CakePHP Cookbook Documentation


CakePHP Cookbook Documentation Release 2.x Cake Software Foundation October 30, 2012 Contents 1 Getting Started 1 2 Blog Tutorial 3 Getting Cake.............................................3 Creating the Blog Database......................................4 Cake Database Configuration.....................................5 Optional Configuration........................................5 A Note on mod_rewrite........................................6 3 Blog Tutorial - Adding a layer9 Create a Post Model..........................................9 Create a Posts Controller.......................................9 Creating Post Views.......................................... 10 Adding Posts............................................. 13 Data Validation............................................ 14 Editing Posts............................................. 15 Deleting Posts............................................. 17 Routes................................................. 18 Conclusion.............................................. 19 Additional Reading.......................................... 19 4 Installation 29 Requirements............................................. 29 License................................................ 29 Downloading CakePHP........................................ 30 Permissions.............................................. 30 Setup................................................. 30 Development............................................. 30 Production............................................... 31 Advanced Installation and server specific configuration....................... 32 i Fire It Up............................................... 37 5 CakePHP Overview 39 What is CakePHP? Why Use it?................................... 39 Understanding Model-View-Controller................................ 40 Where to Get Help.......................................... 42 6 Controllers 45 The App Controller.......................................... 45 Request parameters.......................................... 46 Controller actions........................................... 46 Request Life-cycle callbacks..................................... 47 Controller Methods.......................................... 48 Controller Attributes......................................... 55 More on controllers.......................................... 57 7 Views 77 View Templates............................................ 77 Using view blocks........................................... 79 Layouts................................................ 81 Elements................................................ 83 View API............................................... 86 More about Views........................................... 88 8 Models 99 Understanding Models........................................ 99 More on models............................................ 101 9 Core Libraries 201 General Purpose............................................ 201 Behaviors............................................... 241 Components.............................................. 268 Helpers................................................ 318 Utilities................................................ 409 10 Plugins 521 Installing a Plugin........................................... 521 Plugin configuration.......................................... 521 Advanced bootstrapping....................................... 522 Using a Plugin............................................. 523 Creating Your Own Plugins...................................... 523 Plugin Controllers........................................... 524 Plugin Models............................................. 525 Plugin Views............................................. 526 Plugin assets.............................................. 526 Components, Helpers and Behaviors................................. 527 Expand Your Plugin.......................................... 527 Plugin Tips.............................................. 528 ii 11 Console and Shells 529 The CakePHP console......................................... 529 Creating a shell............................................ 531 Shell tasks............................................... 533 Invoking other shells from your shell................................. 534 Console output levels......................................... 534 Styling output............................................. 535 Configuring options and generating help............................... 536 Shell API............................................... 544 More topics.............................................. 547 12 Development 561 Configuration............................................. 561 Routing................................................ 573 Sessions................................................ 590 Exceptions............................................... 596 Error Handling............................................ 603 Debugging............................................... 606 Testing................................................. 609 REST................................................. 631 Dispatcher Filters........................................... 635 Vendor packages........................................... 639 13 Deployment 641 Check your security.......................................... 641 Set document root........................................... 641 Update core.php............................................ 641 Multiple CakePHP applications using the same core......................... 642 14 Tutorials & Examples 643 Blog Tutorial............................................. 643 Blog Tutorial - Adding a layer.................................... 647 Simple Authentication and Authorization Application........................ 657 Simple Acl controlled Application.................................. 664 Simple Acl controlled Application - part 2.............................. 671 15 Appendices 675 2.3 Migration Guide.......................................... 675 2.2 Migration Guide.......................................... 680 2.1 Migration Guide.......................................... 686 2.0 Migration Guide.......................................... 697 Migration from 1.2 to 1.3....................................... 730 General Information.......................................... 750 16 Indices and tables 753 Index 755 iii iv CHAPTER1 Getting Started The CakePHP framework provides a robust base for your application. It can handle every aspect, from the user’s initial request all the way to the final rendering of a web page. And since the framework follows the principles of MVC, it allows you to easily customize and extend most aspects of your application. The framework also provides a basic organizational structure, from filenames to database table names, keep- ing your entire application consistent and logical. This concept is simple but powerful. Follow the conven- tions and you’ll always know exactly where things are and how they’re organized. The best way to experience and learn CakePHP is to sit down and build something. To start off we’ll build a simple blog application. 1 CakePHP Cookbook Documentation, Release 2.x 2 Chapter 1. Getting Started CHAPTER2 Blog Tutorial Welcome to CakePHP. You’re probably checking out this tutorial because you want to learn more about how CakePHP works. It’s our aim to increase productivity and make coding more enjoyable: we hope you’ll see this as you dive into the code. This tutorial will walk you through the creation of a simple blog application. We’ll be getting and installing Cake, creating and configuring a database, and creating enough application logic to list, add, edit, and delete blog posts. Here’s what you’ll need: 1. A running web server. We’re going to assume you’re using Apache, though the instructions for using other servers should be very similar. We might have to play a little with the server configuration, but most folks can get Cake up and running without any configuration at all. Make sure you have PHP 5.2.8 or greater. 2. A database server. We’re going to be using MySQL server in this tutorial. You’ll need to know enough about SQL in order to create a database: Cake will be taking the reins from there. Since we’re using MySQL, also make sure that you have pdo_mysql enabled in PHP. 3. Basic PHP knowledge. The more object-oriented programming you’ve done, the better: but fear not if you’re a procedural fan. 4. Finally, you’ll need a basic knowledge of the MVC programming pattern. A quick overview can be found in Understanding Model-View-Controller. Don’t worry, it’s only a half a page or so. Let’s get started! Getting Cake First, let’s get a copy of fresh Cake code. To get a fresh download, visit the CakePHP project on GitHub: http://github.com/cakephp/cakephp/downloads and download the latest release of 2.0 3 CakePHP Cookbook Documentation, Release 2.x You can also clone the repository using git (http://git-scm.com/). git clone git://github.com/cakephp/cakephp.git Regardless of how you downloaded it, place the code inside of your DocumentRoot. Once finished, your directory setup should look something like the following: /path_to_document_root /app /lib /plugins /vendors .htaccess index.php README Now might be a good time to learn a bit about how Cake’s directory structure works: check out CakePHP Folder Structure section. Creating the Blog Database Next, let’s set up the underlying database for our blog. if you haven’t already done so, create an empty database for use in this tutorial, with a name of your choice. Right now, we’ll just create a single table to store our posts. We’ll also throw in a few posts right now to use for testing purposes. Execute the following SQL statements into your database: /* First, create our posts table: */ CREATE TABLE posts ( id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY, title VARCHAR(50), body TEXT, created DATETIME DEFAULT NULL, modified DATETIME DEFAULT NULL ); /* Then insert some posts for testing: */ INSERT INTO posts (title,body,created) VALUES (’The title’, ’This is the post body.’, NOW()); INSERT INTO posts (title,body,created) VALUES (’A title once again’, ’And the post body follows.’, NOW()); INSERT INTO posts (title,body,created) VALUES (’Title strikes back’, ’This is really exciting! Not.’, NOW()); The choices on table and column names are not arbitrary. If you follow Cake’s database naming conven- tions, and Cake’s class naming conventions (both outlined in CakePHP Conventions), you’ll be able to take advantage of a lot of free functionality and avoid configuration. Cake is flexible enough to accommodate even the worst legacy database schema, but adhering to convention will save you time. Check out CakePHP Conventions for more information, but suffice it to say that naming our table ‘posts’ automatically hooks it to our Post model, and having fields called ‘modified’ and ‘created’ will be automag- ically managed by Cake. 4 Chapter 2. Blog Tutorial CakePHP Cookbook Documentation, Release 2.x Cake Database Configuration Onward and upward: let’s tell Cake where our database is and how to connect to it. For many, this is the first and last time you configure anything. A copy of CakePHP’s database configuration file is found in /app/Config/database.php.default. Make a copy of this file in the same directory, but name it database.php. The config file should be pretty straightforward: just replace the values in the $default array with those that apply to your setup. A sample completed configuration array might look something like the following: ’Database/Mysql’, ’persistent’ => false, ’host’ => ’localhost’, ’port’ =>’’, ’login’ => ’cakeBlog’, ’password’ => ’c4k3-rUl3Z’, ’database’ => ’cake_blog_tutorial’, ’schema’ =>’’, ’prefix’ =>’’, ’encoding’ =>’’ ); Once you’ve saved your new database.php file, you should be able to open your browser and see the Cake welcome page. It should also tell you that your database connection file was found, and that Cake can successfully connect to the database. Note: Remember that you’ll need to have PDO, and pdo_mysql enabled in your php.ini. Optional Configuration There are three other items that can be configured. Most developers complete these laundry-list items, but they’re not required for this tutorial. One is defining a custom string (or “salt”) for use in security hashes. The second is defining a custom number (or “seed”) for use in encryption. The third item is allowing CakePHP write access to its tmp folder. The security salt is used for generating hashes. Change the default salt value by editing /app/Config/core.php line 187. It doesn’t much matter what the new value is, as long as it’s not easily guessed: ) and change the ownership of the app/tmp directory to that user. The final command you run (in *nix) might look something like this: $ chown -R www-data app/tmp If for some reason CakePHP can’t write to that directory, you’ll be informed by a warning while not in production mode. A Note on mod_rewrite Occasionally a new user will run into mod_rewrite issues, so I’ll mention them marginally here. If the CakePHP welcome page looks a little funny (no images or css styles), it probably means mod_rewrite isn’t functioning on your system. Here are some tips to help get you up and running: 1. Make sure that an .htaccess override is allowed: in your httpd.conf, you should have a section that defines a section for each Directory on your server. Make sure the AllowOverride is set to All for the correct Directory. For security and performance reasons, do not set AllowOverride to All in . Instead, look for the block that refers to your actual website directory. 2. Make sure you are editing the correct httpd.conf rather than a user- or site-specific httpd.conf. 3. For some reason or another, you might have obtained a copy of CakePHP without the needed .htaccess files. This sometimes happens because some operating systems treat files that start with ‘.’ as hidden, and don’t copy them. Make sure your copy of CakePHP is from the downloads section of the site or our git repository. 4. Make sure Apache is loading up mod_rewrite correctly! You should see something like: LoadModule rewrite_module libexec/httpd/mod_rewrite.so or (for Apache 1.3): AddModule mod_rewrite.c in your httpd.conf. If you don’t want or can’t get mod_rewrite (or some other compatible module) up and running on your server, you’ll need to use Cake’s built in pretty URLs. In /app/Config/core.php, uncomment the line that looks like: 6 Chapter 2. Blog Tutorial CakePHP Cookbook Documentation, Release 2.x Configure::write(’App.baseUrl’, env(’SCRIPT_NAME’)); Also remove these .htaccess files: /.htaccess /app/.htaccess /app/webroot/.htaccess This will make your URLs look like www.example.com/index.php/controllername/actionname/param rather than www.example.com/controllername/actionname/param. If you are installing CakePHP on a webserver besides Apache, you can find instructions for getting URL rewriting working for other servers under the Advanced Installation section. Continue to Blog Tutorial - Adding a layer to start building your first CakePHP application. A Note on mod_rewrite 7 CakePHP Cookbook Documentation, Release 2.x 8 Chapter 2. Blog Tutorial CHAPTER3 Blog Tutorial - Adding a layer Create a Post Model The Model class is the bread and butter of CakePHP applications. By creating a CakePHP model that will interact with our database, we’ll have the foundation in place needed to do our view, add, edit, and delete operations later. CakePHP’s model class files go in /app/Model, and the file we’ll be creating will be saved to /app/Model/Post.php. The completed file should look like this: set(’posts’, $this->Post->find(’all’)); } } Let me explain the action a bit. By defining function index() in our PostsController, users can now access the logic there by requesting www.example.com/posts/index. Similarly, if we were to define a function called foobar(), users would be able to access that at www.example.com/posts/foobar. Warning: You may be tempted to name your controllers and actions a certain way to obtain a certain URL. Resist that temptation. Follow CakePHP conventions (plural controller names, etc.) and create readable, understandable action names. You can map URLs to your code using “routes” covered later on. The single instruction in the action uses set() to pass data from the controller to the view (which we’ll create next). The line sets the view variable called ‘posts’ equal to the return value of the find(’all’) method of the Post model. Our Post model is automatically available at $this->Post because we’ve followed Cake’s naming conventions. To learn more about Cake’s controllers, check out the Controllers chapter. Creating Post Views Now that we have our data flowing to our model, and our application logic and flow defined by our controller, let’s create a view for the index action we created above. Cake views are just presentation-flavored fragments that fit inside an application’s layout. For most applica- tions they’re HTML mixed with PHP, but they may end up as XML, CSV, or even binary data. Layouts are presentation code that is wrapped around a view, and can be defined and switched between, but for now, let’s just use the default. Remember in the last section how we assigned the ‘posts’ variable to the view using the set() method? That would hand down data to the view that would look something like this: 10 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x // print_r($posts) output: Array ( [0] => Array ( [Post] => Array ( [id] => 1 [title] => The title [body] => This is the post body. [created] => 2008-02-13 18:34:55 [modified] => ) ) [1] => Array ( [Post] => Array ( [id] => 2 [title] => A title once again [body] => And the post body follows. [created] => 2008-02-13 18:34:56 [modified] => ) ) [2] => Array ( [Post] => Array ( [id] => 3 [title] => Title strikes back [body] => This is really exciting! Not. [created] => 2008-02-13 18:34:57 [modified] => ) ) ) Cake’s view files are stored in /app/View inside a folder named after the controller they correspond to (we’ll have to create a folder named ‘Posts’ in this case). To format this post data in a nice table, our view code might look something like this:

Blog posts

Creating Post Views 11 CakePHP Cookbook Documentation, Release 2.x
Id Title Created
Html->link($post[’Post’][’title’], array(’controller’ => ’posts’, ’action’ => ’view’, $post[’Post’][’id’])); ?>
Hopefully this should look somewhat simple. You might have noticed the use of an object called $this->Html. This is an instance of the CakePHP HtmlHelper class. CakePHP comes with a set of view helpers that make things like linking, form output, JavaScript and Ajax a snap. You can learn more about how to use them in Helpers, but what’s important to note here is that the link() method will generate an HTML link with the given title (the first parameter) and URL (the second parameter). When specifying URLs in Cake, it is recommended that you use the array format. This is explained in more detail in the section on Routes. Using the array format for URLs allows you to take advantage of CakePHP’s reverse routing capabilities. You can also specify URLs relative to the base of the application in the form of /controller/action/param1/param2. At this point, you should be able to point your browser to http://www.example.com/posts/index. You should see your view, correctly formatted with the title and table listing of the posts. If you happened to have clicked on one of the links we created in this view (that link a post’s title to a URL /posts/view/some_id), you were probably informed by CakePHP that the action hasn’t yet been defined. If you were not so informed, either something has gone wrong, or you actually did define it already, in which case you are very sneaky. Otherwise, we’ll create it in the PostsController now: set(’posts’, $this->Post->find(’all’)); } public function view($id= null){ $this->Post->id= $id; $this->set(’post’, $this->Post->read()); } } The set() call should look familiar. Notice we’re using read() rather than find(’all’) because we only really want a single post’s information. Notice that our view action takes a parameter: the ID of the post we’d like to see. This parameter is handed 12 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x to the action through the requested URL. If a user requests /posts/view/3, then the value ‘3’ is passed as $id. Now let’s create the view for our new ‘view’ action and place it in /app/View/Posts/view.ctp:

Created:

Verify that this is working by trying the links at /posts/index or manually requesting a post by accessing /posts/view/1. Adding Posts Reading from the database and showing us the posts is a great start, but let’s allow for the adding of new posts. First, start by creating an add() action in the PostsController: set(’posts’, $this->Post->find(’all’)); } public function view($id){ $this->Post->id= $id; $this->set(’post’, $this->Post->read()); } public function add() { if ($this->request->is(’post’)) { $this->Post->create(); if ($this->Post->save($this->request->data)) { $this->Session->setFlash(’Your post has been saved.’); $this->redirect(array(’action’ => ’index’)); } else { $this->Session->setFlash(’Unable to add your post.’); } } } } Adding Posts 13 CakePHP Cookbook Documentation, Release 2.x Note: You need to include the SessionComponent - and SessionHelper - in any controller where you will use it. If necessary, include it in your AppController. Here’s what the add() action does: if the HTTP method of the request was POST, try to save the data using the Post model. If for some reason it doesn’t save, just render the view. This gives us a chance to show the user validation errors or other warnings. Every CakePHP request includes a CakeRequest object which is accessible using $this->request. The request object contains useful information regarding the request that was just received, and can be used to control the flow of your application. In this case, we use the CakeRequest::is() method to check that the request is a HTTP POST request. When a user uses a form to POST data to your application, that information is available in $this->request->data. You can use the pr() or debug() functions to print it out if you want to see what it looks like. We use the SessionComponent’s SessionComponent::setFlash() method to set a message to a session variable to be displayed on the page after redirection. In the layout we have SessionHelper::flash which displays the message and clears the corresponding session vari- able. The controller’s Controller::redirect function redirects to another URL. The param array(’action’ => ’index’) translates to URL /posts i.e the index action of posts controller. You can refer to Router::url() function on the API (http://api20.cakephp.org) to see the formats in which you can specify a URL for various Cake functions. Calling the save() method will check for validation errors and abort the save if any occur. We’ll discuss how those errors are handled in the following sections. Data Validation Cake goes a long way in taking the monotony out of form input validation. Everyone hates coding up endless forms and their validation routines. CakePHP makes it easier and faster. To take advantage of the validation features, you’ll need to use Cake’s FormHelper in your views. The FormHelper is available by default to all views at $this->Form. Here’s our add view:

Add Post

Form->create(’Post’); echo $this->Form->input(’title’); echo $this->Form->input(’body’, array(’rows’ => ’3’)); echo $this->Form->end(’Save Post’); ?> Here, we use the FormHelper to generate the opening tag for an HTML form. Here’s the HTML that $this->Form->create() generates: 14 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x
If create() is called with no parameters supplied, it assumes you are building a form that submits to the current controller’s add() action (or edit() action when id is included in the form data), via POST. The $this->Form->input() method is used to create form elements of the same name. The first parameter tells CakePHP which field they correspond to, and the second parameter allows you to specify a wide array of options - in this case, the number of rows for the textarea. There’s a bit of introspection and automagic here: input() will output different form elements based on the model field specified. The $this->Form->end() call generates a submit button and ends the form. If a string is supplied as the first parameter to end(), the FormHelper outputs a submit button named accordingly along with the closing form tag. Again, refer to Helpers for more on helpers. Now let’s go back and update our /app/View/Posts/index.ctp view to include a new “Add Post” link. Before the , add the following line: Html->link(’Add Post’, array(’controller’ => ’posts’, ’action’ => ’add’)); ?> You may be wondering: how do I tell CakePHP about my validation requirements? Validation rules are defined in the model. Let’s look back at our Post model and make a few adjustments: array( ’rule’ => ’notEmpty’ ), ’body’ => array( ’rule’ => ’notEmpty’ ) ); } The $validate array tells CakePHP how to validate your data when the save() method is called. Here, I’ve specified that both the body and title fields must not be empty. CakePHP’s validation engine is strong, with a number of pre-built rules (credit card numbers, email addresses, etc.) and flexibility for adding your own validation rules. For more information on that setup, check the Data Validation. Now that you have your validation rules in place, use the app to try to add a post with an empty title or body to see how it works. Since we’ve used the FormHelper::input() method of the FormHelper to create our form elements, our validation error messages will be shown automatically. Editing Posts Post editing: here we go. You’re a CakePHP pro by now, so you should have picked up a pattern. Make the action, then the view. Here’s what the edit() action of the PostsController would look like: Post->id= $id; Editing Posts 15 CakePHP Cookbook Documentation, Release 2.x if ($this->request->is(’get’)) { $this->request->data= $this->Post->read(); } else { if ($this->Post->save($this->request->data)) { $this->Session->setFlash(’Your post has been updated.’); $this->redirect(array(’action’ => ’index’)); } else { $this->Session->setFlash(’Unable to update your post.’); } } } This action first checks that the request is a GET request. If it is, then we find the Post and hand it to the view. If the user request is not a GET, it probably contains POST data. We’ll use the POST data to update our Post record with, or kick back and show the user the validation errors. The edit view might look something like this:

Edit Post

Form->create(’Post’, array(’action’ => ’edit’)); echo $this->Form->input(’title’); echo $this->Form->input(’body’, array(’rows’ => ’3’)); echo $this->Form->input(’id’, array(’type’ => ’hidden’)); echo $this->Form->end(’Save Post’); This view outputs the edit form (with the values populated), along with any necessary validation error messages. One thing to note here: CakePHP will assume that you are editing a model if the ‘id’ field is present in the data array. If no ‘id’ is present (look back at our add view), Cake will assume that you are inserting a new model when save() is called. You can now update your index view with links to edit specific posts:

Blog posts

Html->link("Add Post", array(’action’ => ’add’)); ?>

16 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x
Id Title Action Created
Html->link($post[’Post’][’title’], array(’action’ => ’view’, $post[’Post’][’id’])); ?> Html->link(’Edit’, array(’action’ => ’edit’, $post[’Post’][’id’])); ?>
Deleting Posts Next, let’s make a way for users to delete posts. Start with a delete() action in the PostsController: request->is(’get’)) { throw new MethodNotAllowedException(); } if ($this->Post->delete($id)) { $this->Session->setFlash(’The post with id: ’. $id. ’ has been deleted.’); $this->redirect(array(’action’ => ’index’)); } } This logic deletes the post specified by $id, and uses $this->Session->setFlash() to show the user a confirmation message after redirecting them on to /posts. If the user attempts to do a delete using a GET request, we throw an Exception. Uncaught exceptions are captured by CakePHP’s exception handler, and a nice error page is displayed. There are many built-in Exceptions that can be used to indicate the various HTTP errors your application might need to generate. Because we’re just executing some logic and redirecting, this action has no view. You might want to update your index view with links that allow users to delete posts, however:

