
 {
 	$session = $container->core('session.manager');
 
-	$container->instance('laravel.session', $session->payload(Config::get('session')));
+	Session\Manager::$payload = $session->payload(Config::$items['session']);
 }
 
 /**
  * Manually load some core classes that are used on every request
  * This allows to avoid using the loader for these classes.
  */
-require SYS_PATH.'uri'.EXT;
 require SYS_PATH.'request'.EXT;
 require SYS_PATH.'routing/route'.EXT;
 require SYS_PATH.'routing/router'.EXT;
@@ -81,7 +80,7 @@
  * instance. If no route is found, the 404 response will be returned
  * to the browser.
  */
-list($method, $uri) = array(Request::method(), URI::get());
+list($method, $uri) = array(Request::method(), Request::uri());
 
 $route = $container->core('routing.router')->route($method, $uri);
 
@@ -112,7 +111,7 @@
 {
 	$flash = array(Input::old_input => Input::get());
 
-	$session->close($container->core('session'), Config::get('session'), $flash);
+	$session->close(Session\Manager::$payload, Config::$items['session'], $flash);
 }
 
 /**
diff --git a/laravel/paginator.php b/laravel/paginator.php
index 33cf7a75..dc0e3bde 100644
--- a/laravel/paginator.php
+++ b/laravel/paginator.php
@@ -242,7 +242,7 @@ protected function element($element, $text, $page, $disabler)
 			// We will assume the page links should use HTTPS if the current request
 			// is also using HTTPS. Since pagination links automatically point to
 			// the current URI, this makes pretty good sense.
-			list($uri, $secure) = array(URI::get(), Request::secure());
+			list($uri, $secure) = array(Request::uri(), Request::secure());
 
 			return HTML::link($uri.$this->appendage($element, $page), $text, array('class' => $class), $secure);
 		}
diff --git a/laravel/redirect.php b/laravel/redirect.php
index 92f76432..f5d7edcd 100644
--- a/laravel/redirect.php
+++ b/laravel/redirect.php
@@ -61,7 +61,7 @@ public function with($key, $value)
 			throw new \Exception('A session driver must be set before setting flash data.');
 		}
 
-		IoC::container()->core('session')->flash($key, $value);
+		Session\Manager::$payload->flash($key, $value);
 
 		return $this;
 	}
diff --git a/laravel/request.php b/laravel/request.php
index 657ff6d8..3476537b 100644
--- a/laravel/request.php
+++ b/laravel/request.php
@@ -9,6 +9,13 @@ class Request {
 	 */
 	public static $route;
 
+	/**
+	 * The request URI for the current request.
+	 *
+	 * @var string
+	 */
+	protected static $uri;
+
 	/**
 	 * The request data key that is used to indicate a spoofed request method.
 	 *
@@ -25,7 +32,49 @@ class Request {
 	 */
 	public static function uri()
 	{
-		return URI::get();
+		if ( ! is_null(static::$uri)) return static::$uri;
+
+		// Sniff the request URI out of the $_SERVER array. The PATH_IFNO
+		// variable contains the URI without the base URL or index page,
+		// so we will use that if possible, otherwise we will parse the
+		// URI out of the REQUEST_URI element.
+		if (isset($_SERVER['PATH_INFO']))
+		{
+			$uri = $_SERVER['PATH_INFO'];
+		}
+		if (isset($_SERVER['REQUEST_URI']))
+		{
+			$uri = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
+
+			if ($uri === false)
+			{
+				throw new \Exception("Invalid request URI. Request terminated.");
+			}
+		}
+		else
+		{
+			throw new \Exception("Unable to determine the request URI.");
+		}
+
+		// Remove the application URL and the application index page from
+		// the request URI. Both of these elements will interfere with the
+		// routing engine and are extraneous, so they will be removed.
+		$base = parse_url(Config::$items['application']['url'], PHP_URL_PATH);
+
+		if (strpos($uri, $base) === 0)
+		{
+			$uri = substr($uri, strlen($base));
+		}
+
+		if (strpos($uri, '/index.php') === 0)
+		{
+			$uri = substr($uri, 10);
+		}
+
+		// Request URIs to the root of the application will be returned
+		// as a single forward slash. Otherwise, the request URI will be
+		// returned without leading or trailing slashes.
+		return static::$uri = (($uri = trim($uri, '/')) == '') ? '/' : $uri;
 	}
 
