Nephtali

Overview
Markup
REST API
Security
Debugging
Flexibility
Installation

Download Nephtali

Download the most recent release of Nephtali [ nephtali_3_1_2.zip (26.0 KB) ] from Google Code.

Nephtali is a PHP framework that takes inspiration from the new functional capabilities of PHP 5.3 and newer, provides a simple API contained within one file, and utilizes a pipe-controller architecture with embedded views. A quick list of features includes:

Integrated input validation (including REST-based API to facilitate client-side validation.)
Automatic output escaping.
REST-ful HTML fragment retrieval and debugging output.
Separation of HTML and PHP.
Pipe-controllers (as opposed to page- or front-controllers) handle the display of page regions, allowing fine-grained reuse and region-specific error handling.
Fast PHP code generation using Nedit, Nephtali's web-based code generator.

Markup for pages is placed in a novel location these days:
Within the page of the requested resource.

Nephtali uses XML comments to map out dynamic regions of pages, making it very easy to work with your favorite editor and craft the markup just as you want (no sifting through PHP.)

 <!--pipe:announcements-->
     <!--view:default-->
     <h3>Announcements</h3>
     <ul>
         <!--data-->
         <li><h4><a href="{link}">{title}</a></h4>
             <p>{description}</p>
         </li>
         <!--data-->
     </ul>
     <!--view:default-->
 <!--pipe:announcements-->

Nephtali automatically provides REST-ful API access to the dynamic content regions (pipes) and data validation rules (ports) of any page.

For an example, you can view the html fragment for the announcements column on this page, or view the JSON error feedback for an invalid search (longer than 50 characters) using the search form on this page.

Utilizing the javascript library of your choice, you can easily utilize the API to implement client-side input validation (Nephtali does provide a plugin for jquery that facilitates this work), or update the state of the content of the current page without requesting a new page.

A team of security experts created a list of top-25 security issues. Nephtali was designed from the ground up to help developers address these issues, including:

Integrated input validation and XSS filtering (CWE-20 and CWE-79, respectively.)
Server-side validation provides REST-based calls for form validation, enabling progressively enhanced, client-side validation (CWE-602.)
File uploads are automatically checked for path issues (CWE-73.)
Automatic output escaping (CWE 116.)
Error handling for each individual dynamic region of a page (CWE-209.)
Strong encryption facilitated (CWE-327.)
DB functions make use of PDO prepared statements to prevent SQL injection (CWE-89).
DB namespace is composed of read-only functions (sources), and write functions (actions), avoiding use of unnecessary privileges (CWE-250.)

Additionally, Nephtali is relatively small, simple code base and no feature was (or will be) added without careful analysis in light of Nephtali's security directives.

Nephtali comes with the ability to turn your web browser into your debug output display.

When running in 'dev' mode, Nephtali saves information on the last 10 requests to pages in the site, including the Get, Post, Cookie and Session variables, the Nephtali ports (ports handle input validation in Nephtali for Get, Post, Cookie, and File data), and watched variables [i.e., variables you've added to the debug output with the function n\watch().]

Merely add the get variable nmode=debug to any PHP page to view output. For the sake of demonstration, the Nephtali website is running in 'dev' mode, so you can view a live version of debug output automatically available in any Nephtali website. Just pop the link open in a new tab and browse around the site to see the feedback (refresh the page to see the most recent records.)

Does your web framework allow you to build upon the work already completed by information architects, UX professionals, front-end developers, and graphic designers, or does it require everyone to follow its lead?

In his book entitled "The Elements of User Experience", Jesse James Garrett states that the user experience design process "is all about ensuring that no aspect of the user's experience with your site happens without your conscious, explicit intent." This is a tall order for some web frameworks, as this requires tremendous flexibility.

Because Nephtali makes no assumptions about the any aspect of the application design, it can be inserted into any step of the user experience design process without issue. Nephtali can utilize any existing markup, file-naming conventions, directory structure, or javascript framework.

Installing Nephtali takes a couple minutes.

Download the latest release of Nephtali
Unzip it and upload setup.php to the public directory of your site.
View setup.php in your browser and follow the instructions.

(The upgrade process for this PHP framework is even easier. Just replace the ncore.php file in your Nephtali installation.)

Recent blog entries

Nephtali 3.1.2 released

There’s a new Nephtali for your coding enjoyment. This release focuses on optimizing Nephtali for improved performance. While there is certainly still much ground to cover in terms of performance, this is really the first time I’ve looked at the code purely for performance analysis, and while you might not be able to see the [...]
Nephtali 3.1.1 Released

A new version of Nephtali (3.1.1) has been released. Improvements in the new release include: Updated code formatting to use tabs instead of spaces (now you can set the indentation you desire in your editor), and Nedit now generates code using tabs, too. Altered coding style so most of the PECL recommendations are followed. Improved [...]
Are ports 21, 554, and 7070 open or closed? The answer is yes.

Perhaps you’re confused by the title, and if you are, you’re experiencing the same feeling I’ve had for the past day. Alas, I’ve spent way too much time figuring out why my server was seemingly a bizzaro-world example of up is down, down is up reality. Well, the reality that is pales in comparison to [...]
Nephtali 3.1.0 released

Greetings! Nephtali 3.1.0 has now been officially released. The newest release of Nephtali: Improves the regular expressions used in filtering. Adds the ability to send a single row to the n\view\render() function (before you had to wrap a single row in a parent array before supplying it as an argument.) Fixes some bugs. Allows you [...]
Nephtali 3.0.9 available for download

The newest release of Nephtali is now available for download, and most notably, it incorporates caching capabilities. While Nephtali doesn’t transparently perform the caching for you, it does facilitate the caching of the final page, or of the markup after all of the templates have been applied. You can read more about the new caching [...]

Sites using Nephtali

Nephtali

THE website for information on the nephtali web framework. Yes, we eat our own dogfood and love it :)
Audible Business

Nephtali powers the online ordering tools for clients allowing them to conveniently make orders in a few simple steps (clients only.)
Rogers Wildlife Art

The site incorporates a simple admin that allows the artist to manage the sculptures displayed on the site. Nephtali also provides the search and contact form capabilities.
Community Economic Development Association of Michigan (CEDAM)

Nephatli powers the various feeds and client admin and members-only section for the site.
Michigan Humanities Council

Powers a custom admin, site search, and RSS feeds.
CreteFleet.com

Used concrete equipment sales, including curbing machines, laser graders, and more.