Download the PHP package 4asuite/nano-php without Composer
On this page you can find all versions of the php package 4asuite/nano-php. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Informations about the package nano-php
Nano PHP
A minimal PHP microframework. No magic, no bloat — just routing, controllers, views, and a few security essentials.
Author: Vlado Majoros, 4aSuite License: MIT
Requirements
- PHP ^8.1
- Apache with
mod_rewrite(or equivalent front-controller setup) - No external dependencies for the core
Installation
Point your web server document root to the public/ directory. Open the project in a browser — the welcome page confirms the framework is running.
Project structure
Configuration
Copy .env.example to .env and adjust as needed. Values are exposed as PHP constants.
Dot-notation keys (DB.HOST) are grouped into a single array constant DB['HOST'].
Routing
Define routes in App/Config/routes.php:
Route parameter types:
| Syntax | Matches | Example |
|---|---|---|
(:num:id) |
Digits only | /users/42 |
(:any:slug) |
Any non-slash string | /posts/hello-world |
A missing route throws HttpException(404), which the framework handles automatically.
Controllers
Extend App\Core\Controller. Every action must return a Response instance.
Available in every controller:
| Method | Description |
|---|---|
$this->request->get($key) |
GET parameter |
$this->request->post($key) |
POST parameter |
$this->request->input($key) |
POST or GET |
$this->request->method() |
HTTP method string |
$this->request->path() |
Normalized URL path |
$this->view($view, $data, $layout) |
Render view → Response |
$this->json($data, $status) |
JSON response |
$this->redirect($url, $code) |
Redirect (internal only) |
Views
View files live in App/views/. Pass data as an associative array — keys become variables inside the template.
Use the global e() helper to escape output (htmlspecialchars wrapper).
Layouts live in App/views/layouts/. The rendered view is passed as $content:
Built-in layouts: main (full HTML5), blank (raw output, no wrapper).
Session
Cookies are configured with httponly, samesite=Lax, use_strict_mode. secure flag is set automatically when HTTPS is detected.
CSRF
Token is 64-character hex (random_bytes(32)), stored in session, rotated on each verification.
Language / Translations
Translation keys are uppercased and defined as PHP constants. Falls back to the key name if not defined.
Security headers
Sent automatically on every response:
Override any header via $this->response->header($key, $value) before returning from the controller.
HTTP errors
Throw HttpException from anywhere — the framework catches it and sends the appropriate HTTP status:
License
MIT © Vlado Majoros, 4aSuite