Zend Framework in Action is a comprehensive tutorial that shows how to use .. Generating PDF content; Integrating other PHP libraries with the framework. NOTE: This tutorial has been tested on versions of Zend Framework. .. By default, Zend Framework's controller reserves a special action called index as a. This tutorial is intended to give an introduction to using Zend Framework by creating . By default, Zend Framework's controller reserves a special action called.
|Language:||English, Spanish, Hindi|
|Distribution:||Free* [*Register to download]|
Zend Framework's controller 28, Understanding Zend_View 32, The model in . Creating or loading documents , Creating pages in your PDF document , . 45 Running Zend Framework 2 and Zend Framework 1 in parallel. UseZF2inaZF1project. . Zend\Barcode\Renderer\Pdf.. .. 80 Console- aware action controllers. Handlingconsolerequests. 1 Introducing the Zend Framework PHP has been used to develop dynamic .. Zend_Pdf is written entirely in PHP and can create new PDF.
This powerful collection of components can be used in part or as a whole to speed up the development process. Zend Framework has the backing of Zend Technologies; the driving force behind the PHP programming language in which it is written.
The first production release of the Zend Framework became available in July of This book is aimed at the competent PHP developer who wants to master framework-driven web development.
Zend Framework in Action goes beyond the docs but still provides quick access to the most common topics encountered in the development of web applications. He has also written a popular getting-started tutorial available from www. He now concentrates solely on web-based applications in PHP.
Rob is the Technical Director of Big Room Internet concentrating on the company's content management framework and future technologies. Nick Lo is a web designer, developer, partner, and general 'wearer of many hats' with Ingredients, located in Byron Bay, Australia. Having formally trained as a designer, he initially taught himself programming to automate the more tedious aspects of printed catalog production.
Since his involvement with website design and development has taken him further 'under the hood', working on a broad range of web-based applications from community portals to university research projects. His involvement in the Zend Framework began as an early participant in the community, gaining recognition through several online tutorials.
He has worked on desktop applications, multimedia CDs, websites, web applications, and more recently has worked on projects involving video and AJAX, while maintaining a focus on performance, reliability and security.
Steven was introduced to the Zend Framework by Nick Lo and quickly adopted it as a replacement for his own core application code on several major projects. When he's not programming Steven enjoys driving or working on cars. Zend Framework in Action. Table of Contents takes you straight to the book detailed table of contents. Introducing Zend Framework 1. Introducing structure to PHP websites. Why use Zend Framework? Everything is in the box.
Structured code is easy to maintain. What is Zend Framework? Where did it come from? Zend Framework design philosophy 1. High-quality components. Support from Zend Technologies.
Hello Zend Framework! The Model-View-Controller design pattern 2. The model. The anatomy of a Zend Framework application 2. The application directory. Hello World: Building a website with Zend Framework 3. Initial planning of a website 3.
Initial coding 3. The directory structure. The home page 3. The initial models. Managing the view 4. Common actions using placeholders. Advanced view helpers 4. Controller integration. Ajax 5. Introducing Ajax 5. Defining Ajax. Using Ajax in web applications.
What is authentication?
Implementing authentication 7. Logging in using HTTP authentication. Logging in. A view helper welcome message. Implementing access control 7. Forms 8. Integrated data filters and validators.
Decorators to simplify markup. Plug-in loaders for customization. Building a login form 8. Setting up paths. Updating the AuthController controller action. Filtering and validation 8. Basic filtering and validation. Decorating our login form 8. Searching 9. Benefits of search 9. Key usability issue for users. Creating a separate search index for your website. Adding search to Places 9.
Updating the index as new content is added. Creating the search form and displaying the results. Email The basics of email Email simplified. Building a support tracker for Places Designing the application. Adding headers to the support email.
The traditional Yahoo! Advanced Components There are a set of other components provided with the Zend Framework that do not fit easily into any category, so I have rather lazily grouped them together into the advanced category.
This potpourri of components includes caching, searching, pdf creation, email and the rather esoteric measurement class.
Everyone wants a faster website and caching is one tool that can be used to help speed up your website. Every modern website provides a search facility. As required by a good search system, it supports ranked searching so that the best results are at the top, along with a powerful query system.
PDF is a very portable format for creating documents intended for printing. This is because you can control the position of everything on the page with pixel-perfect precision without having to worry about differences in the way web browsers render the page.
