dressapi / core
Libreria core per le applicazioni DressAPI.
Maintainers
Requires
- php: >=8.1
- firebase/php-jwt: ^7.0.0
- matthiasmullie/minify: ^1.3
- monolog/monolog: ^3.9
- phpmailer/phpmailer: ^6.10.0
- predis/predis: 3.0.1
- symfony/mailer: ^7.0
- voku/html-min: ^4.5
Requires (Dev)
- phpstan/phpstan: 2.1.2
README
DressAPI is an open source PHP 8.x framework that automatically maps your database schema to a RESTful API. It uses a dynamic ORM — it reads the DB structure at runtime — so you rarely need to write model code. The architecture is MVC but without the boilerplate: add a table to your database and the endpoint is immediately available.
The name "DressAPI" means it dresses up your database and exposes it as a REST API.
License: Apache 2.0 · Author: Tufano Pasquale · Version: 3.0.6
Features
- Zero-config ORM — reads table structure, types and relations directly from the DB at runtime
- Automatic relation resolution — foreign keys (e.g.
id_user) are resolved to meaningful values without writing JOINs - Full CRUD over HTTP — GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
- JWT authentication — via
Authorization: Bearer <token>header - ACL system — per-role, per-table CRUD permissions stored in DB
- Filtering, ordering and pagination — via URL parameters, no query string needed
- Multiple output formats — JSON (default), XML, HTML, plain text
- File/Redis cache — auto-invalidated when related data changes
- Lazy DB connection — connects only when actually needed
- Mail support — via PHPMailer and Symfony Mailer
- Multilingual support — translator module with DB-stored translations
- Strict input validation — based on DB column types; regex per-field is supported
- Highly extensible — create custom modules or override any default behaviour
Requirements
| Component | Minimum | Notes |
|---|---|---|
| PHP | 8.1 | Extensions: pdo_mysql, curl, mbstring, json |
| MySQL | 5.7 | Primary supported DBMS |
| MariaDB | 10.3 | Alternative to MySQL |
| Apache | 2.4 | mod_rewrite required |
| Composer | 2.x |
Other DBMS: Driver code exists for PostgreSQL, MS SQL Server and Oracle, but these are experimental and not officially supported in v3.0.
Installation
Via Composer (recommended)
composer require dressapi/core
Via Git
git clone https://git.dressapi.com/dressapi/core.git
cd core
composer install
Quick Start
DressAPI Core is a library — it is included by an application (such as dressapi/api or dressapi/cms). To bootstrap it in your own www/index.php:
<?php
require_once __DIR__ . '/../../config.php'; // your app config
require_once __DIR__ . '/../../vendor/autoload.php'; // composer autoload
require_once __DIR__ . '/../../vendor/dressapi/core/bootstrap.php'; // framework bootstrap
The bootstrap.php handles the full request lifecycle:
- DB connection
- Logger and cache setup
- URL parsing (CRequest)
- JWT authentication (CUser)
- ACL loading
- Controller dispatch
- Response output
Configuration
Copy vendor/dressapi/core/default-config.php as a reference and create your own config.php in the application root. Override only the constants you need:
<?php
define('DOMAIN_NAME', 'yourdomain.com');
define('APP_NAME', 'myapp');
define('APP_ENV', 'production'); // develop | stage | production
// IMPORTANT: change these two keys before going to production
define('TOKEN_SECRET_KEY', 'your-unique-jwt-secret');
define('PWD_CRYPT', 'your-unique-crypt-key');
// Database
define('DB_HOST', 'localhost');
define('DB_PORT', 3306);
define('DB_NAME', 'mydb');
define('DB_USERNAME', 'myuser');
define('DB_PASSWORD', 'mypassword');
define('DBMS_TYPE', 'MySql');
// User table (change only if your schema differs)
define('USER_TABLE', '_user');
define('USER_ITEM_USERNAME', 'username');
define('USER_ITEM_PASSWORD', 'pwd');
Database Conventions
DressAPI infers relationships from naming conventions:
| Convention | Description | Example |
|---|---|---|
id | Primary key | id |
id_{table} | Foreign key to {table} | id_user, id_category |
_ prefix | Framework-managed tables | _user, _role, _acl |
Framework Tables
| Table | Purpose |
|---|---|
_user | Users |
_role | Roles |
_acl | Per-role, per-table CRUD permissions |
_user_role | User–role associations |
_module | Module/endpoint definitions |
_route | Custom routes |
_translation | UI string translations |
Authentication
Login
curl -X POST https://yourapi.com/sign \
-d "dusername=admin&dpassword=yourpassword"
A successful response returns a JWT token:
{
"token": "eyJ0eXAiOiJKV1Qi..."