 	/**
@@ -37,7 +86,7 @@ public static function uri()
 	 */
 	public static function format()
 	{
-		return (($extension = pathinfo(URI::get(), PATHINFO_EXTENSION)) !== '') ? $extension : 'html';
+		return (($extension = pathinfo(static::uri(), PATHINFO_EXTENSION)) !== '') ? $extension : 'html';
 	}
 
 	/**
diff --git a/laravel/routing/route.php b/laravel/routing/route.php
index af6035dc..4d14ad37 100644
--- a/laravel/routing/route.php
+++ b/laravel/routing/route.php
@@ -123,7 +123,7 @@ public function filters($name)
 	{
 		if (is_array($this->callback) and isset($this->callback[$name]))
 		{
-			return $this->callback[$name];
+			return (array) $this->callback[$name];
 		}
 
 		return array();
diff --git a/laravel/routing/router.php b/laravel/routing/router.php
index fad899ab..78b035f1 100644
--- a/laravel/routing/router.php
+++ b/laravel/routing/router.php
@@ -196,7 +196,10 @@ protected function controller_key($segments)
 	 */
 	protected function provides($callback)
 	{
-		return (is_array($callback) and isset($callback['provides'])) ? explode(', ', $callback['provides']) : null;
+		if (is_array($callback) and isset($callback['provides']))
+		{
+			return (is_string($provides = $callback['provides'])) ? explode('|', $provides) : $provides;
+		}
 	}
 
 	/**
diff --git a/laravel/security/auth.php b/laravel/security/auth.php
index 2adf44cc..768e39e4 100644
--- a/laravel/security/auth.php
+++ b/laravel/security/auth.php
@@ -1,9 +1,10 @@
 <?php namespace Laravel\Security;
 
 use Laravel\IoC;
+use Laravel\Str;
 use Laravel\Config;
 use Laravel\Cookie;
-use Laravel\Session\Payload;
+use Laravel\Session\Manager as Session;
 
 class Auth {
 
@@ -41,8 +42,11 @@ public static function check()
 	/**
 	 * Get the current user of the application.
 	 *
-	 * If the current user is not authenticated, null will be returned. This method
-	 * will call the "user" closure in the authentication configuration file.
+	 * This method will call the "user" closure in the authentication configuration file.
+	 * If the user is not authenticated, null will be returned.
+	 *
+	 * If no user exists in the session, the method will check for a "remember me"
+	 * cookie and attempt to login the user based on the value of that cookie.
 	 *
 	 * <code>
 	 *		// Get the current user of the application
@@ -58,11 +62,8 @@ public static function user()
 	{
 		if ( ! is_null(static::$user)) return static::$user;
 
-		static::$user = call_user_func(Config::get('auth.user'), IoC::container()->core('session')->get(Auth::user_key));
+		static::$user = call_user_func(Config::get('auth.user'), Session::$payload->get(Auth::user_key));
 
-		// If no user was returned by the closure, and a "remember me" cookie exists,
-		// we will attempt to login the user using the ID that is encrypted into the
-		// cookie value by the "remember" method.
 		if (is_null(static::$user) and ! is_null($cookie = Cookie::get(Auth::remember_key)))
 		{
 			static::$user = static::recall($cookie);
@@ -79,12 +80,11 @@ public static function user()
 	 */
 	protected static function recall($cookie)
 	{
-		// The decrypted value of the remember cookie contains the ID and username.
-		// We will extract them out and pass the ID to the "user" closure to attempt
-		// to login the user. If a user is returned, their ID will be stored in
-		// the session like normal and the user will be considered logged in.
-		$cookie = explode('|', $cookie);
+		$cookie = explode('|', Crypter::decrypt($cookie));
 
