Improved view file initialisation

Improved View File Path Establishment

This release enhances how view file paths are determined.

Techniques Used:

1. Assume the containing module (view file module) is equal to the value of $data['view_module'], if the 'view_module' property has been set.

2. Assume the containing module (view file module) is equal to the current class converted to lowercase.

3. If step 2 fails to find an existing view file, evaluate the first segment of the URL. If the first segment contains one forward slash with two strings on either side, assume the containing module (view file module) is equal to the first URL segment with '-' replaced by '/'.

What does this mean?

This update allows us to load view files without explicitly declaring a $data['view_module'] value. Even when dealing with sub-modules, the system can establish the view file location, even if $data['view_module'] has not been set.

However, there is still value in declaring $data['view_module']. It can be useful in scenarios involving URL rewriting. Additionally, since a try/catch block is used when $data['view_module'] has NOT been set, there could be a potential performance boost for those who actively declare the $data['view_module'] property.

As always, if you encounter any challenges with this update, please visit our Help Bar.

Enhanced Form Handling, Model Class, and various Module Improvements

This release brings a variety of improvements to the framework, including essential additions to our form_helper.php file and various enhancements to our Model class. We have also implemented 'private/public/protected' usage throughout the engine directory. Additionally, new functions have been introduced in our helper files. Detailed documentation covering these updates will soon be available.

Additional Steps

It has been a while since we released an update of this scale. We recommend visiting GitHub to manually download all modules starting with 'trongate_', as they have also undergone improvements.

Furthermore, please replace any files you have inside public/css and public/js. If you have your own .js or .css files there, please retain them. However, we have made modifications to some files inside public/css and public/js, so we advise downloading those from GitHub, if possible.

The URL for GitHub is: https://github.com/trongate/trongate-framework/tree/master/modules

And Finally

Stability is our highest priority. We don't want any breaking changes ever. However, while we have tried our best to make this latest update optional and non-breaking, there is a potential for backwards compatibility issues, especially if you are using 'count' related methods on the Model class. If you encounter any issues with your application, we apologise. We encourage anyone facing errors to visit the Help Bar at https://trongate.io/help_bar.

CSRF Token Correction

With this version we have a correction that is to do with how CSRF and handled. Previously (and for a short time) the form_close() function was erroneously generating new tokens upon each page load. Many thanks to Simon Field (aka 'Dafa') for coming to the rescue with this fix. This fix relates to code that is inside the 'engine' directory so if you update to the latest version of the framework, using the desktop app, you'll be good to go.

For those downloading brand new instances of Trongate, we've also cleaned up some of the code on toolbar-manager.js - which is a part of the Trongate Pages module.

Once again, a huge thank you to Simon for this one. Happy coding!

Improved time picker functionality

With this release, the hour and minute sliders on time pickers are automatically going to the correct positions in instances where a user clicks on a 'time' input field that contain a valid time value.

Trongate prioritises stability and we try hard to keep the frequency of minor version releases as low as possible. However, this release is necessary as we're using a new function that has been added to the engine folder, namely 'format_time_str()'.

This update is part of a wider rebuild of our date and time picker functionality. All of our code (mostly JavaScript) relating to date and time pickers is being vastly improved. It's a huge job and - as far as we know - no other PHP framework has these features.

Moving forward, Trongate will continue to prioritise stability and will continue to say 'no thanks' to third-party dependencies.

Thank you for choosing Trongate. Enjoy!

Improve Date Time Functionality

With this release, we've rebuilt and modernised all JavaScript related to date and time pickers. We've introduced a new helper file (located in the engine folder) to assist with times and dates. This marks the first in a sequence of updates that will pave the way toward a comprehensive multi-lingual framework.

Introduced The Out Function, Improved CSRF Protection And More

Ahoy!

We're thrilled to introduce the latest version of the Trongate Framework, Version 1.3.3046, with exciting new features and enhancements to make your web development experience even better. As you would expect, with Trongate, this release has no breaking changes.

We remain committed to stability and we're satisfied that this release brings value but without breaking your existing apps.

