Most of the desired features required for any framework or application are implemented in the Almanzor Framework. Here is a list of the most important features with a brief description. Many other small features or improvements are also included in the code and the programmer doesn't need to take care about them.
MVC The framework is based in a Model - View - Controller architecture pattern. Allows separate layers and avoid coupling between parts of the application. Provides an unique entry point redirected to a front controller which manages urls and actions. Most of the controller code is delegated into layouts which connect the model and the views depending on the action requested. The model part provides active record and ORM mapping. Advanced controller features are available.
Active record, CRUD and ORM For the access to the database, as many other frameworks, AF implements the Active Record pattern, providing all the functionality of CRUD: create, read, update and delete (equivalent to insert, select, update and delete in a relational database). AF uses also ORM which allows to make easily queries to a database with many conditions and filtering per multiple criterias. The results of the queries are lists of instances of objects of our model.
Unit tests Every class is tested following the TDD methodology. There are many tests checking every method of every class in the framework, reducing the posibility that some part of the code fails. Tests are passing often to detect errors at the early stages.
Security The framework provides security via authentication method for users, and also in the model layer. All the queries over the database are escaped to avoid sql injection, it includes selection and also insertion of any object. About XSS attack, no file is included or added via url, and even the views are inserted as text but never executed. Only actions can be passed via url so there is no way to execute code via urls or ajax. The GET parameters are never used in AF.
Log The framework contains as core a log system to register log entries at any point of the application, allowing to manage some levels of log and also to manage all together some files of logs. All the log messages are stored in a persistent file and never sent in the response. The system can trace errors, warnings or just information messages.
Multilanguage A module is provided to manage languages. The current language is persistent via session. Initially the language can be detected via browser language or even via IP (through geolocation). Keep current language into the list of available languages and provide default language in case that the detected language is not available.
Authentication The framework comes with an integrated module for user authentication. This module allows to manage easily authentication of the users in the application. The security of the module is based over the session, expiring token and IP to ensure access and avoid any impersonate attack. Timeout and other properties can be defined.
Modules Basically, AF is a bootstrap that define a main static class and load all the modules specified. A list of modules is available, some of them are part of the core. Modules can be loaded at any part of the code, allowing to load them just in case some code needs it. Modules can be loaded and stored in a global or even local variable, loaded at any time in the code. New modules can be easily developed and hooked to the AF static class.
Web services Some basic webservices are defined and they can be extended to create more complex webservices. Every webservice have full access to the application and can be configured completely different or not of the main application, loading more or less modules and having different configuration for these modules. The webservice can reply xml code or json code. Webservices can be authenticated against the defined users in the application.