The Framework

Modern PHP Framework for Everyone

Website • Documentation • Get Started • Changelog

The Framework is a modern, secure, and lightweight PHP framework designed with one mission: make web development accessible to everyone, including developers using free shared hosting without SSH access.

✅ No VPS required          ✅ Laravel-style DX
✅ Works on free hosting    ✅ Built-in security (WAF, CSRF)     ✅ Ultra-Lightweight (~27MB)
✅ Comprehensive documentation      ✅ 20x Smaller than Laravel
✅ Auto-WebP Uploads        ✅ Production-ready
✅ Fluent Helpers           ✅ Clean Internal Split

"The Iron Dome" Update

• ✅ Military-Grade Security (Phase 2): Introduced a 4-Layer security model for the Web Command Center.
• ✅ Automatic Global CSRF: All state-changing routes (POST, PUT, DELETE) are now protected by default via Global Router Middleware.
• ✅ Strict File Whitelist: Replaced the legacy blacklist with a strict whitelist protocol for serving private files.
• ✅ Clean Tinker Engine: Web Tinker now produces clean, JSON-pretty output identical to the CLI version, with enhanced RCE obfuscation detection.
• ✅ Sensitive Data Masking: Professional-grade logging that automatically masks passwords and secret tokens in database execution logs.
• ✅ Global Middleware System: New CORE support for registering middlewares that run on every single request.
• ✅ TFWire 2.0 (Component Engine): Major rewrite with Facade support, Plugin system, and State Encryption.
• ✅ Fluent Tester API: New TFWire component testing which is 10x faster than browser testing.
• ✅ Artisan Generator v2: New make:command and make:component for faster scaffolding.

The "Fluent DX" Update

• ✅ Modern Internal Split: All framework-internal controllers (Error, Debug, Sitemap, etc.) moved to App\Internal to keep the developer's space clean.
• ✅ Fluent Syntax Engine: New global helpers allowing return view(), return redirect(), and return json() for a much smoother coding experience.
• ✅ Premium Flash Helper: New flash('notification') utility for elegant transient message handling.
• ✅ Trait Logic Migration: System traits moved to App\Traits to prevent accidental modification.
• ✅ Enhanced Redirects: Fluent redirect builder supporting redirect()->back().
• ✅ Safe Auto-File Clearing: Migrasi (fresh/rollback) kini otomatis membersihkan folder upload yang diizinkan (shared, docs, dll) tanpa menghapus file sistem seperti .htaccess.

# Clone the repository
git clone https://github.com/chandra2004/the-framework.git
cd the-framework

# Install dependencies
composer install

# Setup environment
php artisan setup

# Run development server
php artisan serve

Visit http://127.0.0.1:8080 🎉

Our documentation is comprehensive, well-organized, and beginner-friendly:

• 📖 Introduction - What is The Framework?
• ⚙️ Installation - Step-by-step installation guide
• 🏗️ Structure - Understanding the folder structure
• 🔧 Configuration - Environment variables guide

• 🛣️ Routing - URL routing and parameters
• 🌍 HTTP Module (New!) - Request, Router, Session & Validator
• 🎨 Views & Blade - Templating engine
• 🎨 Blade Engine - Custom directives & initialization ⭐ NEW
• 🔒 Session Manager - Secure session & flash data ⭐ NEW
• 🔐 Security - CSRF, XSS, WAF protection
• ✅ Validation - Input validation rules

• 🗄️ Database - Query Builder & connections
• 🗄️ Database Engine - PDO wrapper, transactions & savepoints ⭐ NEW
• 📊 Migrations - Database version control
• 🏗️ Schema Builder - Column types, indexes & introspection ⭐ NEW
• 🔗 ORM & Relations - Eloquent-like ORM

• 🏗️ Architecture - MVC pattern explained
• 📦 DI Container - Dependency Injection & auto-wiring ⭐ NEW
• 📝 Logging - Multi-channel logging system ⭐ NEW
• ⚡ Cache - Caching system (File, Array, Database) ⭐ NEW
• 🔧 Core - Config, Container, Lang, Logging ⭐ NEW
• 🛠️ Utility Classes - Arr, Str, Collection, DatabaseHelper ⭐ NEW
• 🔄 CRUD Trait - Auto CRUD via Trait ⭐ NEW
• 🚀 Performance - Caching & optimization
• 🧪 Testing - Unit & feature testing
• 🚢 Deployment - Deploy to production
• 🐳 Docker - Containerization
• 🚨 Error Handling - Exception patterns

• 🌐 Web Command Center - Manage without SSH
• 💛 Tinker (Interactive Shell) - Debug code live (CLI & Web) ⭐
• 🛠️ Artisan CLI - Command-line tools
• 🖥️ Console Engine - BaseCommand, 41 commands & stubs ⭐ NEW
• 🌍 Localization - Multi-language support
• 🗺️ SEO & Sitemap - SEO best practices
• 📧 Email Handler - SMTP & Queue Support ⭐
• 💳 Payment Handler - Midtrans API Wrapper ⭐
• 📤 Upload Handler - Auto-WebP & Resize Engine ⭐

📖 View Full Documentation

// Built-in Web Application Firewall
WAFMiddleware::protect();

// Automatic CSRF protection
@csrf

// Secure headers out-of-the-box
X-Frame-Options, CSP, HSTS, XSS-Protection

The only PHP framework designed for shared hosting users:

# No SSH? No problem! Use Web Command Center
https://yoursite.com/_system/migrate
https://yoursite.com/_system/seed
https://yoursite.com/_system/tinker  <-- NEW!
https://yoursite.com/_system/logs

Perfect for:

• ✅ InfinityFree, 000webhost, Hostinger
• ✅ Any shared hosting without SSH
• ✅ Students with limited budget

// Expressive routing (Laravel-like)
Router::get('/users/{id}', [UserController::class, 'show']);

// Powerful ORM
$users = User::with('posts')->where('active', true)->get();

// Clean blade templates
@extends('layouts.app')
@section('content')
    <h1>{{ $title }}</h1>
@endsection

• 📘 Getting Started Tutorial
• 📹 Video Tutorials (coming soon)
• 💬 Community Forum (coming soon)

• 🛒 E-commerce Starter (coming soon)
• 📝 Blog Platform (coming soon)
• 🎫 Event Management (coming soon)

Patch Update & Stability Build

• ✅ Fluent Migrations: Chaining support for schema building (e.g., ->unique(), ->index()).
• ✅ Smart Rate Limiting: Local development bypass (never get blocked on localhost again).
• ✅ Enhanced Helpers: New base_path(), storage_path(), and ip() utilities.
• ✅ Deep Optimization: php artisan optimize now clears ratelimit and storage caches.
• ✅ Premium Error UI: Specialized dashboard for Blade errors with source mapping.

We welcome contributions! Please see CONTRIBUTING.md for details.

• 🐛 Report bugs
• 💡 Suggest features
• 📝 Improve documentation
• 🔧 Submit pull requests

If you discover a security vulnerability, please email:

📧 [email protected]

DO NOT create public GitHub issues for security vulnerabilities.

See SECURITY.md for our security policy.

The Framework is open-sourced software licensed under the MIT license.

Created with ❤️ by Chandra Tri Antomo

• Laravel team for inspiration
• Illuminate components
• All contributors and users