PHP Mini Framework

A lightweight PHP 8.1+ MVC framework with authentication, CSRF protection, form validation, and Twig templating.

Features

• MVC – Controllers, models, and Twig views
• Auth – Register, login, logout, session timeout (30 min)
• Security – CSRF tokens, password hashing, prepared statements
• Validation – Respect\Validation on forms
• Database – PDO, simple base Model (find / create / update / delete)
• Logging – File logger (and optional DB logger)
• Dev UX – Whoops in development; custom error pages in production

Requirements

• PHP 8.1+
• Composer
• MySQL / MariaDB

Installation

1. Clone and install dependencies

   git clone <repo-url> php-mini-framework
   cd php-mini-framework
   composer install

2. Environment

   Copy the example env file and adjust:

   cp .env.example .env

   Edit .env:

   APP_ENV=development
   APP_DEBUG=1
   
   DB_HOST=127.0.0.1
   DB_NAME=php_mini_framework
   DB_USER=root
   DB_PASS=your_password
   

3. Database

   Create the database, then load the schema:

   mysql -u root -p -e "CREATE DATABASE php_mini_framework;"
   mysql -u root -p php_mini_framework < database/schema.sql

   In development, the app runs the schema automatically on each request. For production, run the SQL above manually and set APP_ENV=production.

4. Web server

   Point the document root to public/, or use the included router so all routes go through the app.

   PHP built-in server (recommended):

   php -S localhost:8000 router.php

   This sends every request to public/index.php. Without the router, GET /login, GET /, etc. can yield 404 No such file or directory because the server looks for physical files.

   Alternatively, from the project root:

   php -S localhost:8000 -t public

   Then open http://localhost:8000.

Project Structure

php-mini-framework/
├── database/
│   └── schema.sql          # Users + logs tables
├── public/
│   └── index.php           # Entry point, router bootstrap
├── routes/
│   └── web.php             # Route definitions
├── src/
│   ├── Controller/         # Auth, Home, User
│   ├── Core/               # Controller, Database, Model, Session, Logger, SchemaLoader
│   ├── Middleware/         # AuthMiddleware, CsrfMiddleware
│   ├── Models/             # User
│   └── Views/              # Twig templates (auth, home, users, layouts)
├── .env.example
├── composer.json
└── README.md

Routes

Method	Path	Description
GET	/	Home (auth required)
GET	/login	Login form
POST	/login	Login submit
GET	/register	Register form
POST	/register	Register submit
GET	/logout	Logout
GET	/users/profile	Profile (auth)
GET	/users/edit	Edit profile (auth)
POST	/users/update	Update profile
POST	/users/delete	Delete account

Configuration

• APP_ENV – development | production. Dev enables Whoops and auto schema load.
• APP_DEBUG – 1 | 0. Twig debug mode.
• DB_* – Database connection.

Development vs Production

• Development (APP_ENV=development): Whoops error page, schema run from database/schema.sql on each request.
• Production: Errors logged to logs/, generic redirect on failure, no schema auto-run. Ensure logs/ exists and is writable.

License

MIT.