Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

A Simple PHP Renderer for Slim 3 & 4 (or any other PSR-7 project)

License

NotificationsYou must be signed in to change notification settings

slimphp/PHP-View

Repository files navigation

Latest Version on PackagistSoftware LicenseBuild StatusTotal Downloads

PHP Renderer

This is a renderer for rendering PHP view scripts into a PSR-7 Response object. It works well with Slim Framework 4.

Cross-site scripting (XSS) risks

Note that PHP-View has no built-in mitigation from XSS attacks.It is the developer's responsibility to usehtmlspecialchars()or a component likelaminas-escaper. Alternatively, considerTwig-View.

Installation

composer require slim/php-view

Usage with any PSR-7 Project

//Construct the View$renderer =newPhpRenderer('path/to/templates');$viewData = ['key1' =>'value1','key2' =>'value2',];// Render a template$response =$renderer->render(newResponse(),'hello.php',$viewData);

Usage with Slim 4

useSlim\AppFactory;useSlim\Views\PhpRenderer;require__DIR__ .'/../vendor/autoload.php';$app = AppFactory::create();$app->get('/hello',function ($request,$response) {$renderer =newPhpRenderer('path/to/templates');$viewData = ['name' =>'John',    ];return$renderer->render($response,'hello.php',$viewData);});$app->run();

DI Container Setup

You can place thePhpRenderer instantiation within your DI Container.

<?phpusePsr\Container\ContainerInterface;useSlim\Views\PhpRenderer;// ...return [    PhpRenderer::class =>function (ContainerInterface$container) {$renderer =newPhpRenderer('path/to/templates');return$renderer;    },];

Template Variables

You can now add variables to your renderer that will be available to all templates you render.

// Via the constructor$globalViewData = ['title' =>'Title'];$renderer =newPhpRenderer('path/to/templates',$globalViewData);// or setter$viewData = ['key1' =>'value1','key2' =>'value2',];$renderer->setAttributes($viewData);// or individually$renderer->addAttribute($key,$value);

Data passed in via therender() method takes precedence over attributes.

$viewData = ['title' =>'Title'];$renderer =newPhpRenderer('path/to/templates',$viewData);//...$response =$renderer->render($response,$template, ['title' =>'My Title']);// In the view above, the $title will be "My Title" and not "Title"

Sub-templates

Inside your templates you may use$this to refer to the PhpRenderer object to render sub-templates.If using a layout thefetch() method can be used instead ofrender() to avoid applying the layout to the sub-template.

<?=$this->fetch('./path/to/partial.phtml', ['name' =>'John'])?>

Rendering in Layouts

You can now render view in another views called layouts,this allows you to compose modular view templatesand help keep your views DRY.

Create your layoutpath/to/templates/layout.php

<html><head><title><?=$title?></title></head><body><?=$content?></body></html>

Create your view templatepath/to/templates/hello.php

Hello <?=$name?>!

Rendering in your code.

$renderer =newPhpRenderer('path/to/templates', ['title' =>'My App']);$renderer->setLayout('layout.php');$viewData = ['title' =>'Hello - My App','name' =>'John',];//...$response =$renderer->render($response,'hello.php',$viewData);

Response will be

<html><head><title>Hello - My App</title></head><body>Hello John!</body></html>

Please note, the$content is special variable used inside layoutsto render the wrapped view and should not be set in your view parameters.

Escaping values

It's essential to ensure that the HTML output is secure toprevent common web vulnerabilities like Cross-Site Scripting (XSS).This package has no built-in mitigation from XSS attacks.

The following function uses thehtmlspecialchars functionwith specific flags to ensure proper encoding:

functionhtml(?string$text =null):string{returnhtmlspecialchars($text ??'',ENT_QUOTES |ENT_SUBSTITUTE,'UTF-8');}

You could consider setting it up as a global function incomposer.json.

Usage

Hello <?=html($name)?>

Exceptions

  • \Slim\Views\Exception\PhpTemplateNotFoundException - If template layout does not exist
  • \Slim\Views\Exception\PhpTemplateNotFoundException - If template does not exist
  • \RuntimeException - If the template output could not be fetched
  • \InvalidArgumentException - If $data contains 'template'

About

A Simple PHP Renderer for Slim 3 & 4 (or any other PSR-7 project)

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Contributors21


[8]ページ先頭

©2009-2025 Movatter.jp