Introduction to CodeIgniterEd Finkler

coj@funkatron.com • funkatron.com

200709141

Ed Finkler <coj@funkatron.com>

What is CodeIgniter?

• YAPF(Yet Another PHP Framework)

2

Ed Finkler <coj@funkatron.com>

Why care about CI?

• Battle-tested

• Fast

• Adaptable

3

Ed Finkler <coj@funkatron.com>

Notable CI features

• Fast

• Compatible with many environments

• Quick to set-up

• Plays well with others

• Focus on simple solutions

• Good docs & community

4

Ed Finkler <coj@funkatron.com>

CI structureindex.php

Loaded by browserBootstraps everything

system

base classes & built-in functionality

application

app-specific classes and functionality

5

Ed Finkler <coj@funkatron.com>

CI structure

6

Ed Finkler <coj@funkatron.com>

URL structuredomain.com/controller_class/method/data

<?php

class Search extends Controller {

[...]

function retrieve($id)

{

$this->load->database();

[...]

}

}

?>

7

Ed Finkler <coj@funkatron.com>

MVC pattern

• Controller Classes

• private methods prefixed with “_”

8

Ed Finkler <coj@funkatron.com>

MVC pattern

• Views

• Plain PHP as templating lang

9

Ed Finkler <coj@funkatron.com>

MVC pattern

• Views

• Optional template markup

10

Ed Finkler <coj@funkatron.com>

MVC pattern

• Models

• Optional• ActiveRecord pattern available, not required

• Query binding$sql = "SELECT * FROM some_table WHERE id = ? AND status = ? AND author = ?"; $this->db->query($sql, array(3, 'live', 'Rick'));

11

Ed Finkler <coj@funkatron.com>

Helpers

• Procedural funcs, grouped by file

• Mostly for views; available in controllers

12

Ed Finkler <coj@funkatron.com>

Plugins

• Single procedural function

• More extensive functionality than helper

13

Ed Finkler <coj@funkatron.com>

Loading on-demand

• $this->load->library|view|helper|plugin|...(‘name’);

• Auto-loading set in config/autoload.php

14

Ed Finkler <coj@funkatron.com>

CI security

• Not Foolproof (nothing is!)

• Limits allowed chars in URI

• register_globals “forced off”

15

Ed Finkler <coj@funkatron.com>

CI security

• Data only passed via POST or COOKIE

• GET query destroyed

• Array keys filtered

• Auto XSS Filtering (must enable)

• Query binding - use it!

16

Ed Finkler <coj@funkatron.com>

Extending CI

• The CI Way

• Creating your own libs

• Extend native libs (MY_Email)

• As-is, can’t extend/replace controller or database classes

• Replacing native libs

• Hooks

17

Ed Finkler <coj@funkatron.com>

Extending CI

• The “however the hell you want to do it” way

• Just require your libs

• Collisions unlikely (not impossible)

18

Ed Finkler <coj@funkatron.com>

Example App

• CI + Simplepie + Zend_Json == Web2.0 profit

19

Ed Finkler <coj@funkatron.com>

Danke

• codeigniter.com

• Slides will be up at funkatron.com shortly

20