+		// If there are not at least two elements in the array, the decrypted value
+		// is not valid and we wil just bail out of the method since the cookie may
+		// have been tampered with and should not be considered trustworthy.
 		if (count($cookie) < 2) return;
 
 		list($id, $username, $config) = array($cookie[0], $cookie[1], Config::get('auth'));
@@ -92,16 +92,16 @@ protected static function recall($cookie)
 		if ( ! is_null($user = call_user_func($config['user'], $id)) and $user->{$config['username']} === $username)
 		{
 			static::login($user);
-		}
 
-		return $user;
+			return $user;
+		}
 	}
 
 	/**
 	 * Attempt to log a user into the application.
 	 *
 	 * If the given credentials are valid, the user will be logged into the application
-	 * and their user ID will be stored in the session data.
+	 * and their user ID will be stored in the session via the "login" method.
 	 *
 	 * The user may also be "remembered". When this option is set, the user will be
 	 * automatically logged into the application for one year via an encrypted cookie
@@ -119,7 +119,7 @@ public static function attempt($username, $password = null, $remember = false)
 
 		if ( ! is_null($user = call_user_func($config['attempt'], $username, $password, $config)))
 		{
-			static::login($user, $remember);
+			static::login($user, $config, $remember);
 
 			return true;
 		}
@@ -140,20 +140,21 @@ public static function login($user, $remember = false)
 	{
 		static::$user = $user;
 
-		if ($remember) static::remember($user->id);
+		if ($remember) static::remember($user->id, $user->{Config::get('auth.username')});
 
-		IoC::container()->core('session')->put(Auth::user_key, $user->id);
+		Session::$payload->put(Auth::user_key, $user->id);
 	}
 
 	/**
 	 * Set a cookie so that users are "remembered" and don't need to login.
 	 *
 	 * @param  string  $id
+	 * @param  string  $username
 	 * @return void
 	 */
-	protected static function remember($id)
+	protected static function remember($id, $username)
 	{
-		$cookie = Crypter::encrypt($id.'|'.Str::random(40));
+		$cookie = Crypter::encrypt($id.'|'.$username.'|'.Str::random(40));
 
 		// This method assumes the "remember me" cookie should have the same configuration
 		// as the session cookie. Since this cookie, like the session cookie, should be
@@ -167,6 +168,8 @@ protected static function remember($id)
 	 * Log the current user out of the application.
 	 *
 	 * The "logout" closure in the authenciation configuration file will be called.
+	 * All authentication cookies will be deleted and the user ID will be removed
+	 * from the session.
 	 *
 	 * @return void
 	 */
@@ -180,7 +183,7 @@ public static function logout()
 
 		Cookie::forget(Auth::remember_key);
 
-		IoC::container()->core('session')->forget(Auth::user_key);
+		Session::$payload->forget(Auth::user_key);
 	}
 
 }
\ No newline at end of file
diff --git a/laravel/security/crypter.php b/laravel/security/crypter.php
index 4cf3f2ea..f889cb95 100644
--- a/laravel/security/crypter.php
+++ b/laravel/security/crypter.php
@@ -1,10 +1,8 @@
-<?php namespace Laravel\Security;
-
-use Laravel\Config;
+<?php namespace Laravel\Security; use Laravel\Config;
 
 if (trim(Config::get('application.key')) === '')
 {
-	throw new \Exception('The encryption class may not be used without an encryption key.');
+	throw new \Exception('The encryption class may not be used without an application key.');
 }
 
 class Crypter {
diff --git a/laravel/session/manager.php b/laravel/session/manager.php
index b49b71bf..048fe1e1 100644
--- a/laravel/session/manager.php
+++ b/laravel/session/manager.php
@@ -28,6 +28,13 @@ class Manager {
 	 */
 	private $exists = true;
 
+	/**
+	 * The current session payload.
+	 *
+	 * @var Payload
+	 */
+	public static $payload;
+
 	/**
 	 * Create a new session manager instance.
 	 *
@@ -107,4 +114,25 @@ public function close(Payload $payload, $config, $flash = array())
 		}
 	}
 