Blog posts

Html->link(’Add Post’, array(’action’ => ’add’)); ?>

Deleting Posts 17 CakePHP Cookbook Documentation, Release 2.x
Id Title Actions Created
Html->link($post[’Post’][’title’], array(’action’ => ’view’, $post[’Post’][’id’])); ?> Form->postLink( ’Delete’, array(’action’ => ’delete’, $post[’Post’][’id’]), array(’confirm’ => ’Are you sure?’)); ?> Html->link(’Edit’, array(’action’ => ’edit’, $post[’Post’][’id’])); ?>
Using postLink() will create a link that uses Javascript to do a POST request deleting our post. Allowing content to be deleted using GET requests is dangerous, as web crawlers could accidentally delete all your content. Note: This view code also uses the FormHelper to prompt the user with a JavaScript confirmation dialog before they attempt to delete a post. Routes For some, CakePHP’s default routing works well enough. Developers who are sensitive to user-friendliness and general search engine compatibility will appreciate the way that CakePHP’s URLs map to specific actions. So we’ll just make a quick change to routes in this tutorial. For more information on advanced routing techniques, see Routes Configuration. By default, CakePHP responds to a request for the root of your site (i.e. http://www.example.com) using its PagesController, rendering a view called “home”. Instead, we’ll replace this with our PostsController by creating a routing rule. Cake’s routing is found in /app/Config/routes.php. You’ll want to comment out or remove the line that defines the default root route. It looks like this: ’pages’, ’action’ => ’display’, ’home’)); This line connects the URL ‘/’ with the default CakePHP home page. We want it to connect with our own controller, so replace that line with this one: 18 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x ’posts’, ’action’ => ’index’)); This should connect users requesting ‘/’ to the index() action of our PostsController. Note: CakePHP also makes use of ‘reverse routing’ - if with the above route defined you pass array(’controller’ => ’posts’, ’action’ => ’index’) to a function expecting an ar- ray, the resultant URL used will be ‘/’. It’s therefore a good idea to always use arrays for URLs as this means your routes define where a URL goes, and also ensures that links point to the same place too. Conclusion Creating applications this way will win you peace, honor, love, and money beyond even your wildest fan- tasies. Simple, isn’t it? Keep in mind that this tutorial was very basic. CakePHP has many more features to offer, and is flexible in ways we didn’t wish to cover here for simplicity’s sake. Use the rest of this manual as a guide for building more feature-rich applications. Now that you’ve created a basic Cake application you’re ready for the real thing. Start your own project, read the rest of the Cookbook and API (http://api20.cakephp.org). If you need help, come see us in #cakephp. Welcome to CakePHP! Suggested Follow-up Reading These are common tasks people learning CakePHP usually want to study next: 1. Layouts: Customizing your website layout 2. Elements Including and reusing view snippets 3. Scaffolding: Prototyping before creating code 4. Code Generation with Bake Generating basic CRUD code 5. Simple Authentication and Authorization Application: User authentication and authorization tutorial Additional Reading A Typical CakePHP Request We’ve covered the basic ingredients in CakePHP, so let’s look at how objects work together to complete a basic request. Continuing with our original request example, let’s imagine that our friend Ricardo just clicked on the “Buy A Custom Cake Now!” link on a CakePHP application’s landing page. Figure: 2. Typical Cake Request. Black = required element, Gray = optional element, Blue = callback Conclusion 19 CakePHP Cookbook Documentation, Release 2.x Figure 3.1: Flow diagram showing a typical CakePHP request 20 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x 1. Ricardo clicks the link pointing to http://www.example.com/cakes/buy, and his browser makes a re- quest to your web server. 2. The Router parses the URL in order to extract the parameters for this request: the controller, action, and any other arguments that will affect the business logic during this request. 3. Using routes, a request URL is mapped to a controller action (a method in a specific controller class). In this case, it’s the buy() method of the CakesController. The controller’s beforeFilter() callback is called before any controller action logic is executed. 4. The controller may use models to gain access to the application’s data. In this example, the controller uses a model to fetch Ricardo’s last purchases from the database. Any applicable model callbacks, behaviors, and DataSources may apply during this operation. While model usage is not required, all CakePHP controllers initially require at least one model. 5. After the model has retrieved the data, it is returned to the controller. Model callbacks may apply. 6. The controller may use components to further refine the data or perform other operations (session manipulation, authentication, or sending emails, for example). 7. Once the controller has used models and components to prepare the data sufficiently, that data is handed to the view using the controller’s set() method. Controller callbacks may be applied before the data is sent. The view logic is performed, which may include the use of elements and/or helpers. By default, the view is rendered inside of a layout. 8. Additional controller callbacks (like afterFilter) may be applied. The complete, rendered view code is sent to Ricardo’s browser. CakePHP Conventions We are big fans of convention over configuration. While it takes a bit of time to learn CakePHP’s con- ventions, you save time in the long run: by following convention, you get free functionality, and you free yourself from the maintenance nightmare of tracking config files. Convention also makes for a very uniform system development, allowing other developers to jump in and help more easily. CakePHP’s conventions have been distilled out of years of web development experience and best practices. While we suggest you use these conventions while developing with CakePHP, we should mention that many of these tenets are easily overridden – something that is especially handy when working with legacy systems. Controller Conventions Controller classnames are plural, CamelCased, and end in Controller. PeopleController and LatestArticlesController are both examples of conventional controller names. The first method you write for a controller might be the index() method. When a request specifies a controller but not an action, the default CakePHP behavior is to execute the index() method of that controller. For example, a request for http://www.example.com/apples/ maps to a call on the index() method of the ApplesController, whereas http://www.example.com/apples/view/ maps to a call on the view() method of the ApplesController. Additional Reading 21 CakePHP Cookbook Documentation, Release 2.x You can also change the visibility of controller methods in CakePHP by prefixing controller method names with underscores. If a controller method has been prefixed with an underscore, the method will not be accessible directly from the web but is available for internal use. For example: _findNewArticles(); } protected function _findNewArticles() { // Logic to find latest news articles } } While the page http://www.example.com/news/latest/ would be accessible to the user as usual, someone trying to get to the page http://www.example.com/news/_findNewArticles/ would get an error, because the method is preceded with an underscore. You can also use PHP’s visibility keywords to indicate whether or not a method can be accessed from a url. Non-public methods cannot be accessed. URL Considerations for Controller Names As you’ve just seen, single word controllers map easily to a simple lower case URL path. For example, ApplesController (which would be defined in the file name ‘ApplesController.php’) is accessed from http://example.com/apples. Multiple word controllers can be any ‘inflected’ form which equals the controller name so: • /redApples • /RedApples • /Red_apples • /red_apples will all resolve to the index of the RedApples controller. However, the convention is that your urls are lowercase and underscored, therefore /red_apples/go_pick is the correct form to access the RedApplesController::go_pick action. For more information on CakePHP URLs and parameter handling, see Routes Configuration. File and Classname Conventions In general, filenames match the classnames, which are CamelCased. So if you have a class MyNiftyClass, then in Cake, the file should be named MyNiftyClass.php. Below are examples of how to name the file for each of the different types of classes you would typically use in a CakePHP application: • The Controller class KissesAndHugsController would be found in a file named KissesAnd- HugsController.php 22 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x • The Component class MyHandyComponent would be found in a file named MyHandyCompo- nent.php • The Model class OptionValue would be found in a file named OptionValue.php • The Behavior class EspeciallyFunkableBehavior would be found in a file named EspeciallyFunk- ableBehavior.php • The View class SuperSimpleView would be found in a file named SuperSimpleView.php • The Helper class BestEverHelper would be found in a file named BestEverHelper.php Each file would be located in the appropriate folder in your app folder. Model and Database Conventions Model classnames are singular and CamelCased. Person, BigPerson, and ReallyBigPerson are all examples of conventional model names. Table names corresponding to CakePHP models are plural and underscored. The underlying tables for the above mentioned models would be people, big_people, and really_big_people, respectively. You can use the utility library Inflector to check the singular/plural of words. See the Inflector for more information. Field names with two or more words are underscored like, first_name. Foreign keys in hasMany, belongsTo or hasOne relationships are recognized by default as the (singular) name of the related table followed by _id. So if a Baker hasMany Cake, the cakes table will refer to the bakers table via a baker_id foreign key. For a multiple worded table like category_types, the foreign key would be category_type_id. Join tables, used in hasAndBelongsToMany (HABTM) relationships between models should be named after the model tables they will join in alphabetical order (apples_zebras rather than zebras_apples). All tables with which CakePHP models interact (with the exception of join tables), require a singular primary key to uniquely identify each row. If you wish to model a table which does not have a single-field primary key, CakePHP’s convention is that a single-field primary key is added to the table. You have to add a single-field primary key if you want to use that table’s model. CakePHP does not support composite primary keys. If you want to directly manipulate your join table data, use direct query calls or add a primary key to act on it as a normal model. E.g.: CREATE TABLE posts_tags ( id INT(10) NOT NULL AUTO_INCREMENT, post_id INT(10) NOT NULL, tag_id INT(10) NOT NULL, PRIMARY KEY(id)); Rather than using an auto-increment key as the primary key, you may also use char(36). Cake will then use a unique 36 character uuid (String::uuid) whenever you save a new record using the Model::save method. Additional Reading 23 CakePHP Cookbook Documentation, Release 2.x View Conventions View template files are named after the controller functions they display, in an underscored form. The getReady() function of the PeopleController class will look for a view template in /app/View/People/get_ready.ctp. The basic pattern is /app/View/Controller/underscored_function_name.ctp. By naming the pieces of your application using CakePHP conventions, you gain functionality without the hassle and maintenance tethers of configuration. Here’s a final example that ties the conventions • Database table: “people” • Model class: “Person”, found at /app/Model/Person.php • Controller class: “PeopleController”, found at /app/Controller/PeopleController.php • View template, found at /app/View/People/index.ctp Using these conventions, CakePHP knows that a request to http://example.com/people/ maps to a call on the index() function of the PeopleController, where the Person model is automatically available (and automati- cally tied to the ‘people’ table in the database), and renders to a file. None of these relationships have been configured by any means other than by creating classes and files that you’d need to create anyway. Now that you’ve been introduced to CakePHP’s fundamentals, you might try a run through the Blog Tutorial to see how things fit together. CakePHP Folder Structure After you’ve downloaded and extracted CakePHP, these are the files and folders you should see: • app • lib • vendors • plugins • .htaccess • index.php • README You’ll notice three main folders: • The app folder will be where you work your magic: it’s where your application’s files will be placed. • The lib folder is where we’ve worked our magic. Make a personal commitment not to edit files in this folder. We can’t help you if you’ve modified the core. • Finally, the vendors folder is where you’ll place third-party PHP libraries you need to use with your CakePHP applications. 24 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x The App Folder CakePHP’s app folder is where you will do most of your application development. Let’s look a little closer at the folders inside of app. Config Holds the (few) configuration files CakePHP uses. Database connection details, bootstrapping, core configuration files and more should be stored here. Controller Contains your application’s controllers and their components. Lib Contains 1st party libraries that do not come from 3rd parties or external vendors. This allows you to separate your organization’s internal libraries from vendor libraries. Locale Stores string files for internationalization. Model Contains your application’s models, behaviors, and datasources. Plugin Contains plugin packages. tmp This is where CakePHP stores temporary data. The actual data it stores depends on how you have CakePHP configured, but this folder is usually used to store model descriptions, logs, and sometimes session information. Make sure that this folder exists and that it is writable, otherwise the performance of your application will be severely impacted. In debug mode, CakePHP will warn you if it is not the case. Vendor Any third-party classes or libraries should be placed here. Doing so makes them easy to access using the App::import(‘vendor’, ‘name’) function. Keen observers will note that this seems redundant, as there is also a vendors folder at the top level of our directory structure. We’ll get into the differences between the two when we discuss managing multiple applications and more complex system setups. View Presentational files are placed here: elements, error pages, helpers, layouts, and view files. webroot In a production setup, this folder should serve as the document root for your application. Folders here also serve as holding places for CSS stylesheets, images, and JavaScript files. CakePHP Structure CakePHP features Controller, Model, and View classes, but it also features some additional classes and objects that make development in MVC a little quicker and more enjoyable. Components, Behaviors, and Helpers are classes that provide extensibility and reusability to quickly add functionality to the base MVC classes in your applications. Right now we’ll stay at a higher level, so look for the details on how to use these tools later on. Application Extensions Controllers, helpers and models each have a parent class you can use to define application- wide changes. AppController (located at /app/Controller/AppController.php), Ap- pHelper (located at /app/View/Helper/AppHelper.php) and AppModel (located at /app/Model/AppModel.php) are great places to put methods you want to share between all controllers, helpers or models. Additional Reading 25 CakePHP Cookbook Documentation, Release 2.x Although they aren’t classes or files, routes play a role in requests made to CakePHP. Route defini- tions tell CakePHP how to map URLs to controller actions. The default behavior assumes that the URL /controller/action/var1/var2 maps to Controller::action($var1, $var2), but you can use routes to customize URLs and how they are interpreted by your application. Some features in an application merit packaging as a whole. A plugin is a package of models, controllers and views that accomplishes a specific purpose that can span multiple applications. A user management system or a simplified blog might be a good fit for CakePHP plugins. Controller Extensions (“Components”) A Component is a class that aids in controller logic. If you have some logic you want to share between controllers (or applications), a component is usually a good fit. As an example, the core EmailComponent class makes creating and sending emails a snap. Rather than writing a controller method in a single controller that performs this logic, you can package the logic so it can be shared. Controllers are also fitted with callbacks. These callbacks are available for your use, just in case you need to insert some logic between CakePHP’s core operations. Callbacks available include: • beforeFilter(), executed before any controller action logic • beforeRender(), executed after controller logic, but before the view is rendered • afterFilter(), executed after all controller logic, including the view render. There may be no difference between afterRender() and afterFilter() unless you’ve manually made a call to render() in your controller action and have included some logic after that call. Model Extensions (“Behaviors”) Similarly, Behaviors work as ways to add common functionality between models. For example, if you store user data in a tree structure, you can specify your User model as behaving like a tree, and gain free functionality for removing, adding, and shifting nodes in your underlying tree structure. Models also are supported by another class called a DataSource. DataSources are an abstraction that enable models to manipulate different types of data consistently. While the main source of data in a CakePHP application is often a database, you might write additional DataSources that allow your models to represent RSS feeds, CSV files, LDAP entries, or iCal events. DataSources allow you to associate records from different sources: rather than being limited to SQL joins, DataSources allow you to tell your LDAP model that it is associated to many iCal events. Just like controllers, models are featured with callbacks as well: • beforeFind() • afterFind() • beforeValidate() • beforeSave() • afterSave() • beforeDelete() 26 Chapter 3. Blog Tutorial - Adding a layer CakePHP Cookbook Documentation, Release 2.x • afterDelete() The names of these methods should be descriptive enough to let you know what they do. You can find the details in the models chapter. View Extensions (“Helpers”) A Helper is a class that aids in view logic. Much like a component used among controllers, helpers allow presentational logic to be accessed and shared between views. One of the core helpers, JsHelper, makes Ajax requests within views much easier and comes with support for jQuery (default), Prototype and Mootools. Most applications have pieces of view code that are used repeatedly. CakePHP facilitates view code reuse with layouts and elements. By default, every view rendered by a controller is placed inside a layout. Ele- ments are used when small snippets of content need to be reused in multiple views. Additional Reading 27 CakePHP Cookbook Documentation, Release 2.x 28 Chapter 3. Blog Tutorial - Adding a layer CHAPTER4 Installation CakePHP is fast and easy to install. The minimum requirements are a webserver and a copy of Cake, that’s it! While this manual focuses primarily on setting up with Apache (because it’s the most common), you can configure Cake to run on a variety of web servers such as LightHTTPD or Microsoft IIS. Requirements • HTTP Server. For example: Apache. mod_rewrite is preferred, but by no means required. • PHP 5.2.8 or greater. Technically a database engine isn’t required, but we imagine that most applications will utilize one. CakePHP supports a variety of database storage engines: • MySQL (4 or greater) • PostgreSQL • Microsoft SQL Server • SQLite Note: The built-in drivers all require PDO. You should make sure you have the correct PDO extensions installed. License CakePHP is licensed under the MIT license. This means that you are free to modify, distribute and republish the source code on the condition that the copyright notices are left intact. You are also free to incorporate CakePHP into any Commercial or closed source application. 29 CakePHP Cookbook Documentation, Release 2.x Downloading CakePHP There are two main ways to get a fresh copy of CakePHP. You can either download an archive copy (zip/tar.gz/tar.bz2) from the main website, or check out the code from the git repository. To download the latest major release of CakePHP. Visit the main website http://www.cakephp.org and follow the “Download Now” link. All current releases of CakePHP are hosted on Github (http://github.com/cakephp/cakephp). Github houses both CakePHP itself as well as many other plugins for CakePHP. The CakePHP releases are available at Github downloads (http://github.com/cakephp/cakephp/downloads). Alternatively you can get fresh off the press code, with all the bug-fixes and up to the minute enhancements. These can be accessed from github by cloning the Github (http://github.com/cakephp/cakephp) repository: git clone git://github.com/cakephp/cakephp.git Permissions CakePHP uses the app/tmp directory for a number of different operations. Model descriptions, cached views, and session information are just a few examples. As such, make sure the directory app/tmp and all its subdirectories in your cake installation are writable by the web server user. Setup Setting up CakePHP can be as simple as slapping it in your web server’s document root, or as complex and flexible as you wish. This section will cover the three main installation types for CakePHP: development, production, and advanced. • Development: easy to get going, URLs for the application include the CakePHP installation directory name, and less secure. • Production: Requires the ability to configure the web server’s document root, clean URLs, very se- cure. • Advanced: With some configuration, allows you to place key CakePHP directories in different parts of the filesystem, possibly sharing a single CakePHP core library folder amongst many CakePHP applications. Development A development installation is the fastest method to setup Cake. This example will help you install a CakePHP application and make it available at http://www.example.com/cake_2_0/. We assume for the pur- poses of this example that your document root is set to /var/www/html. 30 Chapter 4. Installation CakePHP Cookbook Documentation, Release 2.x Unpack the contents of the Cake archive into /var/www/html. You now have a folder in your document root named after the release you’ve downloaded (e.g. cake_2.0.0). Rename this folder to cake_2_0. Your development setup will look like this on the file system: /var/www/html/ cake_2_0/ app/ lib/ plugins/ vendors/ .htaccess index.php README If your web server is configured correctly, you should now find your Cake application accessible at http://www.example.com/cake_2_0/. Using one CakePHP checkout for multiple applications If you are developing a number of applications, it often makes sense to have them share the same CakePHP core checkout. There are a few ways in which you can accomplish this. Often the easiest is to use PHP’s include_path. To start off, clone CakePHP into a directory. For this example, we’ll use ~/projects: git clone git://github.com/cakephp/cakephp.git ~/projects/cakephp This will clone CakePHP into your ~/projects directory. If you don’t want to use git, you can download a zipball and the remaining steps will be the same. Next you’ll have to locate and modify your php.ini. On *nix systems this is often in /etc/php.ini, but using php -i and looking for ‘Loaded Configu- ration File’. Once you’ve found the correct ini file, modify the include_path configuration to include ~/projects/cakephp/lib. An example would look like: include_path = .:/home/mark/projects/cakephp/lib:/usr/local/php/lib/php After restarting your webserver, you should see the changes reflected in phpinfo(). Note: If you are on windows, separate include paths with ; instead of : Having finished setting up your include_path your applications should be able to find CakePHP auto- matically. Production A production installation is a more flexible way to setup Cake. Using this method allows an entire domain to act as a single CakePHP application. This example will help you install Cake anywhere on your filesystem and make it available at http://www.example.com. Note that this installation may require the rights to change the DocumentRoot on Apache webservers. Production 31 CakePHP Cookbook Documentation, Release 2.x Unpack the contents of the Cake archive into a directory of your choosing. For the purposes of this example, we assume you choose to install Cake into /cake_install. Your production setup will look like this on the filesystem: /cake_install/ app/ webroot/ (this directory is set as the ‘‘DocumentRoot‘‘ directive) lib/ plugins/ vendors/ .htaccess index.php README Developers using Apache should set the DocumentRoot directive for the domain to: DocumentRoot /cake_install/app/webroot If your web server is configured correctly, you should now find your Cake application accessible at http://www.example.com. Advanced Installation and server specific configuration Advanced Installation There may be some situations where you wish to place CakePHP’s directories on different places on the filesystem. This may be due to a shared host restriction, or maybe you just want a few of your apps to share the same Cake libraries. This section describes how to spread your CakePHP directories across a filesystem. First, realize that there are three main parts to a Cake application: 1. The core CakePHP libraries, in /lib/Cake. 2. Your application code, in /app. 3. The application’s webroot, usually in /app/webroot. Each of these directories can be located anywhere on your file system, with the exception of the webroot, which needs to be accessible by your web server. You can even move the webroot folder out of the app folder as long as you tell Cake where you’ve put it. To configure your Cake installation, you’ll need to make some changes to the following files. • /app/webroot/index.php • /app/webroot/test.php (if you use the Testing feature.) There are three constants that you’ll need to edit: ROOT, APP_DIR, and CAKE_CORE_INCLUDE_PATH. • ROOT should be set to the path of the directory that contains your app folder. • APP_DIR should be set to the (base)name of your app folder. • CAKE_CORE_INCLUDE_PATH should be set to the path of your CakePHP libraries folder. 32 Chapter 4. Installation CakePHP Cookbook Documentation, Release 2.x Let’s run through an example so you can see what an advanced installation might look like in practice. Imagine that I wanted to set up CakePHP to work as follows: • The CakePHP core libraries will be placed in /usr/lib/cake. • My application’s webroot directory will be /var/www/mysite/. • My application’s app directory will be /home/me/myapp. Given this type of setup, I would need to edit my webroot/index.php file (which will end up at /var/www/mysite/index.php, in this example) to look like the following: Options FollowSymLinks AllowOverride All # Order deny,allow # Deny from all Advanced Installation and server specific configuration 33 CakePHP Cookbook Documentation, Release 2.x 2. Make sure you are loading up mod_rewrite correctly. You should see something like: LoadModule rewrite_module libexec/apache2/mod_rewrite.so In many systems these will be commented out (by being prepended with a #) by default, so you may just need to remove those leading # symbols. After you make changes, restart Apache to make sure the settings are active. Verify that you your .htaccess files are actually in the right directories. This can happen during copying because some operating systems treat files that start with ‘.’ as hidden and therefore won’t see them to copy. 3. Make sure your copy of CakePHP is from the downloads section of the site or our GIT repository, and has been unpacked correctly by checking for .htaccess files. Cake root directory (needs to be copied to your document, this redirects everything to your Cake app): RewriteEngine on RewriteRule ^$ app/webroot/ [L] RewriteRule (.*) app/webroot/$1 [L] Cake app directory (will be copied to the top directory of your application by bake): RewriteEngine on RewriteRule ^$ webroot/ [L] RewriteRule (.*) webroot/$1 [L] Cake webroot directory (will be copied to your application’s web root by bake): RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php [QSA,L] If your CakePHP site still has problems with mod_rewrite you might want to try and modify settings for virtualhosts. If on ubuntu, edit the file /etc/apache2/sites-available/default (location is distribu- tion dependent). In this file, ensure that AllowOverride None is changed to AllowOverride All, so you have: Options FollowSymLinks AllowOverride All Options Indexes FollowSymLinks MultiViews AllowOverride All Order Allow,Deny 34 Chapter 4. Installation CakePHP Cookbook Documentation, Release 2.x Allow from all If on Mac OSX, another solution is to use the tool virtualhostx to make a virtual host to point to your folder. For many hosting services (GoDaddy, 1and1), your web server is actually being served from a user directory that already uses mod_rewrite. If you are installing CakePHP into a user direc- tory (http://example.com/~username/cakephp/), or any other URL structure that already utilizes mod_rewrite, you’ll need to add RewriteBase statements to the .htaccess files CakePHP uses (/.htac- cess, /app/.htaccess, /app/webroot/.htaccess). This can be added to the same section with the RewriteEngine directive, so for example your webroot .htaccess file would look like: RewriteEngine On RewriteBase /path/to/cake/app RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ index.php [QSA,L] The details of those changes will depend on your setup, and can include additional things that are not Cake related. Please refer to Apache’s online documentation for more information. Pretty URLs on nginx nginx is a popular server that uses less system resources than Apache. Its drawback is that it does not make use of .htaccess files like Apache, so it is necessary to create those rewritten URLs in the site-available configuration. Depending upon your setup, you will have to modify this, but at the very least, you will need PHP running as a FastCGI instance. server { listen 80; server_name www.example.com; rewrite ^(.*) http://example.com$1 permanent; } server { listen 80; server_name example.com; # root directive should be global root /var/www/example.com/public/app/webroot/; access_log /var/www/example.com/log/access.log; error_log /var/www/example.com/log/error.log; location / { index index.php index.html index.htm; try_files $uri $uri/ /index.php?$uri&$args; Advanced Installation and server specific configuration 35 CakePHP Cookbook Documentation, Release 2.x } location ~ \.php$ { include /etc/nginx/fcgi.conf; fastcgi_pass 127.0.0.1:10005; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } } URL Rewrites on IIS7 (Windows hosts) IIS7 does not natively support .htaccess files. While there are add-ons that can add this support, you can also import htaccess rules into IIS to use CakePHP’s native rewrites. To do this, follow these steps: 1. Use Microsoft’s Web Platform Installer to install the URL Rewrite Module 2.0. 2. Create a new file in your CakePHP folder, called web.config. 3. Using Notepad or another XML-safe editor, copy the following code into your new web.config file... 36 Chapter 4. Installation CakePHP Cookbook Documentation, Release 2.x It is also possible to use the Import functionality in IIS’s URL Rewrite module to import rules directly from CakePHP’s .htaccess files in root, /app/, and /app/webroot/ - although some editing within IIS may be necessary to get these to work. When Importing the rules this way, IIS will automatically create your web.config file for you. Once the web.config file is created with the correct IIS-friendly rewrite rules, CakePHP’s links, css, js, and rerouting should work correctly. Fire It Up Alright, let’s see CakePHP in action. Depending on which setup you used, you should point your browser to http://example.com/ or http://example.com/cake_install/. At this point, you’ll be presented with CakePHP’s default home, and a message that tells you the status of your current database connection. Congratulations! You are ready to create your first CakePHP application. Not working? If you’re getting timezone related error from PHP uncomment one line in app/Config/core.php: request property. See the section on CakeRequest for more information on the CakePHP request object. Controller actions Controller actions are responsible for converting the request parameters into a response for the browser/user making the request. CakePHP uses conventions to automate this process and remove some boiler-plate code you would otherwise need to write. By convention CakePHP renders a view with an inflected version of the action name. Returning to our online bakery example, our RecipesController might contain the view(), share(), and search() actions. The controller would be found in /app/Controller/RecipesController.php and contain: Recipe->popular(); if (!empty($this->request->params[’requested’])) { return $popular; } $this->set(’popular’, $popular); } } The above controller action is an example of how a method can be used with requestAction() and normal requests. Returning an array data to a non-requestAction request will cause errors and should be avoided. See the section on Controller::requestAction() for more tips on using requestAction() In order for you to use a controller effectively in your own application, we’ll cover some of the core attributes and methods provided by CakePHP’s controllers. Request Life-cycle callbacks class Controller Request Life-cycle callbacks 47 CakePHP Cookbook Documentation, Release 2.x CakePHP controllers come fitted with callbacks you can use to insert logic around the request life-cycle: Controller::beforeFilter() This function is executed before every action in the controller. It’s a handy place to check for an active session or inspect user permissions. Note: The beforeFilter() method will be called for missing actions, and scaffolded actions. Controller::beforeRender() Called after controller action logic, but before the view is rendered. This callback is not used often, but may be needed if you are calling render() manually before the end of a given action. Controller::afterFilter() Called after every controller action, and after rendering is complete. This is the last controller method to run. In addition to controller life-cycle callbacks, Components also provide a similar set of callbacks. Controller Methods For a complete list of controller methods and their descriptions visit the CakePHP API. Check out http://api20.cakephp.org/class/controller. Interacting with Views Controllers interact with the view in a number of ways. First they are able to pass data to the views, using set(). You can also decide which view class to use, and which view file should be rendered from the controller. Controller::set(string $var, mixed $value) The set() method is the main way to send data from your controller to your view. Once you’ve used set(), the variable can be accessed in your view: set(’color’, ’pink’); // Then, in the view, you can utilize the data: ?> You have selected icing for the cake. The set() method also takes an associative array as its first parameter. This can often be a quick way to assign a set of information to the view. Changed in version 1.3: Array keys will no longer be inflected before they are assigned to the view (‘underscored_key’ does not become ‘underscoredKey’ anymore, etc.): 48 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x ’pink’, ’type’ => ’sugar’, ’base_price’ => 23.95 ); // make $color, $type, and $base_price // available to the view: $this->set($data); The attribute $pageTitle no longer exists, use set() to set the title: set(’title_for_layout’, ’This is the page title’); Controller::render(string $action, string $layout, string $file) The render() method is automatically called at the end of each requested controller action. This method performs all the view logic (using the data you’ve given in using the set() method), places the view inside its layout and serves it back to the end user. The default view file used by render is determined by convention. If the search() action of the RecipesController is requested, the view file in /app/View/Recipes/search.ctp will be rendered: render(); } // ... } Although CakePHP will automatically call it (unless you’ve set $this->autoRender to false) after every action’s logic, you can use it to specify an alternate view file by specifying an action name in the controller using $action. If $action starts with ‘/’ it is assumed to be a view or element file relative to the /app/View folder. This allows direct rendering of elements, very useful in ajax calls. render(’/Elements/ajaxreturn’); You can also specify an alternate view or element file using the third parameter, $file. The $layout parameter allows you to specify the layout the view is rendered in. Controller Methods 49 CakePHP Cookbook Documentation, Release 2.x Rendering a specific view In your controller you may want to render a different view than what would conventionally be done. You can do this by calling render() directly. Once you have called render() CakePHP will not try to re-render the view: render(’custom_file’); } } This would render app/View/Posts/custom_file.ctp instead of app/View/Posts/my_action.ctp Flow Control Controller::redirect(mixed $url, integer $status, boolean $exit) The flow control method you’ll use most often is redirect(). This method takes its first parameter in the form of a CakePHP-relative URL. When a user has successfully placed an order, you might wish to redirect them to a receipt screen.: redirect(array(’controller’ => ’orders’, ’action’ => ’thanks’)); } else { $this->redirect(array(’controller’ => ’orders’, ’action’ => ’confirm’)); } } You can also use a relative or absolute URL as the $url argument: redirect(’/orders/thanks’)); $this->redirect(’http://www.example.com’); You can also pass data to the action: redirect(array(’action’ => ’edit’, $id)); The second parameter of redirect() allows you to define an HTTP status code to accompany the redirect. You may want to use 301 (moved permanently) or 303 (see other), depending on the nature of the redirect. The method will issue an exit() after the redirect unless you set the third parameter to false. If you need to redirect to the referer page you can use: 50 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x redirect($this->referer()); The method also supports name based parameters. If you want to redirect to a URL like: http://www.example.com/orders/confirm/product:pizza/quantity:5 you can use: redirect(array(’controller’ => ’orders’, ’action’ => ’confirm’, ’product’ => ’pizza’, ’quantity’ =>5)); Controller::flash(string $message, string $url, integer $pause, string $layout) Like redirect(), the flash() method is used to direct a user to a new page after an operation. The flash() method is different in that it shows a message before passing the user on to another URL. The first parameter should hold the message to be displayed, and the second parameter is a CakePHP- relative URL. CakePHP will display the $message for $pause seconds before forwarding the user on. If there’s a particular template you’d like your flashed message to use, you may specify the name of that layout in the $layout parameter. For in-page flash messages, be sure to check out SessionComponent’s setFlash() method. Callbacks In addition to the Request Life-cycle callbacks. CakePHP also supports callbacks related to scaffolding. Controller::beforeScaffold($method) $method name of method called example index, edit, etc. Controller::afterScaffoldSave($method) $method name of method called either edit or update. Controller::afterScaffoldSaveError($method) $method name of method called either edit or update. Controller::scaffoldError($method) $method name of method called example index, edit, etc. Other Useful Methods Controller::constructClasses() This method loads the models required by the controller. This loading process is done by CakePHP normally, but this method is handy to have when accessing controllers from a different perspective. If you need CakePHP in a command-line script or some other outside use, constructClasses() may come in handy. Controller::referer(mixed $default = null, boolean $local = false) Returns the referring URL for the current request. Parameter $default can be used to supply a default URL to use if HTTP_REFERER cannot be read from headers. So, instead of doing this: Controller Methods 51 CakePHP Cookbook Documentation, Release 2.x referer() != ’/’){ $this->redirect($this->referer()); } else { $this->redirect(array(’action’ => ’index’)); } } } you can do this: redirect($this->referer(array(’action’ => ’index’))); } } If $default is not set, the function defaults to the root of your domain - ‘/’. Parameter $local if set to true, restricts referring URLs to local server. Controller::disableCache() Used to tell the user’s browser not to cache the results of the current request. This is different than view caching, covered in a later chapter. The headers sent to this effect are: Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: [current datetime] GMT Cache-Control: no-store, no-cache, must-revalidate Cache-Control: post-check=0, pre-check=0 Pragma: no-cache Controller::postConditions(array $data, mixed $op, string $bool, boolean $exclusive) Use this method to turn a set of POSTed model data (from HtmlHelper-compatible inputs) into a set of find conditions for a model. This function offers a quick shortcut on building search logic. For example, an administrative user may want to be able to search orders in order to know which items need to be shipped. You can use CakePHP’s FormHelper and HtmlHelper to create a quick form based on the Order model. Then a controller action can use the data posted from that form to craft find conditions: postConditions($this->request->data); $orders= $this->Order->find(’all’, compact(’conditions’)); $this->set(’orders’, $orders); } If $this->request->data[’Order’][’destination’] equals “Old Towne Bakery”, 52 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x postConditions converts that condition to an array compatible for use in a Model->find() method. In this case, array(’Order.destination’ => ’Old Towne Bakery’). If you want to use a different SQL operator between terms, supply them using the second parameter: request->data array( ’Order’ => array( ’num_items’ => ’4’, ’referrer’ => ’Ye Olde’ ) ) */ // Let’s get orders that have at least 4 items and contain ’Ye Olde’ $conditions= $this->postConditions( $this->request->data, array( ’num_items’ => ’>=’, ’referrer’ => ’LIKE’ ) ); $orders= $this->Order->find(’all’, compact(’conditions’)); The third parameter allows you to tell CakePHP what SQL boolean operator to use between the find conditions. Strings like ‘AND’, ‘OR’ and ‘XOR’ are all valid values. Finally, if the last parameter is set to true, and the $op parameter is an array, fields not included in $op will not be included in the returned conditions. Controller::paginate() This method is used for paginating results fetched by your models. You can specify page sizes, model find conditions and more. See the pagination section for more details on how to use paginate. Controller::requestAction(string $url, array $options) This function calls a controller’s action from any location and returns data from the action. The $url passed is a CakePHP-relative URL (/controllername/actionname/params). To pass extra data to the receiving controller action add to the $options array. Note: You can use requestAction() to retrieve a fully rendered view by passing ‘return’ in the options: requestAction($url, array(’return’));. It is important to note that making a requestAction using ‘return’ from a controller method can cause script and css tags to not work correctly. Warning: If used without caching requestAction can lead to poor performance. It is rarely appropriate to use in a controller or model. requestAction is best used in conjunction with (cached) elements – as a way to fetch data for an element before rendering. Let’s use the example of putting a “latest comments” element in the layout. Controller Methods 53 CakePHP Cookbook Documentation, Release 2.x First we need to create a controller function that will return the data: request->params[’requested’])) { throw new ForbiddenException(); } return $this->Comment->find(’all’, array(’order’ => ’Comment.created DESC’, ’limit’ => 10)); } } You should always include checks to make sure your requestAction methods are actually originating from requestAction. Failing to do so will allow requestAction methods to be directly accessible from a URL, which is generally undesirable. If we now create a simple element to call that function: requestAction(’/comments/latest’); foreach ($comments as $comment){ echo $comment[’Comment’][’title’]; } We can then place that element anywhere to get the output using: element(’latest_comments’); Written in this way, whenever the element is rendered, a request will be made to the controller to get the data, the data will be processed, and returned. However in accordance with the warning above it’s best to make use of element caching to prevent needless processing. By modifying the call to element to look like this: element(’latest_comments’, array(’cache’ => ’+1 hour’)); The requestAction call will not be made while the cached element view file exists and is valid. In addition, requestAction now takes array based cake style urls: requestAction( array(’controller’ => ’articles’, ’action’ => ’featured’), array(’return’) ); This allows the requestAction call to bypass the usage of Router::url which can increase performance. The url based arrays are the same as the ones that HtmlHelper::link() uses with one difference - if you are using named or passed parameters, you must put them in a second array and wrap them with the correct key. This is because requestAction merges the named args array (requestAction’s 2nd parameter) with the Controller::params member array and does not explicitly place the named args 54 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x array into the key ‘named’; Additional members in the $option array will also be made available in the requested action’s Controller::params array: requestAction(’/articles/featured/limit:3’); echo $this->requestAction(’/articles/view/5’); As an array in the requestAction would then be: requestAction( array(’controller’ => ’articles’, ’action’ => ’featured’), array(’named’ => array(’limit’ =>3)) ); echo $this->requestAction( array(’controller’ => ’articles’, ’action’ => ’view’), array(’pass’ => array(5)) ); Note: Unlike other places where array urls are analogous to string urls, requestAction treats them differently. When using an array url in conjunction with requestAction() you must specify all parameters that you will need in the requested action. This includes parameters like $this->request->data. In addition to passing all required parameters, named and pass parameters must be done in the second array as seen above. Controller::loadModel(string $modelClass, mixed $id) The loadModel function comes handy when you need to use a model which is not the controller’s default model or its associated model: loadModel(’Article’); $recentArticles= $this->Article->find(’all’, array(’limit’ =>5, ’order’ => ’Article.created DESC’)); $this->loadModel(’User’,2); $user= $this->User->read(); Controller Attributes For a complete list of controller attributes and their descriptions visit the CakePHP API. Check out http://api20.cakephp.org/class/controller. property Controller::$name The $name attribute should be set to the name of the controller. Usually this is just the plural form of the primary model the controller uses. This property is not required, but saves CakePHP from inflecting it: Controller Attributes 55 CakePHP Cookbook Documentation, Release 2.x ModelName, for example) and those given by $helpers to the view as an object reference variable ($this->{$helpername}). Note: Each controller has some of these classes available by default, so you may not need to configure your controller at all. property Controller::$uses Controllers have access to their primary model available by default. Our RecipesController will have the Recipe model class available at $this->Recipe, and our ProductsController also features the Product model at $this->Product. However, when allowing a controller to access additional models through the $uses variable, the name of the current controller’s model must also be included. This is illustrated in the example below. If you do not wish to use a Model in your controller, set public $uses = array(). This will allow you to use a controller without a need for a corresponding Model file. However, the models defined in the AppController will still be loaded. You can also use false to not load any models at all. Even those defined in the AppController Changed in version 2.1: Uses now has a new default value, it also handles false differently. property Controller::$helpers The Html, Form, and Session Helpers are available by default, as is the SessionComponent. But if you choose to define your own $helpers array in AppController, make sure to include Html and Form if you want them still available by default in your Controllers. To learn more about these classes, be sure to check out their respective sections later in this manual. Let’s look at how to tell a CakePHP controller that you plan to use additional MVC classes: request, and is available in Controller, Views and Helpers. You can also access it in Components by using the controller reference. Some of the duties CakeRequest performs include: • Process the GET, POST, and FILES arrays into the data structures you are familiar with. • Provide environment introspection pertaining to the request. Things like the headers sent, the client’s IP address, and the subdomain/domain information about the application the server is running on. • Provide access to request parameters both as array indices and object properties. Accessing request parameters CakeRequest exposes several interfaces for accessing request parameters. The first is as object properties, the second is array indexes, and the third is through $this->request->params: request->controller; $this->request[’controller’]; $this->request->params[’controller’]; All of the above will both access the same value. Multiple ways of accessing the parameters was done to ease migration for existing applications. All Route elements are accessed through this interface. More on controllers 57 CakePHP Cookbook Documentation, Release 2.x In addition to Route elements you also often need access to Passed arguments and Named parameters. These are both available on the request object as well: request->pass; $this->request[’pass’]; $this->request->params[’pass’]; // named parameters $this->request->named; $this->request[’named’]; $this->request->params[’named’]; Will all provide you access to the passed arguments and named parameters. There are several impor- tant/useful parameters that CakePHP uses internally, these are also all found in the request parameters: • plugin The plugin handling the request, will be null for no plugin. • controller The controller handling the current request. • action The action handling the current request. • prefix The prefix for the current action. See Prefix Routing for more information. • bare Present when the request came from requestAction() and included the bare option. Bare re- quests do not have layouts rendered. • requested Present and set to true when the action came from requestAction. Accessing Querystring parameters Querystring parameters can be read from using CakeRequest::$query: request->query[’page’]; // You can also access it via array access $this->request[’url’][’page’]; // BC accessor, will be deprecated in future versions You can either directly access the query property, or you can use CakeRequest::query() to read the url query array in an error free manner. Any keys that do not exist will return null: request->query(’value_that_does_not_exist’); // $foo === null Accessing POST data All POST data can be accessed using CakeRequest::$data. Any form data that contains a data prefix, will have that data prefix removed. For example: 58 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x request->data[’MyModel’][’title’]; You can either directly access the data property, or you can use CakeRequest::data() to read the data array in an error free manner. Any keys that do not exist will return null: request->data(’Value.that.does.not.exist’); // $foo == null Accessing PUT or POST data New in version 2.2. When building REST services you often accept request data on PUT and DELETE re- quests. As of 2.2 any application/x-www-form-urlencoded request body data will automatically be parsed and set to $this->data for PUT and DELETE requests. If you are accepting JSON or XML data, see below for how you can access those request bodies. Accessing XML or JSON data Applications employing REST often exchange data in non URL encoded post bodies. You can read input data in any format using CakeRequest::input(). By providing a decoding function you can receive the content in a deserialized format: request->input(’json_decode’); Since some deserializing methods require additional parameters when being called, such as the ‘as array’ parameter on json_decode or if you want XML converted into a DOMDocument object, CakeRequest::input() supports passing in additional parameters as well: request->input(’Xml::build’, array(’return’ => ’domdocument’)); Accessing path information CakeRequest also provides useful information about the paths in your application. CakeRequest::$base and CakeRequest::$webroot are useful for generating urls, and determining whether or not your application is in a subdirectory. Inspecting the request Detecting various request conditions used to require using RequestHandlerComponent. These meth- ods have been moved to CakeRequest, and offer a new interface alongside a more backwards compatible usage: More on controllers 59 CakePHP Cookbook Documentation, Release 2.x request->is(’post’); $this->request->isPost(); Both method calls will return the same value. For the time being the methods are still available on Re- questHandler, but are deprecated and still might be removed before the final release. You can also easily extend the request detectors that are available, by using CakeRequest::addDetector() to create new kinds of detectors. There are four different types of detectors that you can create: • Environment value comparison - An environment value comparison, compares a value fetched from env() to a known value the environment value is equality checked against the provided value. • Pattern value comparison - Pattern value comparison allows you to compare a value fetched from env() to a regular expression. • Option based comparison - Option based comparisons use a list of options to create a regular expres- sion. Subsequent calls to add an already defined options detector will merge the options. • Callback detectors - Callback detectors allow you to provide a ‘callback’ type to handle the check. The callback will receive the request object as its only parameter. Some examples would be: request->addDetector(’post’, array(’env’ => ’REQUEST_METHOD’, ’value’ => ’POST’)); // Add a pattern value detector. $this->request->addDetector(’iphone’, array(’env’ => ’HTTP_USER_AGENT’, ’pattern’ => ’/iPhone/i’)); // Add an option detector $this->request->addDetector(’internalIp’, array( ’env’ => ’CLIENT_IP’, ’options’ => array(’192.168.0.101’, ’192.168.0.100’) )); // Add a callback detector. Can either be an anonymous function or a regular callable. $this->request->addDetector(’awesome’, array(’callback’ => function ($request){ return isset($request->awesome); })); CakeRequest also includes methods like CakeRequest::domain(), CakeRequest::subdomains() and CakeRequest::host() to help applications with sub- domains, have a slightly easier life. There are several built-in detectors that you can use: • is(’get’) Check to see if the current request is a GET. • is(’put’) Check to see if the current request is a PUT. • is(’post’) Check to see if the current request is a POST. • is(’delete’) Check to see if the current request is a DELETE. • is(’head’) Check to see if the current request is HEAD. 60 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x • is(’options’) Check to see if the current request is OPTIONS. • is(’ajax’) Check to see of the current request came with X-Requested-with = XmlHttpRequest. • is(’ssl’) Check to see if the request is via SSL • is(’flash’) Check to see if the request has a User-Agent of Flash • is(’mobile’) Check to see if the request came from a common list of mobile agents. CakeRequest and RequestHandlerComponent Since many of the features CakeRequest offers used to be the realm of RequestHandlerComponent some rethinking was required to figure out how it still fits into the picture. For 2.0, RequestHandlerComponent acts as a sugar daddy. Providing a layer of sugar on top of the utility CakeRequest affords. Sugar like switching layout and views based on content types or ajax is the domain of RequestHandlerComponent. This separation of utility and sugar between the two classes lets you more easily pick and choose what you want and what you need. Interacting with other aspects of the request You can use CakeRequest to introspect a variety of things about the request. Beyond the detectors, you can also find out other information from various properties and methods. • $this->request->webroot contains the webroot directory. • $this->request->base contains the base path. • $this->request->here contains the full address to the current request • $this->request->query contains the query string parameters. CakeRequest API class CakeRequest CakeRequest encapsulates request parameter handling, and introspection. CakeRequest::domain($tldLength = 1) Returns the domain name your application is running on. CakeRequest::subdomains($tldLength = 1) Returns the subdomains your application is running on as an array. CakeRequest::host() Returns the host your application is on. CakeRequest::method() Returns the HTTP method the request was made with. CakeRequest::onlyAllow($methods) Set allowed HTTP methods, if not matched will throw MethodNotAllowexException The 405 re- sponse will include the required ‘Allow’ header with the passed methods New in version 2.3. More on controllers 61 CakePHP Cookbook Documentation, Release 2.x CakeRequest::referer($local = false) Returns the referring address for the request. CakeRequest::clientIp($safe = true) Returns the current visitor’s IP address. CakeRequest::header($name) Allows you to access any of the HTTP_* headers that were used for the request: request->header(’User-Agent’); Would return the user agent used for the request. CakeRequest::input($callback[, $options]) Retrieve the input data for a request, and optionally pass it through a decoding function. Additional parameters for the decoding function can be passed as arguments to input(). CakeRequest::data($name) Provides dot notation access to request data. Allows for reading and modification of request data, calls can be chained together as well: request->data(’Post.title’, ’New post’) ->data(’Comment.1.author’, ’Mark’); // You can also read out data. $value= $this->request->data(’Post.title’); CakeRequest::query($name) Provides dot notation access to url query data: request->query(’page’); New in version 2.3. CakeRequest::is($type) Check whether or not a Request matches a certain criteria. Uses the built-in detection rules as well as any additional rules defined with CakeRequest::addDetector(). CakeRequest::addDetector($name, $options) Add a detector to be used with is(). See Inspecting the request for more information. CakeRequest::accepts($type = null) Find out which content types the client accepts or check if they accept a particular type of content. Get all types: request->accepts(); Check for a single type: 62 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x request->accepts(’application/json’); static CakeRequest::acceptLanguage($language = null) Get either all the languages accepted by the client, or check if a specific language is accepted. Get the list of accepted languages: response in your controllers. Over- riding the response object is handy during testing, as it allows you to stub out the methods that interact with header(). See the section on CakeResponse and testing for more information. Dealing with content types You can control the Content-Type of your application’s responses with using CakeResponse::type(). If your application needs to deal with content types that are not built into CakeResponse, you can map those types with type() as well: response->type(array(’vcf’ => ’text/v-card’)); // Set the response Content-Type to vcard. $this->response->type(’vcf’); Usually you’ll want to map additional content types in your controller’s beforeFilter callback, so you can leverage the automatic view switching features of RequestHandlerComponent if you are using it. Sending files There are times when you want to send files as responses for your requests. Prior to version 2.3 you could use Media Views to accomplish that. As of 2.3 MediaView is deprecated and you can use CakeResponse::file() to send a file as response: Attachment->getFile($id); $this->response->file($file[’path’]); } As shown in above example as expected you have to pass the file path to the method. Cake will send proper content type header if it’s a known file type listed in CakeReponse::$_mimeTypes. You can add new types prior to calling CakeResponse::file() by using the CakeResponse::type() method. If you want you can also force a file to be downloaded instead of being displayed in the browser by specifying the options: response->file($file[’path’], array(’download’ => true, ’name’ => ’foo’)); 64 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x Setting headers Setting headers is done with the CakeResponse::header() method. It can be called with a few different parameter configurations: response->header(’Location’, ’http://example.com’); // Set multiple headers $this->response->header(array(’Location’ => ’http://example.com’, ’X-Extra’ => ’My header’)); $this->response->header(array(’WWW-Authenticate: Negotiate’, ’Content-type: application/pdf’)); Setting the same header multiple times will result in overwriting the previous values, just like regular header calls. Headers are not sent when CakeResponse::header() is called either. They are just buffered until the response is actually sent. Interacting with browser caching You sometimes need to force browsers to not cache the results of a controller action. CakeResponse::disableCache() is intended for just that: response->disableCache(); } Warning: Using disableCache() with downloads from SSL domains while trying to send files to Internet Explorer can result in errors. You can also tell clients that you want them to cache responses. By using CakeResponse::cache(): response->cache(’-1 minute’, ’+5 days’); } The above would tell clients to cache the resulting response for 5 days, hopefully speeding up your visitors’ experience. cache() sets the Last-Modified value to the first argument. Expires, and Max-age are set based on the second parameter. Cache-Control is set to public as well. Fine tuning HTTP cache One of the best and easiest ways of speeding up your application is using HTTP cache. Under this caching model you are only required to help clients decide if they should use a cached copy of the response by setting a few headers such as modified time, response entity tag and others. More on controllers 65 CakePHP Cookbook Documentation, Release 2.x Opposed to having to code the logic for caching and for invalidating (refreshing) it once the data has changed, HTTP uses two models, expiration and validation which usually are a lot simpler than having to manage the cache yourself. Apart from using CakeResponse::cache() you can also use many other methods to fine tune HTTP cache headers to take advantage of browser or reverse proxy caching. The Cache Control header New in version 2.1. Used under the expiration model, this header contains multiple indicators which can change the way browsers or proxies use the cached content. A Cache-Control header can look like this: Cache-Control: private, max-age=3600, must-revalidate CakeResponse class helps you set this header with some utility methods that will produce a final valid Cache-Control header. First of them is CakeResponse::sharable() method, which indicates whether a response in to be considered sharable across different users or clients or users. This method actu- ally controls the public or private part of this header. Setting a response as private indicates that all or part of it is intended for a single user. To take advantage of shared caches it is needed to set the control directive as public Second parameter of this method is used to specify a max-age for the cache, which is the number of seconds after which the response is no longer considered fresh.: response->sharable(true, 3600); } public function my_data() { ... // set the Cache-Control as private for 3600 seconds $this->response->sharable(false, 3600); } CakeResponse exposes separate methods for setting each of the components in the Cache-Control header. The Expiration header New in version 2.1. Also under the cache expiration model, you can set the Expires header, which according to the HTTP specification is the date/time after which the response is no longer considered fresh. This header can be set using the CakeResponse::expires() method: response->expires(’+5 days’); } This method also accepts a DateTime or any string that can be parsed by the DateTime class. 66 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x The Etag header New in version 2.1. Cache validation in HTTP is often used when content is constantly changing, and asks the application to only generate the response contents if the cache is no longer fresh. Under this model, the client continues to store pages in the cache, but instead of using it directly, it asks the application every time whether the resources changed or not. This is commonly used with static resources such as images and other assets. The Etag header (called entity tag) is string that uniquely identifies the requested resource. It is very much like the checksum of a file, caching will compare checksums to tell whether they match or not. To actually get advantage of using this header you have to either call manually CakeResponse::checkNotModified() method or have the RequestHandlerComponent included in your controller: Article->find(’all’); $this->response->etag($this->Article->generateHash($articles)); if ($this->response->checkNotModified($this->request)) { return $this->response; } ... } The Last Modified header New in version 2.1. Also under the HTTP cache validation model, you can set the Last-Modified header to indicate the date and time at which the resource was modified for the last time. Setting this header helps CakePHP respond to caching clients whether the response was modified or not based on the client cache. To actually get advantage of using this header you have to either call manually CakeResponse::checkNotModified() method or have the RequestHandlerComponent included in your controller: Article->find(’first’); $this->response->modified($article[’Article’][’modified’]); if ($this->response->checkNotModified($this->request)) { return $this->response; } ... } The Vary header In some cases you might want to serve different contents using the same url. This is often the case when you have a multilingual page or respond with different HTML according to the browser that is requesting the resource. For such circumstances, you use the Vary header: More on controllers 67 CakePHP Cookbook Documentation, Release 2.x response->vary(’User-Agent’); $this->response->vary(’Accept-Encoding’, ’User-Agent’); $this->response->vary(’Accept-Language’); CakeResponse and testing Probably one of the biggest wins from CakeResponse comes from how it makes testing controllers and components easier. Instead of methods spread across several objects, you only have a single object to mock as controllers and components delegate to CakeResponse. This helps you get closer to a ‘unit’ test and makes testing controllers easier: controller->response= $this->getMock(’CakeResponse’); $this->controller->response->expects($this->once())->method(’header’); // ... } Additionally you can more easily run tests from the command line, as you can use mocks to avoid the ‘headers sent’ errors that can come up from trying to set headers in CLI. CakeResponse API class CakeResponse CakeResponse provides a number of useful methods for interacting with the response you are sending to a client. CakeResponse::header($header = null, $value = null) Allows you to directly set one or many headers to be sent with the response. CakeResponse::charset($charset = null) Sets the charset that will be used in the response. CakeResponse::type($contentType = null) Sets the content type for the response. You can either use a known content type alias or the full content type name. CakeResponse::cache($since, $time = ‘+1 day’) Allows you to set caching headers in the response. CakeResponse::disableCache() Sets the headers to disable client caching for the response. CakeResponse::sharable($public = null, $time = null) Sets the Cache-Control header to be either public or private and optionally sets a max-age directive of the resource New in version 2.1. CakeResponse::expires($time = null) Allows to set the Expires header to a specific date. New in version 2.1. 68 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x CakeResponse::etag($tag = null, $weak = false) Sets the Etag header to uniquely identify a response resource. New in version 2.1. CakeResponse::modified($time = null) Sets the Last-Modified header to a specific date and time in the correct format. New in version 2.1. CakeResponse::checkNotModified(CakeRequest $request) Compares the cache headers for the request object with the cache header from the response and deter- mines if it can still be considered fresh. In that case deletes any response contents and sends the 304 Not Modified header. New in version 2.1. CakeResponse::compress() Turns on gzip compression for the request. CakeResponse::download($filename) Allows you to send the response as an attachment and set the filename. CakeResponse::statusCode($code = null) Allows you to set the status code for the response. CakeResponse::body($content = null) Set the content body for the response. CakeResponse::send() Once you are done creating a response, calling send() will send all the set headers as well as the body. This is done automatically at the end of each request by Dispatcher CakeResponse::file($path, $options = array()) Allows you to set a file for display or download New in version 2.3. Scaffolding Application scaffolding is a technique that allows a developer to define and create a basic application that can create, retrieve, update and delete objects. Scaffolding in CakePHP also allows developers to define how objects are related to each other, and to create and break those links. All that’s needed to create a scaffold is a model and its controller. Once you set the $scaffold variable in the controller, you’re up and running. CakePHP’s scaffolding is pretty cool. It allows you to get a basic CRUD application up and going in minutes. It’s so cool that you’ll want to use it in production apps. Now, we think it’s cool too, but please realize that scaffolding is... well... just scaffolding. It’s a loose structure you throw up real quick during the beginning of a project in order to get started. It isn’t meant to be completely flexible, it’s meant as a temporary way to get up and going. If you find yourself really wanting to customize your logic and your views, it’s time to pull your scaffolding down in order to write some code. CakePHP’s Bake console, covered in the next section, is a great next step: it generates all the code that would produce the same result as the most current scaffold. Scaffolding is a great way of getting the early parts of developing a web application started. Early database schemas are subject to change, which is perfectly normal in the early part of the design process. This has a downside: a web developer hates creating forms that never will see real use. To reduce the strain on the developer, scaffolding has been included in CakePHP. Scaffolding analyzes your database tables and creates More on controllers 69 CakePHP Cookbook Documentation, Release 2.x standard lists with add, delete and edit buttons, standard forms for editing and standard views for inspecting a single item in the database. To add scaffolding to your application, in the controller, add the $scaffold variable: array( ’authorize’ => array(’controller’), ’loginAction’ => array(’controller’ => ’users’, ’action’ => ’login’) ), ’Cookie’ => array(’name’ => ’CookieMonster’) ); Would be an example of configuring a component with the $components array. All core components allow their configuration settings to be set in this way. In addition you can configure components in your 72 Chapter 6. Controllers CakePHP Cookbook Documentation, Release 2.x controller’s beforeFilter() method. This is useful when you need to assign the results of a function to a component property. The above could also be expressed as: Auth->authorize= array(’controller’); $this->Auth->loginAction= array(’controller’ => ’users’, ’action’ => ’login’); $this->Cookie->name= ’CookieMonster’; } It’s possible, however, that a component requires certain configuration options to be set before the con- troller’s beforeFilter() is run. To this end, some components allow configuration options be set in the $components array: array(’panels’ => array(’history’, ’session’)) ); Consult the relevant documentation to determine what configuration options each component provides. One common setting to use is the className option, which allows you to alias components. This feature is useful when you want to replace $this->Auth or another common Component reference with a custom implementation: array( ’className’ => ’MyAuth’ ) ); } // app/Controller/Component/MyAuthComponent.php App::uses(’AuthComponent’, ’Controller/Component’); class MyAuthComponent extends AuthComponent { // Add your code to override the core AuthComponent } The above would alias MyAuthComponent to $this->Auth in your controllers. Note: Aliasing a component replaces that instance anywhere that component is used, including inside other Components. Using Components Once you’ve included some components in your controller, using them is pretty simple. Each component you use is exposed as a property on your controller. If you had loaded up the SessionComponent and More on controllers 73 CakePHP Cookbook Documentation, Release 2.x the CookieComponent in your controller, you could access them like so: Post->delete($this->request->data(’Post.id’)) { $this->Session->setFlash(’Post deleted.’); $this->redirect(array(’action’ => ’index’)); } } Note: Since both Models and Components are added to Controllers as properties they share the same ‘namespace’. Be sure to not give a component and a model the same name. Loading components on the fly You might not need all of your components available on every controller action. In situations like this you can load a component at runtime using the Component Collection. From inside a controller you can do the following: OneTimer= $this->Components->load(’OneTimer’); $this->OneTimer->getTime(); Component Callbacks Components also offer a few request life-cycle callbacks that allow them to augment the request cycle. See the base Component API for more information on the callbacks components offer. Creating a Component Suppose our online application needs to perform a complex mathematical operation in many different parts of the application. We could create a component to house this shared logic for use in many different con- trollers. The first step is to create a new component file and class. Create the file in /app/Controller/Component/MathComponent.php. The basic structure for the compo- nent would look something like this: Math, as well as the standard $this->Session */ public $components= array(’Math’, ’Session’); Components declared in AppController will be merged with those in your other controllers. So there is no need to re-declare the same component twice. When including Components in a Controller you can also declare a set of parameters that will be passed on to the Component’s constructor. These parameters can then be handled by the Component: array( ’precision’ =>2, ’randomGenerator’ => ’srand’ ), ’Session’, ’Auth’ ); The above would pass the array containing precision and randomGenerator to MathComponent::__construct() as the second parameter. By convention, any settings that have been passed that are also public properties on your component will have the values set based on the settings. Using other Components in your Component Sometimes one of your components may need to use another component. In this case you can include other components in your component the exact same way you include them in controllers - using the $components var: Existing->foo(); } public function bar() { // ... } } // app/Controller/Component/ExistingComponent.php App::uses(’Component’, ’Controller’); class ExistingComponent extends Component { public function foo() { // ... } } Component API class Component The base Component class offers a few methods for lazily loading other Components through ComponentCollection as well as dealing with common handling of settings. It also provides prototypes for all the component callbacks. Component::__construct(ComponentCollection $collection, $settings = array()) Constructor for the base component class. All $settings that are also public properties will have their values changed to the matching value in $settings. Callbacks Component::initialize(Controller $controller) The initialize method is called before the controller’s beforeFilter method. Component::startup(Controller $controller) The startup method is called after the controller’s beforeFilter method but before the controller exe- cutes the current action handler. Component::beforeRender(Controller $controller) The beforeRender method is called after the controller executes the requested action’s logic but before the controller’s renders views and layout. Component::shutdown(Controller $controller) The shutdown method is called before output is sent to browser. Component::beforeRedirect(Controller $controller, $url, $status=null, $exit=true) The beforeRedirect method is invoked when the controller’s redirect method is called but before any further action. If this method returns false the controller will not continue on to redirect the request. The $url, $status and $exit variables have same meaning as for the controller’s method. You can also return a string which will be interpreted as the url to redirect to or return associative array with key ‘url’ and optionally ‘status’ and ‘exit’. 76 Chapter 6. Controllers CHAPTER7 Views Views are the V in MVC. Views are responsible for generating the specific output required for the request. Often this is in the form of HTML, XML, or JSON, but streaming files and creating PDF’s that users can download are also responsibilities of the View Layer. CakePHP comes with a few built-in View classes for handling the most common rendering scenarios: • To create XML or JSON webservices you can use the JSON and XML views. • To serve protected files, or dynamically generated files, you can use Media Views • To create multiple themed views, you can use Themes View Templates The view layer of CakePHP is how you speak to your users. Most of the time your views will be showing (X)HTML documents to browsers, but you might also need to serve AMF data to a Flash object, reply to a remote application via SOAP, or output a CSV file for a user. By default CakePHP view files are written in plain PHP and have a default extension of .ctp (CakePHP Tem- plate). These files contain all the presentational logic needed to get the data it received from the controller in a format that is ready for the audience you’re serving to. If you’d prefer using a templating language like Twig, or Smarty, a subclass of View will bridge your templating language and CakePHP View files are stored in /app/View/, in a folder named after the controller that uses the files, and named after the action it corresponds to. For example, the view file for the Products controller’s “view()” action, would normally be found in /app/View/Products/view.ctp. The view layer in CakePHP can be made up of a number of different parts. Each part has different uses, and will be covered in this chapter: • views: Views are the part of the page that is unique to the action being run. They form the meat of your application’s response. • elements: smaller, reusable bits of view code. Elements are usually rendered inside of views. 77 CakePHP Cookbook Documentation, Release 2.x • layouts: view files that contain presentational code that is found wrapping many interfaces in your application. Most views are rendered inside of a layout. • helpers: these classes encapsulate view logic that is needed in many places in the view layer. Among other things, helpers in CakePHP can help you build forms, build AJAX functionality, paginate model data, or serve RSS feeds. Extending Views New in version 2.1. View extending allows you to wrap one view in another. Combining this with view blocks gives you a powerful way to keep your views DRY. For example, your application has a sidebar that needs to change depending on the specific view being rendered. By extending a common view file you can avoid repeating the common markup for your sidebar, and only define the parts that change: // app/View/Common/view.ctp