As with all Zend Framework components, emphasis has been placed on flexibility combined with sensible defaults. When sending email, a simple object-oriented interface is used: If these goals do not mesh with what your view on developing PHP applications then the Zend Framework is unlikely to be a good fit for your way of doing things.
This is good as it means that any PHP parser messages in your logs come from your code, not the framework; this will help debugging considerably! Zend also defines high quality to include documentation, so the manual for a given component is as important as the code. It is intended that it will be possible to develop entire applications with no external library dependencies unless you want them.
This will ensure that there will be consistency in the way you use all the components: Having said that, it is important to Zend that the Zend Framework is modular with few dependencies between modules.
This ensures that it plays well with other frameworks and Please post comments or corrections to the Author Online forum at http: The PHP way is simple, pragmatic solutions and so the Zend Framework is intended to reflect that simplicity in order to provide a simple solution for mainstream developers.
It is also powerful enough to allow for specialized usage via extension. This is an agreement with Zend which defines intellectual property status of the contribution. This is intended to help protect all users of the framework from potential legal issues related to IP and copyright. The risk is minimal, but with relatively recent actions by SCO against AutoZone shows that a litigator going after the user of the allegedly copyright infringing code is a possibility.
As with everything, it is better to be prepared. In the PHP world there are many other frameworks vying for your attention and all have their strengths and weaknesses. I have rather arbitrarily picked four other frameworks which all have some traction in the community but these are by no means the only choices. I have listed what I see as their strengths and weaknesses in Table 1. Table 1. It enables rapid development of enterprise applications by providing a full stack framework using best practices in object oriented design.
The framework contains many components from an MVC controller through PDF generation to providing a powerful search tool. This book is about providing real world examples and so will have Ajax technology built in wherever it is appropriate. For a standard PHP application, the code to do this constitutes one line in one file: As a result, the code for our Hello World application may appear unnecessarily verbose as we set the stage for the full blown website that will follow in the remainder of the book.
There are many framework classes involved along with a few files that we need to create ourselves. Therefore we should cover the basics of the controller system used by the Zend Framework first. The Zend Framework controller system is an implementation of the Model-View-Controller software design pattern as shown in Figure 2. A software design pattern is a standard general solution to a common problem. This means that whilst the exact implementation will differ, the concepts used to solve a problem using a given pattern will be the same.
The MVC pattern describes a way to separate out the key parts of an application into three main sections. Figure 2. MVC pattern diagram showing the three main sections of a web application along with the dispatcher that find the correct controller to be executed in response to a request.
This is known as business logic. This is the code that decides how to apply the shipping cost to an e-commerce order or the code that knows that a user has a first name and a surname. It follows therefore that retrieving and storing data to a database is within the model layer. The view files themselves are known as templates as they usually have some code that allows for the displaying of data created by the model. It is also usual to move the more complex template related code into functions known as View Helpers, View Helpers improve the re-usability of the view code.
For web applications, the controller code is the code that works out what to actually run in response to the web request. The front controller handler accepts all server requests and runs the correct action function within the action command. This process is known as routing and dispatching. Within the Controller of the Zend Framework, it is possible to have a single request result in the dispatch of multiple actions. This helps to ensure that the different parts of the application are separated.
The top level directory structure is shown in Figure 2. In order to emphasize the separation between display, business and control logic, there are three separate directories within application to contain the model, view and controller files. Other directories may be created as required, for example for configuration files. In a Zend Framework application, the framework itself is obviously stored here.
However other libraries such as a custom super-set of the framework, a database ORM library such as Propel, or a template engine such as Smarty may also be used. Libraries can be stored anywhere that the application can find them - either in a global directory or a local one. In this case we use a directory called library, though it is common to see this directory called lib, include or inc.
Unit tests are used to help ensures that the code continues to work as it grows and changes throughout the lifetime of the application.
As the application is Please post comments or corrections to the Author Online forum at http: Whilst, within the PHP world, test code is rarely considered important, you will thank yourself over and over again if you have unit tests for your code. As the Zend Framework uses the front controller pattern, all web requests are channeled though a single file, usually called index. Now that we have an overview of the directory system used by a Zend Framework website, we can proceed to add the files required to create a very simple application that displays some text on the page.
File by File To create a simple Hello World application we need to create four files within our directory structure: A copy of the Zend Framework itself needs to be added to the library directory. The final program will look as shown in Figure 2. With the Front Controller pattern, this file is the only file needed in the web root directory and so is usually called index. Listing 2. Throw exceptions. Most of the work done in the bootstrap is initialization of one form or another.
