-
Notifications
You must be signed in to change notification settings - Fork 0
Home
The non-intrusive framework. Not to be confused with other frameworks by the same name for different languages.
To provide a full set of common functionality needed for full-scale secure web applications, eliminating boilerplate, without dictating your app's structure or internal conventions.
One-liner checks, processes, and loads everything you need to determine levels of access. Includes these features:
- No-redirects login from any page
- Self-serve password reset and username recovery
- Self-serve account registration
- Group-based permissions
- Mandatory email address validation
- Nonce management with configurable security requirements for email validation, anti-CSRF, and more
Easy support for multiple databases
Sitewide configuration for mail:
- enable/disable
- log
- archive
- recipient whitelist
- non-production environment indicator
Installs both the framework itself and your site, for fast deploys whether it is to your dev environment or an end users' server.
- check php extensions/config and other required system packages
- manage "root" application user
- install config file
- install schema and base DB data
- install static resources
Setup invocation allows the application to specify different config defaults than the framework's built in defaults.
- mysqldbcompare-based solution for incremental updates, both for the framework and your site
- Non-production environment indicators for both the browser and email content
- Files with per-environment content are not directly versioned and only have templates in the repo.
Multiple distinct products in the same environment can use one copy of the framework, initializing it with distinct site IDs thereby keeping their configs and schemas separate yet centrally managed. They can also choose to use the same site ID for integration purposes, e.g. a main site and a third party forum app sharing authentication, having one unified login system without the need for SSO or other authentication API work.
Can log temporal information with the usual numeric log levels that get compared to a threshold, as well as having separate log channels for information with special uses or retention requirements.
Supported log destinations:
- file
- user (browser)
- database table
- syslog
- php (follows php.ini)
- sapi (webserver)
Formats (not all formats apply to all destinations):
- plain
- html
- json
All widgets work without javascript, but some javascript is used for progressive enhancement or supporting old browsers.
- DataTable - instant editor for database tables with automatic validation. Highly customizable access and display. Multi format file export.
- Tabber - Tab view
- Menu - dropdown menu for links and/or POST buttons, opens with both hover (for desktop) and on click (for mobile).
HTML is never cached; static resources are set to cache forever but are linked using a URL parameter based on the filesystem last-modified time. Thus browsers will cache your static resources until you modify them, rather than for a set time. To complete this system, use the server configuration in the starter project starter-centos7-php
- PSR-4 Autoloading
- JQuery
- JQueryUI
- PHPMailer
- Webshims
- albertofem/rsync-lib
- phpoffice/phpspreadsheet
- mpdf/mpdf
- Apache
- PHP 7
- MariaDB 10.0.12
- mysql-utilities 1.6.5
- php-json
- php-mysqli
- php-mbstring
- php-zip
- php-xml
- php-gd