fetch(’title’); ?>

fetch(’content’); ?>

Related actions

    fetch(’sidebar’); ?>
The above view file could be used as a parent view. It expects that the view extending it will define the sidebar and title blocks. The content block is a special block that CakePHP creates. It will contain all the un-captured content from the extending view. Assuming our view file has a $posts variable with the data about our post. Our view could look like: // app/View/Posts/view.ctp extend(’/Common/view’); $this->assign(’title’, $post); $this->start(’sidebar’); ?>
  • Html->link(’edit’, array( ’action’ => ’edit’, $post[’Post’][’id’] )); ?>
  • end(); ?> extend(’/Common/view’); $this->extend(’/Common/index’); The above will result in /Common/index.ctp being rendered as the parent view to the current view. You can nest extended views as many times as necessary. Each view can extend another view if desired. Each parent view will get the previous view’s content as the content block. Note: You should avoid using content as a block name in your application. CakePHP uses this for un-captured content in extended views. Using view blocks New in version 2.1. View blocks replace $scripts_for_layout and provide a flexible API that allows you to define slots or blocks in your views/layouts that will be defined elsewhere. For example blocks are ideal for implementing things such as sidebars, or regions to load assets at the bottom/top of the layout. Blocks can be defined in two ways. Either as a capturing block, or by direct assignment. The start(), append() and end() methods allow to work with capturing blocks: start(’sidebar’); echo $this->element(’sidebar/recent_topics’); echo $this->element(’sidebar/recent_comments’); $this->end(); // Append into the sidebar later on. $this->append(’sidebar’); echo $this->element(’sidebar/popular_topics’); $this->end(); You can also append into a block using start() multiple times. assign() can be used to clear or overwrite a block at any time: assign(’sidebar’,’’); New in version 2.3. As of 2.3 you can also use prepend() to prepend content to an existing block: prepend(’sidebar’, ’this content goes on top of sidebar’); Using view blocks 79 CakePHP Cookbook Documentation, Release 2.x Note: You should avoid using content as a block name. This is used by CakePHP internally for extended views, and view content in the layout. Displaying blocks New in version 2.1. You can display blocks using the fetch() method. fetch() will safely output a block, returning ‘’ if a block does not exist: fetch(’sidebar’); ?> You can also use fetch to conditionally show content that should surround a block should it exist. This is helpful in layouts, or extended views where you want to conditionally show headings or other markup: // in app/View/Layouts/default.ctp fetch(’menu’)):?> As of 2.3.0 you can also provide a default value for a block should it not have any content. This allows you to easily add placeholder content, for empty states. You can provide a default value using the 2nd argument:

    Your Cart

    fetch(’cart’, ’Your cart is empty’);
    Changed in version 2.3: The $default argument was added in 2.3. Using blocks for script and CSS files New in version 2.1. Blocks replace the deprecated $scripts_for_layout layout variable. Instead you should use blocks. The HtmlHelper ties into view blocks, and its script(), css(), and meta() methods each update a block with the same name when used with the inline = false option: Html->script(’carousel’, array(’inline’ => false)); $this->Html->css(’carousel’, null, array(’inline’ => false)); ?> // In your layout file. <?php echo $this->fetch(’title’); ?> 80 Chapter 7. Views CakePHP Cookbook Documentation, Release 2.x fetch(’script’); ?> fetch(’css’); ?> // rest of the layout follows The HtmlHelper also allows you to control which block the scripts and CSS go to: Html->script(’carousel’, array(’block’ => ’scriptBottom’)); // in your layout echo $this->fetch(’scriptBottom’); Layouts A layout contains presentation code that wraps around a view. Anything you want to see in all of your views should be placed in a layout. Layout files should be placed in /app/View/Layouts. CakePHP’s default layout can be overridden by creating a new default layout at /app/View/Layouts/default.ctp. Once a new default layout has been created, controller-rendered view code is placed inside of the default layout when the page is rendered. When you create a layout, you need to tell CakePHP where to place the code for your views. To do so, make sure your layout includes a place for $this->fetch(’content’) Here’s an example of what a default layout might look like: <?php echo $title_for_layout?> fetch(’meta’); echo $this->fetch(’css’); echo $this->fetch(’script’); ?> fetch(’content’); ?> Layouts 81 CakePHP Cookbook Documentation, Release 2.x Note: Prior to version 2.1, method fetch() was not available, fetch(’content’) is a replacement for $content_for_layout and lines fetch(’meta’), fetch(’css’) and fetch(’script’) are contained in the $scripts_for_layout variable in version 2.0 The script, css and meta blocks contain any content defined in the views using the built-in HTML helper. Useful for including javascript and CSS files from views. Note: When using HtmlHelper::css() or HtmlHelper::script() in view files, specify ‘false’ for the ‘inline’ option to place the html source in a block with the same name. (See API for more details on usage). The content block contains the contents of the rendered view. $title_for_layout contains the page title. This variable is generated automatically, but you can override it by setting it in your controller/view. To set the title for the layout, it’s easiest to do so in the controller, setting the $title_for_layout variable: set(’title_for_layout’, ’View Active Users’); } } You can also set the title_for_layout variable from inside the view file: set(’title_for_layout’, $titleContent); You can create as many layouts as you wish: just place them in the app/View/Layouts directory, and switch between them inside of your controller actions using the controller or view’s $layout property: layout= ’admin’; } // from a view file $this->layout= ’loggedin’; For example, if a section of my site included a smaller ad banner space, I might create a new layout with the smaller advertising space and specify it as the layout for all controllers’ actions using something like: 82 Chapter 7. Views CakePHP Cookbook Documentation, Release 2.x set(’title_for_layout’, ’View Active Users’); $this->layout= ’default_small_ad’; } public function view_image() { $this->layout= ’image’; //output user image } } CakePHP features two core layouts (besides CakePHP’s default layout) you can use in your own application: ‘ajax’ and ‘flash’. The Ajax layout is handy for crafting Ajax responses - it’s an empty layout (most ajax calls only require a bit of markup in return, rather than a fully-rendered interface). The flash layout is used for messages shown by Controller::flash() method. Three other layouts, xml, js, and rss, exist in the core for a quick and easy way to serve up content that isn’t text/html. Using layouts from plugins New in version 2.1. If you want to use a layout that exists in a plugin, you can use plugin syntax. For example to use the contact layout from the Contacts plugin: layout= ’Contacts.contact’; } } Elements Many applications have small blocks of presentation code that need to be repeated from page to page, sometimes in different places in the layout. CakePHP can help you repeat parts of your website that need to be reused. These reusable parts are called Elements. Ads, help boxes, navigational controls, extra menus, login forms, and callouts are often implemented in CakePHP as elements. An element is basically a mini- view that can be included in other views, in layouts, and even within other elements. Elements can be used to make a view more readable, placing the rendering of repeating elements in its own file. They can also help you re-use content fragments in your application. Elements live in the /app/View/Elements/ folder, and have the .ctp filename extension. They are output using the element method of the view: element(’helpbox’); ?> Elements 83 CakePHP Cookbook Documentation, Release 2.x Passing Variables into an Element You can pass data to an element through the element’s second argument: element(’helpbox’, array( "helptext" =>"Oh, this text is very helpful." )); Inside the element file, all the passed variables are available as members of the parameter array (in the same way that Controller::set() in the controller works with view files). In the above example, the /app/View/Elements/helpbox.ctp file can use the $helptext variable: element(’helpbox’, array( "helptext" =>"This is passed to the element as $helptext", "foobar" =>"This is passed to the element as $foobar", ), array( "cache" =>"long_view",// uses the "long_view" cache configuration "callbacks" => true // set to true to have before/afterRender called for the element ) ); Element caching is facilitated through the Cache class. You can configure elements to be stored in any Cache configuration you’ve setup. This gives you a great amount of flexibility to decide where and for how long elements are stored. To cache different versions of the same element in an application, provide a unique cache key value using the following format: element(’helpbox’, array(), array( "cache" => array(’config’ => ’short’, ’key’ => ’unique value’) ) ); You can take full advantage of elements by using requestAction(). The requestAction() func- tion fetches view variables from a controller action and returns them as an array. This enables your elements to perform in true MVC style. Create a controller action that prepares the view variables for your elements, then call requestAction() inside the second parameter of element() to feed the element the view variables from your controller. To do this, in your controller add something like the following for the Post example: paginate(); if ($this->request->is(’requested’)) { return $posts; } else { $this->set(’posts’, $posts); } } } And then in the element we can access the paginated posts model. To get the latest five posts in an ordered list we would do something like the following:

    Latest Posts

    requestAction(’posts/index/sort:created/direction:asc/limit:5’); ?>
    Caching Elements You can take advantage of CakePHP view caching if you supply a cache parameter. If set to true, it will cache the element in the ‘default’ Cache configuration. Otherwise, you can set which cache configuration should be used. See Caching for more information on configuring Cache. A simple example of caching an element would be: element(’helpbox’, array(), array(’cache’ => true)); ?> If you render the same element more than once in a view and have caching enabled be sure to set the ‘key’ parameter to a different name each time. This will prevent each successive call from overwriting the previous element() call’s cached result. E.g.: element( ’helpbox’, array(’var’ => $var), array(’cache’ => array(’key’ => ’first_use’, ’config’ => ’view_long’) ); echo $this->element( ’helpbox’, array(’var’ => $differenVar), array(’cache’ => array(’key’ => ’second_use’, ’config’ => ’view_long’) ); The above will ensure that both element results are cached separately. If you want all element caching to use the same cache configuration, you can save some repetition, by setting View::$elementCache to the cache configuration you want to use. CakePHP will use this configuration, when none is given. Elements 85 CakePHP Cookbook Documentation, Release 2.x Requesting Elements from a Plugin 2.0 To load an element from a plugin, use the plugin option (moved out of the data option in 1.x): element(’helpbox’, array(), array(’plugin’ => ’Contacts’)); 2.1 If you are using a plugin and wish to use elements from within the plugin, just use the familiar plugin syntax. If the view is being rendered for a plugin controller/action, the plugin name will automatically be prefixed onto all elements used, unless another plugin name is present. If the element doesn’t exist in the plugin, it will look in the main APP folder.: element(’Contacts.helpbox’); ?> If your view is a part of a plugin you can omit the plugin name. For example, if you are in the ContactsController of the Contacts plugin: element(’helpbox’); // and echo $this->element(’Contacts.helpbox’); Are equivalent and will result in the same element being rendered. Changed in version 2.1: The $options[plugin] option was deprecated and support for Plugin.element was added. View API class View View methods are accessible in all view, element and layout files. To call any view method use $this->method() View::set(string $var, mixed $value) Views have a set() method that is analogous to the set() found in Controller objects. Using set() from your view file will add the variables to the layout and elements that will be rendered later. See Controller Methods for more information on using set(). In your view file you can do: set(’activeMenuButton’, ’posts’); Then in your layout the $activeMenuButton variable will be available and contain the value ‘posts’. View::getVar(string $var) Gets the value of the viewVar with the name $var 86 Chapter 7. Views CakePHP Cookbook Documentation, Release 2.x View::getVars() Gets a list of all the available view variables in the current rendering scope. Returns an array of variable names. View::element(string $elementPath, array $data, array $options = array()) Renders an element or view partial. See the section on Elements for more information and examples. View::uuid(string $object, mixed $url) Generates a unique non-random DOM ID for an object, based on the object type and url. This method is often used by helpers that need to generate unique DOM ID’s for elements such as the JsHelper: uuid(’form’, array(’controller’ => ’posts’, ’action’ => ’index’)); //$uuid contains ’form0425fe3bad’ View::addScript(string $name, string $content) Adds content to the internal scripts buffer. This buffer is made available in the layout as $scripts_for_layout. This method is helpful when creating helpers that need to add javascript or css directly to the layout. Keep in mind that scripts added from the layout, or elements in the layout will not be added to $scripts_for_layout. This method is most often used from inside helpers, like the JsHelper and HtmlHelper Helpers. Deprecated since version 2.1: Use the Using view blocks features instead. View::blocks() Get the names of all defined blocks as an array. View::start($name) Start a capturing block for a view block. See the section on Using view blocks for examples. New in version 2.1. View::end() End the top most open capturing block. See the section on Using view blocks for examples. New in version 2.1. View::append($name, $content) Append into the block with $name. See the section on Using view blocks for examples. New in version 2.1. View::assign($name, $content) Assign the value of a block. This will overwrite any existing content. See the section on Using view blocks for examples. New in version 2.1. View::fetch($name) Fetch the value of a block. ‘’ Will be returned for blocks that are not defined. See the section on Using view blocks for examples. New in version 2.1. View::extend($name) Extend the current view/element/layout with the named one. See the section on Extending Views for examples. New in version 2.1. property View::$layout Set the layout the current view will be wrapped in. View API 87 CakePHP Cookbook Documentation, Release 2.x property View::$elementCache The cache configuration used to cache elements. Setting this property will change the default config- uration used to cache elements. This default can be overridden using the ‘cache’ option in the element method. property View::$request An instance of CakeRequest. Use this instance to access information about the current request. property View::$output Contains the last rendered content from a view, either the view file, or the layout content. Deprecated since version 2.1: Use $view->Blocks->get(’content’); instead. property View::$Blocks An instance of ViewBlock. Used to provide view block functionality in view rendering. New in version 2.1. More about Views Themes You can take advantage of themes, making it easy to switch the look and feel of your page quickly and easily. To use themes, specify the theme name in your controller: viewClass = ’Theme’. 2.1 removes this requirement as the normal View class supports themes You can also set or change the theme name within an action or within the beforeFilter or beforeRender callback functions: theme= ’AnotherExample’; Theme view files need to be within the /app/View/Themed/ folder. Within the themed folder, cre- ate a folder using the same name as your theme name. For example, the above theme would be found in /app/View/Themed/AnotherExample. Its important to remember that CakePHP expects Camel- Case theme names. Beyond that, the folder structure within the /app/View/Themed/Example/ folder is exactly the same as /app/View/. For example, the view file for an edit action of a Posts controller would reside at /app/View/Themed/Example/Posts/edit.ctp. Layout files would reside in /app/View/Themed/Example/Layouts/. If a view file can’t be found in the theme, CakePHP will try to locate the view file in the /app/View/ folder. This way, you can create master view files and simply override them on a case-by-case basis within your theme folder. 88 Chapter 7. Views CakePHP Cookbook Documentation, Release 2.x Theme assets Themes can contain static assets as well as view files. A theme can include any necessary assets in its web- root directory. This allows for easy packaging and distribution of themes. While in development, requests for theme assets will be handled by Dispatcher. To improve performance for production environments, it’s recommended that you either symlink or copy theme assets into the application’s webroot. See below for more information. To use the new theme webroot create directories like app/View/Themed//webroot in your theme. The Dispatcher will handle finding the correct theme assets in your view paths. All of CakePHP’s built-in helpers are aware of themes and will create the correct paths automatically. Like view files, if a file isn’t in the theme folder, it will default to the main webroot folder: Html->css(’main.css’); //creates a path like /theme/purple_cupcake/css/main.css //and links to app/View/Themed/PurpleCupcake/webroot/css/main.css Increasing performance of plugin and theme assets It’s a well known fact that serving assets through PHP is guaranteed to be slower than serving those assets without invoking PHP. And while the core team has taken steps to make plugin and theme asset serving as fast as possible, there may be situations where more performance is required. In these situations it’s recommended that you either symlink or copy out plugin/theme assets to directories in app/webroot with paths matching those used by CakePHP. • app/Plugin/DebugKit/webroot/js/my_file.js becomes app/webroot/DebugKit/js/my_file.js • app/View/Themed/Navy/webroot/css/navy.css becomes app/webroot/theme/Navy/css/navy.css Media Views class MediaView Deprecated since version 2.3: Use Sending files instead. Media views allow you to send binary files to the user. For example, you may wish to have a directory of files outside of the webroot to prevent users from direct linking them. You can use the Media view to pull the file from a special folder within /app/, allowing you to perform authentication before delivering the file to the user. To use the Media view, you need to tell your controller to use the MediaView class instead of the default View class. After that, just pass in additional parameters to specify where your file is located: More about Views 89 CakePHP Cookbook Documentation, Release 2.x viewClass= ’Media’; // Download app/outside_webroot_dir/example.zip $params= array( ’id’ => ’example.zip’, ’name’ => ’example’, ’download’ => true, ’extension’ => ’zip’, ’path’ => APP. ’outside_webroot_dir’.DS ); $this->set($params); } } Here’s an example of rendering a file whose mime type is not included in the MediaView’s $mimeType array. We are also using a relative path which will default to your app/webroot folder: viewClass= ’Media’; // Render app/webroot/files/example.docx $params= array( ’id’ => ’example.docx’, ’name’ => ’example’, ’extension’ => ’docx’, ’mimeType’ => array( ’docx’ => ’application/vnd.openxmlformats-officedocument.wordprocessingml.document’ ), ’path’ => ’files’.DS ); $this->set($params); } Settable Parameters id The ID is the file name as it resides on the file server including the file extension. name The name allows you to specify an alternate file name to be sent to the user. Specify the name without the file extension. download A boolean value indicating whether headers should be set to force download. extension The file extension. This is matched against an internal list of acceptable mime types. If the mime type specified is not in the list (or sent in the mimeType parameter array), the file will not be downloaded. path The folder name, including the final directory separator. The path should be absolute but can be relative to the app/webroot folder. mimeType An array with additional mime types to be merged with MediaView internal list of acceptable mime types. 90 Chapter 7. Views CakePHP Cookbook Documentation, Release 2.x cache A boolean or integer value - If set to true it will allow browsers to cache the file (defaults to false if not set); otherwise set it to the number of seconds in the future for when the cache should expire. JSON and XML views New in CakePHP 2.1 are two new view classes. The XmlView and JsonView let you easily create XML and JSON responses, and integrate with the RequestHandlerComponent. By enabling RequestHandlerComponent in your application, and enabling support for the xml and or json extensions, you can automatically leverage the new view classes. XmlView and JsonView will be referred to as data views for the rest of this page. There are two ways you can generate data views. The first is by using the _serialize key, and the second is by creating normal view files. Enabling data views in your application Before you can use the data view classes, you’ll need to do a bit of setup: 1. Enable the json and or xml extensions with Router::parseExtensions(). This will enable Router to handle mulitple extensions. 2. Add the RequestHandlerComponent to your controller’s list of components. This will en- able automatic view class switching on content types. You can also set the component up with the viewClassMap setting, to map types to your custom classes and/or map other data types. New in version 2.3: RequestHandlerComponent::viewClassMap() method has been added to map types to viewClasses. The viewClassMap setting will also not work on earlier versions. After adding Router::parseExtensions(’json’); to your routes file, CakePHP will automat- ically switch view classes when a request is done with the .json extension, or the Accept header is application/json. Using data views with the serialize key The _serialize key is a special view variable that indicates which other view variable(s) should be serialized when using a data view. This lets you skip defining view files for your controller actions if you don’t need to do any custom formatting before your data is converted into json/xml. If you need to do any formatting or manipulation of your view variables before generating the response, you should use view files. The value of _serialize can be either a string or an array of view variables to serialize: set(’posts’, $this->paginate()); $this->set(’_serialize’, array(’posts’)); More about Views 91 CakePHP Cookbook Documentation, Release 2.x } } You can also define _serialize as an array of view variables to combine: set(compact(’posts’, ’comments’)); $this->set(’_serialize’, array(’posts’, ’comments’)); } } Defining _serialize as an array has the added benefit of automatically appending a top-level element when using XmlView. If you use a string value for _serialize and XmlView, make sure that your view variable has a single top-level element. Without a single top-level element the Xml will fail to generate. Using a data view with view files You should use view files if you need to do some manipulation of your view content before creating the final output. For example if we had posts, that had a field containing generated HTML, we would probably want to omit that from a JSON response. This is a situation where a view file would be useful: set(compact(’posts’, ’comments’)); } } // View code - app/View/Posts/json/index.ctp foreach ($posts as &$post){ unset($post[’Post’][’generated_html’]); } echo json_encode(compact(’posts’, ’comments’)); You can do more more complex manipulations, or use helpers to do formatting as well. Note: The data view classes don’t support layouts. They assume that the view file will output the serialized content. class XmlView A view class for generating Xml view data. See above for how you can use XmlView in your appli- cation class JsonView 92 Chapter 7. Views CakePHP Cookbook Documentation, Release 2.x A view class for generating Json view data. See above for how you can use JsonView in your appli- cation. Helpers Helpers are the component-like classes for the presentation layer of your application. They contain presen- tational logic that is shared between many views, elements, or layouts. This chapter will show you how to create your own helpers, and outline the basic tasks CakePHP’s core helpers can help you accomplish. CakePHP features a number of helpers that aid in view creation. They assist in creating well-formed markup (including forms), aid in formatting text, times and numbers, and can even speed up Ajax functionality. For more information on the helpers included in CakePHP, check out Helpers. Using and Configuring Helpers You enable helpers in CakePHP by making a controller aware of them. Each controller has a $helpers property that lists the helpers to be made available in the view. To enable a helper in your view, add the name of the helper to the controller’s $helpers array: helpers[]= ’Time’; } public function mix{ // The Time helper is not loaded here and thus not available } } If you need to enable a helper for all controllers add the name of the helper to the $helpers array in /app/Controller/AppController.php (or create if not present). Remember to include the default Html and Form helpers: array(’option1’ => ’value1’)); } One common setting to use is the className option, which allows you to create aliased helpers in your views. This feature is useful when you want to replace $this->Html or another common Helper reference with a custom implementation: array( ’className’ => ’MyHtml’ ) ); } // app/View/Helper/MyHtmlHelper.php App::uses(’HtmlHelper’, ’View/Helper’); class MyHtmlHelper extends HtmlHelper { // Add your code to override the core HtmlHelper } The above would alias MyHtmlHelper to $this->Html in your views. Note: Aliasing a helper replaces that instance anywhere that helper is used, including inside other Helpers. Tip: Aliasing the Html or Session Helper while using the core PagesController will not work. It is better to copy lib/Cake/Controller/PagesController.php into your app/Controller/ folder. Using helper settings allows you to declaratively configure your helpers and keep configuration logic out of your controller actions. If you have configuration options that cannot be included as part of a class declaration, you can set those in your controller’s beforeRender callback: 94 Chapter 7. Views CakePHP Cookbook Documentation, Release 2.x helpers[’CustomStuff’]= $this->_getCustomStuffSettings(); } } Using Helpers Once you’ve configured which helpers you want to use in your controller, each helper is exposed as a public property in the view. For example, if you were using the HtmlHelper you would be able to access it by doing the following: Html->css(’styles’); The above would call the css method on the HtmlHelper. You can access any loaded helper using $this->{$helperName}. There may come a time where you need to dynamically load a helper from inside a view. You can use the view’s HelperCollection to do this: Helpers->load(’Media’, $mediaSettings); The HelperCollection is a collection and supports the collection API used elsewhere in CakePHP. Callback methods Helpers feature several callbacks that allow you to augment the view rendering process. See the Helper API and the Collections documentation for more information. Creating Helpers If a core helper (or one showcased on github or the Bakery) doesn’t fit your needs, helpers are easy to create. Let’s say we wanted to create a helper that could be used to output a specifically crafted CSS-styled link you needed many different places in your application. In order to fit your logic in to CakePHP’s existing helper structure, you’ll need to create a new class in /app/View/Helper. Let’s call our helper LinkHelper. The actual PHP class file would look something like this: Html->link($title, $url, array(’class’ => ’edit’)); return ’
    ’. $link. ’
    ’; } } Using your Helper Once you’ve created your helper and placed it in /app/View/Helper/, you’ll be able to include it in your controllers using the special variable $helpers: Link->makeEdit(’Change this Recipe’, ’/recipes/edit/5’); ?> Creating Functionality for All Helpers All helpers extend a special class, AppHelper (just like models extend AppModel and controllers extend AppController). To create functionality that would be available to all helpers, create /app/View/Helper/AppHelper.php: 96 Chapter 7. Views CakePHP Cookbook Documentation, Release 2.x Ingredient: Ingredient->find(’all’); $this->set(’ingredients’, $ingredients); } } Associated models are available through the main model. In the following example, Recipe has an associa- tion with the Ingredient model: Ingredient->findByName(’Steak’); return $this->findAllByMainIngredient($ingredient[’Ingredient’][’id’]); } } 100 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x This shows how to use models that are already linked. To understand how associations are defined take a look at the Associations section More on models Associations: Linking Models Together One of the most powerful features of CakePHP is the ability to link relational mapping provided by the model. In CakePHP, the links between models are handled through associations. Defining relations between different objects in your application should be a natural process. For example: in a recipe database, a recipe may have many reviews, reviews have a single author, and authors may have many recipes. Defining the way these relations work allows you to access your data in an intuitive and powerful way. The purpose of this section is to show you how to plan for, define, and utilize associations between models in CakePHP. While data can come from a variety of sources, the most common form of storage in web applications is a relational database. Most of what this section covers will be in that context. For information on associations with Plugin models, see Plugin Models. Relationship Types The four association types in CakePHP are: hasOne, hasMany, belongsTo, and hasAndBelongsToMany (HABTM). Relationship Association Type Example one to one hasOne A user has one profile. one to many hasMany A user can have multiple recipes. many to one belongsTo Many recipes belong to a user. many to many hasAndBelongsToMany Recipes have, and belong to many ingredients. Associations are defined by creating a class variable named after the association you are defining. The class variable can sometimes be as simple as a string, but can be as complete as a multidimensional array used to define association specifics. array( ’className’ => ’Recipe’, ’conditions’ => array(’Recipe.approved’ => ’1’), ’order’ => ’Recipe.created DESC’ ) ); } More on models 101 CakePHP Cookbook Documentation, Release 2.x In the above example, the first instance of the word ‘Recipe’ is what is termed an ‘Alias’. This is an identifier for the relationship and can be anything you choose. Usually, you will choose the same name as the class that it references. However, aliases for each model must be unique app wide. E.g. it is appropriate to have: array( ’className’ => ’Recipe’, ) ); public $hasAndBelongsToMany => array( ’MemberOf’ => array( ’className’ => ’Group’, ) ); } class Group extends AppModel { public $hasMany= array( ’MyRecipe’ => array( ’className’ => ’Recipe’, ) ); public $hasAndBelongsToMany => array( ’Member’ => array( ’className’ => ’User’, ) ); } but the following will not work well in all circumstances: array( ’className’ => ’Recipe’, ) ); public $hasAndBelongsToMany => array( ’Member’ => array( ’className’ => ’Group’, ) ); } class Group extends AppModel { public $hasMany= array( ’MyRecipe’ => array( ’className’ => ’Recipe’, ) ); 102 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x public $hasAndBelongsToMany => array( ’Member’ => array( ’className’ => ’User’, ) ); } because here we have the alias ‘Member’ referring to both the User (in Group) and the Group (in User) model in the HABTM associations. Choosing non-unique names for model aliases across models can cause unexpected behavior. Cake will automatically create links between associated model objects. So for example in your User model you can access the Recipe model as: Recipe->someFunction(); Similarly in your controller you can access an associated model simply by following your model associa- tions: User->Recipe->someFunction(); Note: Remember that associations are defined ‘one way’. If you define User hasMany Recipe that has no effect on the Recipe Model. You need to define Recipe belongsTo User to be able to access the User model from your Recipe model hasOne Let’s set up a User model with a hasOne relationship to a Profile model. First, your database tables need to be keyed correctly. For a hasOne relationship to work, one table has to contain a foreign key that points to a record in the other. In this case the profiles table will contain a field called user_id. The basic pattern is: hasOne: the other model contains the foreign key. Relation Schema Apple hasOne Banana bananas.apple_id User hasOne Profile profiles.user_id Doctor hasOne Mentor mentors.doctor_id Note: It is not mandatory to follow CakePHP conventions, you can easily override the use of any for- eignKey in your associations definitions. Nevertheless sticking to conventions will make your code less repetitive, easier to read and to maintain. The User model file will be saved in /app/Model/User.php. To define the ‘User hasOne Profile’ association, add the $hasOne property to the model class. Remember to have a Profile model in /app/Model/Profile.php, or the association won’t work: More on models 103 CakePHP Cookbook Documentation, Release 2.x array( ’className’ => ’Profile’, ’conditions’ => array(’Profile.published’ => ’1’), ’dependent’ => true ) ); } Possible keys for hasOne association arrays include: • className: the classname of the model being associated to the current model. If you’re defining a ‘User hasOne Profile’ relationship, the className key should equal ‘Profile.’ • foreignKey: the name of the foreign key found in the other model. This is especially handy if you need to define multiple hasOne relationships. The default value for this key is the underscored, singular name of the current model, suffixed with ‘_id’. In the example above it would default to ‘user_id’. • conditions: an array of find() compatible conditions or SQL strings such as array(‘Profile.approved’ => true) • fields: A list of fields to be retrieved when the associated model data is fetched. Returns all fields by default. • order: an array of find() compatible order clauses or SQL strings such as array(‘Profile.last_name’ => ‘ASC’) • dependent: When the dependent key is set to true, and the model’s delete() method is called with the cascade parameter set to true, associated model records are also deleted. In this case we set it true so that deleting a User will also delete her associated Profile. Once this association has been defined, find operations on the User model will also fetch a related Profile record if it exists: //Sample results from a $this->User->find() call. Array ( [User] => Array ( [id] => 121 [name] => Gwoo the Kungwoo 104 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x [created] => 2007-05-01 10:31:01 ) [Profile] => Array ( [id] => 12 [user_id] => 121 [skill] => Baking Cakes [created] => 2007-05-01 10:31:01 ) ) belongsTo Now that we have Profile data access from the User model, let’s define a belongsTo association in the Profile model in order to get access to related User data. The belongsTo association is a natural complement to the hasOne and hasMany associations: it allows us to see the data from the other direction. When keying your database tables for a belongsTo relationship, follow this convention: belongsTo: the current model contains the foreign key. Relation Schema Banana belongsTo Apple bananas.apple_id Profile belongsTo User profiles.user_id Mentor belongsTo Doctor mentors.doctor_id Tip: If a model(table) contains a foreign key, it belongsTo the other model(table). We can define the belongsTo association in our Profile model at /app/Model/Profile.php using the string syntax as follows: array( ’className’ => ’User’, ’foreignKey’ => ’user_id’ ) ); } Possible keys for belongsTo association arrays include: • className: the classname of the model being associated to the current model. If you’re defining a ‘Profile belongsTo User’ relationship, the className key should equal ‘User.’ More on models 105 CakePHP Cookbook Documentation, Release 2.x • foreignKey: the name of the foreign key found in the current model. This is especially handy if you need to define multiple belongsTo relationships. The default value for this key is the underscored, singular name of the other model, suffixed with _id. • conditions: an array of find() compatible conditions or SQL strings such as array(’User.active’ => true) • type: the type of the join to use in the SQL query, default is LEFT which may not fit your needs in all situations, INNER may be helpful when you want everything from your main and associated models or nothing at all! (effective when used with some conditions of course). (NB: type value is in lower case - i.e. left, inner) • fields: A list of fields to be retrieved when the associated model data is fetched. Returns all fields by default. • order: an array of find() compatible order clauses or SQL strings such as array(’User.username’ => ’ASC’) • counterCache: If set to true the associated Model will automatically increase or decrease the “[sin- gular_model_name]_count” field in the foreign table whenever you do a save() or delete(). If it’s a string then it’s the field name to use. The value in the counter field represents the number of related rows. You can also specify multiple counter caches by using an array where the key is field name and value is the conditions. E.g.: array( ’recipes_count’ => true, ’recipes_published’ => array(’Recipe.published’ => 1) ) • counterScope: Optional conditions array to use for updating counter cache field. Once this association has been defined, find operations on the Profile model will also fetch a related User record if it exists: //Sample results from a $this->Profile->find() call. Array ( [Profile] => Array ( [id] => 12 [user_id] => 121 [skill] => Baking Cakes [created] => 2007-05-01 10:31:01 ) [User] => Array ( [id] => 121 [name] => Gwoo the Kungwoo [created] => 2007-05-01 10:31:01 ) ) 106 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x hasMany Next step: defining a “User hasMany Comment” association. A hasMany association will allow us to fetch a user’s comments when we fetch a User record. When keying your database tables for a hasMany relationship, follow this convention: hasMany: the other model contains the foreign key. Relation Schema User hasMany Comment Comment.user_id Cake hasMany Virtue Virtue.cake_id Product hasMany Option Option.product_id We can define the hasMany association in our User model at /app/Model/User.php using the string syntax as follows: array( ’className’ => ’Comment’, ’foreignKey’ => ’user_id’, ’conditions’ => array(’Comment.status’ => ’1’), ’order’ => ’Comment.created DESC’, ’limit’ => ’5’, ’dependent’ => true ) ); } Possible keys for hasMany association arrays include: • className: the classname of the model being associated to the current model. If you’re defining a ‘User hasMany Comment’ relationship, the className key should equal ‘Comment.’ • foreignKey: the name of the foreign key found in the other model. This is especially handy if you need to define multiple hasMany relationships. The default value for this key is the underscored, singular name of the actual model, suffixed with ‘_id’. • conditions: an array of find() compatible conditions or SQL strings such as array(‘Comment.visible’ => true) • order: an array of find() compatible order clauses or SQL strings such as array(‘Profile.last_name’ => ‘ASC’) • limit: The maximum number of associated rows you want returned. More on models 107 CakePHP Cookbook Documentation, Release 2.x • offset: The number of associated rows to skip over (given the current conditions and order) before fetching and associating. • dependent: When dependent is set to true, recursive model deletion is possible. In this example, Comment records will be deleted when their associated User record has been deleted. • exclusive: When exclusive is set to true, recursive model deletion does the delete with a deleteAll() call, instead of deleting each entity separately. This greatly improves performance, but may not be ideal for all circumstances. • finderQuery: A complete SQL query CakePHP can use to fetch associated model records. This should be used in situations that require very custom results. If a query you’re building re- quires a reference to the associated model ID, use the special {$__cakeID__$} marker in the query. For example, if your Apple model hasMany Orange, the query should look something like this: SELECT Orange.* from oranges as Orange WHERE Orange.apple_id = {$__cakeID__$}; Once this association has been defined, find operations on the User model will also fetch related Comment records if they exist: //Sample results from a $this->User->find() call. Array ( [User] => Array ( [id] => 121 [name] => Gwoo the Kungwoo [created] => 2007-05-01 10:31:01 ) [Comment] => Array ( [0] => Array ( [id] => 123 [user_id] => 121 [title] => On Gwoo the Kungwoo [body] => The Kungwooness is not so Gwooish [created] => 2006-05-01 10:31:01 ) [1] => Array ( [id] => 124 [user_id] => 121 [title] => More on Gwoo [body] => But what of the ‘Nut? [created] => 2006-05-01 10:41:01 ) ) ) One thing to remember is that you’ll need a complimentary Comment belongsTo User association in order to get the data from both directions. What we’ve outlined in this section empowers you to get Comment data from the User. Adding the Comment belongsTo User association in the Comment model empowers you to 108 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x get User data from the Comment model - completing the connection and allowing the flow of information from either model’s perspective. counterCache - Cache your count() This function helps you cache the count of related data. Instead of counting the records manually via find(’count’), the model itself tracks any addition/deleting towards the associated $hasMany model and increases/decreases a dedicated integer field within the parent model table. The name of the field consists of the singular model name followed by a underscore and the word “count”: my_model_count Let’s say you have a model called ImageComment and a model called Image, you would add a new INT-field to the images table and name it image_comment_count. Here are some more examples: Model Associated Model Example User Image users.image_count Image ImageComment images.image_comment_count BlogEntry BlogEntryComment blog_entries.blog_entry_comment_count Once you have added the counter field you are good to go. Activate counter-cache in your association by adding a counterCache key and set the value to true: array( ’counterCache’ => true, ) ); } From now on, every time you add or remove a ImageComment associated to Image, the number within image_comment_count is adjusted automatically. You can also specify counterScope. It allows you to specify a simple condition which tells the model when to update (or when not to, depending on how you look at it) the counter value. Using our Image model example, we can specify it like so: array( ’counterCache’ => true, ’counterScope’ => array(’Image.active’ =>1)// only count if "Image" is active = 1 ) ); } More on models 109 CakePHP Cookbook Documentation, Release 2.x hasAndBelongsToMany (HABTM) Alright. At this point, you can already call yourself a CakePHP model associations professional. You’re already well versed in the three associations that take up the bulk of object relations. Let’s tackle the final relationship type: hasAndBelongsToMany, or HABTM. This association is used when you have two models that need to be joined up, repeatedly, many times, in many different ways. The main difference between hasMany and HABTM is that a link between models in HABTM is not exclu- sive. For example, we’re about to join up our Recipe model with an Ingredient model using HABTM. Using tomatoes as an Ingredient for my grandma’s spaghetti recipe doesn’t “use up” the ingredient. I can also use it for a salad Recipe. Links between hasMany associated objects are exclusive. If my User hasMany Comments, a comment is only linked to a specific user. It’s no longer up for grabs. Moving on. We’ll need to set up an extra table in the database to handle HABTM associations. This new join table’s name needs to include the names of both models involved, in alphabetical order, and separated with an underscore ( _ ). The contents of the table should be two fields, each foreign keys (which should be integers) pointing to both of the primary keys of the involved models. To avoid any issues - don’t define a combined primary key for these two fields, if your application requires it you can define a unique index. If you plan to add any extra information to this table, or use a ‘with’ model, you should add an additional primary key field (by convention ‘id’). HABTM requires a separate join table that includes both model names. Relationship HABTM Table Fields Recipe HABTM Ingredient ingredients_recipes.id, ingredients_recipes.ingredient_id, ingredients_recipes.recipe_id Cake HABTM Fan cakes_fans.id, cakes_fans.cake_id, cakes_fans.fan_id Foo HABTM Bar bars_foos.id, bars_foos.foo_id, bars_foos.bar_id Note: Table names are by convention in alphabetical order. It is possible to define a custom table name in association definition Make sure primary keys in tables cakes and recipes have “id” fields as assumed by convention. If they’re different than assumed, it has to be changed in model’s primaryKey Once this new table has been created, we can define the HABTM association in the model files. We’re gonna skip straight to the array syntax this time: array( ’className’ => ’Ingredient’, ’joinTable’ => ’ingredients_recipes’, ’foreignKey’ => ’recipe_id’, ’associationForeignKey’ => ’ingredient_id’, ’unique’ => true, ’conditions’ =>’’, 110 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ’fields’ =>’’, ’order’ =>’’, ’limit’ =>’’, ’offset’ =>’’, ’finderQuery’ =>’’, ’deleteQuery’ =>’’, ’insertQuery’ =>’’ ) ); } Possible keys for HABTM association arrays include: • className: the classname of the model being associated to the current model. If you’re defining a ‘Recipe HABTM Ingredient’ relationship, the className key should equal ‘Ingredient.’ • joinTable: The name of the join table used in this association (if the current table doesn’t adhere to the naming convention for HABTM join tables). • with: Defines the name of the model for the join table. By default CakePHP will auto-create a model for you. Using the example above it would be called IngredientsRecipe. By using this key you can override this default name. The join table model can be used just like any “regular” model to access the join table directly. By creating a model class with such name and filename you can add any custom behavior to the join table searches, such as adding more information/columns to it • foreignKey: the name of the foreign key found in the current model. This is especially handy if you need to define multiple HABTM relationships. The default value for this key is the underscored, singular name of the current model, suffixed with ‘_id’. • associationForeignKey: the name of the foreign key found in the other model. This is especially handy if you need to define multiple HABTM relationships. The default value for this key is the underscored, singular name of the other model, suffixed with ‘_id’. • unique: boolean or string keepExisting. – If true (default value) cake will first delete existing relationship records in the foreign keys table before inserting new ones. Existing associations need to be passed again when updat- ing. – When false, cake will insert the relationship record, and that no join records are deleted during a save operation. – When set to keepExisting, the behavior is similar to true, but existing associations are not deleted. • conditions: an array of find() compatible conditions or SQL string. If you have conditions on an associated table, you should use a ‘with’ model, and define the necessary belongsTo associations on it. • fields: A list of fields to be retrieved when the associated model data is fetched. Returns all fields by default. • order: an array of find() compatible order clauses or SQL strings • limit: The maximum number of associated rows you want returned. More on models 111 CakePHP Cookbook Documentation, Release 2.x • offset: The number of associated rows to skip over (given the current conditions and order) before fetching and associating. • finderQuery, deleteQuery, insertQuery: A complete SQL query CakePHP can use to fetch, delete, or create new associated model records. This should be used in situations that require very custom results. Once this association has been defined, find operations on the Recipe model will also fetch related Tag records if they exist: // Sample results from a $this->Recipe->find() call. Array ( [Recipe] => Array ( [id] => 2745 [name] => Chocolate Frosted Sugar Bombs [created] => 2007-05-01 10:31:01 [user_id] => 2346 ) [Ingredient] => Array ( [0] => Array ( [id] => 123 [name] => Chocolate ) [1] => Array ( [id] => 124 [name] => Sugar ) [2] => Array ( [id] => 125 [name] => Bombs ) ) ) Remember to define a HABTM association in the Ingredient model if you’d like to fetch Recipe data when using the Ingredient model. Note: HABTM data is treated like a complete set, each time a new data association is added the complete set of associated rows in database is dropped and created again so you will always need to pass the whole data set for saving. For an alternative to using HABTM see hasMany through (The Join Model) Tip: For more information on saving HABTM objects see Saving Related Model Data (HABTM) 112 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x hasMany through (The Join Model) It is sometimes desirable to store additional data with a many to many association. Consider the following Student hasAndBelongsToMany Course Course hasAndBelongsToMany Student In other words, a Student can take many Courses and a Course can be taken by many Students. This is a simple many to many association demanding a table such as this: id | student_id | course_id Now what if we want to store the number of days that were attended by the student on the course and their final grade? The table we’d want would be: id | student_id | course_id | days_attended | grade The trouble is, hasAndBelongsToMany will not support this type of scenario because when hasAndBe- longsToMany associations are saved, the association is deleted first. You would lose the extra data in the columns as it is not replaced in the new insert. Changed in version 2.1. You can set unique setting to keepExisting circumvent losing extra data during the save operation. See unique key in HABTM association arrays. The way to implement our requirement is to use a join model, otherwise known as a hasMany through association. That is, the association is a model itself. So, we can create a new model CourseMembership. Take a look at the following models.: array( ’className’ => ’Follower’, ’order’ => ’Follower.rank’ ) ); } class Follower extends AppModel { public $name= ’Follower’; } Now, in the LeadersController, we can use the find() method in the Leader model to fetch a Leader and its associated followers. As you can see above, the association array in the Leader model defines a “Leader hasMany Followers” relationship. For demonstration purposes, let’s use unbindModel() to remove that association in a controller action: Leader->find(’all’); // Let’s remove the hasMany... $this->Leader->unbindModel( array(’hasMany’ => array(’Follower’)) ); // Now using a find function will return // Leaders, with no Followers $this->Leader->find(’all’); 114 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x // NOTE: unbindModel only affects the very next // find function. An additional find call will use // the configured association information. // We’ve already used find(’all’) after unbindModel(), // so this will fetch Leaders with associated // Followers once again... $this->Leader->find(’all’); } Note: Removing or adding associations using bind- and unbindModel() only works for the next find oper- ation only unless the second parameter has been set to false. If the second parameter has been set to false, the bind remains in place for the remainder of the request. Here’s the basic usage pattern for unbindModel(): Model->unbindModel( array(’associationType’ => array(’associatedModelClassName’)) ); Now that we’ve successfully removed an association on the fly, let’s add one. Our as-of-yet unprincipled Leader needs some associated Principles. The model file for our Principle model is bare, except for the public $name statement. Let’s associate some Principles to our Leader on the fly (but remember–only for just the following find operation). This function appears in the LeadersController: Leader->find(’all’); // Let’s use bindModel() to add a new association // to the Leader model: $this->Leader->bindModel( array(’hasMany’ => array( ’Principle’ => array( ’className’ => ’Principle’ ) ) ) ); // Now that we’re associated correctly, // we can use a single find function to fetch // Leaders with their associated principles: $this->Leader->find(’all’); } More on models 115 CakePHP Cookbook Documentation, Release 2.x There you have it. The basic usage for bindModel() is the encapsulation of a normal association array inside an array whose key is named after the type of association you are trying to create: Model->bindModel( array(’associationName’ => array( ’associatedModelClassName’ => array( // normal association keys go here... ) ) ) ); Even though the newly bound model doesn’t need any sort of association definition in its model file, it will still need to be correctly keyed in order for the new association to work properly. Multiple relations to the same model There are cases where a Model has more than one relation to another Model. For example you might have a Message model that has two relations to the User model. One relation to the user that sends a message, and a second to the user that receives the message. The messages table will have a field user_id, but also a field recipient_id. Now your Message model can look something like: array( ’className’ => ’User’, ’foreignKey’ => ’user_id’ ), ’Recipient’ => array( ’className’ => ’User’, ’foreignKey’ => ’recipient_id’ ) ); } Recipient is an alias for the User model. Now let’s see what the User model would look like: array( ’className’ => ’Message’, ’foreignKey’ => ’user_id’ ), ’MessageReceived’ => array( ’className’ => ’Message’, ’foreignKey’ => ’recipient_id’ ) ); } 116 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x It is also possible to create self associations as shown below: array( ’className’ => ’Post’, ’foreignKey’ => ’parent_id’ ) ); public $hasMany= array( ’Children’ => array( ’className’ => ’Post’, ’foreignKey’ => ’parent_id’ ) ); } Fetching a nested array of associated records: If your table has parent_id field you can also use find(‘threaded’) to fetch nested array of records using a single query without setting up any associations. Joining tables In SQL you can combine related tables using the JOIN statement. This allows you to perform complex searches across multiples tables (i.e: search posts given several tags). In CakePHP some associations (belongsTo and hasOne) performs automatic joins to retrieve data, so you can issue queries to retrieve models based on data in the related one. But this is not the case with hasMany and hasAndBelongsToMany associations. Here is where forcing joins comes to the rescue. You only have to define the necessary joins to combine tables and get the desired results for your query. Note: Remember you need to set the recursion to -1 for this to work. I.e: $this->Channel->recursive = -1; To force a join between tables you need to use the “modern” syntax for Model::find(), adding a ‘joins’ key to the $options array. For example: ’channels’, ’alias’ => ’Channel’, ’type’ => ’LEFT’, ’conditions’ => array( ’Channel.id = Item.channel_id’, ) ) ); More on models 117 CakePHP Cookbook Documentation, Release 2.x $Item->find(’all’, $options); Note: Note that the ‘join’ arrays are not keyed. In the above example, a model called Item is left joined to the channels table. You can alias the table with the Model name, so the retrieved data complies with the CakePHP data structure. The keys that define the join are the following: • table: The table for the join. • alias: An alias to the table. The name of the model associated with the table is the best bet. • type: The type of join: inner, left or right. • conditions: The conditions to perform the join. With joins, you could add conditions based on Related model fields: ’channels’, ’alias’ => ’Channel’, ’type’ => ’LEFT’, ’conditions’ => array( ’Channel.id = Item.channel_id’, ) ) ); $options[’conditions’]= array( ’Channel.private’ =>1 ); $privateItems= $Item->find(’all’, $options); You could perform several joins as needed in hasAndBelongsToMany: Suppose a Book hasAndBelongsToMany Tag association. This relation uses a books_tags table as join table, so you need to join the books table to the books_tags table, and this with the tags table: ’books_tags’, ’alias’ => ’BooksTag’, ’type’ => ’inner’, ’conditions’ => array( ’Books.id = BooksTag.books_id’ ) ), array(’table’ => ’tags’, ’alias’ => ’Tag’, ’type’ => ’inner’, 118 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ’conditions’ => array( ’BooksTag.tag_id = Tag.id’ ) ) ); $options[’conditions’]= array( ’Tag.tag’ => ’Novel’ ); $books= $Book->find(’all’, $options); Using joins allows you to have a maximum flexibility in how CakePHP handles associations and fetch the data, however in most cases you can use other tools to achieve the same results such as correctly defining associations, binding models on the fly and using the Containable behavior. This feature should be used with care because it could lead, in a few cases, into bad formed SQL queries if combined with any of the former techniques described for associating models. Retrieving Your Data As stated before, one of the roles of the Model layer is to get data from multiple types of storage. The CakePHP Model class comes with some functions that will help you search for this data, sort it, paginate it, and filter it. The most common function you will use in models is Model::find() find find(string $type = ’first’, array $params = array()) Find is the multifunctional workhorse of all model data-retrieval functions. $type can be either ’all’, ’first’,’count’,’list’,’neighbors’ or ’threaded’ or any custom finder you can define. Keep in mind that $type is case sensitive. Using an upper case character (for example All) will not produce the expected results. $params is used to pass all parameters to the various finds, and has the following possible keys by default - all of which are optional: array(’Model.field’ => $thisValue), //array of conditions ’recursive’ =>1,//int ’fields’ => array(’Model.field1’, ’DISTINCT Model.field2’), //array of field names ’order’ => array(’Model.created’, ’Model.field3 DESC’), //string or array defining order ’group’ => array(’Model.field’), //fields to GROUP BY ’limit’ => n, //int ’page’ => n, //int ’offset’ => n, //int ’callbacks’ => true //other possible values are false, ’before’, ’after’ ) More on models 119 CakePHP Cookbook Documentation, Release 2.x It’s also possible to add and use other parameters, as is made use of by some find types, behaviors and of course possibly with your own model methods. find(‘first’) find(’first’, $params) will return one result, you’d use this for any case where you expect only one result. Below are a couple of simple (controller code) examples: Article->find(’first’); $lastCreated= $this->Article->find(’first’, array( ’order’ => array(’Article.created’ => ’desc’) )); $specificallyThisOne= $this->Article->find(’first’, array( ’conditions’ => array(’Article.id’ =>1) )); // ... } In the first example, no parameters at all are passed to find - therefore no conditions or sort order will be used. The format returned from find(’first’) call is of the form: Array ( [ModelName] => Array ( [id] => 83 [field1] => value1 [field2] => value2 [field3] => value3 ) [AssociatedModelName] => Array ( [id] => 1 [field1] => value1 [field2] => value2 [field3] => value3 ) ) find(‘count’) find(’count’, $params) returns an integer value. Below are a couple of simple (controller code) examples: Article->find(’count’); $pending= $this->Article->find(’count’, array( ’conditions’ => array(’Article.status’ => ’pending’) )); $authors= $this->Article->User->find(’count’); $publishedAuthors= $this->Article->find(’count’, array( ’fields’ => ’DISTINCT Article.user_id’, ’conditions’ => array(’Article.status !=’ => ’pending’) )); // ... } Note: Don’t pass fields as an array to find(’count’). You would only need to specify fields for a DISTINCT count (since otherwise, the count is always the same - dictated by the conditions). find(‘all’) find(’all’, $params) returns an array of (potentially multiple) results. It is in fact the mechanism used by all find() variants, as well as paginate. Below are a couple of simple (controller code) examples: Article->find(’all’); $pending= $this->Article->find(’all’, array( ’conditions’ => array(’Article.status’ => ’pending’) )); $allAuthors= $this->Article->User->find(’all’); $allPublishedAuthors= $this->Article->User->find(’all’, array( ’conditions’ => array(’Article.status !=’ => ’pending’) )); // ... } Note: In the above example $allAuthors will contain every user in the users table. There will be no condition applied to the find as none were passed. The results of a call to find(’all’) will be of the following form: Array ( [0] => Array ( [ModelName] => Array ( [id] => 83 [field1] => value1 [field2] => value2 More on models 121 CakePHP Cookbook Documentation, Release 2.x [field3] => value3 ) [AssociatedModelName] => Array ( [id] => 1 [field1] => value1 [field2] => value2 [field3] => value3 ) ) ) find(‘list’) find(’list’, $params) returns an indexed array, useful for any place where you would want a list such as for populating input select boxes. Below are a couple of simple (controller code) examples: Article->find(’list’); $pending= $this->Article->find(’list’, array( ’conditions’ => array(’Article.status’ => ’pending’) )); $allAuthors= $this->Article->User->find(’list’); $allPublishedAuthors= $this->Article->find(’list’, array( ’fields’ => array(’User.id’, ’User.name’), ’conditions’ => array(’Article.status !=’ => ’pending’), ’recursive’ =>0 )); // ... } Note: In the above example $allAuthors will contain every user in the users table. There will be no condition applied to the find as none were passed. The results of a call to find(’list’) will be in the following form: Array ( //[id] => ’displayValue’, [1] => ’displayValue1’, [2] => ’displayValue2’, [4] => ’displayValue4’, [5] => ’displayValue5’, [6] => ’displayValue6’, [3] => ’displayValue3’, ) 122 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x When calling find(’list’) the fields passed are used to determine what should be used as the array key, value and optionally what to group the results by. By default the primary key for the model is used for the key, and the display field (which can be configured using the model attribute displayField) is used for the value. Some further examples to clarify: Article->User->find(’list’, array( ’fields’ => array(’User.username’) )); $usernameMap= $this->Article->User->find(’list’, array( ’fields’ => array(’User.username’, ’User.first_name’) )); $usernameGroups= $this->Article->User->find(’list’, array( ’fields’ => array(’User.username’, ’User.first_name’, ’User.group’) )); // ... } With the above code example, the resultant vars would look something like this: $justusernames = Array ( //[id] => ’username’, [213] => ’AD7six’, [25] => ’_psychic_’, [1] => ’PHPNut’, [2] => ’gwoo’, [400] => ’jperras’, ) $usernameMap = Array ( //[username] => ’firstname’, [’AD7six’] => ’Andy’, [’_psychic_’] => ’John’, [’PHPNut’] => ’Larry’, [’gwoo’] => ’Gwoo’, [’jperras’] => ’Joël’, ) $usernameGroups = Array ( [’User’] => Array ( [’PHPNut’] => ’Larry’, [’gwoo’] => ’Gwoo’, ) [’Admin’] => Array ( [’_psychic_’] => ’John’, [’AD7six’] => ’Andy’, More on models 123 CakePHP Cookbook Documentation, Release 2.x [’jperras’] => ’Joël’, ) ) find(‘threaded’) find(’threaded’, $params) returns a nested array, and is appropriate if you want to use the parent_id field of your model data to build nested results. Below are a couple of simple (controller code) examples: Category->find(’threaded’); $comments= $this->Comment->find(’threaded’, array( ’conditions’ => array(’article_id’ => 50) )); // ... } Tip: A better way to deal with nested data is using the Tree behavior In the above code example, $allCategories will contain a nested array representing the whole category structure. The results of a call to find(’threaded’) will be of the following form: Array ( [0] => Array ( [ModelName] => Array ( [id] => 83 [parent_id] => null [field1] => value1 [field2] => value2 [field3] => value3 ) [AssociatedModelName] => Array ( [id] => 1 [field1] => value1 [field2] => value2 [field3] => value3 ) [children] => Array ( [0] => Array 124 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ( [ModelName] => Array ( [id] => 42 [parent_id] => 83 [field1] => value1 [field2] => value2 [field3] => value3 ) [AssociatedModelName] => Array ( [id] => 2 [field1] => value1 [field2] => value2 [field3] => value3 ) [children] => Array ( ) ) ... ) ) ) The order results appear can be changed as it is influenced by the order of processing. For example, if ’order’ => ’name ASC’ is passed in the params to find(’threaded’), the results will appear in name order. Likewise any order can be used, there is no inbuilt requirement of this method for the top result to be returned first. Warning: If you specify fields, you need to always include the parent_id (or its current alias): Category->find(’threaded’, array( ’fields’ => array(’id’, ’name’, ’parent_id’) )); } Otherwise the returned array will not be of the expected nested structure from above. find(‘neighbors’) find(’neighbors’, $params) will perform a find similar to ‘first’, but will return the row before and after the one you request. Below is a simple (controller code) example: Article->find(’neighbors’, array(’field’ => ’id’, ’value’ =>3)); More on models 125 CakePHP Cookbook Documentation, Release 2.x } You can see in this example the two required elements of the $params array: field and value. Other elements are still allowed as with any other find (Ex: If your model acts as containable, then you can specify ‘contain’ in $params). The format returned from a find(’neighbors’) call is in the form: Array ( [prev] => Array ( [ModelName] => Array ( [id] => 2 [field1] => value1 [field2] => value2 ... ) [AssociatedModelName] => Array ( [id] => 151 [field1] => value1 [field2] => value2 ... ) ) [next] => Array ( [ModelName] => Array ( [id] => 4 [field1] => value1 [field2] => value2 ... ) [AssociatedModelName] => Array ( [id] => 122 [field1] => value1 [field2] => value2 ... ) ) ) Note: Note how the result always contains only two root elements: prev and next. This function does not honor a model’s default recursive var. The recursive setting must be passed in the parameters on each call. 126 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Creating custom find types The find method is flexible enough to accept your custom finders, this is done by declaring your own types in a model variable and by implementing a special function in your model class. A Model Find Type is a shortcut to find options. For example, the following two finds are equivalent $this->User->find(’first’); $this->User->find(’all’, array(’limit’ => 1)); The following are core find types: • first • all • count • list • threaded • neighbors But what about other types? Let’s say you want a finder for all published articles in your database. The first change you need to do is add your type to the Model::$findMethods variable in the model true); } Basically this is just telling CakePHP to accept the value available as the first argument of the find function. Next step is to implement the function _findAvailable. This is done by convention, if you wanted to implement a finder called myFancySearch then the method to implement would be named _findMyFancySearch. true); protected function _findAvailable($state, $query, $results= array()) { if ($state == ’before’){ $query[’conditions’][’Article.published’]= true; return $query; } return $results; } } This all comes together in the following example (controller code): Article->find(’available’, array( ’order’ => array(’created’ => ’desc’) )); } } The special _find[Type] methods receive 3 arguments as shown above. The first one means the state of the query execution, which could be either before or after. It is done this way because this function is just a sort of callback function that has the ability to modify the query before it is done, or to modify the results after they are fetched. Typically the first thing to check in our custom find function is the state of the query. The before state is the moment to modify the query, bind new associations, apply more behaviors, and interpret any special key that is passed in the second argument of find. This state requires you to return the $query argument (modified or not). The after state is the perfect place to inspect the results, inject new data, process it to return it in another format, or do whatever you like to the recently fetched data. This state requires you to return the $results array (modified or not). You can create as many custom finders as you like, and they are a great way of reusing code in your application across models. It is also possible to paginate via a custom find type as follows: paginate= array(’available’); $articles= $this->paginate(); $this->set(compact(’articles’)); } } Setting the $this->paginate property as above on the controller will result in the type of the find becoming available, and will also allow you to continue to modify the find results. If your pagination page count is becoming corrupt, it may be necessary to add the following code to your AppModel, which should fix pagination count: findMethods[$query[’type’]])) { $query= $this->{’_find’. ucfirst($query[’type’])}(’before’, $query); if (!empty($query[’fields’])&& is_array($query[’fields’])) { if (!preg_match(’/^count/i’, current($query[’fields’]))) { unset($query[’fields’]); } } } } return parent::_findCount($state, $query, $results); } } ?> Changed in version 2.2. You no longer need to override _findCount for fixing incorrect count results. The ’before’ state of your custom finder will now be called again with $query[’operation’] = ‘count’. The returned $query will be used in _findCount() If needed you can distinguish by checking for ’operation’ key and return a different $query: protected function _findAvailable($state, $query, $results = array()) { if ($state == ’before’) { $query[’conditions’][’Article.published’] = true; if (!empty($query[’operation’]) && $query[’operation’] == ’count’) { return $query; } $query[’joins’] = array( //array of required joins ); return $query; } return $results; } Magic Find Types These magic functions can be used as a shortcut to search your tables by a certain field. Just add the name of the field (in CamelCase format) to the end of these functions, and supply the criteria for that field as the first parameter. findAllBy() functions will return results in a format like find(’all’), while findBy() return in the same format as find(’first’) More on models 129 CakePHP Cookbook Documentation, Release 2.x findAllBy findAllBy(string $value, array $fields, array $order, int $limit, int $page, int $recursive) findAllBy Example Corresponding SQL Fragment $this->Product->findAllByOrderStatus(’3’); Product.order_status = 3 $this->Recipe->findAllByType(’Cookie’); Recipe.type = ’Cookie’ $this->User->findAllByLastName(’Anderson’);User.last_name = ’Anderson’ $this->Cake->findAllById(7); Cake.id = 7 $this->User->findAllByEmailOrUsername(’jhon’);User.email = ’jhon’ OR User.username = ’jhon’; $this->User->findAllByUsernameAndPassword(’jhon’, ’123’); User.username = ’jhon’ AND User.password = ’123’; $this->User->findAllByLastName(’psychic’, array(), array(’User.user_name => ’asc’)); User.last_name = ’psychic’ ORDER BY User.user_name ASC The returned result is an array formatted just as it would be from find(’all’). findBy findBy(string $value); The findBy magic functions also accept some optional parameters: findBy(string $value[, mixed $fields[, mixed $order]]); findBy Example Corresponding SQL Fragment $this->Product->findByOrderStatus(’3’);Product.order_status = 3 $this->Recipe->findByType(’Cookie’); Recipe.type = ’Cookie’ $this->User->findByLastName(’Anderson’);User.last_name = ’Anderson’; $this->User->findByEmailOrUsername(’jhon’);User.email = ’jhon’ OR User.username = ’jhon’; $this->User->findByUsernameAndPassword(’jhon’, ’123’); User.username = ’jhon’ AND User.password = ’123’; $this->Cake->findById(7); Cake.id = 7 findBy() functions return results like find(’first’) Model::query() query(string $query) SQL calls that you can’t or don’t want to make via other model methods (this should only rarely be neces- sary) can be made using the model’s query() method. If you’re ever using this method in your application, be sure to check out CakePHP’s Data Sanitization, which aids in cleaning up user-provided data from injection and cross-site scripting attacks. 130 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Note: query() does not honor $Model->cacheQueries as its functionality is inherently disjoint from that of the calling model. To avoid caching calls to query, supply a second argument of false, ie: query($query, $cachequeries = false) query() uses the table name in the query as the array key for the returned data, rather than the model name. For example: Picture->query("SELECT * FROM pictures LIMIT 2;"); might return: Array ( [0] => Array ( [pictures] => Array ( [id] => 1304 [user_id] => 759 ) ) [1] => Array ( [pictures] => Array ( [id] => 1305 [user_id] => 759 ) ) ) To use the model name as the array key, and get a result consistent with that returned by the Find methods, the query can be rewritten: Picture->query("SELECT * FROM pictures AS Picture LIMIT 2;"); which returns: Array ( [0] => Array ( [Picture] => Array ( [id] => 1304 [user_id] => 759 ) ) More on models 131 CakePHP Cookbook Documentation, Release 2.x [1] => Array ( [Picture] => Array ( [id] => 1305 [user_id] => 759 ) ) ) Note: This syntax and the corresponding array structure is valid for MySQL only. Cake does not provide any data abstraction when running queries manually, so exact results will vary between databases. Model::field() field(string $name, array $conditions = null, string $order = null) Returns the value of a single field, specified as $name, from the first record matched by $conditions as ordered by $order. If no conditions are passed and the model id is set, will return the field value for the current model result. If no matching record is found returns false. Post->id= 22; echo $this->Post->field(’name’); // echo the name for row id 22 echo $this->Post->field(’name’, array(’created <’ => date(’Y-m-d H:i:s’)), ’created DESC’); // echo the name of the last created instance Model::read() read($fields, $id) read() is a method used to set the current model data (Model::$data)–such as during edits–but it can also be used in other circumstances to retrieve a single record from the database. $fields is used to pass a single field name, as a string, or an array of field names; if left empty, all fields will be fetched. $id specifies the ID of the record to be read. By default, the currently selected record, as specified by Model::$id, is used. Passing a different value to $id will cause that record to be selected. read() always returns an array (even if only a single field name is requested). Use field to retrieve the value of a single field. Warning: As the read method overwrites any information stored in the data and id property of the model, you should be very careful when using this function in general, especially using it in the model callback functions such as beforeValidate and beforeSave. Generally the find function provides a more robust and easy to work with API than the read method. 132 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Complex Find Conditions Most of the model’s find calls involve passing sets of conditions in one way or another. In general CakePHP prefers using arrays for expressing any conditions that needs to be put after the WHERE clause in any SQL query. Using arrays is clearer and easier to read, and also makes it very easy to build queries. This syntax also breaks out the elements of your query (fields, values, operators, etc.) into discrete, manipulatable parts. This allows CakePHP to generate the most efficient query possible, ensure proper SQL syntax, and properly escape each individual part of the query. Using the array syntax also enables CakePHP to secure your queries against any SQL injection attack At its most basic, an array-based query looks like this: "This is a post","Post.author_id" =>1); // Example usage with a model: $this->Post->find(’first’, array(’conditions’ => $conditions)); The structure here is fairly self-explanatory: it will find any post where the title equals “This is a post”. Note that we could have used just “title” as the field name, but when building queries, it is good practice to always specify the model name, as it improves the clarity of the code, and helps prevent collisions in the future, should you choose to change your schema. What about other types of matches? These are equally simple. Let’s say we wanted to find all the posts where the title is not “This is a post”: "This is a post") Notice the ‘!=’ that follows the field name. CakePHP can parse out any valid SQL comparison operator, including match expressions using LIKE, BETWEEN, or REGEX, as long as you leave a space between field name and the operator. The one exception here is IN (...)-style matches. Let’s say you wanted to find posts where the title was in a given set of values: array("First post","Second post","Third post") ) To do a NOT IN(...) match to find posts where the title is not in the given set of values: array("Post.title" => array("First post","Second post","Third post")) ) Adding additional filters to the conditions is as simple as adding additional key/value pairs to the array: array("First post","Second post","Third post"), "Post.created >" => date(’Y-m-d’, strtotime("-2 weeks")) ) More on models 133 CakePHP Cookbook Documentation, Release 2.x You can also create finds that compare two fields in the database: array( "Post.title" => array("First post","Second post","Third post"), "Post.created >" => date(’Y-m-d’, strtotime("-2 weeks")) )) Cake accepts all valid SQL boolean operations, including AND, OR, NOT, XOR, etc., and they can be upper or lower case, whichever you prefer. These conditions are also infinitely nest-able. Let’s say you had a belongsTo relationship between Posts and Authors. Let’s say you wanted to find all the posts that contained a certain keyword (“magic”) or were created in the past two weeks, but you want to restrict your search to posts written by Bob: "Bob", "OR" => array( "Post.title LIKE" =>"%magic%", "Post.created >" => date(’Y-m-d’, strtotime("-2 weeks")) ) ) If you need to set multiple conditions on the same field, like when you want to do a LIKE search with multiple terms, you can do so by using conditions similar to: array( array(’Post.title LIKE’ => ’%one%’), array(’Post.title LIKE’ => ’%two%’) )) Cake can also check for null fields. In this example, the query will return records where the post title is not null: 134 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x array( "Post.title" => null ) ) To handle BETWEEN queries, you can use the following: array(1,10)) Note: CakePHP will quote the numeric values depending on the field type in your DB. How about GROUP BY?: array( ’Product.type’, ’MIN(Product.price) as price’ ), ’group’ => ’Product.type’ ) The data returned for this would be in the following format: Array ( [0] => Array ( [Product] => Array ( [type] => Clothing ) [0] => Array ( [price] => 32 ) ) [1] => Array ... A quick example of doing a DISTINCT query. You can use other operators, such as MIN(), MAX(), etc., in a similar fashion: array(’DISTINCT (User.name) AS my_column_name’), ’order’=> array(’User.id DESC’) ) You can create very complex conditions, by nesting multiple condition arrays: More on models 135 CakePHP Cookbook Documentation, Release 2.x array( array(’Company.name’ => ’Future Holdings’), array(’Company.city’ => ’CA’) ), ’AND’ => array( array( ’OR’ => array( array(’Company.status’ => ’active’), ’NOT’ => array( array(’Company.status’ => array(’inactive’, ’suspended’)) ) ) ) ) ) Which produces the following SQL: SELECT ‘Company‘.‘id‘, ‘Company‘.‘name‘, ‘Company‘.‘description‘, ‘Company‘.‘location‘, ‘Company‘.‘created‘, ‘Company‘.‘status‘, ‘Company‘.‘size‘ FROM ‘companies‘ AS ‘Company‘ WHERE ((‘Company‘.‘name‘ = ’Future Holdings’) OR (‘Company‘.‘name‘ = ’Steel Mega Works’)) AND ((‘Company‘.‘status‘ = ’active’) OR (NOT (‘Company‘.‘status‘ IN (’inactive’, ’suspended’)))) Sub-queries For this example, imagine we have a “users” table with “id”, “name” and “status”. The status can be “A”, “B” or “C”. And we want to get all the users that have status other than “B” using sub-query. In order to achieve that we are going to get the model data source and ask it to build the query as if we were calling a find method, but it will just return the SQL statement. After that we make an expression and add it to the conditions array: User->getDataSource(); $subQuery= $db->buildStatement( array( ’fields’ => array(’"User2"."id"’), ’table’ => $db->fullTableName($this->User), ’alias’ => ’User2’, 136 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ’limit’ => null, ’offset’ => null, ’joins’ => array(), ’conditions’ => $conditionsSubQuery, ’order’ => null, ’group’ => null ), $this->User ); $subQuery= ’ "User"."id" NOT IN (’. $subQuery.’)’; $subQueryExpression= $db->expression($subQuery); $conditions[]= $subQueryExpression; $this->User->find(’all’, compact(’conditions’)); This should generate the following SQL: SELECT "User"."id" AS "User__id", "User"."name" AS "User__name", "User"."status" AS "User__status" FROM "users" AS "User" WHERE "User"."id" NOT IN ( SELECT "User2"."id" FROM "users" AS "User2" WHERE "User2"."status" = ’B’ ) Also, if you need to pass just part of your query as raw SQL as the above, datasource expressions with raw SQL work for any part of the find query. Prepared Statements Should you need even more control over your queries, you can make use of prepared statements. This allows you to talk directly to the database driver and send any custom query you like: getDataSource(); $db->fetchAll( ’SELECT * from users where username = ? AND password = ?’, array(’jhon’, ’12345’) ); $db->fetchAll( ’SELECT * from users where username = :username AND password = :password’, array(’username’ => ’jhon’,’password’ => ’12345’) ); More on models 137 CakePHP Cookbook Documentation, Release 2.x Saving Your Data CakePHP makes saving model data a snap. Data ready to be saved should be passed to the model’s save() method using the following basic format: Array ( [ModelName] => Array ( [fieldname1] => ’value’ [fieldname2] => ’value’ ) ) Most of the time you won’t even need to worry about this format: CakePHP’s FormHelper, and model find methods all package data in this format. If you’re using either of the helpers, the data is also conveniently available in $this->request->data for quick usage. Here’s a quick example of a controller action that uses a CakePHP model to save data to a database table: request->is(’post’)) { // If the form data can be validated and saved... if ($this->Recipe->save($this->request->data)) { // Set a session flash message and redirect. $this->Session->setFlash(’Recipe Saved!’); $this->redirect(’/recipes’); } } // If no form data, find the recipe to be edited // and hand it to the view. $this->set(’recipe’, $this->Recipe->findById($id)); } When save is called, the data passed to it in the first parameter is validated using CakePHP validation mechanism (see Data Validation chapter for more information). If for some reason your data isn’t saving, be sure to check to see if some validation rules are being broken. You can debug this situation by outputting Model::$validationErrors: Recipe->save($this->request->data)) { // handle the success. } debug($this->Recipe->validationErrors); There are a few other save-related methods in the model that you’ll find useful: 138 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Model::set($one, $two = null) Model::set() can be used to set one or many fields of data to the data array inside a model. This is useful when using models with the ActiveRecord features offered by Model: Post->read(null,1); $this->Post->set(’title’, ’New title for the article’); $this->Post->save(); Is an example of how you can use set() to update and save single fields, in an ActiveRecord approach. You can also use set() to assign new values to multiple fields: Post->read(null,1); $this->Post->set(array( ’title’ => ’New title’, ’published’ => false )); $this->Post->save(); The above would update the title and published fields and save them to the database. Model::save(array $data = null, boolean $validate = true, array $fieldList = array()) Featured above, this method saves array-formatted data. The second parameter allows you to sidestep val- idation, and the third allows you to supply a list of model fields to be saved. For added security, you can limit the saved fields to those listed in $fieldList. Note: If $fieldList is not supplied, a malicious user can add additional fields to the form data (if you are not using SecurityComponent), and by this change fields that were not originally intended to be changed. The save method also has an alternate syntax: false to your $data array Once a save has been completed, the ID for the object can be found in the $id attribute of the model object - something especially handy when creating new objects. Ingredient->save($newData); $newIngredientId= $this->Ingredient->id; Creating or updating is controlled by the model’s id field. If $Model->id is set, the record with this primary key is updated. Otherwise a new record is created: Recipe->create(); $this->Recipe->save($this->request->data); // Update: id is set to a numerical value $this->Recipe->id=2; $this->Recipe->save($this->request->data); Tip: When calling save in a loop, don’t forget to call create(). If you want to update a value, rather than create a new one, make sure your are passing the primary key field into the data array: 10, ’title’ => ’My new title’); // This will update Recipe with id 10 $this->Recipe->save($data); Model::create(array $data = array()) This method resets the model state for saving new information. It does not actually create a record in the database but clears Model::$id if previously set and sets the default values in Model::$data based on your database field defaults. If the $data parameter (using the array format outlined above) is passed, the model instance will be ready to save with that data (accessible at $this->data). If false is passed instead of an array, the model instance will not initialize fields from the model schema that are not already set, it will only reset fields that have already been set, and leave the rest unset. Use this to avoid updating fields in the database that were already set. Tip: If you want to insert a new row instead of updating an existing one you should always call create() first. This avoids conflicts with possible prior save calls in callbacks or other places. 140 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Model::saveField(string $fieldName, string $fieldValue, $validate = false) Used to save a single field value. Set the ID of the model ($this->ModelName->id = $id) just before calling saveField(). When using this method, $fieldName should only contain the name of the field, not the name of the model and field. For example, to update the title of a blog post, the call to saveField from a controller might look some- thing like this: Post->saveField(’title’, ’A New Title for a New Day’); Warning: You can’t stop the updated field being updated with this method, you need to use the save() method. Model::updateAll(array $fields, array $conditions) Updates one or more records in a single call. Records to be updated are identified by the $conditions array, and fields to be updated, along with their values, are identified by the $fields array. For example, to approve all bakers who have been members for over a year, the update call might look something like: Baker->updateAll( array(’Baker.approved’ => true), array(’Baker.created <=’ => $this_year) ); Tip: The $fields array accepts SQL expressions. Literal values should be quoted manually using Sanitize::escape(). Note: Even if the modified field exists for the model being updated, it is not going to be updated automati- cally by the ORM. Just add it manually to the array if you need it to be updated. For example, to close all tickets that belong to a certain customer: Ticket->updateAll( array(’Ticket.status’ =>"’closed’"), array(’Ticket.customer_id’ => 453) ); By default, updateAll() will automatically join any belongsTo association for databases that support joins. To prevent this, temporarily unbind the associations. More on models 141 CakePHP Cookbook Documentation, Release 2.x Model::saveMany(array $data = null, array $options = array()) Method used to save multiple rows of the same model at once. The following options may be used: • validate: Set to false to disable validation, true to validate each record before saving, ‘first’ to validate all records before any are saved (default), • atomic: If true (default), will attempt to save all records in a single transaction. Should be set to false if database/table does not support transactions. • fieldList: Equivalent to the $fieldList parameter in Model::save() • deep: (since 2.1) If set to true, also associated data is saved, see also saveAssociated For saving multiple records of single model, $data needs to be a numerically indexed array of records like this: ’title 1’), array(’title’ => ’title 2’), ); Note: Note that we are passing numerical indices instead of usual $data containing the Article key. When saving multiple records of same model the records arrays should be just numerically indexed without the model key. It is also acceptable to have the data in the following format: array(’title’ => ’title 1’)), array(’Article’ => array(’title’ => ’title 2’)), ); To save also associated data with $options[’deep’] = true (since 2.1), the two above examples would look like: ’title 1’, ’Assoc’ => array(’field’ => ’value’)), array(’title’ => ’title 2’), ); $data= array( array(’Article’ => array(’title’ => ’title 1’), ’Assoc’ => array(’field’ => ’value’)), array(’Article’ => array(’title’ => ’title 2’)), ); $Model->saveMany($data, array(’deep’ => true)); Keep in mind that if you want to update a record instead of creating a new one you just need to add the primary key index to the data row: 142 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x array(’title’ => ’New article’)), // This creates a new row array(’Article’ => array(’id’ =>2, ’title’ => ’title 2’)), // This updates an existing row ); Model::saveAssociated(array $data = null, array $options = array()) Method used to save multiple model associations at once. The following options may be used: • validate: Set to false to disable validation, true to validate each record before saving, ‘first’ to validate all records before any are saved (default), • atomic: If true (default), will attempt to save all records in a single transaction. Should be set to false if database/table does not support transactions. • fieldList: Equivalent to the $fieldList parameter in Model::save() • deep: (since 2.1) If set to true, not only directly associated data is saved, but deeper nested associated data as well. Defaults to false. For saving a record along with its related record having a hasOne or belongsTo association, the data array should be like this: array(’username’ => ’billy’), ’Profile’ => array(’sex’ => ’Male’, ’occupation’ => ’Programmer’), ); For saving a record along with its related records having hasMany association, the data array should be like this: array(’title’ => ’My first article’), ’Comment’ => array( array(’body’ => ’Comment 1’, ’user_id’ =>1), array(’body’ => ’Comment 2’, ’user_id’ => 12), array(’body’ => ’Comment 3’, ’user_id’ => 40), ), ); And for saving a record along with its related records having hasMany with more than two levels deep associations, the data array should be as follow: array(’email’ => ’john-doe@cakephp.org’), ’Cart’ => array( array( ’payment_status_id’ =>2, ’total_cost’ => 250, More on models 143 CakePHP Cookbook Documentation, Release 2.x ’CartItem’ => array( array( ’cart_product_id’ =>3, ’quantity’ =>1, ’cost’ => 100, ), array( ’cart_product_id’ =>5, ’quantity’ =>1, ’cost’ => 150, ) ) ) ) ); Note: If successful, the foreign key of the main model will be stored in the related models’ id field, i.e. $this->RelatedModel->id. Warning: Be careful when checking saveAssociated calls with atomic option set to false. It returns an array instead of boolean. Changed in version 2.1: You can now save deeper associated data as well with setting $options[’deep’] = true; For saving a record along with its related records having hasMany as- sociation and deeper associated Comment belongsTo User data as well, the data array should be like this: array(’title’ => ’My first article’), ’Comment’ => array( array(’body’ => ’Comment 1’, ’user_id’ =>1), array(’body’ => ’Save a new user as well’, ’User’ => array(’first’ => ’mad’, ’last’ => ’coder’)), ), ); And save this data with: saveAssociated($data, array(’deep’ => true)); Changed in version 2.1: Model::saveAll() and friends now support passing the fieldList for multiple models. Example of using fieldList with multiple models: SomeModel->saveAll($data, array( ’fieldList’ => array( ’SomeModel’ => array(’field_1’), ’AssociatedModel’ => array(’field_2’, ’field_3’) ) )); 144 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x The fieldList will be an array of model aliases as keys and arrays with fields as values. The model names are not nested like in the data to be saved. Model::saveAll(array $data = null, array $options = array()) The saveAll function is just a wrapper around the saveMany and saveAssociated methods. it will inspect the data and determine what type of save it should perform. If data is formatted in a numerical indexed array, saveMany will be called, otherwise saveAssociated is used. This function receives the same options as the former two, and is generally a backwards compatible function. It is recommended using either saveMany or saveAssociated depending on the case. Saving Related Model Data (hasOne, hasMany, belongsTo) When working with associated models, it is important to realize that saving model data should always be done by the corresponding CakePHP model. If you are saving a new Post and its associated Comments, then you would use both Post and Comment models during the save operation. If neither of the associated model records exists in the system yet (for example, you want to save a new User and their related Profile records at the same time), you’ll need to first save the primary, or parent model. To get an idea of how this works, let’s imagine that we have an action in our UsersController that handles the saving of a new User and a related Profile. The example action shown below will assume that you’ve POSTed enough data (using the FormHelper) to create a single User and a single Profile: request->data)) { // We can save the User data: // it should be in $this->request->data[’User’] $user= $this->User->save($this->request->data); // If the user was saved, Now we add this information to the data // and save the Profile. if (!empty($user)) { // The ID of the newly created user has been set // as $this->User->id. $this->request->data[’Profile’][’user_id’]= $this->User->id; // Because our User hasOne Profile, we can access // the Profile model through the User model: $this->User->Profile->save($this->request->data); } } } As a rule, when working with hasOne, hasMany, and belongsTo associations, it’s all about keying. The basic idea is to get the key from one model and place it in the foreign key field on the other. Sometimes More on models 145 CakePHP Cookbook Documentation, Release 2.x this might involve using the $id attribute of the model class after a save(), but other times it might just involve gathering the ID from a hidden input on a form that’s just been POSTed to a controller action. To supplement the basic approach used above, CakePHP also offers a very handy method saveAssociated(), which allows you to validate and save multiple models in one shot. In addition, saveAssociated() provides transactional support to ensure data integrity in your database (i.e. if one model fails to save, the other models will not be saved either). Note: For transactions to work correctly in MySQL your tables must use InnoDB engine. Remember that MyISAM tables do not support transactions. Let’s see how we can use saveAssociated() to save Company and Account models at the same time. First, you need to build your form for both Company and Account models (we’ll assume that Company hasMany Account): create(’Company’, array(’action’ => ’add’)); echo $form->input(’Company.name’, array(’label’ => ’Company name’)); echo $form->input(’Company.description’); echo $form->input(’Company.location’); echo $form->input(’Account.0.name’, array(’label’ => ’Account name’)); echo $form->input(’Account.0.username’); echo $form->input(’Account.0.email’); echo $form->end(’Add’); Take a look at the way we named the form fields for the Account model. If Company is our main model, saveAssociated() will expect the related model’s (Account) data to arrive in a specific format. And having Account.0.fieldName is exactly what we need. Note: The above field naming is required for a hasMany association. If the association between the models is hasOne, you have to use ModelName.fieldName notation for the associated model. Now, in our CompaniesController we can create an add() action: request->data)) { // Use the following to avoid validation errors: unset($this->Company->Account->validate[’company_id’]); $this->Company->saveAssociated($this->request->data); } } That’s all there is to it. Now our Company and Account models will be validated and saved all at the same time. By default saveAssociated will validate all values passed and then try to perform a save for each. 146 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Saving hasMany through data Let’s see how data stored in a join table for two models is saved. As shown in the hasMany through (The Join Model) section, the join table is associated to each model using a hasMany type of relationship. Our example involves the Head of Cake School asking us to write an application that allows him to log a student’s attendance on a course with days attended and grade. Take a look at the following code.: set(’courseMembershipsList’, $this->CourseMembership->find(’all’)); } public function add() { if ($this->request->is(’post’)) { if ($this->CourseMembership->saveAssociated($this->request->data)) { $this->redirect(array(’action’ => ’index’)); } } } } // View/CourseMemberships/add.ctp Form->create(’CourseMembership’); ?