Initially, the environment is set up correctly 1 to ensure that all errors or notices are displayed. PHP 5. A more portable method, especially if you use multiple versions of the framework on one server, is to set the include path within the bootstrap as we do here 2. The Zend Framework applications does not depend on any particular file, however it is useful to have a couple of helper classes loaded early. The final section of the bootstrap sets up the front controller and then runs it.
This means that the class definition itself ensures that there can only be one instance of the object allowed. A Singleton design is appropriate for a front controller as it ensures that there is only ever one class that is processing the request. One of the consequences of the Singleton design is that you cannot use the new operator to instantiate it and must, instead, use the getInstance static member function.
The front controller has a feature that captures all exceptions thrown by default and stores them into the Response object that it creates. The front controller automatically sends the headers and displays the page content when it finishes processing the request.
This function will automatically create a request and response object for us to encapsulate the input and output of the application. It will then create a router to work out which controller and action the user has asked for. The RewriteCond statement and the RewriteRule command between them instruct Apache to route all requests to index.
The controller classes have a strict naming convention requirement in order for the dispatcher to find the correct function. If either the controller or the action are not provided, then the default used is index. Therefore, a call to http: Similarly, a call to http: As we will discover later, this mapping is very flexible, however the default covers most scenarios out of the box. Within the front controller system, the dispatcher expects to find a file called IndexController.
This file must contain a class called IndexController and, as a minimum, this class must contain a function called indexAction. For our Hello World application, Listing 2. The index controller: For Hello World, our indexAction function just needs to assign a variable to the view property which is provided for us by an Action Helper called ViewRenderer.
The ViewRenderer action helper performs two useful functions for us. Secondly, after our action finishes it automatically renders the correct view template into the response object after the controller action has completed.
As we have seen, the assign function is used to pass variables from the main code body to the template which can then be used within the view template file. View Template Finally, we need to provide a view template for our application.
This file, index. A useful convention that ViewRenderer supplies is to name all view files with an extension of. Even though this is a simple application, we have a separate directory for each controllers view templates as this will make it much easier to manage as the application grows. The view template: The template file, index.
Also, a number of helper functions, are provided for use by templates to make them easier to write. The most commonly used helper function is escape. All variables that are not expected to contain displayable HTML should be displayed via the escape function.
For maximum flexibility, the convention is that view helper functions return their data and then the template file echoes it to the browser. With these four files in place, we have created a minimal Zend Framework application with all the pieces in place ready for building a full scale website and you should now have a fundamental understanding of how the pieces fit together.
A page controller uses separate files for every page or group of pages that make up the website and is traditionally how most PHP websites have been built.
A front controller, on the other hand, centralizes all web requests into a single file, typically called index. There are numerous advantages to this system; the most obvious are that there is less duplicated code and that it is easier to separate the URLs that a website has from the actual code that is used to generate the pages.
Usually, the pages are displayed using two additional GET parameters passed to the index. If we recap from chapter 1, Figure 2. There are three separate components used and within each component, more than one class is required for the application. An example friendly URL would be www. What is a request environment though? The router also places the module, controller and Please post comments or corrections to the Author Online forum at http: Thus the code: This can be used for passing additional information from the front controller to the action functions if required.
For a standard URL such as http: As a modern framework, it is expected that most applications built using the Zend Framework will use pretty URLs of the form http: Dispatching Dispatching is the process of actually calling the correct function in the correct class. As with everything in the Zend Framework, the standard dispatcher provides enough functionality for nearly every situation, but if you need something special, it is easy to write your own and fit it into the front controller.
The key things that the dispatcher controls are formatting of the controller class name, formatting of the action function name and calling the action function itself. Hence, if you decided that you wanted to reorganize the structure so that each action lived in its own class within a directory named after the controller, you would supply your own dispatcher.
The dispatcher enforces that your action controllers derive from this class to ensure that it can expect certain methods to be available. The action contains an instance of the request for reading parameters from and an instance of the response for writing to. The rest of the class concentrates on ensuring that writing actions and managing changes from one action to another one are easy to do; There are accessor functions to get and set parameters, and redirection functions to redirect to another action or another URL entirely.
You can therefore expect a controller action class to contain functions such as indexAction , viewAction , editAction , deleteAction etc. Each of these are discrete functions that are Please post comments or corrections to the Author Online forum at http: There are, however, a number of tasks that you will want to do regardless of which action is run.
