Feature list

An (H)MVC framework

FuelPHP is a MVC (Model-View-Controller) framework that was designed from the ground up to have full support for HMVC as part of its architecture. But we didn't stop there, we also added ViewModels (also known as presentation models) into the mix which give you the option to add a powerfull layer between the Controller and the View. FuelPHP also supports a more router based approach where you might route directly to a closure which deals with the input uri, making the closure the controller and giving it control of further execution.

• Full HMVC implementation
• ViewModels to get the View-specific logic out of your Views and Controllers
• Route directly to closures

Modular and extendable to a fault

Almost every class in FuelPHP's core package can be extended without you having to change a single line of code where it's used (read more on extending the core). You can package more functionality into packages that extend or replace the FuelPHP core and you can keep your application modular by dividing it up into application modules. Packages and modules are also a great way to enable re-use of your code.

• Extend or replace Core classes without rewriting a single line of code.
• Package additional functionality into Packages.
• Create modular application by dividing it up into Application Modules.

Security

Security concerns have been front and center from the beginning. Out-of-the-box FuelPHP's Views will encode all your output to make it secure and prevent XSS attacks. If you need to allow HTML through you can mark it as safe or have it cleaned by the default included HTMLawed. FuelPHP also supports CSRF prevention with tokens, input filtering and the Query Builder will assist you in preventing any SQL injection attacks. Several security features inside the framework use functionality offered by PHPSecLib. More about Security in FuelPHP can be read in the documentation.

• Input filtering
• URI filtering
• XSS filtering
• Output encoding
• CSRF token protection
• SQL injection prevention
• A secure Auth framework

Oil: the power of the command line

FuelPHP leverages the power of the command line through a utility called "oil". The utility is designed to help speed up development, increase efficiency and assist testing and debugging while being entirely optional if you are not a fan of the terminal.

• Code generation, Scaffolding and Admin generation.
• Run Database Migrations.
• Interactive Debugging.
• Tasks - useful for cron type activities like importing data and other batch or background operations.

Base classes for Controllers and Models

FuelPHP includes some base classes to give you a flying start.

• Controller_Template - Add simple page templating functionality to your controllers.
• Controller_Rest - An easy way to create a RESTful API.
• Controller_Hybrid - Combine the two features into a single controller.
• Model_Crud - Provides all methods for CRUD operations on a single table.

Powerful yet lightweight ORM included

The FuelPHP ORM was designed to strike a balance between powerful features while remaining lightweight. It is not supposed to be a Doctrine/Propel replacement, it's a more lightweight solution that can take on many of its competitors head-on. Offering a OO approach to working with your database, do CRUD operations and manage relations between rows.

• OO way of working with database data and performing CRUD operations.
• All normal relationship types: belongs-to, has-one, has-many, many-many ("has and belongs to many").
• Fetch relations of relations of relations of...etc... in one go ("nested relations").
• Cascading saves and deletes for related objects.
• Entity Attribute-Value model implementation.
• Model extensions that implement:
  • Soft-delete functionality (mark records as deleted instead of actually removing them)
  • Temporal functionality (automatic versioning of records on every update)
  • Nested sets functionality (store hierarchical structures (trees) into a database table)
• Use Observers to update/process the objects instances, for example to validate before saving or to auto-update an updated_at property.

The API of the ORM model is very similar to that of the Model_Crud base class, which makes switching to ORM when you need extra functionality a fairly painless operation.

Authentication framework

As it is pretty much impossible to create an Auth library that will satisfy everyone FuelPHP comes with an Auth framework that sets a default interface drivers have to adhere to. This will allow developers to develop and share their own implementations that others can use as drop-in replacements without having to change the most common usages.

Two sets of drivers are included. A simple set of drivers (aptly named "Simpleauth") is included as an example and quickstart option. It uses is single table to store user information, and configuration files for basic group and role permissions. For a more elaborate permission system, an ORM based set of drivers (named "Ormauth") is included too. It provides a full-featured ACL system with permissions at user, group and role level, and actions that give permissions even more granularity.

For social media interaction, the Auth framework has integrated the Opauth library, allowing you to integrate OAuth based authentication into any application that uses the Auth package.

• Included simple authentication for users, groups & basic ACL.
• Or full-featured RBAC authentication based on ORM if you need it.
• Secure hashing function for passwords included (PBKDF2).
• OAuth integration for social media authentication.
• Default interface for any Auth library in FuelPHP.

Use any template parser for your Views

A Parser package is shipped with FuelPHP that allows for using any template parser for parsing your views instead of basic PHP. There are drivers included for the following libraries:

• Mustache
• Markdown
• Smarty
• Twig
• Haml
• Jade
• Dwoo
• Phptal

Install your templating framework of choice in the Parser package' vendor folder, load the package, and off you go!