Here are the highlights of this release:

New Functionality - out()
In this release, we are introducing the new out() function, a powerful tool that ensures the safe and secure handling of string output in various contexts. Let's take a closer look at the benefits of this function:

String Escaping: The out() function is designed to escape and format strings for safe inclusion in HTML, XML, JSON, JavaScript, or as attributes. This helps prevent common vulnerabilities like cross-site scripting (XSS) by ensuring that user-generated content is properly sanitized for the intended output format.

Custom Output Formats: You can specify the desired output format as an optional parameter, allowing you to tailor the string output to specific needs. Choose from 'html' (default), 'xml', 'json', 'javascript', or 'attribute' to seamlessly integrate the output into your web applications.

Encoding Flexibility: The function supports different character encodings, with 'UTF-8' as the default. This flexibility ensures that the function can handle diverse character sets and languages.

Exception Handling: If an unsupported output format is provided, the function raises an exception, promoting robust error handling and code reliability.

To see the out() function in action and learn how to integrate it into your Trongate applications, check out our comprehensive tutorial on YouTube: Watch the Tutorial.

CSRF Protection Enhancements
In this release, we've also made significant enhancements to the way CSRF (Cross-Site Request Forgery) protection is handled within the Trongate Framework. Our improved CSRF protection mechanisms ensure that your web applications are safeguarded against malicious attacks. These new measures also introduce significant benchmark improvements.

Finally, we've added a handful of bug fixes - mostly just typos and things of that nature.

As always, we are committed to providing you with a robust and secure framework for your web development projects. We hope you enjoy the new features and improvements introduced in Version 1.3.3046.

Thank you for choosing Trongate Framework for your web development needs. Your feedback and support are invaluable to us. We look forward to seeing the incredible projects you'll create with this latest release.

Happy coding!

Improved API Explorer and now introducing type hinting & return types

Greetings everyone,

We are excited to announce some changes in our latest release that we believe will make using our PHP framework even better.

In the past, we used the w3css library for our API Explorer, which is a fantastic CSS library. However, we have decided to rewrite the API Explorer without using third-party code. This means we are now more in control of the schedule and maintenance of this important tool.

We have also rewritten the JavaScript code used in our original API Explorer, which was previously super minified and difficult to read. This update leaves us with clear and easy-to-understand code.

Additionally, we have introduced typing hinting and return types in this update, which is something we didn't initially plan to do. However, we believe this is important given the increasing frequency of changes to PHP by the PHP Foundation. By being proactive, we can stay ahead of the curve and ensure our framework is as robust and reliable as possible.

Special thanks go to Simon (DaFa66) for his help with this one.

Thank you for your continued support, and we hope you enjoy these improvements in our latest release.

Best regards,

David Connelly

Various tweaks and improvements

Previously, there was an error in our filter_string() function which sometimes gets called when a user submits a form field such as a text input or textarea. The error caused line breaks to be ignored, presenting the text as a single unbroken line and causing issues. This release has fixed this issue.

Additionally, we have made changes to how the model is loaded. This required modifications to the internal structure of the 'engine' folder. As a result, Trongate websites can now be created without the use of databases. Moving forward, the model class will only be loaded when it is needed.

We have also removed the 'unique' feature from the validation helper. Having that feature included in a framework is not a good idea.

Correction to validation helper CSRF protection

There was an error with v1.3.3043. The error was, (automatic) CSRF protection was being called over and over when forms with more than one form field were submitted. The upshot is, I had accidentally pasted a line of code into the wrong place. D'oh!

Anyway, we should be good now. Special thanks to ak1 and nicholodesanti for helping out with this.

Improved CSRF protection and improved file uploader

We are excited to announce the release of version 1.3.3042 of our PHP framework. There are NO BREAKING CHANGES with this release.

This release includes important security improvements, specifically in the area of CSRF protection. We have also made significant enhancements to the file uploader, making it more robust and user-friendly. As always, we recommend all users to upgrade to the latest version to take advantage of these improvements. Special thanks to Dafa for this outstanding work with regards to the file uploader. The docs will be updated shortly as will the Learning Zone.