The init function is called whenever the controller class is constructed. This makes it very similar to the standard constructor, except that it does not take any parameters and does not require the parent function to be called. For an application where only one action is run in response to a request, there is no difference between init and preDispatch as each are only call once.
To illustrate this point, we could use init to ensure that only administrators are allowed access to any action function in the controller and preDispatch to set the correct view template file that will be used by the action. The Response The final link in the front controller chain is the response.
The response object is very simple and is essentially a bucket to hold all the output until the end of the controller processing. This can be very useful when using front controller plugins as they could alter the output of the action before it is sent back to the client.
By default, this is set to which mean OK. As we will see later, the use of status code Not Modified can be very useful when responding to requests for RSS feeds as it can save considerable bandwidth.
The body container within the response is used to contain everything else that needs to be sent back to the client. For a web application this means everything you see when you view source on a web page. If you are sending a file to a client, then the body would contain the contents of the file. For example, to send a pdf file to the client, the following code would be used: Of course, during development, you would want to see the errors, so the response has a setting, renderExceptions, that you can set to true so that the exception text is displayed.
As you can see, there are three pairs of hooks into the process at three different points which allow for increasingly finer control of the process. One problem with the current router is that if you specify a controller that does not exist, then an exception is thrown. A front controller plug-in is a good way to inject a solution into the routing process and redirect to a more useful page. It is a PHP template library which means that the code in the templates is in PHP rather than another pseudo-language like Smarty for instance.
Assigning data to the view In order for the view to display data from the model, it is necessary to assign it. The data that we assigned to the view are public properties of the view class and so Please post comments or corrections to the Author Online forum at http: Also, helper functions are provided by the view to make writing view templates easier. A typical view script might look like: Note that we do not trust the glossary data that has been assigned to the script.
It could have come from anywhere! In the code accompanying this book, the data is created using an array, but it could equally have come from the users of a website. As we do not want any cross site scripting security vulnerabilities in our website, we use the helper function escape to ensure the term and description do not have any embedded HTML.
These are functions are known as View Helpers and exist in their own directory. Consider that we need to display a monetary value that may be negative. We would use this helper in our templates like this: This helps to ensure that we do not inadvertently introduce an XSS vulnerability.
The name of the function within the helper class is the same as the function that is called within the template, formatCurrency in our case. Note that, in a break from the usual convention within the framework, there is no actual requirement that FormatCurrency.
It is wise to follow the convention though as it makes finding files easier for the developer! View helpers are the key to extracting common code from your view templates and ensuring that they are easy to maintain and should be used whenever possible to simplify the view files. Security considerations When writing the view code, the most important security issue to be aware of is Cross Site Scripting also known as XSS. Generally, this happens when a website displays data created by a user without checking that it is safe for display.
In a real application though, the model side of MVC will take on more importance as this is where the business logic of the application resides. In most cases, the model is linked in some way to a database which will hold data to be manipulated and displayed by the application.
Well, you get lots of helper functions to manipulate the database and also a profiler to work out why your code is so slow! There are all the standard functions for inserting, updating and deleting rows, along with fetching rows. Consider this code: This would result in the perfectly legal SQL statement of: With SQL injection vulnerabilities like this, it can be possible to retrieve username and password information or to maliciously delete database rows causing your application to stop working.
As should be obvious, the way to avoid SQL injection attacks is to ensure that the data that you are putting into the SQL statement has been escaped using the correct functionality for your database. Usage is very easy: An alternative solution is to use parameterized queries, where variables are denoted by placeholders and are substituted by the database engine with the correct variable.
For example: Instead, we create a child class that represents the database table we wish to work with. We now create a class called News: The find function is used to find rows by primary key and the fetch methods are used to find rows using other criteria. The only difference between fetchRow and fetchAll is that fetchRow returns a single rowset, whereas fetchAll returns an array of rowsets.
This is the point when we enter the realm of the Model within MVC.
We can also write our own functions for retrieving data according to the business logic required by the application. You should now have a good idea about what the Zend Framework gives us for making our applications maintainable and easy to write. For example, the front controller system provides a very flexible router Please post comments or corrections to the Author Online forum at http: However if you need a specialized router, then it is very easy to insert your own one into the rest of the front controller setup.
We will now move on to build an application that will utilize most of the components supplied with the framework in order to build a fully functioning community website.