Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/slimphp/PHP-View
A Simple PHP Renderer for Slim 3 & 4 (or any other PSR-7 project)
https://github.com/slimphp/PHP-View
Last synced: about 1 month ago
JSON representation
A Simple PHP Renderer for Slim 3 & 4 (or any other PSR-7 project)
- Host: GitHub
- URL: https://github.com/slimphp/PHP-View
- Owner: slimphp
- License: mit
- Created: 2015-09-29T17:18:41.000Z (about 9 years ago)
- Default Branch: 3.x
- Last Pushed: 2024-08-29T16:26:30.000Z (3 months ago)
- Last Synced: 2024-09-08T02:09:23.331Z (3 months ago)
- Language: PHP
- Homepage:
- Size: 619 KB
- Stars: 263
- Watchers: 15
- Forks: 60
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
- awesome-php - Slim PHP View - A simple PHP renderer for Slim. (Table of Contents / Micro Framework Extras)
- awesome-projects - Slim PHP View - A simple PHP renderer for Slim. (PHP / Micro Framework Extras)
- awesome-php - Slim PHP View - A simple PHP renderer for Slim. (Table of Contents / Micro Framework Extras)
- awesome-slim - Slim PHP View - This is a renderer for rendering PHP view scripts into a PSR-7 Response object. (Templating)
- awesome-php-cn - Slim PHP View - 一个简单的PHP苗条的渲染器. (目录 / 微观框架-扩展 micro-framework-extras)
README
[](https://packagist.org/packages/slim/PHP-View)
[](LICENSE.md)
[](https://github.com/slimphp/PHP-View/actions)
[](https://packagist.org/packages/slim/PHP-View/stats)
## PHP Renderer
This is a renderer for rendering PHP view scripts into a PSR-7 Response object. It works well with Slim Framework 4.
### Cross-site scripting (XSS) risks
Note that PHP-View has no built-in mitigation from XSS attacks.
It is the developer's responsibility to use `htmlspecialchars()`
or a component like [laminas-escaper](https://github.com/laminas/laminas-escaper). Alternatively, consider [Twig-View](https://github.com/slimphp/Twig-View).
## Installation
```
composer require slim/php-view
```
## Usage with any PSR-7 Project
```php
//Construct the View
$renderer = new PhpRenderer('path/to/templates');
$viewData = [
'key1' => 'value1',
'key2' => 'value2',
];
// Render a template
$response = $renderer->render(new Response(), 'hello.php', $viewData);
```
## Usage with Slim 4
```php
use Slim\AppFactory;
use Slim\Views\PhpRenderer;
require __DIR__ . '/../vendor/autoload.php';
$app = AppFactory::create();
$app->get('/hello', function ($request, $response) {
$renderer = new PhpRenderer('path/to/templates');
$viewData = [
'name' => 'John',
];
return $renderer->render($response, 'hello.php', $viewData);
});
$app->run();
```
## DI Container Setup
You can place the `PhpRenderer` instantiation within your DI Container.
```php
function (ContainerInterface $container) {
$renderer = new PhpRenderer('path/to/templates');
return $renderer;
},
];
```
## Template Variables
You can now add variables to your renderer that will be available to all templates you render.
```php
// Via the constructor
$globalViewData = [
'title' => 'Title'
];
$renderer = new PhpRenderer('path/to/templates', $globalViewData);
// or setter
$viewData = [
'key1' => 'value1',
'key2' => 'value2',
];
$renderer->setAttributes($viewData);
// or individually
$renderer->addAttribute($key, $value);
```
Data passed in via the `render()` method takes precedence over attributes.
```php
$viewData = [
'title' => 'Title'
];
$renderer = new PhpRenderer('path/to/templates', $viewData);
//...
$response = $renderer->render($response, $template, [
'title' => 'My Title'
]);
// In the view above, the $title will be "My Title" and not "Title"
```
## Sub-templates
Inside your templates you may use `$this` to refer to the PhpRenderer object to render sub-templates.
If using a layout the `fetch()` method can be used instead of `render()` to avoid applying the layout to the sub-template.
```php
=$this->fetch('./path/to/partial.phtml', ['name' => 'John'])?>
```
## Rendering in Layouts
You can now render view in another views called layouts,
this allows you to compose modular view templates
and help keep your views DRY.
Create your layout `path/to/templates/layout.php`
```php
=$title?>=$content?>
```
Create your view template `path/to/templates/hello.php`
```php
Hello =$name?>!
```
Rendering in your code.
```php
$renderer = new PhpRenderer('path/to/templates', ['title' => 'My App']);
$renderer->setLayout('layout.php');
$viewData = [
'title' => 'Hello - My App',
'name' => 'John',
];
//...
$response = $renderer->render($response, 'hello.php', $viewData);
```
Response will be
```html
Hello - My AppHello John!
```
Please note, the `$content` is special variable used inside layouts
to render the wrapped view and should not be set in your view parameters.
## Escaping values
It's essential to ensure that the HTML output is secure to
prevent common web vulnerabilities like Cross-Site Scripting (XSS).
This package has no built-in mitigation from XSS attacks.
The following function uses the `htmlspecialchars` function
with specific flags to ensure proper encoding:
```php
function html(?string $text = null): string
{
return htmlspecialchars($text ?? '', ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
}
```
You could consider setting it up as a global function in [composer.json](https://getcomposer.org/doc/04-schema.md#files).
**Usage**
```php
Hello = html($name) ?>
```
## Exceptions
* `\Slim\Views\Exception\PhpTemplateNotFoundException` - If template layout does not exist
* `\Slim\Views\Exception\PhpTemplateNotFoundException` - If template does not exist
* `\RuntimeException` - If the template output could not be fetched
* `\InvalidArgumentException` - If $data contains 'template'