}
Authenticated requests
Pass the token in the Authorization header:
curl -H "Authorization: Bearer <token>" \
-X GET https://yourapi.com/article
API URL Reference
HTTP Methods
| Method | Action |
|---|---|
GET | Read one or more records |
POST | Insert a new record |
PUT | Full update of a record |
PATCH | Partial update of a record |
DELETE | Delete a record |
OPTIONS | Return field types and allowed methods |
HEAD | Like GET but returns headers only |
URL Parameters
| Parameter | Short | Example | Description |
|---|---|---|---|
full | full | /article/full | Resolve foreign keys to human-readable values |
page | p | /article/p/2 | Page number |
/p/{page},{per_page} | /article/p/2,10 | Page number and items per page | |
order-by | ob | /article/ob/title | Order by field (default ASC) |
/article/ob/id-DESC | Order descending |
Filters
Append {field}{operator}{value} to the URL path:
| Operator | Meaning | Example |
|---|---|---|
= | Equals | /article/id_user=5 |
< | Less than | /article/views<100 |
> | Greater than | /article/views>100 |
>= | Greater or equal | /article/id>=10 |
<= | Less or equal | /article/id<=10 |
~ | Contains (LIKE) | /article/title~Welcome |
Filters can be combined:
curl -H "Authorization: Bearer <token>" \
-X GET "https://yourapi.com/article/id_user=1/ob/id-DESC/p/1,10"
Output Formats
Set via the Accept header (default: JSON):
-H 'Accept: application/json'
-H 'Accept: application/xml'
-H 'Accept: text/plain'
-H 'Accept: text/html'
Examples
# Read all articles (page 1, 20 per page by default)
curl -H "Authorization: Bearer <token>" -X GET https://yourapi.com/article
# Read article with id=1
curl -H "Authorization: Bearer <token>" -X GET https://yourapi.com/article/1
# Read with resolved relations
curl -H "Authorization: Bearer <token>" -X GET https://yourapi.com/article/1/full
# Insert
curl -H "Authorization: Bearer <token>" -X POST https://yourapi.com/article \
-d "title=Hello World&body=Content here&id_user=1"
# Partial update
curl -H "Authorization: Bearer <token>" -X PATCH https://yourapi.com/article/1 \
-d "title=Updated Title"
# Delete
curl -H "Authorization: Bearer <token>" -X DELETE https://yourapi.com/article/1
Module System
The framework ships with built-in modules:
| Module | Endpoint | Description |
|---|---|---|
base | /{table} | Generic CRUD for any DB table |
sign | /sign | Login, registration, password reset |
admin | /admin | Administration panel |
pages | /pages | CMS page management |
menu | /menu | Navigation menu management |
repository | /repository | File/document repository |
scheduler | /scheduler | Task scheduling |
translator | /translator | Translation management |
info | /info | System information |
Custom modules extend CBaseController and are automatically routed.
Related Projects
| Project | Description |
|---|---|
| dressapi/cms | Full CMS with server-side HTML rendering |
| dressapi/api | Pure REST API for decoupled frontends |
| dressapi/vue | Vue 3 frontend |
| dressapi/react | React frontend |
| dressapi/angular | Angular frontend |
| dressapi/ajax | Vanilla JS frontend |
License
Apache 2.0 — free for personal and commercial use.