A micro dependency free PHP framework

To built web apps without relying on external PHP dependencies.

Lightweight

The framework is lightweight, providing a basic but useful set of features.

MVC

The framework is based on MVC for structured development and scalability.

Extendable

The framework supports easy extension for adding or modifying features as needed.

Secure

Basic type of security features are included. Among other things CSRF and SQL injection protection.

A quick demo

Building a login/register system with a sepperate restricted login route for the type of admin user.

<?php

use core\http\Route;
use core\http\Middleware;

new Route(['GET' => '/'], ['HomeController' => 'index']);

Middleware::route(['login' => false], function() {

  new Route(['GET' => '/register'], ['RegisterController' => 'showRegisterView']);
  new Route(['POST' => '/users/store'], ['RegisterController' => 'storeUsers']);
  new Route(['GET' => '/login'], ['LoginController' => 'showLoginView']);
  new Route(['POST' => '/auth'], ['LoginController' => 'authUsers']);

  new Route(['GET' => '/admin/login'], ['admin\LoginController' => 'showAdminLoginView']);
  new Route(['POST' => '/admin/auth'], ['admin\LoginController' => 'authAdminUsers']);
});

Middleware::route(['auth' => null], function() {

  new Route(['GET' => '/profile/[username]'], ['ProfileController' => 'showProfileView']);
});

Middleware::route(['auth' => 'admin'], function() {

  new Route(['GET' => '/admin/profile/[username]'], ['admin\ProfileController' => 'showAdminProfileView']);
});

Middleware::route(['login' => true], function() {

  new Route(['GET' => '/logout'], ['LogoutController' => 'unsetSessions']);
}); 

<?php
                
namespace validation;
                
use core\validation\Validate;
                
class Rules {
                
  public $errors;
                 
  public function register($request, $username, $email, $token) {     
                
    $validation = new Validate();
                
    $validation->input(['username' => $request['username']])->as('Username')->rules(['required' => true, 'min' => 5, 'max' => 99, 'special' => true, 'unique' => $username]);
    $validation->input(['email' => $request['email']])->as('Email')->rules(['required' => true, 'min' => 5, 'max' => 99, 'special' => true, 'unique' => $email]);
    $validation->input(['password' => $request['password']])->as('Password')->rules(['required' => true, 'min' => 16, 'max' => 99, 'special' => true]);
    $validation->input(['retypePassword' => $request['retypePassword']])->as('Password')->rules(['match' => $request['password']]);
    $validation->input(['token' => $request['token']])->as('Token')->rules(['csrf' => $token]);

    $this->errors = $validation->errors;
    return $this;
  }
  
  public function login($request, $token) {    
                
    $validation = new Validate();
                
    $validation->input(['username' => $request['username']])->as('Username')->rules(['required' => true, 'min' => 5, 'max' => 99, 'special' => true]);
    $validation->input(['password' => $request['password']])->as('Password')->rules(['required' => true, 'min' => 16, 'max' => 99, 'special' => true]);
    $validation->input(['token' => $request['token']])->as('Token')->rules(['csrf' => $token]);

    $this->errors = $validation->errors;
    return $this;
  }
                
  public function validated() {    
                
    if(empty($this->errors) ) {
                
      return true;
    } 
  }       
}     

Projects

MarkUpCMS is a project created using the framework.

Image of code
MarkUpCMS

A CMS that makes it easy for developers to build static websites and to add custom functionality.

Website

Built in security features

In addition to CSRF and SQL injection protection, the framework includes several other basic security features.

  • Protection against SQL injection
  • Defense against brute force attacks
  • Prevention of cross site request forgery
  • Prevention of cross site scripting
  • Session hijacking protection
  • Implementation of strict transport security
  • Data sanitazion of super globals
  • HTML form input validation
Image of a shield