+	/**
+	 * Dynamically pass methods to the current session payload.
+	 *
+	 * <code>
+	 *		// Retrieve an item from the session payload
+	 *		$name = Session::get('name');
+	 *
+	 *		// Write an item to the sessin payload
+	 *		Session::put('name', 'Taylor');
+	 * </code>
+	 */
+	public static function __callStatic($method, $parameters)
+	{
+		if ( ! is_null(static::$payload))
+		{
+			return call_user_func_array(array(static::$payload, $method), $parameters);
+		}
+
+		throw new \Exception("Call to undefined method [$method] on Session class.");
+	}
+
 }
\ No newline at end of file
diff --git a/laravel/uri.php b/laravel/uri.php
deleted file mode 100644
index 18745f36..00000000
--- a/laravel/uri.php
+++ /dev/null
@@ -1,118 +0,0 @@
-<?php namespace Laravel;
-
-class URI {
-
-	/**
-	 * The URI for the current request.
-	 *
-	 * This property will be set after the URI is detected for the first time.
-	 *
-	 * @var string
-	 */
-	protected static $uri;
-
-	/**
-	 * Determine the request URI.
-	 *
-	 * The request URI will be trimmed to remove to the application URL and application index file.
-	 * If the request is to the root of the application, the URI will be set to a forward slash.
-	 *
-	 * If the $_SERVER "PATH_INFO" variable is available, it will be used; otherwise, we will try
-	 * to determine the URI using the REQUEST_URI variable. If neither are available,  an exception
-	 * will be thrown by the method.
-	 *
-	 * @return string
-	 */
-	public static function get()
-	{
-		if ( ! is_null(static::$uri)) return static::$uri;
-
-		if (($uri = static::from_server()) === false)
-		{
-			throw new \Exception('Malformed request URI. Request terminated.');
-		}
-
-		return static::$uri = static::format(static::clean($uri));
-	}
-
-	/**
-	 * Get a given URI segment from the URI for the current request.
-	 *
-	 * <code>
-	 *		// Get the first URI segment for the request
-	 *		$first = URI::segment(1);
-	 *
-	 *		// Return a default value if the URI segment doesn't exist
-	 *		$segment = URI::segment(3, 'Default');
-	 * </code>
-	 *
-	 * @param  int     $segment
-	 * @param  mixed   $default
-	 * @return string
-	 */
-	public static function segment($segment = null, $default = null)
-	{
-		$segments = Arr::without(explode('/', static::get()), array(''));
-
-		if ( ! is_null($segment)) $segment = $segment - 1;
-
-		return Arr::get($segments, $segment, $default);
-	}
-
-	/**
-	 * Get the request URI from the $_SERVER array.
-	 *
-	 * @return string
-	 */
-	protected static function from_server()
-	{
-		// If the PATH_INFO $_SERVER element is set, we will use since it contains
-		// the request URI formatted perfectly for Laravel's routing engine.
-		if (isset($_SERVER['PATH_INFO']))
-		{
-			return $_SERVER['PATH_INFO'];
-		}
-
-		// If the REQUEST_URI is set, we need to extract the URL path since this
-		// should return the URI formatted in a manner similar to PATH_INFO.
-		elseif (isset($_SERVER['REQUEST_URI']))
-		{
-			return parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
-		}
-
-		throw new \Exception('Unable to determine the request URI.');
-	}
-
-	/**
-	 * Remove extraneous segments from the URI such as the URL and index page.
-	 *
-	 * These segments need to be removed since they will cause problems in the
-	 * routing engine if they are present in the URI.
-	 *
-	 * @param  string  $uri
-	 * @return string
-	 */
-	protected static function clean($uri)
-	{
-		foreach (array(parse_url(Config::get('application.url'), PHP_URL_PATH), '/index.php') as $value)
-		{
-			$uri = (strpos($uri, $value) === 0) ? substr($uri, strlen($value)) : $uri;
-		}
-
-		return $uri;
-	}
-
-	/**
-	 * Format the URI.
-	 *
-	 * If the request URI is empty, a single forward slash will be returned.
-	 *
-	 * @param  string  $uri
-	 * @return string
-	 */
-	protected static function format($uri)
-	{
-		return (($uri = trim($uri, '/')) == '') ? '/' : $uri;
-	}
-
-}
\ No newline at end of file