3. What Is CodeIgniter? It’s an MVC framework. MVC stands for Model View Controller and it’s a logical way of organizing an application. Models interact with the database Controllers take care of the logic Views present the output CodeIgniter doesn’t force you to do things this way, it enables you to do so.
4. Why CodeIgniter? According To Me Most frameworks will help you write better code faster. CodeIgniter will help you do that without forcing you into some intricate, and weird way of doing things. According To EllisLab (creators of CI) “…helps you write kick-ass PHP programs”
5. Submit URIs To Your Will One of the foundations of CI is “clean URLs”. Nice looking, well organized URLs, without any of the ugliness of query strings. Ugly atlantaphp.org/presenters.php?action=display&name=nic Pretty atlantaphp.org/presenters/display/nic
6. How Does it Work? It’s a thing of beauty, really. class Presenters extends Controller{ function display($var){ echo $var; } } //Echoes “nic”
7. Need More Control? Why yes, there’s a class for that atlantaphp.org/archives/show/picture/1234 $this->uri->segment(3); //picture $this->uri->segment(99,0); //Returns 0 instead of FALSE $this->uri->uri_to_assoc(); //[array](‘picture’ => ‘1234’) $this->uri->uri_string(); // /archives/show/picture/1234 $this->uri->total_segments(); //4 There are several more functions to play around with.
8. Form and Data Validation The Form view <?php echo validation_errors(); ?> <form action="form_test" method="post”> <label for="username">Username</label> <input type="text" name="username" value="<?php echo set_value('username'); ?>"/> <input type="submit" value="Submit" /> </form>
9. The controller class Form_test extends Controller { function index(){ //Index is always the default for the controller $this->load->library('form_validation'); $this->form_validation->set_rules('username', 'Username', 'required|min_length[5]'); if ($this->form_validation->run() == FALSE) { $this->load->view('form_view’); } else { $this->load->view('form_ok'); } } }
12. Security and XSS Filtering CodeIgniter does a few things right off the bat. Destroys $_GET. Destroys all global variables (although register_globals is off by default since 4.2.0) Filters $_POST and $_COOKIE array keys, allowing only alphanumeric characters plus “~%.:_” XSS filtering can be enabled globally or called by a function.
13. XSS Filtering Can be enabled two ways Locally: $data = $this->input->xss_clean($data); $img_file = this->input->xss_clean($file, TRUE) //Checks image files for XSS attacks $name = $this->input->post(‘name’, TRUE) //$_POST[‘name’] Globally (in the config file): config['global_xss_filtering'] = TRUE;
14. Database Security There are many ways to sanitize your queries, CodeIgniter offers a few. Bindings $sql = “SELECT FROM members WHERE name = ?”; $this->db->query($sql, array(‘nic’)); Using the Active Record class takes care of security aspects $this->db->where(’name', $name); $this->db->update(’users', $data); Other Functions $this->db->protect_identifiers('table_name'); $this->db->escape($data); $this->db->escape_str($data); $this->db->escape_like_str($data);
15. Pagination It’s always an issue to display large data sets in an orderly manner. CodeIgniter provides a way to set up proper pagination in a few lines of code. In the controller $this->load->library('pagination'); $config['base_url'] = 'http://atlantaphp.org/pager/index/'; $config['total_rows'] = 200; $config['per_page'] = 10; $this->pagination->initialize($config); In the view echo $this->pagination->create_links();
16.
17. Image Manipulation CodeIgniter does four image processing types very easily: crop*, resize, rotate, watermark. Create a thumbnail $config['image_library'] = 'gd2'; $config['source_image'] = 'assets/images/elephpant.jpg'; $config['create_thumb'] = TRUE; $config['maintain_ratio'] = TRUE; //Saved from a P.I.T.A $config['width'] = 75; $config['height’] = 50; $this->load->library('image_lib', $config); $this->image_lib->resize(); *Never got crop to work
20. Errors and Cleaning House The image manipulation functions return boolean values, so you can display errors on FALSE if( ! $this->image_lib->watermark()) { echo $this->image_lib->display_errors(); } Clean up after yourself! $this->image_lib->clear(); //Clears the config values
21.
22. More To Love Extremely easy to set up. Intuitive (i.e. short learning curve.) It’s open source and has a permissive license. Extend existing libraries and add your own. Load only what you use. The community is outstanding. It has a Smiley helper!
23. Resources CodeIgniter User Guide http://codeigniter.com/user_guide/ CodeIgniter Forums http://codeigniter.com/forums/ CodeIgniter From Scratch (Nettuts video series) http://net.tutsplus.com/articles/news/codeigniter-from-scratch-day-1/ Forrst – Not a CI dedicated site, but many CI users belong to the community, and the service itself is built on CI. http://forrst.com/
Editor's Notes
Devotion to framewroks is almost like sports teams or religion. In truth you should pick the one that better suits your needs and style, not the one that has the most hype.
How many of you tried to start using a framework and were frustrated by how it forced you to change your coding style?
The controller will interpret the first segment after the controller name (the second segment) as a variable passed to the function. You can pass as many variables as you need using this method, but careful, if you require the variables and they aren’t present you’ll get an error as usual.Explain how to pass a second var
Enter the URI class. The URI class let’s you pick and choose from the URI segments, and do other cool manipulations. The URI class is autoloaded, so you can call it without declaring it first.By default uri_to_assoc starts at segment 3 assuming the first two are controller/function
Who hates validating forms? It’s tedious, and error prone. CI comes with a bazillion functions to help you deal with forms, but here are the basics.This is a normal form with two added functions. Validation_errors() and set_value()
What’s happening here? When we call the form controller it loads the index function by default.We load the form_validation library.Set validation rules for the username field. Notice the field name, human-friendly name, validation rules (these are built in)The first time the controller runs the form hasn’t been submitted, so the validation returns FALSE and loads the ‘form_view’ view
Notice the human readable name is used, the error message is built in although it can be customized. The previous form entry is auto-populated.
Data prepping, Use any native PHP function that takes a single argument.Run your own validation functionsAdd your own delimiters. By default each error message is wrapped in <p> tagsDisplay errors individually as opposed to all in a list. This could allow you putting the error next to the field.No only text fields can be auto-populated, select, checkbox and radio inputs can be returned to the state they were submitted too.
CI doesn’t use $_GET at all (it can be tricked into doing so, but it’s unnecessary)If you are a knuclehead and turned it on for some reason, it won’t matterthe values are escaped when interfacing with the DB and through the XSS filterThere’s overhead involved in using XSS filter globally, I didn’t benchmark it or notice it.
If you want to learn how the inner workings are, check the input class
Bindings automatically escape queriesActive record takes care of all securityProtect identifiers puts backticks on field and table namesEscape like is for LIKE db calls
Base URL is the page where the links need to be directed toTotal rows is usually determined dynamically based on the number of items to display. Presumably by querying the database and finding out the size of the result set.Per page is the number of items to showThis is the minimum configuration required
Robert Swarthout presented image manipulation libraries back in February, so if you saw that, this is a nice continuation.
During development I like to add FirePHP, autoload it and use it as $this->firephp->log(‘output to console’)