Glossary of Terms
Logical part of the presenter, performing one action, such as to show a product page, to sign out a user etc. One presenter can have more actions.
So-called byte order mask is a special first character of a file and indicates byte order in the encoding. Some editors include it automatically, it's practically invisible, but it causes problems with headers and output sending from within PHP. You can use Code Checker for bulk removal.
Controller processes requests from user and on their basis it calls particular application logic (ie. model), then it calls view for data rendering. Analogy to controllers are presenters in Nette Framework.
Cross-Site Scripting (XSS)
Nette Framework comes up with a brand new technology of Context-Aware Escaping, which will get you rid of the Cross-Site Scripting risks forever. It escapes all inputs automatically based on a given context, so it's impossible for a coder to accidentally forget something.
Cross-Site Request Forgery (CSRF)
A Cross-Site Request Forgery attack is that the attacker lures the victim to visit a page that silently executes a request in the victim's browser to the server where the victim is currently logged in, and the server believes that the request was made by the victim at will. Server performs a certain action under the identity of the victim but without the victim realizing it. It can be changing or deleting data, sending a message, etc.
Nette Framework automatically protects forms and signals in presenters from this type of attack. This is done by preventing them from being sent or called from another domain.
Dependency Injection (DI) is a design pattern that tells you how to separate the creation of objects from their dependencies. That is, a class is not responsible for creating or initializing its dependencies, but instead those dependencies are provided by external code (which can include a DI container). The advantage is that it allows for greater code flexibility, better readability, and easier application testing because dependencies are easily replaceable and isolated from other parts of the code. For more information, see What is Dependency Injection?
Dependency Injection Container
A Dependency Injection container (also DI container or IoC container) is a tool that handles the creation and management of dependencies in an application (or services). A container usually has a configuration that defines what classes are dependent on other classes, what specific dependency implementations to use, and how to create those dependencies. The container then creates these objects and provides them to the classes that need them. For more information, see What is a DI container?
Escaping is conversion of characters with special meaning in given context to another equivalent sequences. Example: We want to
write quotes into quotes-enclosed string. Because quotes have special meaning in context of the quotes-enclosed string, there is a
need to use another equivalent sequence. Concrete sequence is determined by the context rules (e.g.
PHP's quotes-enclosed string,
" in HTML attributes etc.).
Filter (Formerly Helper)
Notice of a snippet to rerender. In other context also clearing of a cache.
Reusable part of an application. It can be a visual part of a page, as described in the components chapter, or the term can also stand for the class Component (such a component doesn't have to be visual).
Control characters are invisible characters, that can occur in a text and eventually to cause some problems. For their bulk removal from files, you can use Code Checker, for their removal from a variable use function Strings::normalize().
An event is an expected situation in the object, which when it occurs, the so-called handlers are called, i.e. callbacks reacting to the event (sample). The event can be for example form submission, user login, etc. Events are thus a form of Inversion of Control.
For example, a user login occurs in the
Nette\Security\User::login() method. The
User object has a
$onLoggedIn, which is an array to which anyone can add a callback. As soon as the user logs in, the
login() method calls all callbacks in the array. The name of a variable in the form
onXyz is a
convention used throughout Nette.
One of the most innovative templating systems ever.
Model represents data and function basis of the whole application. It includes the whole application logic (sometimes also referred to as a “business logic”). It's the M of MVC or MPV. Any user action (loging in, putting stuff to basket, change of a database value) represents an action of the model.
Model manages its inner state and provides a public interface. By calling of this interface we can take or change its state. Model doesn't know about an existence of view or controller, model is totally independent on them.
Software architecture, that emerged in GUI applications development to separate the code for the flow control (controller) from the code of the application logic (model) and from the data rendering code (view). That way the code is better understandable, it eases the future development and it allows to test separate parts separately.
Architecture based on Model-View-Controller.
Module in Nette Framework represents a collection of presenters and templates, eventually also components and models, that serve data to a presenter. So it is certain logical part of an application.
For example, an e-shop can have three modules:
- Product catalogue with basket.
- Administration for the customer.
- Administration for the shopkeeper.
Namespace is a feature of the PHP language from its version 5.3 and some other programming languages as well. It helps to avoid names collisions (e.g. two classes with the same name) when using different libraries together. See PHP documentation for further detail.
Presenter is an object, that takes the request as translated by the router from the HTTP request and generates a response. Response can be an HTML page, picture, XML document, file, JSON, redirect or whatever you think of.
Bi-directional translator between HTTP request / URL and presenter action. Bi-directional means, that it's not only possible to derive a presenter action from the HTTP request, but also to generate appropriate URL for an action. See more in the chapter about URL routing.
SameSite cookies provide a mechanism to recognize what led to the page load. It can have three values:
None (the latter requires HTTPS). If the request to the page comes directly from the site or
the user opens the page by typing directly into the address bar or clicking on a bookmark, the browser sends all cookies to the
server (i.e. with the flags
None). If the user clicks on the site via a
link from another site, cookies with the
None flags are passed to the server. If the request is
cookies with the
None flag are sent.
In the context of Dependency Injection, a service refers to an object that is created and managed by a DI container. A service can easily be replaced by another implementation, for example for testing purposes or to change the behavior of an application, without having to modify the code that uses the service.
Snippet of a page, that can be separately re-rendered during an AJAX request.
View is a layer of application, that is responsible for request results rendering. Usually it uses a templating system and it knows, how to render its components or results taken from the model.