PhpDev.App
kenjis/codeigniter-ss-twig

kenjis/codeigniter-ss-twig

Stars: 159

Forks: 42

Pull Requests: 21

Issues: 48

Watchers: 26

Last Updated: 2023-09-06 01:35:20

A Simple and Secure Twig integration for CodeIgniter 3.x and 4.x

License: MIT License

Languages: PHP, Twig

CodeIgniter Simple and Secure Twig

Latest Stable Version Total Downloads Latest Unstable Version License

This package provides simple Twig integration for CodeIgniter 4.x.

If you use CodeIgniter3, check master branch.

Requirements

  • PHP 7.4 or later
  • CodeIgniter 4.2.11 or later
  • Twig 3.4.3 or later

Installation

With Composer

$ cd /path/to/codeigniter/
$ composer require kenjis/codeigniter-ss-twig

Usage

Loading Twig Library

$this->twig = new \Kenjis\CI4Twig\Twig();

You can override the default configuration:

$config = [
    'paths' => ['/path/to/twig/templates', VIEWPATH],
    'cache' => '/path/to/twig/cache',
];
$this->twig = new \Kenjis\CI4Twig\Twig($config);

Rendering Templates

Render Twig template and output to browser:

$this->twig->display('welcome', $data);

The above code renders Views/welcome.twig.

Render Twig template:

$output = $this->twig->render('welcome', $data);

The above code renders Views/welcome.twig.

Adding a Global Variable

$this->twig->addGlobal('sitename', 'My Awesome Site');

Getting Twig\Environment Instance

$twig = $this->twig->getTwig();

Supported CodeIgniter Helpers

  • base_url()
  • site_url()
  • anchor()
  • form_open()
  • form_close()
  • form_error()
  • form_hidden()
  • set_value()
  • csrf_field()
  • validation_list_errors()

Some helpers are added the functionality of auto-escaping for security.

octicon-alert mr-2" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true">Warning
validation_list_errors() shows Validation Errors by Services::validation()->listErrors(), and if you use user input for Validation Error messages, attackers may do XSS. In such a case, validate user input and escape it by yourself.

Adding Your Functions & Filters

You can add your functions and filters with configuration:

$config = [
    'functions'      => ['my_helper'],
    'functions_safe' => ['my_safe_helper'],
    'filters'        => ['my_filter'],
];
$this->twig = new \Kenjis\CI4Twig\Twig($config);

If your function explicitly outputs HTML code, you want the raw output to be printed. In such a case, use functions_safe, and you have to make sure the output of the function is XSS free.

References

Documentation

Samples

@TODO

How to Run Tests

$ cd codeigniter-ss-twig
$ composer install
$ vendor/bin/phpunit

Related Projects for CodeIgniter 4.x

Libraries

Tutorials

Building Development Environment