> Form->input(’Student.first_name’); ?> Form->input(’Student.last_name’); ?> Form->input(’Course.name’); ?> Form->input(’CourseMembership.days_attended’); ?> Form->input(’CourseMembership.grade’); ?> Form->end(); ?> The data array will look like this when submitted.: Array ( [Student] => Array ( [first_name] => Joe [last_name] => Bloggs ) [Course] => Array ( [name] => Cake ) [CourseMembership] => Array ( [days_attended] => 5 More on models 147 CakePHP Cookbook Documentation, Release 2.x [grade] => A ) ) Cake will happily be able to save the lot together and assign the foreign keys of the Student and Course into CourseMembership with a saveAssociated call with this data structure. If we run the index action of our CourseMembershipsController the data structure received now from a find(‘all’) is: Array ( [0] => Array ( [CourseMembership] => Array ( [id] => 1 [student_id] => 1 [course_id] => 1 [days_attended] => 5 [grade] => A ) [Student] => Array ( [id] => 1 [first_name] => Joe [last_name] => Bloggs ) [Course] => Array ( [id] => 1 [name] => Cake ) ) ) There are of course many ways to work with a join model. The version above assumes you want to save everything at-once. There will be cases where you want to create the Student and Course independently and at a later point associate the two together with a CourseMembership. So you might have a form that allows selection of existing students and courses from pick lists or ID entry and then the two meta-fields for the CourseMembership, e.g.: // View/CourseMemberships/add.ctp create(’CourseMembership’); ?> Form->input(’Student.id’, array(’type’ => ’text’, ’label’ => ’Student ID’, ’default’ =>1)); ?> Form->input(’Course.id’, array(’type’ => ’text’, ’label’ => ’Course ID’, ’default’ =>1)); ?> Form->input(’CourseMembership.days_attended’); ?> Form->input(’CourseMembership.grade’); ?> Form->end(); ?> 148 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x And the resultant POST: Array ( [Student] => Array ( [id] => 1 ) [Course] => Array ( [id] => 1 ) [CourseMembership] => Array ( [days_attended] => 10 [grade] => 5 ) ) Again Cake is good to us and pulls the Student id and Course id into the CourseMembership with the saveAssociated. Saving Related Model Data (HABTM) Saving models that are associated by hasOne, belongsTo, and hasMany is pretty simple: you just populate the foreign key field with the ID of the associated model. Once that’s done, you just call the save() method on the model, and everything gets linked up correctly. An example of the required format for the data array passed to save() for the Tag model is shown below: Array ( [Recipe] => Array ( [id] => 42 ) [Tag] => Array ( [name] => Italian ) ) You can also use this format to save several records and their HABTM associations with saveAll(), using an array like the following: Array ( [0] => Array ( [Recipe] => Array ( [id] => 42 More on models 149 CakePHP Cookbook Documentation, Release 2.x ) [Tag] => Array ( [name] => Italian ) ) [1] => Array ( [Recipe] => Array ( [id] => 42 ) [Tag] => Array ( [name] => Pasta ) ) [2] => Array ( [Recipe] => Array ( [id] => 51 ) [Tag] => Array ( [name] => Mexican ) ) [3] => Array ( [Recipe] => Array ( [id] => 17 ) [Tag] => Array ( [name] => American (new) ) ) ) Passing the above array to saveAll() will create the contained tags, each associated with their respective recipes. As an example, we’ll build a form that creates a new tag and generates the proper data array to associate it on the fly with some recipe. The simplest form might look something like this (we’ll assume that $recipe_id is already set to some- thing): Form->create(’Tag’); ?> Form->input( ’Recipe.id’, array(’type’ => ’hidden’, ’value’ => $recipe_id) 150 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ); ?> Form->input(’Tag.name’); ?> Form->end(’Add Tag’); ?> In this example, you can see the Recipe.id hidden field whose value is set to the ID of the recipe we want to link the tag to. When the save() method is invoked within the controller, it’ll automatically save the HABTM data to the database: Tag->save($this->request->data)) { // do something on success } } With the preceding code, our new Tag is created and associated with a Recipe, whose ID was set in $this->request->data[’Recipe’][’id’]. Other ways we might want to present our associated data can include a select drop down list. The data can be pulled from the model using the find(’list’) method and assigned to a view variable of the model name. An input with the same name will automatically pull in this data into a set to allow multiple selections. For example, a Recipe can have multiple Tags assigned to it. In this case, the data is pulled out of the model the same way, but the form input is declared slightly different. The tag name is defined using the ModelName convention: set(’tags’, $this->Recipe->Tag->find(’list’)); // in the view: $this->Form->input(’Tag’); Using the preceding code, a multiple select drop down is created, allowing for multiple choices to automat- ically be saved to the existing Recipe being added or saved to the database. What to do when HABTM becomes complicated? By default when saving a HasAndBelongsToMany relationship, Cake will delete all rows on the join table before saving new ones. For example if you have a Club that has 10 Children associated. You then update the Club with 2 children. The Club will only have 2 Children, not 12. More on models 151 CakePHP Cookbook Documentation, Release 2.x Also note that if you want to add more fields to the join (when it was created or meta information) this is possible with HABTM join tables, but it is important to understand that you have an easy option. HasAndBelongsToMany between two models is in reality shorthand for three models associated through both a hasMany and a belongsTo association. Consider this example: Child hasAndBelongsToMany Club Another way to look at this is adding a Membership model: Child hasMany Membership Membership belongsTo Child, Club Club hasMany Membership. These two examples are almost the exact same. They use the same amount of named fields in the database and the same amount of models. The important differences are that the “join” model is named differently and its behavior is more predictable. Tip: When your join table contains extra fields besides two foreign keys, you can prevent losing the extra field values by setting ’unique’ array key to ’keepExisting’. You could think of this similar to ‘unique’ => true, but without losing data from the extra fields during save operation. See: HABTM association arrays. However, in most cases it’s easier to make a model for the join table and setup hasMany, belongsTo associ- ations as shown in example above instead of using HABTM association. Datatables While CakePHP can have datasources that aren’t database driven, most of the time, they are. CakePHP is designed to be agnostic and will work with MySQL, MSSQL, Oracle, PostgreSQL and others. You can cre- ate your database tables as you normally would. When you create your Model classes, they’ll automatically map to the tables that you’ve created. Table names are by convention lowercase and pluralized with multi- word table names separated by underscores. For example, a Model name of Ingredient expects the table name ingredients. A Model name of EventRegistration would expect a table name of event_registrations. CakePHP will inspect your tables to determine the data type of each field and uses this information to auto- mate various features such as outputting form fields in the view. Field names are by convention lowercase and separated by underscores. Using created and modified By defining a created or modified field in your database table as datetime fields, CakePHP will recognize those fields and populate them automatically whenever a record is created or saved to the database (unless the data being saved already contains a value for these fields). The created and modified fields will be set to the current date and time when the record is initially added. The modified field will be updated with the current date and time whenever the existing record is saved. 152 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x If you have updated, created or modified data in your $this->data (e.g. from a Model::read or Model::set) before a Model::save() then the values will be taken from $this->data and not automagically updated. Ei- ther use unset($this->data[’Model’][’modified’]), etc. Alternatively you can override the Model::save() to always do it for you: set($data); if (isset($this->data[$this->alias][’modified’])) { unset($this->data[$this->alias][’modified’]); } return parent::save($this->data, $validate, $fieldList); } } Deleting Data CakePHP’s Model class offers a few ways to delete records from your database. delete delete(int $id = null, boolean $cascade = true); Deletes the record identified by $id. By default, also deletes records dependent on the record specified to be deleted. For example, when deleting a User record that is tied to many Recipe records (User ‘hasMany’ or ‘hasAnd- BelongsToMany’ Recipes): • if $cascade is set to true, the related Recipe records are also deleted if the model’s dependent-value is set to true. • if $cascade is set to false, the Recipe records will remain after the User has been deleted. If your database supports foreign keys and cascading deletes, it’s often more efficient to rely on that feature than CakePHP’s cascading. The one benefit to using the cascade feature of Model::delete() is that it allows you to leverage behaviors and model callbacks: Comment->delete($this->request->data(’Comment.id’)); You can hook custom logic into the delete process using the beforeDelete and afterDelete call- backs present in both Models and Behaviors. See Callback Methods for more information. deleteAll deleteAll(mixed $conditions, $cascade = true, $callbacks = false) More on models 153 CakePHP Cookbook Documentation, Release 2.x deleteAll() is similar to delete(), except that deleteAll() will delete all records that match the supplied conditions. The $conditions array should be supplied as a SQL fragment or array. • conditions Conditions to match • cascade Boolean, Set to true to delete records that depend on this record • callbacks Boolean, Run callbacks Return boolean True on success, false on failure. Example: Comment->deleteAll(array(’Comment.spam’ => true), false); If you delete with either callbacks and/or cascade, rows will be found and then deleted. This will often result in more queries being issued. Note: deleteAll() will return true even if no records are deleted, as the conditions for the delete query were successful and no matching records remain. Data Validation Data validation is an important part of any application, as it helps to make sure that the data in a Model conforms to the business rules of the application. For example, you might want to make sure that passwords are at least eight characters long, or ensure that usernames are unique. Defining validation rules makes form handling much, much easier. There are many different aspects to the validation process. What we’ll cover in this section is the model side of things. Essentially: what happens when you call the save() method of your model. For more information about how to handle the displaying of validation errors, check out FormHelper. The first step to data validation is creating the validation rules in the Model. To do that, use the Model::validate array in the Model definition, for example: ’alphaNumeric’, ’email’ => ’email’, ’born’ => ’date’ 154 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ); } This last example shows how validation rules can be added to model fields. For the login field, only letters and numbers will be accepted, the email should be valid, and born should be a valid date. Defining validation rules enables CakePHP’s automagic showing of error messages in forms if the data submitted does not follow the defined rules. CakePHP has many validation rules and using them can be quite easy. Some of the built-in rules allow you to verify the formatting of emails, URLs, and credit card numbers – but we’ll cover these in detail later on. Here is a more complex validation example that takes advantage of some of these built-in validation rules: array( ’alphaNumeric’ => array( ’rule’ => ’alphaNumeric’, ’required’ => true, ’message’ => ’Alphabets and numbers only’ ), ’between’ => array( ’rule’ => array(’between’,5, 15), ’message’ => ’Between 5 to 15 characters’ ) ), ’password’ => array( ’rule’ => array(’minLength’, ’8’), ’message’ => ’Minimum 8 characters long’ ), ’email’ => ’email’, ’born’ => array( ’rule’ => ’date’, ’message’ => ’Enter a valid date’, ’allowEmpty’ => true ) ); } Two validation rules are defined for login: it should contain letters and numbers only, and its length should be between 5 and 15. The password field should be a minimum of 8 characters long. The email should be a valid email address, and born should be a valid date. Also, notice how you can define specific error messages that CakePHP will use when these validation rules fail. As the example above shows, a single field can have multiple validation rules. And if the built-in rules do not match your criteria, you can always add your own validation rules as required. Now that you’ve seen the big picture on how validation works, let’s look at how these rules are defined in the model. There are three different ways that you can define validation rules: simple arrays, single rule per field, and multiple rules per field. More on models 155 CakePHP Cookbook Documentation, Release 2.x Simple Rules As the name suggests, this is the simplest way to define a validation rule. The general syntax for defining rules this way is: ’ruleName’); Where, ‘fieldName’ is the name of the field the rule is defined for, and ‘ruleName’ is a pre-defined rule name, such as ‘alphaNumeric’, ‘email’ or ‘isUnique’. For example, to ensure that the user is giving a well formatted email address, you could use this rule: ’email’); One Rule Per Field This definition technique allows for better control of how the validation rules work. But before we discuss that, let’s see the general usage pattern adding a rule for a single field: array( ’rule’ => ’ruleName’,// or: array(’ruleName’, ’param1’, ’param2’ ...) ’required’ => true, ’allowEmpty’ => false, ’on’ => ’create’,// or: ’update’ ’message’ => ’Your Error Message’ ) ); The ‘rule’ key is required. If you only set ‘required’ => true, the form validation will not function correctly. This is because ‘required’ is not actually a rule. As you can see here, each field (only one field shown above) is associated with an array that contains five keys: ‘rule’, ‘required’, ‘allowEmpty’, ‘on’ and ‘message’. Let’s have a closer look at these keys. rule The ‘rule’ key defines the validation method and takes either a single value or an array. The specified ‘rule’ may be the name of a method in your model, a method of the core Validation class, or a regular expression. For more information on the rules available by default, see Core Validation Rules. If the rule does not require any parameters, ‘rule’ can be a single value e.g.: array( ’rule’ => ’alphaNumeric’ 156 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ) ); If the rule requires some parameters (like the max, min or range), ‘rule’ should be an array: array( ’rule’ => array(’minLength’,8) ) ); Remember, the ‘rule’ key is required for array-based rule definitions. required This key accepts either a boolean, or create or update. Setting this key to true will make the field always required. While setting it to create or update will make the field required only for update or create operations. If ‘required’ is evaluated to true, the field must be present in the data array. For example, if the validation rule has been defined as follows: array( ’rule’ => ’alphaNumeric’, ’required’ => true ) ); The data sent to the model’s save() method must contain data for the login field. If it doesn’t, validation will fail. The default value for this key is boolean false. required => true does not mean the same as the validation rule notEmpty(). required => true indicates that the array key must be present - it does not mean it must have a value. Therefore validation will fail if the field is not present in the dataset, but may (depending on the rule) succeed if the value submitted is empty (‘’). Changed in version 2.1: Support for create and update were added. allowEmpty If set to false, the field value must be nonempty, where “nonempty” is defined as !empty($value) || is_numeric($value). The numeric check is so that CakePHP does the right thing when $value is zero. The difference between required and allowEmpty can be confusing. ’required’ => true means that you cannot save the model without the key for this field being present in $this->data (the check is performed with isset); whereas, ’allowEmpty’ => false makes sure that the current field value is nonempty, as described above. More on models 157 CakePHP Cookbook Documentation, Release 2.x on The ‘on’ key can be set to either one of the following values: ‘update’ or ‘create’. This provides a mechanism that allows a certain rule to be applied either during the creation of a new record, or during update of a record. If a rule has defined ‘on’ => ‘create’, the rule will only be enforced during the creation of a new record. Likewise, if it is defined as ‘on’ => ‘update’, it will only be enforced during the updating of a record. The default value for ‘on’ is null. When ‘on’ is null, the rule will be enforced during both creation and update. message The message key allows you to define a custom validation error message for the rule: array( ’rule’ => array(’minLength’,8), ’message’ => ’Password must be at least 8 characters long’ ) ); Multiple Rules per Field The technique outlined above gives us much more flexibility than simple rules assignment, but there’s an extra step we can take in order to gain more fine-grained control of data validation. The next technique we’ll outline allows us to assign multiple validation rules per model field. If you would like to assign multiple validation rules to a single field, this is basically how it should look: array( ’ruleName’ => array( ’rule’ => ’ruleName’, // extra keys like on, required, etc. go here... ), ’ruleName2’ => array( ’rule’ => ’ruleName2’, // extra keys like on, required, etc. go here... ) ) ); As you can see, this is quite similar to what we did in the previous section. There, for each field we had only one array of validation parameters. In this case, each ‘fieldName’ consists of an array of rule indices. Each ‘ruleName’ contains a separate array of validation parameters. This is better explained with a practical example: 158 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x array( ’loginRule-1’ => array( ’rule’ => ’alphaNumeric’, ’message’ => ’Only alphabets and numbers allowed’, ), ’loginRule-2’ => array( ’rule’ => array(’minLength’,8), ’message’ => ’Minimum length of 8 characters’ ) ) ); The above example defines two rules for the login field: loginRule-1 and loginRule-2. As you can see, each rule is identified with an arbitrary name. When using multiple rules per field the ‘required’ and ‘allowEmpty’ keys need to be used only once in the first rule. last In case of multiple rules per field by default if a particular rule fails error message for that rule is returned and the following rules for that field are not processed. If you want validation to continue in spite of a rule failing set key last to false for that rule. In the following example even if “rule1” fails “rule2” will be processed and error messages for both failing rules will be returned if “rule2” also fails: array( ’rule1’ => array( ’rule’ => ’alphaNumeric’, ’message’ => ’Only alphabets and numbers allowed’, ’last’ => false ), ’rule2’ => array( ’rule’ => array(’minLength’,8), ’message’ => ’Minimum length of 8 characters’ ) ) ); When specifying validation rules in this array form its possible to avoid providing the message key. Con- sider this example: array( ’Only alphabets and numbers allowed’ => array( ’rule’ => ’alphaNumeric’, More on models 159 CakePHP Cookbook Documentation, Release 2.x ), ) ); If the alphaNumeric rules fails the array key for this rule ‘Only alphabets and numbers allowed’ will be returned as error message since the message key is not set. Custom Validation Rules If you haven’t found what you need thus far, you can always create your own validation rules. There are two ways you can do this: by defining custom regular expressions, or by creating custom validation methods. Custom Regular Expression Validation If the validation technique you need to use can be completed by using regular expression matching, you can define a custom expression as a field validation rule: array( ’rule’ => ’/^[a-z0-9]{3,}$/i’, ’message’ => ’Only letters and integers, min 3 characters’ ) ); The example above checks if the login contains only letters and integers, with a minimum of three characters. The regular expression in the rule must be delimited by slashes. The optional trailing ‘i’ after the last slash means the reg-exp is case insensitive. Adding your own Validation Methods Sometimes checking data with regular expression patterns is not enough. For example, if you want to ensure that a promotional code can only be used 25 times, you need to add your own validation function, as shown below: array( ’rule’ => array(’limitDuplicates’, 25), ’message’ => ’This code has been used too many times.’ ) ); public function limitDuplicates($check, $limit){ // $check will have value: array(’promotion_code’ => ’some-value’) // $limit will have value: 25 160 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x $existing_promo_count= $this->find(’count’, array( ’conditions’ => $check, ’recursive’ =>-1 )); return $existing_promo_count< $limit; } } The current field to be validated is passed into the function as first parameter as an associated array with field name as key and posted data as value. If you want to pass extra parameters to your validation function, add elements onto the ‘rule’ array, and handle them as extra params (after the main $check param) in your function. Your validation function can be in the model (as in the example above), or in a behavior that the model implements. This includes mapped methods. Model/behavior methods are checked first, before looking for a method on the Validation class. This means that you can override existing validation methods (such as alphaNumeric()) at an application level (by adding the method to AppModel), or at model level. When writing a validation rule which can be used by multiple fields, take care to extract the field value from the $check array. The $check array is passed with the form field name as its key and the field value as its value. The full record being validated is stored in $this->data member variable: array( ’rule’ => ’alphaNumericDashUnderscore’, ’message’ => ’Slug can only be letters, numbers, dash and underscore’ ) ); public function alphaNumericDashUnderscore($check){ // $data array is passed using the form field name as the key // have to extract the value to make the function generic $value= array_values($check); $value= $value[0]; return preg_match(’|^[0-9a-zA-Z_-]*$|’, $value); } } Note: Your own validation methods must have public visibility. Validation methods that are protected and private are not supported. The method should return true if the value is valid. If the validation failed, return false. The other valid return value are strings which will be shown as the error message. Returning a string means the validation failed. The string will overwrite the message set in the $validate array and be shown in the view’s form as the reason why the field was not valid. More on models 161 CakePHP Cookbook Documentation, Release 2.x Dynamically change validation rules Using $validate property to declare validation rules is a good ways of defining statically rules for each model. Nevertheless there are cases when you want to dynamically add, change or remove validation rules from the predefined set. All validation rules are stored in a ModelValidator object, which holds every rule set for each field in your model. Defining new validation rules is as easy as telling this object to store new validation methods for the fields you want to. Adding new validation rules New in version 2.2. The ModelValidator objects allows several ways for adding new fields to the set. The first one is using the add method: validator()->add(’password’, ’required’, array( ’rule’ => ’notEmpty’, ’required’ => ’create’ )); This will add a single rule to the password field in the model. You can chain multiple calls to add to create as many rules as you like: validator() ->add(’password’, ’required’, array( ’rule’ => ’notEmpty’, ’required’ => ’create’ )) ->add(’password’, ’size’, array( ’rule’ => array(’between’,8, 20), ’message’ => ’Password should be at least 8 chars long’ )); It is also possible to add multiple rules at once for a single field: validator()->add(’password’, array( ’required’ => array( ’rule’ => ’notEmpty’, ’required’ => ’create’ ), ’size’ => array( ’rule’ => array(’between’,8, 20), ’message’ => ’Password should be at least 8 chars long’ ) )); Alternatively, you can use the validator object to set rules directly to fields using the array interface: 162 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x validator(); $validator[’username’]= array( ’unique’ => array( ’rule’ => ’isUnique’, ’required’ => ’create’ ), ’alphanumeric’ => array( ’rule’ => ’alphanumeric’ ) ); Modifying current validation rules New in version 2.2. Modifying current validation rules is also possible using the validator object, there are several ways in which you can alter current rules, append methods to a field or completely remove a rule from a field rule set: validator()->getField(’password’)->setRule(’required’, array( ’rule’ => ’required’, ’required’ => true )); You can also completely replace all the rules for a field using a similar method: validator()->getField(’password’)->setRules(array( ’required’ => array(...), ’otherRule’ => array(...) )); If you wish to just modify a single property in a rule you can set properties directly into the CakeValidationRule object: validator()->getField(’password’) ->getRule(’required’)->message= ’This field cannot be left blank’; Properties in any CakeValidationRule are named as the valid array keys you can use for defining such rules using the $validate property in the model. As with adding new rule to the set, it is also possible to modify existing rules using the array interface: validator(); $validator[’username’][’unique’]= array( ’rule’ => ’isUnique’, ’required’ => ’create’ More on models 163 CakePHP Cookbook Documentation, Release 2.x ); $validator[’username’][’unique’]->last= true; $validator[’username’][’unique’]->message= ’Name already taken’; Removing rules from the set New in version 2.2. It is possible to both completely remove all rules for a field and to delete a single rule in a field’s rule set: validator()->remove(’username’); // Remove ’required’ rule from password $this->validator()->remove(’password’, ’required’); Optionally, you can use the array interface to delete rules from the set: validator(); // Completely remove all rules for a field unset($validator[’username’]); // Remove ’required’ rule from password unset($validator[’password’][’required’]); Core Validation Rules class Validation The Validation class in CakePHP contains many validation rules that can make model data validation much easier. This class contains many oft-used validation techniques you won’t need to write on your own. Below, you’ll find a complete list of all the rules, along with usage examples. static Validation::alphaNumeric(mixed $check) The data for the field must only contain letters and numbers.: array( ’rule’ => ’alphaNumeric’, ’message’ => ’Usernames must only contain letters and numbers.’ ) ); static Validation::between(string $check, integer $min, integer $max) The length of the data for the field must fall within the specified numeric range. Both minimum and maximum values must be supplied. Uses = not.: 164 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x array( ’rule’ => array(’between’,5, 15), ’message’ => ’Passwords must be between 5 and 15 characters long.’ ) ); The length of data is “the number of bytes in the string representation of the data”. Be careful that it may be larger than the number of characters when handling non-ASCII characters. static Validation::blank(mixed $check) This rule is used to make sure that the field is left blank or only white space characters are present in its value. White space characters include space, tab, carriage return, and newline.: array( ’rule’ => ’blank’, ’on’ => ’create’ ) ); static Validation::boolean(string $check) The data for the field must be a boolean value. Valid values are true or false, integers 0 or 1 or strings ‘0’ or ‘1’.: array( ’rule’ => array(’boolean’), ’message’ => ’Incorrect value for myCheckbox’ ) ); static Validation::cc(mixed $check, mixed $type = ‘fast’, boolean $deep = false, string $regex = null) This rule is used to check whether the data is a valid credit card number. It takes three parameters: ‘type’, ‘deep’ and ‘regex’. The ‘type’ key can be assigned to the values of ‘fast’, ‘all’ or any of the following: •amex •bankcard •diners •disc •electron •enroute •jcb More on models 165 CakePHP Cookbook Documentation, Release 2.x •maestro •mc •solo •switch •visa •voyager If ‘type’ is set to ‘fast’, it validates the data against the major credit cards’ numbering formats. Setting ‘type’ to ‘all’ will check with all the credit card types. You can also set ‘type’ to an array of the types you wish to match. The ‘deep’ key should be set to a boolean value. If it is set to true, the validation will check the Luhn algorithm of the credit card (http://en.wikipedia.org/wiki/Luhn_algorithm). It defaults to false. The ‘regex’ key allows you to supply your own regular expression that will be used to validate the credit card number: array( ’rule’ => array(’cc’, array(’visa’, ’maestro’), false, null), ’message’ => ’The credit card number you supplied was invalid.’ ) ); static Validation::comparison(mixed $check1, string $operator = null, integer $check2 = null) Comparison is used to compare numeric values. It supports “is greater”, “is less”, “greater or equal”, “less or equal”, “equal to”, and “not equal”. Some examples are shown below: array( ’rule’ => array(’comparison’, ’>=’, 18), ’message’ => ’Must be at least 18 years old to qualify.’ ) ); public $validate= array( ’age’ => array( ’rule’ => array(’comparison’, ’greater or equal’, 18), ’message’ => ’Must be at least 18 years old to qualify.’ ) ); static Validation::custom(mixed $check, string $regex = null) Used when a custom regular expression is needed: array( 166 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ’rule’ => array(’custom’, ’\u221E’), ’message’ => ’Please enter an infinite number.’ ) ); static Validation::date(string $check, mixed $format = ‘ymd’, string $regex = null) This rule ensures that data is submitted in valid date formats. A single parameter (which can be an array) can be passed that will be used to check the format of the supplied date. The value of the parameter can be one of the following: •‘dmy’ e.g. 27-12-2006 or 27-12-06 (separators can be a space, period, dash, forward slash) •‘mdy’ e.g. 12-27-2006 or 12-27-06 (separators can be a space, period, dash, forward slash) •‘ymd’ e.g. 2006-12-27 or 06-12-27 (separators can be a space, period, dash, forward slash) •‘dMy’ e.g. 27 December 2006 or 27 Dec 2006 •‘Mdy’ e.g. December 27, 2006 or Dec 27, 2006 (comma is optional) •‘My’ e.g. (December 2006 or Dec 2006) •‘my’ e.g. 12/2006 or 12/06 (separators can be a space, period, dash, forward slash) If no keys are supplied, the default key that will be used is ‘ymd’: array( ’rule’ => array(’date’, ’ymd’), ’message’ => ’Enter a valid date in YY-MM-DD format.’, ’allowEmpty’ => true ) ); While many data stores require a certain date format, you might consider doing the heavy lifting by accepting a wide-array of date formats and trying to convert them, rather than forcing users to supply a given format. The more work you can do for your users, the better. static Validation::datetime(array $check, mixed $dateFormat = ‘ymd’, string $regex = null) This rule ensures that the data is a valid datetime format. A parameter (which can be an array) can be passed to specify the format of the date. The value of the parameter can be one or more of the following: •‘dmy’ e.g. 27-12-2006 or 27-12-06 (separators can be a space, period, dash, forward slash) •‘mdy’ e.g. 12-27-2006 or 12-27-06 (separators can be a space, period, dash, forward slash) •‘ymd’ e.g. 2006-12-27 or 06-12-27 (separators can be a space, period, dash, forward slash) •‘dMy’ e.g. 27 December 2006 or 27 Dec 2006 •‘Mdy’ e.g. December 27, 2006 or Dec 27, 2006 (comma is optional) •‘My’ e.g. (December 2006 or Dec 2006) •‘my’ e.g. 12/2006 or 12/06 (separators can be a space, period, dash, forward slash) More on models 167 CakePHP Cookbook Documentation, Release 2.x If no keys are supplied, the default key that will be used is ‘ymd’: array( ’rule’ => array(’datetime’, ’dmy’), ’message’ => ’Please enter a valid date and time.’ ) ); Also a second parameter can be passed to specify a custom regular expression. If this parameter is used, this will be the only validation that will occur. Note that unlike date(), datetime() will validate a date and a time. static Validation::decimal(integer $check, integer $places = null, string $regex = null) This rule ensures that the data is a valid decimal number. A parameter can be passed to specify the number of digits required after the decimal point. If no parameter is passed, the data will be validated as a scientific float, which will cause validation to fail if no digits are found after the decimal point: array( ’rule’ => array(’decimal’,2) ) ); static Validation::email(string $check, boolean $deep = false, string $regex = null) This checks whether the data is a valid email address. Passing a boolean true as the second parameter for this rule will also attempt to verify that the host for the address is valid: array(’rule’ => ’email’)); public $validate= array( ’email’ => array( ’rule’ => array(’email’, true), ’message’ => ’Please supply a valid email address.’ ) ); static Validation::equalTo(mixed $check, mixed $compareTo) This rule will ensure that the value is equal to, and of the same type as the given value. array( ’rule’ => array(’equalTo’, ’cake’), ’message’ => ’This value must be the string cake’ ) ); static Validation::extension(mixed $check, array $extensions = array(‘gif’,‘jpeg’,‘png’, ‘jpg’)) This rule checks for valid file extensions like .jpg or .png. Allow multiple extensions by passing them 168 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x in array form. array( ’rule’ => array(’extension’, array(’gif’, ’jpeg’, ’png’, ’jpg’)), ’message’ => ’Please supply a valid image.’ ) ); static Validation::fileSize($check, $operator = null, $size = null) This rule allows you to check filesizes. You can use $operator to decide the type of comparison you want to use. All the operators supported by comparison() are supported here as well. This method will automatically handle array values from $_FILES by reading from the tmp_name key if $check is an array an contains that key: array( ’rule’ => array(’filesize’, ’<=’, ’1MB’), ’message’ => ’Image must be less than 1MB’ ) ); New in version 2.3: This method was added in 2.3 static Validation::inList(string $check, array $list) This rule will ensure that the value is in a given set. It needs an array of values. The field is valid if the field’s value matches one of the values in the given array. Example: array( ’allowedChoice’ => array( ’rule’ => array(’inList’, array(’Foo’, ’Bar’)), ’message’ => ’Enter either Foo or Bar.’ ) ) ); static Validation::ip(string $check, string $type = ‘both’) This rule will ensure that a valid IPv4 or IPv6 address has been submitted. Accepts as option ‘both’ (default), ‘IPv4’ or ‘IPv6’. array( ’rule’ => array(’ip’, ’IPv4’), // or ’IPv6’ or ’both’ (default) ’message’ => ’Please supply a valid IP address.’ ) ); More on models 169 CakePHP Cookbook Documentation, Release 2.x static Validation::isUnique The data for the field must be unique, it cannot be used by any other rows. array( ’rule’ => ’isUnique’, ’message’ => ’This username has already been taken.’ ) ); static Validation::luhn(string|array $check, boolean $deep = false) The Luhn algorithm: A checksum formula to validate a variety of identification numbers. See http://en.wikipedia.org/wiki/Luhn_algorithm for more information. static Validation::maxLength(string $check, integer $max) This rule ensures that the data stays within a maximum length requirement. array( ’rule’ => array(’maxLength’, 15), ’message’ => ’Usernames must be no larger than 15 characters long.’ ) ); The length here is “the number of bytes in the string representation of the data”. Be careful that it may be larger than the number of characters when handling non-ASCII characters. static Validation::mimeType(mixed $check, array $mimeTypes) New in version 2.2. This rule checks for valid mimeType array( ’rule’ => array(’mimeType’, array(’image/gif’)), ’message’ => ’Invalid mime type.’ ), ); static Validation::minLength(string $check, integer $min) This rule ensures that the data meets a minimum length requirement. array( ’rule’ => array(’minLength’,8), ’message’ => ’Usernames must be at least 8 characters long.’ ) ); The length here is “the number of bytes in the string representation of the data”. Be careful that it may be larger than the number of characters when handling non-ASCII characters. 170 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x static Validation::money(string $check, string $symbolPosition = ‘left’) This rule will ensure that the value is in a valid monetary amount. Second parameter defines where symbol is located (left/right). array( ’rule’ => array(’money’, ’left’), ’message’ => ’Please supply a valid monetary amount.’ ) ); static Validation::multiple(mixed $check, mixed $options = array()) Use this for validating a multiple select input. It supports parameters “in”, “max” and “min”. array( ’rule’ => array(’multiple’, array( ’in’ => array(’do’, ’ray’, ’me’, ’fa’, ’so’, ’la’, ’ti’), ’min’ =>1, ’max’ =>3 )), ’message’ => ’Please select one, two or three options’ ) ); static Validation::notEmpty(mixed $check) The basic rule to ensure that a field is not empty.: array( ’rule’ => ’notEmpty’, ’message’ => ’This field cannot be left blank’ ) ); Do not use this for a multiple select input as it will cause an error. Instead, use “multiple”. static Validation::numeric(string $check) Checks if the data passed is a valid number.: array( ’rule’ => ’numeric’, ’message’ => ’Please supply the number of cars.’ ) ); static Validation::naturalNumber(mixed $check, boolean $allowZero = false) New in version 2.2. This rule checks if the data passed is a valid natural number. If $allowZero is set to true, zero is also accepted as a value. More on models 171 CakePHP Cookbook Documentation, Release 2.x array( ’rule’ => ’naturalNumber’, ’message’ => ’Please supply the number of wheels.’ ), ’airbags’ => array( ’rule’ => array(’naturalNumber’, true), ’message’ => ’Please supply the number of airbags.’ ), ); static Validation::phone(mixed $check, string $regex = null, string $country = ‘all’) Phone validates US phone numbers. If you want to validate non-US phone numbers, you can provide a regular expression as the second parameter to cover additional number formats. array( ’rule’ => array(’phone’, null, ’us’) ) ); static Validation::postal(mixed $check, string $regex = null, string $country = ‘us’) Postal is used to validate ZIP codes from the U.S. (us), Canada (ca), U.K (uk), Italy (it), Germany (de) and Belgium (be). For other ZIP code formats, you may provide a regular expression as the second parameter. array( ’rule’ => array(’postal’, null, ’us’) ) ); static Validation::range(string $check, integer $lower = null, integer $upper = null) This rule ensures that the value is in a given range. If no range is supplied, the rule will check to ensure the value is a legal finite on the current platform. array( ’rule’ => array(’range’,-1, 11), ’message’ => ’Please enter a number between 0 and 10’ ) ); The above example will accept any value which is larger than 0 (e.g., 0.01) and less than 10 (e.g., 9.99). Note: The range lower/upper are not inclusive 172 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x static Validation::ssn(mixed $check, string $regex = null, string $country = null) Ssn validates social security numbers from the U.S. (us), Denmark (dk), and the Netherlands (nl). For other social security number formats, you may provide a regular expression. array( ’rule’ => array(’ssn’, null, ’us’) ) ); static Validation::time(string $check) Time validation, determines if the string passed is a valid time. Validates time as 24hr (HH:MM) or am/pm ([H]H:MM[a|p]m) Does not allow/validate seconds. static Validation::uploadError(mixed $check) New in version 2.2. This rule checks if a file upload has an error. array( ’rule’ => ’uploadError’, ’message’ => ’Something went wrong with the upload.’ ), ); static Validation::url(string $check, boolean $strict = false) This rule checks for valid URL formats. Supports http(s), ftp(s), file, news, and gopher protocols: array( ’rule’ => ’url’ ) ); To ensure that a protocol is in the url, strict mode can be enabled like so: array( ’rule’ => array(’url’, true) ) ); static Validation::userDefined(mixed $check, object $object, string $method, array $args = null) Runs an user-defined validation. static Validation::uuid(string $check) Checks that a value is a valid uuid: http://tools.ietf.org/html/rfc4122 More on models 173 CakePHP Cookbook Documentation, Release 2.x Localized Validation The validation rules phone() and postal() will pass off any country prefix they do not know how to handle to another class with the appropriate name. For example if you lived in the Netherlands you would create a class like: array(’rule’ => array(’phone’, null, ’nl’)), ’postal_code’ => array(’rule’ => array(’postal’, null, ’nl’)), ); When your model data is validated, Validation will see that it cannot handle the nl locale and will attempt to delegate out to NlValidation::postal() and the return of that method will be used as the pass/fail for the validation. This approach allows you to create classes that handle a subset or group of locales, something that a large switch would not have. The usage of the individual validation methods has not changed, the ability to pass off to another validator has been added. Tip: The Localized Plugin already contains a lot of rules ready to use: https://github.com/cakephp/localized Also feel free to contribute with your localized validation rules. Validating Data from the Controller While normally you would just use the save method of the model, there may be times where you wish to validate the data without saving it. For example, you may wish to display some additional information to the user before actually saving the data to the database. Validating data requires a slightly different process than just saving the data. First, set the data to the model: ModelName->set($this->request->data); Then, to check if the data validates, use the validates method of the model, which will return true if it validates and false if it doesn’t: 174 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x ModelName->validates()) { // it validated logic } else { // didn’t validate logic $errors= $this->ModelName->validationErrors; } It may be desirable to validate your model only using a subset of the validations specified in your model. For example say you had a User model with fields for first_name, last_name, email and password. In this instance when creating or editing a user you would want to validate all 4 field rules. Yet when a user logs in you would validate just email and password rules. To do this you can pass an options array specifying the fields to validate. e.g. User->validates(array(’fieldList’ => array(’email’, ’password’)))) { // valid } else { // invalid } The validates method invokes the invalidFields method which populates the validationErrors property of the model. The invalidFields method also returns that data as the result. ModelName->invalidFields(); // contains validationErrors array The validation errors list is not cleared between successive calls to invalidFields() So if you are validating in a loop and want each set of errors separately don’t use invalidFields(). Instead use validates() and access the validationErrors model property. It is important to note that the data must be set to the model before the data can be validated. This is different from the save method which allows the data to be passed in as a parameter. Also, keep in mind that it is not required to call validates prior to calling save as save will automatically validate the data before actually saving. To validate multiple models, the following approach should be used: ModelName->saveAll($this->request->data, array(’validate’ => ’only’))) { // validates } else { // does not validate } If you have validated data before save, you can turn off validation to avoid second check. ModelName->saveAll($this->request->data, array(’validate’ => false))) { // saving without validation } More on models 175 CakePHP Cookbook Documentation, Release 2.x Callback Methods If you want to sneak in some logic just before or after a CakePHP model operation, use model callbacks. These functions can be defined in model classes (including your AppModel) class. Be sure to note the expected return values for each of these special functions. beforeFind beforeFind(array $queryData) Called before any find-related operation. The $queryData passed to this callback contains information about the current query: conditions, fields, etc. If you do not wish the find operation to begin (possibly based on a decision relating to the $queryData options), return false. Otherwise, return the possibly modified $queryData, or anything you want to get passed to find and its counterparts. You might use this callback to restrict find operations based on a user’s role, or make caching decisions based on the current load. afterFind afterFind(array $results, boolean $primary = false) Use this callback to modify results that have been returned from a find operation, or to perform any other post-find logic. The $results parameter passed to this callback contains the returned results from the model’s find operation, i.e. something like: array( ’ModelName’ => array( ’field1’ => ’value1’, ’field2’ => ’value2’, ), ), ); The return value for this callback should be the (possibly modified) results for the find operation that trig- gered this callback. The $primary parameter indicates whether or not the current model was the model that the query origi- nated on or whether or not this model was queried as an association. If a model is queried as an association the format of $results can differ; instead of the result you would normally get from a find operation, you may get this: ’value1’, ’field_2’ => ’value2’ ); 176 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Warning: Code expecting $primary to be true will probably get a “Cannot use string offset as an array” fatal error from PHP if a recursive find is used. Below is an example of how afterfind can be used for date formatting: $val){ if (isset($val[’Event’][’begindate’])) { $results[$key][’Event’][’begindate’]= $this->dateFormatAfterFind($val[’Event’][’begindate’]); } } return $results; } public function dateFormatAfterFind($dateString){ return date(’d-m-Y’, strtotime($dateString)); } beforeValidate beforeValidate(array $options = array()) Use this callback to modify model data before it is validated, or to modify validation rules if required. This function must also return true, otherwise the current save() execution will abort. beforeSave beforeSave(array $options = array()) Place any pre-save logic in this function. This function executes immediately after model data has been successfully validated, but just before the data is saved. This function should also return true if you want the save operation to continue. This callback is especially handy for any data-massaging logic that needs to happen before your data is stored. If your storage engine needs dates in a specific format, access it at $this->data and modify it. Below is an example of how beforeSave can be used for date conversion. The code in the example is used for an application with a begindate formatted like YYYY-MM-DD in the database and is displayed like DD-MM-YYYY in the application. Of course this can be changed very easily. Use the code below in the appropriate model. data[’Event’][’begindate’])&&! empty($this->data[’Event’][’enddate’])) { $this->data[’Event’][’begindate’]= $this->dateFormatBeforeSave($this->data[’Event’][’begindate’]); $this->data[’Event’][’enddate’]= $this->dateFormatBeforeSave($this->data[’Event’][’enddate’]); } return true; } More on models 177 CakePHP Cookbook Documentation, Release 2.x public function dateFormatBeforeSave($dateString){ return date(’Y-m-d’, strtotime($dateString)); } Tip: Be sure that beforeSave() returns true, or your save is going to fail. afterSave afterSave(boolean $created) If you have logic you need to be executed just after every save operation, place it in this callback method. The value of $created will be true if a new record was created (rather than an update). beforeDelete beforeDelete(boolean $cascade = true) Place any pre-deletion logic in this function. This function should return true if you want the deletion to continue, and false if you want to abort. The value of $cascade will be true if records that depend on this record will also be deleted. Tip: Be sure that beforeDelete() returns true, or your delete is going to fail. Product->delete($id) from ProductsController.php has set $this->id . // Assuming ’ProductCategory hasMany Product’, we can access $this->Product in the model. public function beforeDelete($cascade= true){ $count= $this->Product->find("count", array( "conditions" => array("product_category_id" => $this->id) )); if ($count ==0){ return true; } else { return false; } } afterDelete afterDelete() Place any logic that you want to be executed after every deletion in this callback method. 178 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x onError onError() Called if any problems occur. Behaviors Model behaviors are a way to organize some of the functionality defined in CakePHP models. They allow us to separate and reuse logic that creates a type of behavior, and they do this without requiring inheritance. For example creating tree structures. By providing a simple yet powerful way to enhance models, behaviors allow us to attach functionality to models by defining a simple class variable. That’s how behaviors allow models to get rid of all the extra weight that might not be part of the business contract they are modeling, or that is also needed in different models and can then be extrapolated. As an example, consider a model that gives us access to a database table which stores structural information about a tree. Removing, adding, and migrating nodes in the tree is not as simple as deleting, inserting, and editing rows in the table. Many records may need to be updated as things move around. Rather than creating those tree-manipulation methods on a per model basis (for every model that needs that functionality), we could simply tell our model to use the TreeBehavior, or in more formal terms, we tell our model to behave as a Tree. This is known as attaching a behavior to a model. With just one line of code, our CakePHP model takes on a whole new set of methods that allow it to interact with the underlying structure. CakePHP already includes behaviors for tree structures, translated content, access control list interac- tion, not to mention the community-contributed behaviors already available in the CakePHP Bakery (http://bakery.cakephp.org). In this section, we’ll cover the basic usage pattern for adding behaviors to models, how to use CakePHP’s built-in behaviors, and how to create our own. In essence, Behaviors are Mixins (http://en.wikipedia.org/wiki/Mixin) with callbacks. Using Behaviors Behaviors are attached to models through the $actsAs model class variable: Category->id= 42; // Use behavior method, children(): $kids= $this->Category->children(); More on models 179 CakePHP Cookbook Documentation, Release 2.x Some behaviors may require or allow settings to be defined when the behavior is attached to the model. Here, we tell our TreeBehavior the names of the “left” and “right” fields in the underlying database table: array( ’left’ => ’left_node’, ’right’ => ’right_node’ )); } We can also attach several behaviors to a model. There’s no reason why, for example, our Category model should only behave as a tree, it may also need internationalization support: array( ’left’ => ’left_node’, ’right’ => ’right_node’ ), ’Translate’ ); } So far we have been adding behaviors to models using a model class variable. That means that our behaviors will be attached to our models throughout the model’s lifetime. However, we may need to “detach” behaviors from our models at runtime. Let’s say that on our previous Category model, which is acting as a Tree and a Translate model, we need for some reason to force it to stop acting as a Translate model: Category->Behaviors->unload(’Translate’); That will make our Category model stop behaving as a Translate model from thereon. We may need, instead, to just disable the Translate behavior from acting upon our normal model operations: our finds, our saves, etc. In fact, we are looking to disable the behavior from acting upon our CakePHP model callbacks. Instead of detaching the behavior, we then tell our model to stop informing of these callbacks to the Translate behavior: Category->Behaviors->disable(’Translate’); We may also need to find out if our behavior is handling those model callbacks, and if not we then restore its ability to react to them: Category->Behaviors->enabled(’Translate’)) { // Tell it to start doing so $this->Category->Behaviors->enable(’Translate’); } 180 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Just as we could completely detach a behavior from a model at runtime, we can also attach new behaviors. Say that our familiar Category model needs to start behaving as a Christmas model, but only on Christmas day: Category->Behaviors->load(’Christmas’); } We can also use the load method to override behavior settings: Category->Behaviors->load(’Tree’, array(’left’ => ’new_left_node’)); There’s also a method to obtain the list of behaviors a model has attached. If we pass the name of a behavior to the method, it will tell us if that behavior is attached to the model, otherwise it will give us the list of attached behaviors: Category->Behaviors->attached(’Translate’)) { // Get the list of all behaviors the model has attached $behaviors= $this->Category->Behaviors->attached(); } Creating Behaviors Behaviors that are attached to Models get their callbacks called automatically. The callbacks are similar to those found in Models: beforeFind, afterFind, beforeSave, afterSave, beforeDelete, afterDelete and onError - see Callback Methods. Your behaviors should be placed in app/Model/Behavior. They are named in CamelCase and postfixed by Behavior, ex. NameBehavior.php. It’s often helpful to use a core behavior as a template when creating your own. Find them in lib/Cake/Model/Behavior/. Every callback and behavior method takes a reference to the model it is being called from as the first parameter. Besides implementing the callbacks, you can add settings per behavior and/or model behavior attachment. Information about specifying settings can be found in the chapters about core behaviors and their configu- ration. A quick example that illustrates how behavior settings can be passed from the model to the behavior: array( ’option1_key’ => ’option1_value’ ) More on models 181 CakePHP Cookbook Documentation, Release 2.x ); } Since behaviors are shared across all the model instances that use them, it’s a good practice to store the settings per alias/model name that is using the behavior. When created behaviors will have their setup() method called: settings[$Model->alias])) { $this->settings[$Model->alias]= array( ’option1_key’ => ’option1_default_value’, ’option2_key’ => ’option2_default_value’, ’option3_key’ => ’option3_default_value’, ); } $this->settings[$Model->alias]= array_merge( $this->settings[$Model->alias], (array)$settings); } Creating behavior methods Behavior methods are automatically available on any model acting as the behavior. For example if you had: Duck->fly(’toronto’, ’montreal’); Although this method takes two parameters, the method signature should look like: doIt() fashion from inside a behavior method will not get the $model parameter automatically appended. Mapped methods In addition to providing ‘mixin’ methods, behaviors can also provide pattern matching methods. Behaviors can also define mapped methods. Mapped methods use pattern matching for method invocation. This allows 182 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x you to create methods similar to Model::findAllByXXX methods on your behaviors. Mapped methods need to be declared in your behaviors $mapMethods array. The method signature for a mapped method is slightly different than a normal behavior mixin method: ’doSomething’); public function doSomething(Model $model, $method, $arg1, $arg2){ debug(func_get_args()); //do something } } The above will map every doXXX() method call to the behavior. As you can see, the model is still the first parameter, but the called method name will be the 2nd parameter. This allows you to munge the method name for additional information, much like Model::findAllByXX. If the above behavior was attached to a model the following would happen: doReleaseTheHounds(’homer’, ’lenny’); // would output ’ReleaseTheHounds’, ’homer’, ’lenny’ Behavior callbacks Model Behaviors can define a number of callbacks that are triggered before/after the model callbacks of the same name. Behavior callbacks allow your behaviors to capture events in attached models and augment the parameters or splice in additional behavior. The available callbacks are: • beforeValidate is fired before a model’s beforeValidate • beforeFind is fired before a model’s beforeFind • afterFind is fired before a model’s afterFind • beforeSave is fired before a model’s beforeSave • afterSave is fired before a model’s afterSave • beforeDelete is fired after a model’s beforeDelete • afterDelete is fired before a model’s afterDelete Creating a behavior callback class ModelBehavior More on models 183 CakePHP Cookbook Documentation, Release 2.x Model behavior callbacks are defined as simple methods in your behavior class. Much like regular behavior methods, they receive a $Model parameter as the first argument. This parameter is the model that the behavior method was invoked on. ModelBehavior::setup(Model $Model, array $settings = array()) Called when a behavior is attached to a model. The settings come from the attached model’s $actsAs property. ModelBehavior::cleanup(Model $Model) Called when a behavior is detached from a model. The base method removes model settings based on $model->alias. You can override this method and provide custom cleanup functionality. ModelBehavior::beforeFind(Model $Model, array $query) If a behavior’s beforeFind return’s false it will abort the find(). Returning an array will augment the query parameters used for the find operation. ModelBehavior::afterFind(Model $Model, mixed $results, boolean $primary) You can use the afterFind to augment the results of a find. The return value will be passed on as the results to either the next behavior in the chain or the model’s afterFind. ModelBehavior::beforeDelete(Model $Model, boolean $cascade = true) You can return false from a behavior’s beforeDelete to abort the delete. Return true to allow it con- tinue. ModelBehavior::afterDelete(Model $Model) You can use afterDelete to perform clean up operations related to your behavior. ModelBehavior::beforeSave(Model $Model) You can return false from a behavior’s beforeSave to abort the save. Return true to allow it continue. ModelBehavior::afterSave(Model $Model, boolean $created) You can use afterSave to perform clean up operations related to your behavior. $created will be true when a record is created, and false when a record is updated. ModelBehavior::beforeValidate(Model $Model) You can use beforeValidate to modify a model’s validate array or handle any other pre-validation logic. Returning false from a beforeValidate callback will abort the validation and cause it to fail. DataSources DataSources are the link between models and the source of data that models represent. In many cases, the data is retrieved from a relational database such as MySQL, PostgreSQL or MSSQL. CakePHP is distributed with several database-specific datasources (see the class files in lib/Cake/Model/Datasource/Database), a summary of which is listed here for your conve- nience: • MySql • Postgres • Sqlite • Sqlserver 184 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Note: You can find additional community contributed datasources in the CakePHP DataSources repository at github (https://github.com/cakephp/datasources/tree/2.0). When specifying a database connection configuration in app/Config/database.php, CakePHP trans- parently uses the corresponding database datasource for all model operations. So, even though you might not have known about datasources, you’ve been using them all along. All of the above sources derive from a base DboSource class, which aggregates some logic that is common to most relational databases. If you decide to write a RDBMS datasource, working from one of these (e.g. Mysql, or Sqlite is your best bet.) Most people, however, are interested in writing datasources for external sources of data, such as remote REST APIs or even an LDAP server. So that’s what we’re going to look at now. Basic API For DataSources A datasource can, and should implement at least one of the following methods: create, read, update and/or delete (the actual method signatures & implementation details are not important for the moment, and will be described later). You need not implement more of the methods listed above than necessary - if you need a read-only datasource, there’s no reason to implement create, update, and delete. Methods that must be implemented for all CRUD methods: • describe($model) • listSources($data = null) • calculate($model, $func, $params) • At least one of: – create(Model $model, $fields = null, $values = null) – read(Model $model, $queryData = array(), $recursive = null) – update(Model $model, $fields = null, $values = null, $conditions = null) – delete(Model $model, $id = null) It is also possible (and sometimes quite useful) to define the $_schema class attribute inside the datasource itself, instead of in the model. And that’s pretty much all there is to it. By coupling this datasource to a model, you are then able to use Model::find()/save()/delete() as you would normally, and the appropriate data and/or parame- ters used to call those methods will be passed on to the datasource itself, where you can decide to implement whichever features you need (e.g. Model::find options such as ’conditions’ parsing, ’limit’ or even your own custom parameters). More on models 185 CakePHP Cookbook Documentation, Release 2.x An Example A common reason you would want to write your own datasource is when you would like to access a 3rd party API using the usual Model::find()/save()/delete() methods. Let’s write a datasource that will access a fictitious remote JSON based API. We’ll call it FarAwaySource and we’ll put it in app/Model/Datasource/FarAwaySource.php: ’’, ); /** * If we want to create() or update() we need to specify the fields * available. We use the same array keys as we do with CakeSchema, eg. * fixtures and schema migrations. */ protected $_schema= array( ’id’ => array( ’type’ => ’integer’, ’null’ => false, ’key’ => ’primary’, ’length’ => 11, ), ’name’ => array( ’type’ => ’string’, ’null’ => true, ’length’ => 255, ), ’message’ => array( ’type’ => ’text’, ’null’ => true, ), ); /** * Create our HttpSocket and handle any config tweaks. */ public function __construct($config){ parent::__construct($config); 186 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x $this->Http= new HttpSocket(); } /** * Since datasources normally connect to a database there are a few things * we must change to get them to work without a database. */ /** * listSources() is for caching. You’ll likely want to implement caching in * your own way with a custom datasource. So just ‘‘return null‘‘. */ public function listSources($data= null){ return null; } /** * describe() tells the model your schema for ‘‘Model::save()‘‘. * * You may want a different schema for each model but still use a single * datasource. If this is your case then set a ‘‘schema‘‘ property on your * models and simply return ‘‘$model->schema‘‘ here instead. */ public function describe($model){ return $this->_schema; } /** * calculate() is for determining how we will count the records and is * required to get ‘‘update()‘‘ and ‘‘delete()‘‘ to work. * * We don’t count the records here but return a string to be passed to *‘‘read()‘‘ which will do the actual counting. The easiest way is to just * return the string ’COUNT’ and check for it in ‘‘read()‘‘ where *‘‘$data[’fields’] == ’COUNT’‘‘. */ public function calculate(Model $model, $func, $params= array()) { return ’COUNT’; } /** * Implement the R in CRUD. Calls to ‘‘Model::find()‘‘ arrive here. */ public function read(Model $model, $queryData= array(), $recursive= null){ /** * Here we do the actual count as instructed by our calculate() * method above. We could either check the remote source or some * other way to get the record count. Here we’ll simply return 1 so *‘‘update()‘‘ and ‘‘delete()‘‘ will assume the record exists. */ if ($queryData[’fields’] == ’COUNT’){ return array(array(array(’count’ =>1))); } More on models 187 CakePHP Cookbook Documentation, Release 2.x /** * Now we get, decode and return the remote data. */ $queryData[’conditions’][’apiKey’]= $this->config[’apiKey’]; $json= $this->Http->get(’http://example.com/api/list.json’, $queryData[’conditions’]); $res= json_decode($json, true); if (is_null($res)) { $error= json_last_error(); throw new CakeException($error); } return array($model->alias => $res); } /** * Implement the C in CRUD. Calls to ‘‘Model::save()‘‘ without $model->id * set arrive here. */ public function create(Model $model, $fields= null, $values= null){ $data= array_combine($fields, $values); $data[’apiKey’]= $this->config[’apiKey’]; $json= $this->Http->post(’http://example.com/api/set.json’, $data); $res= json_decode($json, true); if (is_null($res)) { $error= json_last_error(); throw new CakeException($error); } return true; } /** * Implement the U in CRUD. Calls to ‘‘Model::save()‘‘ with $Model->id * set arrive here. Depending on the remote source you can just call *‘‘$this->create()‘‘. */ public function update(Model $model, $fields= null, $values= null, $conditions= null){ return $this->create($model, $fields, $values); } /** * Implement the D in CRUD. Calls to ‘‘Model::delete()‘‘ arrive here. */ public function delete(Model $model, $id= null){ $json= $this->Http->get(’http://example.com/api/remove.json’, array( ’id’ => $id[$model->alias. ’.id’], ’apiKey’ => $this->config[’apiKey’], )); $res= json_decode($json, true); if (is_null($res)) { $error= json_last_error(); throw new CakeException($error); } return true; } 188 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x } We can then configure the datasource in our app/Config/database.php file by adding something like this: ’FarAwaySource’, ’apiKey’ => ’1234abcd’, ); Then use the database config in our models like this: MyModel->find(’all’, array( ’conditions’ => array(’name’ => ’Some Person’), )); Similarly we can save a new message: MyModel->save(array( ’name’ => ’Some Person’, ’message’ => ’New Message’, )); Update the previous message: MyModel->id= 42; $this->MyModel->save(array( ’message’ => ’Updated message’, )); And delete the message: MyModel->delete(42); Plugin DataSources You can also package Datasources into plugins. Simply place your datasource file into Plugin/[YourPlugin]/Model/Datasource/[YourSource].php and refer to it using the plugin notation: More on models 189 CakePHP Cookbook Documentation, Release 2.x ’MyPlugin.FarAwaySource’, ’apiKey’ => ’abcd1234’, ); Model Attributes Model attributes allow you to set properties that can override the default model behavior. For a complete list of model attributes and their descriptions visit the CakePHP API. Check out http://api20.cakephp.org/class/model. useDbConfig The useDbConfig property is a string that specifies the name of the database connection to use to bind your model class to the related database table. You can set it to any of the database con- nections defined within your database configuration file. The database configuration file is stored in /app/Config/database.php. The useDbConfig property is defaulted to the ‘default’ database connection. Example usage: Group->find() call: More on models 191 CakePHP Cookbook Documentation, Release 2.x • -1 Cake fetches Group data only, no joins. • 0 Cake fetches Group data and its domain • 1 Cake fetches a Group, its domain and its associated Users • 2 Cake fetches a Group, its domain, its associated Users, and the Users’ associated Articles Set it no higher than you need. Having CakePHP fetch data you aren’t going to use slows your app unnec- essarily. Also note that the default recursive level is 1. Note: If you want to combine $recursive with the fields functionality, you will have to add the columns containing the required foreign keys to the fields array manually. In the example above, this could mean adding domain_id. order The default ordering of data for any find operation. Possible values include: "asc","Model.field2" =>"DESC"); data The container for the model’s fetched data. While data returned from a model class is normally used as returned from a find() call, you may need to access information stored in $data inside of model callbacks. _schema Contains metadata describing the model’s database table fields. Each field is described by: • name • type (integer, string, datetime, etc.) • null • default value • length Example Usage: 192 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x array( ’type’ => ’string’, ’length’ => 30 ), ’last_name’ => array( ’type’ => ’string’, ’length’ => 30 ), ’email’ => array( ’type’ => ’string’, ’length’ => 30 ), ’message’ => array(’type’ => ’text’) ); validate This attribute holds rules that allow the model to make data validation decisions before saving. Keys named after fields hold regex values allowing the model to try to make matches. Note: It is not necessary to call validate() before save() as save() will automatically validate your data before actually saving. For more information on validation, see the Data Validation later on in this manual. virtualFields Array of virtual fields this model has. Virtual fields are aliased SQL expressions. Fields added to this property will be read as other fields in a model but will not be saveable. Example usage for MySQL: "CONCAT(User.first_name, ’ ’, User.last_name)" ); In subsequent find operations, your User results would contain a name key with the result of the concate- nation. It is not advisable to create virtual fields with the same names as columns on the database, this can cause SQL errors. For more information on the virtualFields property, its proper usage, as well as limitations, see Virtual fields. More on models 193 CakePHP Cookbook Documentation, Release 2.x name Name of the model. If you do not specify it in your model file it will be set to the class name by constructor. Example usage: find(’all’, compact(’conditions’)); } } This getRecent() method can now be used within the controller. Example->getRecent(); Model::associations() Get associations: Example->associations(); // $result equals array(’belongsTo’, ’hasOne’, ’hasMany’, ’hasAndBelongsToMany’) 194 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Model::buildQuery(string $type = ’first’, array $query = array()) Builds the query array that is used by the data source to generate the query to fetch the data. Model::deconstruct(string $field, mixed $data) Deconstructs a complex data type (array or object) into a single field value. Model::escapeField(string $field = null, string $alias = null) Escapes the field name and prepends the model name. Escaping is done according to the current database driver’s rules. Model::exists($id) Returns true if a record with the particular ID exists. If ID is not provided it calls Model::getID() to obtain the current record ID to verify, and then performs a Model::find(’count’) on the currently configured datasource to ascertain the existence of the record in persistent storage. Note: Parameter $id was added in 2.1. Prior to that it does not take any parameter. Example->id=9; if ($this->Example->exists()) { // ... } $exists= $this->Foo->exists(2); Model::getAffectedRows() Returns the number of rows affected by the last query. Model::getAssociated(string $type = null) Gets all the models with which this model is associated. Model::getColumnType(string $column) Returns the column type of a column in the model. More on models 195 CakePHP Cookbook Documentation, Release 2.x Model::getColumnTypes() Returns an associative array of field names and column types. Model::getID(integer $list = 0) Returns the current record’s ID. Model::getInsertID() Returns the ID of the last record this model inserted. Model::getLastInsertID() Alias to getInsertID(). Virtual fields Virtual fields allow you to create arbitrary SQL expressions and assign them as fields in a Model. These fields cannot be saved, but will be treated like other model fields for read operations. They will be indexed under the model’s key alongside other model fields. Creating virtual fields Creating virtual fields is easy. In each model you can define a $virtualFields property that contains an array of field => expressions. An example of a virtual field definition using MySQL would be: ’CONCAT(User.first_name, " ", User.last_name)’ ); And with PostgreSQL: ’User.first_name || \’ \’ || User.last_name’ ); In subsequent find operations, your User results would contain a name key with the result of the concate- nation. It is not advisable to create virtual fields with the same names as columns on the database, this can cause SQL errors. It is not always useful to have User.first_name fully qualified. If you do not follow the convention (i.e. you have multiple relations to other tables) this would result in an error. In this case it may be better to just use first_name || \’ \’ || last_name without the Model Name. 196 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x Using virtual fields Creating virtual fields is straightforward and easy, interacting with virtual fields can be done through a few different methods. Model::hasField() Model::hasField() will return true if the model has a concrete field passed by the first parameter. By setting the second parameter of hasField() to true, virtualFields will also be checked when checking if a model has a field. Using the example field above: User->hasField(’name’); // Will return false, as there is no concrete field called name $this->User->hasField(’name’, true); // Will return true as there is a virtual field called name Model::isVirtualField() This method can be used to check if a field/column is a virtual field or a concrete field. Will return true if the column is virtual: User->isVirtualField(’name’); //true $this->User->isVirtualField(’first_name’); //false Model::getVirtualField() This method can be used to access the SQL expression that comprises a virtual field. If no argument is supplied it will return all virtual fields in a Model: User->getVirtualField(’name’); //returns ’CONCAT(User.first_name, ’ ’, User.last_name)’ Model::find() and virtual fields As stated earlier Model::find() will treat virtual fields much like any other field in a model. The value of a virtual field will be placed under the model’s key in the resultset: User->find(’first’); // results contains the following array( ’User’ => array( ’first_name’ => ’Mark’, ’last_name’ => ’Story’, ’name’ => ’Mark Story’, //more fields. More on models 197 CakePHP Cookbook Documentation, Release 2.x ) ); Pagination and virtual fields Since virtual fields behave much like regular fields when doing find’s, Controller::paginate() will be able to sort by virtual fields too. Virtual fields and model aliases When you are using virtualFields and models with aliases that are not the same as their name, you can run into problems as virtualFields do not update to reflect the bound alias. If you are using virtualFields in models that have more than one alias it is best to define the virtualFields in your model’s constructor: virtualFields[’name’]= sprintf(’CONCAT(%s.first_name, " ", %s.last_name)’, $this->alias, $this->alias); } This will allow your virtualFields to work for any alias you give a model. Virtual fields in SQL queries Using functions in direct SQL queries will prevent data from being returned in the same array as your model’s data. For example this: Timelog->query("SELECT project_id, SUM(id) as TotalHours FROM timelogs AS Timelog GROUP BY project_id;"); would return something like this: Array ( [0] => Array ( [Timelog] => Array ( [project_id] => 1234 ) [0] => Array ( [TotalHours] => 25.5 ) ) ) If we want to group TotalHours into our Timelog array we should specify a virtual field for our aggregate column. We can add this new virtual field on the fly rather than permanently declaring it in the model. We 198 Chapter 8. Models CakePHP Cookbook Documentation, Release 2.x will provide a default value of 0 in case another query attempts to use this virtual field. If that were to occur, 0 would be returned in the TotalHours column: Timelog->virtualFields[’TotalHours’]=0; In addition to adding the virtual field we also need to alias our column using the form of MyModel__MyField like this: Timelog->query("SELECT project_id, SUM(id) as Timelog__TotalHours FROM timelogs AS Timelog GROUP BY project_id;"); Running the query again after specifying the virtual field should result in a cleaner grouping of values: Array ( [0] => Array ( [Timelog] => Array ( [project_id] => 1234 [TotalHours] => 25.5 ) ) ) Limitations of virtualFields The implementation of virtualFields has a few limitations. First you cannot use virtualFields on associated models for conditions, order, or fields arrays. Doing so will generally result in an SQL error as the fields are not replaced by the ORM. This is because it difficult to estimate the depth at which an associated model might be found. A common workaround for this implementation issue is to copy virtualFields from one model to another at runtime when you need to access them: virtualFields[’name’]= $this->Author->virtualFields[’name’]; or: virtualFields += $this->Author->virtualFields; Transactions To perform a transaction, a model’s tables must be of a type that supports transactions. All transaction methods must be performed on a model’s DataSource object. To get a model’s DataSource from within the model, use: More on models 199 CakePHP Cookbook Documentation, Release 2.x getDataSource(); You can then use the data source to start, commit, or roll back transactions. begin(); // Perform some tasks if (/*all’s well*/){ $dataSource->commit(); } else { $dataSource->rollback(); } Nested Transactions It is possible to start a transaction several times using the Datasource::begin() method. The trans- action will finish only when the number of commit and rollback match with begin’s. begin(); // Perform some tasks $dataSource->begin(); // More few tasks if (/*latest task ok*/){ $dataSource->commit(); } else { $dataSource->rollback(); // Change something in main task } $dataSource->commit(); This will perform the real nested transaction if your database supports it and it is enabled in the datasource. The methods will always return true when in transaction mode and the nested is not supported or disabled. If you want to use multiple begin’s but not use the nested transaction from database, disable it using $dataSource->useNestedTransactions = false;. It will use only the global transaction. The real nested transaction is disabled by default. Enable it using $dataSource->useNestedTransactions = true;. 