PHP-SDKv2

Powerful PHP framework, written in PHP 8.2, modernised version of rather primitive PHP SDK (which is now archived).

Requirements

• PHP 8.2
• Composer
• Web server (routing all requests to public/index.php)

Installation

To install the SDK, there are two ways.

Skeleton project

To use the skeleton project run the following composer command.

composer create-project lopatar/php-sdkv2-skeleton <PROJECT-NAME>

Manual installation

composer require "lopatar/php-sdkv2"

• Create following directory structure in the folder where the "vendor" folder resides

  • App
    • Controllers (where your controller files reside)
    • Views (where your view files reside)
    • Models (where your model files reside)

• Map the App namespace in composer.json like so

{
  "autoload": {
    "psr-4": {
      "App\\": "App/"
    }
  }
}

• Create your configuration class

• Done!

Routing requests to index.php

• NGINX

    root /path/to/public;
    index index.php;

    location / {
        try_files $uri /index.php$is_args$args =404;
    }

Recommended plugins

• deep-assoc-completion for better PhpDoc annotations

Configuration class

The App object expects an instance of IConfig passed to the constructor, please create your class such as:

<?php
final class Config implements \Sdk\IConfig
{

}

Features

• Request object
  • URL management
  • Cookie management
    • Cookies can be automatically encrypted & decrypted using AES-256-CBC
  • Headers, GET, POST, SERVER variables management
• Response object
  • View system (injecting PHP variables into HTML code)
  • Status code, body (writing, flushing) management
• Routing
  • Anonymous callbacks / ControllerName::methodName
  • URL parameters (type validation, min & max value (length for strings), escaping)
• Middleware (can be used on specific Routes or the App object)
  • IMiddleware interface (used to define your own middleware)
  • Session middleware, used storing data across requests
  • CSRF middleware, used to protect against CSRF attacks
  • HttpBasicAuth middleware, used for basic HTTP auth, compares passwords hashed using password_hash
• Database connectors
  • MySQL/MariaDB connector, configured via the Config system
• Utilities namespace
  • Encryption namespace
    • AES256-CBC class
  • Hashing namespace
    • Password hashing operation provider class, can create own instance or use the getDefaultProvider() method, configured via Config
  • Random class, used for generating random crypto safe & non-safe values
  • Math class, containing simple math utilities not contained in PHP
  • Boolean class, containing simple methods for working with booleans
  • Strings class, containing simple methods for manipulating strings, detecting encoding etc.
• Structures namespace
  • Stack Fixed size stack implementation allowing mixed data type values
  • Queue Fixed size queue implementation allowing mixed data type values
• Config object
  • Used for configuring database connectors, session, CSRF middleware, default password hashing provider
  • Cookie encryption toggle
  • Server header spoofing feature, can be used to hide your web server software
  • Password hashing provider default options