No, Nephtali isn't another MVC framework, so please keep reading. Nephtali is a PHP framework that takes inspiration from the new functional capabilities of PHP 5.3 and newer, provides a simple API contained within one file, and utilizes a micro controller architecture with embedded views. A quick list of features includes:

• Integrated input validation and automatic output escaping.
• Restful input validation, html fragment retrieval, and debugging all automatically provided.
• Markup and PHP are cleanly separated.
• Micro-controllers (as opposed to page- or front-controllers) handle the display of page regions, allowing fine-grained reuse and region-specific error handling.
• Try generating the PHP code using Nedit, Nephtali's web-based code generator. You can quickly generate the core code for your pages and then refine it to meet your custom needs.

Markup for pages is placed in a novel location these days:
Within the page of the requested resource.

Nephtali uses XML comments to map out dynamic regions of pages, making it very easy to work with your favorite editor and craft the markup just as you want (no sifting through PHP.)

 <!--pipe:announcements-->
     <!--view:default-->
     <h3>Announcements</h3>
     <ul>
         <!--data-->
         <li><h4><a href="{link}">{title}</a></h4>
             <p>{description}</p>
         </li>
         <!--data-->
     </ul>
     <!--view:default-->
 <!--pipe:announcements-->

Nephtali automatically provides REST-ful API access to the dynamic content regions (pipes) and data validation rules (ports) of any page.

For an example, you can view the html fragment for the announcements column on this page, or view the JSON error feedback for an invalid search (longer than 50 characters) using the search form on this page.

Utilizing the javascript library of your choice, you can easily utilize the API to implement client-side input validation (Nephtali does provide a plugin for jquery that facilitates this work), or update the state of the content of the current page without requesting a new page.

A team of security experts created a list of top-25 security issues. Nephtali was designed from the ground up to help developers address these issues, including:

• Integrated input validation and XSS filtering (CWE-20 and CWE-79, respectively.)

• Server-side validation automatically provides REST-based calls for form validation, enabling progressively enhanced, client-side validation (CWE-602.)

• File uploads are automatically checked for path issues (CWE-73.)
• Automatic output escaping (CWE 116.)
• Error handling for each individual dynamic region of a page (CWE-209.)
• Strong encryption facilitated (CWE-327.)
• DB functions make use of PDO prepared statements to prevent SQL injection (CWE-89), and the namespace is composed of read-only functions (sources), and write functions (actions), avoiding use of unnecessary privileges (CWE-250.)

Additionally, Nephtali constitutes a relatively small, simple code base and no feature was (or will be) added without careful analysis in light of Nephtali's security directives.

One of the most important features of any development environment is the ability to quickly identify why things aren't working. Nephtali comes with the ability to turn your web browser into your debug output display.

When running in 'dev' mode, Nephtali saves information on the last 10 requests to pages in the site, including the Get, Post, Cookie and Session variables, the Nephtali ports (ports handle input validation in Nephtali for Get, Post, Cookie, and File data), and watched variables [i.e., variables you've added to the debug output with the function n\watch().]

You merely add the get variable nmode=debug to any PHP page to view output. For the sake of demonstration, the Nephtali website is running in 'dev' mode, so you can view a live version of debug output automatically available in any Nephtali website. Just pop the link open in a new tab and browse around the site to see the feedback (you'll have to refresh the page to see the most recent records.)

In his book entitled "The Elements of User Experience", Jesse James Garrett states that the user experience design process "is all about ensuring that no aspect of the user's experience with your site happens without your conscious, explicit intent." This is a tall order for some web frameworks, as this requires tremendous flexibility.

Does your web framework allow you to build upon the work already completed by information architects, UX professionals, front-end developers, and graphic designers, or does it require everyone to follow its lead?

Because Nephtali makes no assumptions about the any aspect of the application design, it can be inserted into any step of the user experience design process without issue. All of the HTML prototype code can be used as is by merely adding a few html comments. All of the current directory structure can be used as is. The javascript code can be used as is. The web forms can be used as is.

In short, Nephtali frees you from having to worry about whether something will work with your web framework and lets you focus on the most important question:
Will this work well for my users?

Installing Nephtali takes a couple minutes.

1. Download the latest release of Nephtali
2. Unzip it and upload setup.php to the public directory of your site.
3. View setup.php in your browser and follow the instructions.

(The upgrade process for this PHP framework is even easier.)