Download the PHP package slim/php-view without Composer
On this page you can find all versions of the php package slim/php-view. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download slim/php-view
More information about slim/php-view
Files in slim/php-view
Informations about the package php-view
PHP Renderer
This is a renderer for rendering PHP view scripts into a PSR-7 Response object. It works well with Slim Framework 4.
Cross-site scripting (XSS) risks
Note that PHP-View has no built-in mitigation from XSS attacks.
It is the developer's responsibility to use htmlspecialchars()
or a component like laminas-escaper. Alternatively, consider Twig-View.
Installation
Usage with any PSR-7 Project
Usage with Slim 4
DI Container Setup
You can place the PhpRenderer
instantiation within your DI Container.
Template Variables
You can now add variables to your renderer that will be available to all templates you render.
Data passed in via the render()
method takes precedence over attributes.
Sub-templates
Inside your templates you may use $this
to refer to the PhpRenderer object to render sub-templates.
If using a layout the fetch()
method can be used instead of render()
to avoid applying the layout to the sub-template.
Rendering in Layouts
You can now render view in another views called layouts, this allows you to compose modular view templates and help keep your views DRY.
Create your layout path/to/templates/layout.php
Create your view template path/to/templates/hello.php
Rendering in your code.
Response will be
Please note, the $content
is special variable used inside layouts
to render the wrapped view and should not be set in your view parameters.
Escaping values
It's essential to ensure that the HTML output is secure to prevent common web vulnerabilities like Cross-Site Scripting (XSS). This package has no built-in mitigation from XSS attacks.
The following function uses the htmlspecialchars
function
with specific flags to ensure proper encoding:
You could consider setting it up as a global function in composer.json.
Usage
Exceptions
\Slim\Views\Exception\PhpTemplateNotFoundException
- If template layout does not exist\Slim\Views\Exception\PhpTemplateNotFoundException
- If template does not exist\RuntimeException
- If the template output could not be fetched\InvalidArgumentException
- If $data contains 'template'