200 Chapter 8. Models CHAPTER9 Core Libraries CakePHP comes with a plethora of built-in functions and classes. These classes and functions try to cover some of the most common features required in web applications. General Purpose General purpose libraries are available and reused in many places across CakePHP. General Purpose Global Constants and Functions While most of your day-to-day work in CakePHP will be utilizing core classes and methods, CakePHP features a number of global convenience functions that may come in handy. Many of these functions are for use with CakePHP classes (loading model or component classes), but many others make working with arrays or strings a little easier. We’ll also cover some of the constants available in CakePHP applications. Using these constants will help make upgrades more smooth, but are also convenient ways to point to certain files or directories in your CakePHP application. Global Functions Here are CakePHP’s globally available functions. Most of them are just convenience wrappers for other CakePHP functionality, such as debugging and translating content. __(string $string_id[, $formatArgs]) This function handles localization in CakePHP applications. The $string_id identifies the ID for a translation. Strings used for translations are treated as format strings for sprintf(). You can supply additional arguments to replace placeholders in your string: 201 CakePHP Cookbook Documentation, Release 2.x tags around the output. sortByKey(array &$array, string $sortby, string $order = ‘asc’, integer $type = SORT_NUMERIC) Sorts given $array by key $sortby. stripslashes_deep(array $value) Recursively strips slashes from the supplied $value. Returns the modified array. Core Definition Constants Most of the following constants refer to paths in your application. constant APP Path to the application’s directory. constant APP_DIR Equals app or the name of your application directory. constant APPLIBS Path to the application’s Lib directory. constant CACHE Path to the cache files directory. It can be shared between hosts in a multi-server setup. constant CAKE Path to the cake directory. constant CAKE_CORE_INCLUDE_PATH Path to the root lib directory. constant CORE_PATH Path to the root directory with ending directory slash. constant CSS Path to the public CSS directory. constant CSS_URL Web path to the CSS files directory. constant DS Short for PHP’s DIRECTORY_SEPARATOR, which is / on Linux and \ on windows. constant FULL_BASE_URL Full url prefix. Such as https://example.com 204 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x constant IMAGES Path to the public images directory. constant IMAGES_URL Web path to the public images directory. constant JS Path to the public JavaScript directory. constant JS_URL Web path to the js files directory. constant LOGS Path to the logs directory. constant ROOT Path to the root directory. constant TESTS Path to the tests directory. constant TMP Path to the temporary files directory. constant VENDORS Path to the vendors directory. constant WEBROOT_DIR Equals webroot or the name of your webroot directory. constant WWW_ROOT Full path to the webroot. Timing Definition Constants constant TIME_START Unix timestamp in microseconds as a float from when the application started. constant SECOND Equals 1 constant MINUTE Equals 60 constant HOUR Equals 3600 constant DAY Equals 86400 constant WEEK Equals 604800 constant MONTH Equals 2592000 General Purpose 205 CakePHP Cookbook Documentation, Release 2.x constant YEAR Equals 31536000 App Class class App The app class is responsible for path management, class location and class loading. Make sure you follow the File and Classname Conventions. Packages CakePHP is organized around the idea of packages, each class belongs to a package or folder where other classes reside. You can configure each package location in your application using App::build(’APackage/SubPackage’, $paths) to inform the framework where should each class be loaded. Almost every class in the CakePHP framework can be swapped with your own compatible implementation. If you wish to use you own class instead of the classes the framework provides, just add the class to your libs folder emulating the directory location of where CakePHP expects to find it. For instance if you’d like to use your own HttpSocket class, put it under: app/Lib/Network/Http/HttpSocket.php Once you’ve done this App will load your override file instead of the file inside CakePHP. Loading classes static App::uses(string $class, string $package) Return type void Classes are lazily loaded in CakePHP, however before the autoloader can find your classes you need to tell App, where it can find the files. By telling App which package a class can be found in, it can properly locate the file and load it the first time a class is used. Some examples for common types of classes are: Controller App::uses(’PostsController’, ’Controller’); Component App::uses(’AuthComponent’, ’Controller/Component’); Model App::uses(’MyModel’, ’Model’); Behaviors App::uses(’TreeBehavior’, ’Model/Behavior’); Views App::uses(’ThemeView’, ’View’); Helpers App::uses(’HtmlHelper’, ’View/Helper’); Libs App::uses(’PaymentProcessor’, ’Lib’); Vendors App::uses(’Textile’, ’Vendor’); 206 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Utility App::uses(’String’, ’Utility’); So basically the second param should simply match the folder path of the class file in core or app. Note: Loading vendors usually means you are loading packages that do not follow conventions. For most vendor packages using App::import() is recommended. Loading files from plugins Loading classes in plugins works much the same as loading app and core classes except you must specify the plugin you are loading from: array(’/a/full/path/to/models/’))); //will setup the path as the only valid path for searching models App::build(array(’Model’ => array(’/path/to/models/’)), App::RESET); //will setup multiple search paths for helpers App::build(array(’View/Helper’ => array(’/path/to/helpers/’, ’/another/path/’))); If reset is set to true, all loaded plugins will be forgotten and they will be needed to be loaded again. Examples: array(’/full/path/to/controllers’))); //becomes App::build(array(’Controller’ => array(’/full/path/to/Controller’))); App::build(array(’helpers’ => array(’/full/path/to/views/helpers’))); //becomes App::build(array(’View/Helper’ => array(’/full/path/to/View/Helper’))); Changed in version 2.0: App::build() will not merge app paths with core paths anymore. Add new packages to an application App::build() can be used to add new package locations. This is useful when you want to add new top level packages or, sub-packages to your application: array(’%s’. ’Service’. DS) ), App::REGISTER); 208 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x The %s in newly registered packages will be replaced with the APP path. You must include a trailing / in registered packages. Once packages are registered, you can use App::build() to append/prepend/reset paths like any other package. Changed in version 2.1: Registering packages was added in 2.1 Finding which objects CakePHP knows about static App::objects(string $type, mixed $path = null, boolean $cache = true) Return type mixed Returns an array of objects of the given type or false if incorrect. You can find out which objects App knows about using App::objects(’Controller’) for example to find which application controllers App knows about. Example usage: constructClasses(); All classes that were loaded in the past using App::import(‘Core’, $class) will need to be loaded using App::uses() referring to the correct package. This change has provided large performance gains to the framework. Changed in version 2.0. •The method no longer looks for classes recursively, it strictly uses the values for the paths defined in App::build() •It will not be able to load App::import(’Component’, ’Component’) use App::uses(’Component’, ’Controller’);. •Using App::import(’Lib’, ’CoreClass’); to load core classes is no longer possible. •Importing a non-existent file, supplying a wrong type or package name, or null values for $name and $file parameters will result in a false return value. •App::import(’Core’, ’CoreClass’) is no longer supported, use App::uses() in- stead and let the class autoloading do the rest. •Loading Vendor files does not look recursively in the vendors folder, it will also not convert the file to underscored anymore as it did in the past. 210 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Overriding classes in CakePHP You can override almost every class in the framework, exceptions are the App and Configure classes. whenever you like to perform such overriding, just add your class to your app/Lib folder mimicking the internal structure of the framework. Some examples to follow • To override the Dispatcher class, create app/Lib/Routing/Dispatcher.php • To override the CakeRoute class, create app/Lib/Routing/Route/CakeRoute.php • To override the Model class, create app/Lib/Model/Model.php When you load the replaced files, the app/Lib files will be loaded instead of the built-in core classes. Loading Vendor Files You can use App::uses() to load classes in vendors directories. It follows the same conventions as loading other files: array(APP. ’Vendor’.DS. ’SomePackage’))); App::uses(’ClassInSomePackage’, ’Vendor’); Your vendor files may not follow conventions, have a class that differs from the file name or does not contain classes. You can load those files using App::import(). The following examples illustrate how to load vendor files from a number of path structures. These vendor files could be located in any of the vendor folders. To load app/Vendor/geshi.php: ’some.name.php’)); General Purpose 211 CakePHP Cookbook Documentation, Release 2.x To load app/Vendor/services/well.named.php: ’services’.DS. ’well.named.php’)); It wouldn’t make a difference if your vendor files are inside your /vendors directory. Cake will automatically find it. To load vendors/vendorName/libFile.php: ’vendorName’.DS. ’libFile.php’)); App Init/Load/Shutdown Methods static App::init() Return type void Initializes the cache for App, registers a shutdown function. static App::load(string $className) Return type boolean Method to handle the automatic class loading. It will look for each class’ package defined using App::uses() and with this information it will resolve the package name to a full path to load the class from. File name for each class should follow the class name. For instance, if a class is name MyCustomClass the file name should be MyCustomClass.php static App::shutdown() Return type void Object destructor. Writes cache file if changes have been made to the $_map. Events System New in version 2.1. Creating maintainable applications is both a science and an art. It is well-known that a key for having good quality code is making your objects loosely coupled and strongly cohesive at the same time. Cohesion means that all methods and properties for a class are strongly related to the class itself and it is not trying to do the job other objects should be doing, while loosely coupling is the measure of how little a class is “wired” to external objects, and how much that class is depending on them. While most of the CakePHP structure and default libraries will help you achieve this goal, there are cer- tain cases where you need to cleanly communicate with other parts in the system without having to hard code those dependencies, thus losing cohesion and increasing class coupling. A very successful design pat- tern in software engineering is the Observer pattern, where objects can generate events and notify possibly anonymous listeners about changes in the internal state. Listeners in the observer pattern can subscribe to such events and choose to act upon them, modify the subject state or simply log stuff. If you have used javascript in the past, the chances are that you are already familiar with event driven programming. 212 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x CakePHP emulates several aspects of how events are triggered and managed in popular javascript frame- works such as jQuery, while remaining loyal to its object oriented design. In this implementation, an event object is carried across all listeners holding the information and the ability to stop the event propagation at any point. Listeners can register themselves or can delegate this task to other objects and have the chance to alter the state and the event itself for the rest of the callbacks. Interacting with the event managers Let’s suppose you are building a Cart plugin, but you don’t really want to mess with shipping logic, emailing the user or decrementing the item from the stock, it is your wish to handle those things separately in another plugin or in app code. Typically, when not directly using the observer pattern you would do this by attaching behaviors on the fly to your models, and perhaps some components to the controllers. Doing so represents a challenge most of the time, since you would have to come up with the code for externally loading those behaviors or attaching hooks to your plugin controllers. Prior to CakePHP 2.1 some developers chose to implement generic event systems to solve this problem, and some of those system were offered as plugins. Now, you can benefit from a standard general purpose event system that will let you cleanly separate the concerns of your plugins and application code with the built in events manager. Dispatching events So back to our example, we would have an Order model that will manage the buying logic, and probably a place method to save the order details and do any other logic: save($order)) { $this->Cart->remove($order); $this->sendNotificationEmail(); $this->decrementFromStock(); $this->updateUserStatistics(); // ... return true; } return false; } } Well, that does not look right at all. A plugin should not make any assumption about sending emails, and may not even have the inventory data to decrement the item from it, and definitely tracking usage statistics is not the best place to do it. So we need another solution, let’s rewrite that using the event manager: save($order)) { General Purpose 213 CakePHP Cookbook Documentation, Release 2.x $this->Cart->remove($order); $this->getEventManager()->dispatch(new CakeEvent(’Model.Order.afterPlace’, $this, array( ’order’ => $order ))); return true; } return false; } } That looks a lot cleaner, at gives us the opportunity to introduce the event classes and methods. The first thing you may notice is the call to getEventManager() this is a method that is available by default in all Models, Controller and Views. This method will not return the same manager instance across models, and it is not shared between controllers and models, but they are between controllers and views, nevertheless. We will review later how to overcome this implementation detail. The getEventManager method returns an instance of CakeEventManager, and to dispatch events you use CakeEventManager::dispatch() which receives an instance of the CakeEvent class. Let’s dissect now the process of dispatching an event: $order )); CakeEvent receives 3 arguments in its constructor. The first one is the event name, you should try to keep this name as unique as possible, while making it readable. We suggest a convention as follows: Layer.eventName for general events happening at a layer level (e.g. Controller.startup, View.beforeRender) and Layer.Class.eventName for events happening in specific classes on a layer, for ex- ample Model.User.afterRegister or Controller.Courses.invalidAccess. The second argument is the subject, meaning the object associated to the event, usually when it is the same class triggering events about itself, using $this will be the most common case. Although a Component could trigger controller events too. The subject class is important because listeners will get immediate access to the object properties and have the chance to inspect or change them on the fly. Finally, the third argument is the event’s params. This can be any data you consider useful to pass around so listeners can act upon it. While this can be an argument of any type, we recommend passing an associative array, to make inspection easier. CakeEventManager::dispatch() method accepts the event object as argument and notifies all lis- tener and callbacks passing this object along. So the listeners will handle all the extra logic around the afterPlace event, you can log the time, send emails, update user statistics possibly in separate objects and even delegating it to offline tasks if you have the need. Registering callbacks How do we register callbacks or observers to our new afterPlace event? This is subject to a wide variety of different implementations, but they all have to call the CakeEventManager::attach() method to register new actors. For simplicity’s sake, let’s imagine we know in the plugin what the callbacks are available in the controller, and say this controller is responsible for attaching them. The possible code would look like this: 214 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x ’EmailSender::sendBuyEmail’, ’inventory’ => array($this->InventoryManager, ’decrement’), ’logger’ => function($event){ // Anonymous function are only available in PHP 5.3+ CakeLog::write(’info’, ’A new order was placed with id: ’. $event->subject()->id); } )); // Cart/Controller/OrdersController.php class OrdersController extends AppController { public function finish() { foreach (Configure::read(’Order.afterPlace’) as $l){ $this->Order->getEventManager()->attach($l, ’Model.Order.afterPlace’); } if ($this->Order->place($this->Cart->items())) { // ... } } } This may not be the cleanest way to do it, so you can come up with your own ways for attaching listeners to an object’s event manager. This simple way of defining them using the Configure class is intended for didactic purposes only. This little example allows us to showcase what type of callbacks can be attached to the manager. As you may already have figured out, the attach method takes any valid PHP callback type, this is a string representing a static function call, an array having a class instance and a method, an anonymous function if you use PHP 5.3, etc. Attached callbacks will all receive the event object as first argument CakeEventManager::attach() Accepts three arguments. The leftmost one is the callback itself, anything that PHP can treat as a callable function. The second argument is the event name, and the callback will only get fired if the CakeEvent object dispatched has a matching name. The last argument is an array of options to configure the callback priority, and the preference of arguments to be passed. Registering listeners Listeners are an alternative, and often cleaner way of registering callbacks for an event. This is done by implementing the CakeEventListener interface in any class you wish to register some callbacks. Classes implementing it need to provide the implementedEvents() method and return an associative array with all event names that the class will handle. To keep up with our previous example, let’s imagine we have a UserStatistic class responsible for calculating useful information and compiling into the global site statistics. It would be natural to pass an instance of this class as a callback, instead of implementing a custom static function or converting any other workaround to trigger methods in this class. A listener is created as follows: ’updateBuyStatistic’, ); } public function updateBuyStatistic($event){ // Code to update statistics } } // Attach the UserStatistic object to the Order’s event manager $statistics= new UserStatistic(); $this->Order->getEventManager()->attach($statistics); As you can see in the above code, the attach function can handle instances of the CakeEventListener inter- face. Internally, the event manager will read the array returned by implementedEvents method and wire the callbacks accordingly. Establishing priorities In some cases you’d want to run a callback and make sure it gets executed before, or after all the other callbacks have been run. For instance, think again about our user statistics example. It would make sense to run this method only when we can make sure the event was not cancelled, there were no errors and the other callbacks did not change the state of the order itself. For those cases you use priorities. Priorities are handled using a number associated to the callback itself. The higher the number, the later the method will be fired. Default priority for all callbacks and listener methods are set to 10. If you need your method to be run before, then using any value below this default will help you do it, even setting the priority to 1 or a negative value should work. On the other hand if you desire to run the callback after the others, using a number above 10 will do. If two callbacks happen to be allocated in the same priority queue, they will be executed with a FIFO policy, the first listener method to be attached is called first and so on. You set priorities using the attach method for callbacks, and declaring it in the implementedEvents function for event listeners: getEventManager()->attach($callback, ’Model.Order.afterPlace’, array(’priority’ =>2)); // Setting priority for a listener class UserStatistic implements CakeEventListener { public function implementedEvents() { return array( ’Model.Order.afterPlace’ => array(’callable’ => ’updateBuyStatistic’, ’priority’ => 100), ); } } As you see, the main difference for CakeEventListener objects is that you need to use an array for specifying the callable method and the priority preference. The callable key is an special array entry that the manager will read to know what function in the class it should be calling. 216 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Getting event data as function params Some developers might prefer having the event data passed as function parameters instead of receiving the event object. While this is an odd preference and using the event object is a lot more powerful, this was needed to provide backwards compatibility with the previous event system and to offer seasoned developers an alternative to what they were used to. In order to toggle this option you have to add the passParams option to the third argument of the attach method, or declare it in the implementedEvents returned array similar to what you do with priorities: getEventManager()->attach($callback, ’Model.Order.afterPlace’, array(’passParams’ => true)); // Setting priority for a listener class UserStatistic implements CakeEventListener { public function implementedEvents() { return array( ’Model.Order.afterPlace’ => array(’callable’ => ’updateBuyStatistic’, ’passParams’ => true), ); } public function updateBuyStatistic($orderData){ // ... } } In the above code the doSomething function and updateBuyStatistic method will receive $orderData instead of the $event object. This is so, because in our previous example we trigger the Model.Order.afterPlace event with some data: getEventManager()->dispatch(new CakeEvent(’Model.Order.afterPlace’, $this, array( ’order’ => $order ))); Note: The params can only be passed as function arguments if the event data is an array. Any other data type cannot be converted to function parameters, thus not using this option is often the most adequate choice. Stopping events There are circumstances where you will need to stop events so the operation that started it is cancelled. You see examples of this in the model callbacks (e.g. beforeSave) in which it is possible to stop the saving operation if the code detects it cannot proceed any further. In order to stop events you can either return false in your callbacks or call the stopPropagation method on the event object: stopPropagation(); } Stopping an event can have two different effects. The first one can always be expected: any callback after the event was stopped will not be called. The second consequence is optional and it depends on the code triggering the event, for instance, in our afterPlace example it would not make any sense to cancel the operation since the data was already saved and the cart emptied. Nevertheless, if we had a beforePlace stopping the event would have a valid meaning. To check if an event was stopped, you call the isStopped() method in the event object: $order)); $this->getEventManager()->dispatch($event); if ($event->isStopped()) { return false; } if ($this->Order->save($order)) { // ... } // ... } In the previous example the order would not get saved if the event is stopped during the beforePlace process. Getting event results Every time a callback returns a value, it gets stored in the $result property of the event object. This is useful in some cases where letting callbacks modify the main process params enhances the ability of altering the execution aspect of any process. Let’s take again our beforePlace example and let callbacks modify the $order data. Event results can be altered either using the event object result property directly or returning the value in the callback itself: data[’order’]+ $moreData; return $alteredData; } // Another listener callback public function doSomethingElse($event){ // ... $event->result[’order’]= $alteredData; } // Using the event result public function place($order){ 218 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x $event= new CakeEvent(’Model.Order.beforePlace’, $this, array(’order’ => $order)); $this->getEventManager()->dispatch($event); if (!empty($event->result[’order’])) { $order= $event->result[’order’]; } if ($this->Order->save($order)) { // ... } // ... } As you also may have noticed it is possible to alter any event object property and be sure that this new data will get passed to the next callback. In most of the cases, providing objects as event data or result and directly altering the object is the best solution as the reference is kept the same and modifications are shared across all callback calls. Removing callbacks and listeners If for any reason you want to remove any callback from the event manager just call the CakeEventManager::detach() method using as arguments the first two params you used for attaching it: getEventManager()->attach(array($this, ’doSomething’), ’My.event’); // Detaching the function $this->getEventManager()->detach(array($this, ’doSomething’), ’My.event’); // Attaching an anonymous function (PHP 5.3+ only); $myFunction= function($event){ ...}; $this->getEventManager()->attach($myFunction, ’My.event’); // Detaching the anonymous function $this->getEventManager()->detach($myFunction, ’My.event’); // Attaching a CakeEventListener $listener= new MyCakeEventLister(); $this->getEventManager()->attach($listener); // Detaching a single event key from a listener $this->getEventManager()->detach($listener, ’My.event’); // Detaching all callbacks implemented by a listener $this->getEventManager()->detach($listener); The global event manager As previously noted, it might get hard to attach observers to a particular event manager in an object. There are certain cases where having the ability to attach callbacks for an event is needed without having access to the object instance that will trigger it. Also, to prevent people from implementing each of them a different General Purpose 219 CakePHP Cookbook Documentation, Release 2.x mechanism for loading callbacks into managers based on configuration, CakePHP provides the concept of the global event manager. The global manager is a singleton instance of a CakeEventManager class that receives every event that any event manager in the app dispatches. This is both powerful and flexible, but if you use it you need to take more precautions when dealing with events. To set the concept right once again, and using our beforePlace example let’s recall that we were using the local event manager that is returned by the getEventManager function. Internally this local event manager dispatches the event into the global one before it triggers the internal attached callbacks. The priority for each manager is independent, the global callbacks will fire in their own priority queue and then the local callbacks will get called in the respective priority order. Accessing the global event manager is as easy as calling a static function, the following example will attach a global event to the beforePlace event: attach($aCallback, ’Model.Order.beforePlace’); As you can see, we just change how we get access to an event manager instance, and we can apply the same concepts we learned before about triggering, attaching, detaching, stopping events, etc. One important thing you should consider is that there are events that will be triggered having the same name but different subjects, so checking it in the event object is usually required in any function that gets attached globally in order to prevent some bugs. Remember that extreme flexibility implies extreme complexity. Consider this callback that wants to listen for all Model beforeFinds but in reality, it cannot do its logic if the model is the Cart: attach(’myCallback’, ’Model.beforeFind’); function myCallback($event){ if ($event->subject() instanceof Cart) { return; } return array(’conditions’ => ...); } Conclusion Events are a great way of separating concerns in your application and make classes both cohesive and de- coupled from each other, nevertheless using events is not the solution to all problems. Most applications actually won’t need this feature at all, we recommend looking into other options when it comes to imple- menting callbacks such as using behaviors, components or helpers. Keep in mind that with great power comes great responsibility, decoupling your classes this way also means that you need to perform more and better integration testing on your code. Abusing this tool won’t make your apps have a better architecture, quite the opposite, it will make the code harder to read. Whereas in 220 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x contrast, if you use it wisely, only for the stuff your really need, it will make you code easier to work with, test and integrate. Additional Reading Collections Components, Helpers, Behaviors and Tasks all share a similar structure and set of behaviors. For 2.0, they were given a unified API for interacting with collections of similar objects. The collection objects in CakePHP, give you a uniform way to interact with several different kinds of objects in your application. While the examples below, will use Components, the same behavior can be expected for Helpers, Behaviors, and Tasks in addition to Components. Loading and unloading objects Loading objects on every kind of collection can be done using the load() method: Prg= $this->Components->load(’Prg’); $this->Prg->process(); When loading a component, if the component is not currently loaded into the collection, a new instance will be created. If the component is already loaded, another instance will not be created. When loading components, you can also provide additional configuration for them: Cookie= $this->Components->load(’Cookie’, array(’name’ => ’sweet’)); Any keys & values provided will be passed to the Component’s constructor. The one exception to this rule is className. ClassName is a special key that is used to alias objects in a collection. This allows you to have component names that do not reflect the classnames, which can be helpful when extending core components: Auth= $this->Components->load(’Auth’, array(’className’ => ’MyCustomAuth’)); $this->Auth->user(); // Actually using MyCustomAuth::user(); The inverse of loading an object, is unloading it. Unloaded objects are removed from memory, and will not have additional callbacks triggered on them: Components->unload(’Cookie’); $this->Cookie->read(); // Fatal error. Triggering callbacks Callbacks are supported by collection objects. When a collection has a callback triggered, that method will be called on all enabled objects in the collection. You can pass parameters to the callback loop as well: Behaviors->trigger(’afterFind’, array($this, $results, $primary)); General Purpose 221 CakePHP Cookbook Documentation, Release 2.x In the above $viewFile would be passed as the first argument to every helper’s beforeRender method. There are several options that can be used to control how callbacks are fired: • breakOn Set to the value or values you want the callback propagation to stop on. Can either be a scalar value, or an array of values to break on. Defaults to false. • break Set to true to enabled breaking. When a trigger is broken, the last returned value will be re- turned. If used in combination with collectReturn the collected results will be returned. Defaults to false. • collectReturn Set to true to collect the return of each object into an array. This array of return values will be returned from the trigger() call. Defaults to false. • triggerDisabled Will trigger the callback on all objects in the collection even the non-enabled objects. Defaults to false. • modParams Allows each object the callback gets called on to modify the parameters to the next object. Setting modParams to an integer value will allow you to modify the parameter with that index. Any non-null value will modify the parameter index indicated. Defaults to false. Canceling a callback loop Using the break and breakOn options you can cancel a callback loop midway similar to stopping event propagation in JavaScript: Behaviors->trigger( ’beforeFind’, array($this, $query), array(’break’ => true, ’breakOn’ => false), ); In the above example, if any behavior returns false from its beforeFind method, no further callbacks will be called. In addition, the return of trigger() will be false. Enabling and disabling objects Once an object is loaded into a collection you may need to disable it. Disabling an object in a collection prevents future callbacks from being fired on that object unless the triggerDisabled option is used: Helpers->disable(’Html’); // Re-enable the helper later on $this->Helpers->enable(’Html’); Disabled objects can still have their normal methods and properties used. The primary difference between an enabled and disabled object is with regards to callbacks. You can interrogate a collection about the enabled objects, or check if a specific object is still enabled using enabled(): Helpers->enabled(’Html’); 222 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x // $enabled will contain an array of helper currently enabled. $enabled= $this->Helpers->enabled(); Object callback priorities You can prioritize the triggering object callbacks similar to event callbacks. The handling of priority values and order of triggering is the same as explained here. Here’s how you can specify priority at declaration time: array(’priority’ =>9)//Bar’s callbacks are triggered before Foo’s ); public $helpers= array( ’Cache’ => array(’priority’ => 12), //Cache’s callbacks will be triggered last ’Asset’, ’Utility’ //Utility has priority 10 same as Asset and its callbacks are trigger //after Asset’s ); } array(’priority’ =>1), ’Media’ ); } When dynamically loading objects to a collection you can specify the priority like this: MyComponent= $this->Components->load(’MyComponent’, array(’priority’ =>9)); You can also change priorities at run time using the ObjectCollection::setPriority() function: Components->setPriority(’Foo’,2); //For multiple objects $this->Behaviors->setPriority(array(’Object1’ =>8, ’Object2’ =>9)); Behaviors Model behaviors are a way to organize some of the functionality defined in CakePHP models. They allow us to separate and reuse logic that creates a type of behavior, and they do this without requiring inheritance. For example creating tree structures. By providing a simple yet powerful way to enhance models, behaviors allow us to attach functionality to models by defining a simple class variable. That’s how behaviors allow models to get rid of all the extra weight that might not be part of the business contract they are modeling, or that is also needed in different models and can then be extrapolated. General Purpose 223 CakePHP Cookbook Documentation, Release 2.x As an example, consider a model that gives us access to a database table which stores structural information about a tree. Removing, adding, and migrating nodes in the tree is not as simple as deleting, inserting, and editing rows in the table. Many records may need to be updated as things move around. Rather than creating those tree-manipulation methods on a per model basis (for every model that needs that functionality), we could simply tell our model to use the TreeBehavior, or in more formal terms, we tell our model to behave as a Tree. This is known as attaching a behavior to a model. With just one line of code, our CakePHP model takes on a whole new set of methods that allow it to interact with the underlying structure. CakePHP already includes behaviors for tree structures, translated content, access control list interac- tion, not to mention the community-contributed behaviors already available in the CakePHP Bakery (http://bakery.cakephp.org). In this section, we’ll cover the basic usage pattern for adding behaviors to models, how to use CakePHP’s built-in behaviors, and how to create our own. In essence, Behaviors are Mixins (http://en.wikipedia.org/wiki/Mixin) with callbacks. Using Behaviors Behaviors are attached to models through the $actsAs model class variable: Category->id= 42; // Use behavior method, children(): $kids= $this->Category->children(); Some behaviors may require or allow settings to be defined when the behavior is attached to the model. Here, we tell our TreeBehavior the names of the “left” and “right” fields in the underlying database table: array( ’left’ => ’left_node’, ’right’ => ’right_node’ )); } We can also attach several behaviors to a model. There’s no reason why, for example, our Category model should only behave as a tree, it may also need internationalization support: array( ’left’ => ’left_node’, 224 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x ’right’ => ’right_node’ ), ’Translate’ ); } So far we have been adding behaviors to models using a model class variable. That means that our behaviors will be attached to our models throughout the model’s lifetime. However, we may need to “detach” behaviors from our models at runtime. Let’s say that on our previous Category model, which is acting as a Tree and a Translate model, we need for some reason to force it to stop acting as a Translate model: Category->Behaviors->unload(’Translate’); That will make our Category model stop behaving as a Translate model from thereon. We may need, instead, to just disable the Translate behavior from acting upon our normal model operations: our finds, our saves, etc. In fact, we are looking to disable the behavior from acting upon our CakePHP model callbacks. Instead of detaching the behavior, we then tell our model to stop informing of these callbacks to the Translate behavior: Category->Behaviors->disable(’Translate’); We may also need to find out if our behavior is handling those model callbacks, and if not we then restore its ability to react to them: Category->Behaviors->enabled(’Translate’)) { // Tell it to start doing so $this->Category->Behaviors->enable(’Translate’); } Just as we could completely detach a behavior from a model at runtime, we can also attach new behaviors. Say that our familiar Category model needs to start behaving as a Christmas model, but only on Christmas day: Category->Behaviors->load(’Christmas’); } We can also use the load method to override behavior settings: Category->Behaviors->load(’Tree’, array(’left’ => ’new_left_node’)); There’s also a method to obtain the list of behaviors a model has attached. If we pass the name of a behavior General Purpose 225 CakePHP Cookbook Documentation, Release 2.x to the method, it will tell us if that behavior is attached to the model, otherwise it will give us the list of attached behaviors: Category->Behaviors->attached(’Translate’)) { // Get the list of all behaviors the model has attached $behaviors= $this->Category->Behaviors->attached(); } Creating Behaviors Behaviors that are attached to Models get their callbacks called automatically. The callbacks are similar to those found in Models: beforeFind, afterFind, beforeSave, afterSave, beforeDelete, afterDelete and onError - see Callback Methods. Your behaviors should be placed in app/Model/Behavior. They are named in CamelCase and postfixed by Behavior, ex. NameBehavior.php. It’s often helpful to use a core behavior as a template when creating your own. Find them in lib/Cake/Model/Behavior/. Every callback and behavior method takes a reference to the model it is being called from as the first parameter. Besides implementing the callbacks, you can add settings per behavior and/or model behavior attachment. Information about specifying settings can be found in the chapters about core behaviors and their configu- ration. A quick example that illustrates how behavior settings can be passed from the model to the behavior: array( ’option1_key’ => ’option1_value’ ) ); } Since behaviors are shared across all the model instances that use them, it’s a good practice to store the settings per alias/model name that is using the behavior. When created behaviors will have their setup() method called: settings[$Model->alias])) { $this->settings[$Model->alias]= array( ’option1_key’ => ’option1_default_value’, ’option2_key’ => ’option2_default_value’, ’option3_key’ => ’option3_default_value’, ); } $this->settings[$Model->alias]= array_merge( $this->settings[$Model->alias], (array)$settings); } 226 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Creating behavior methods Behavior methods are automatically available on any model acting as the behavior. For example if you had: Duck->fly(’toronto’, ’montreal’); Although this method takes two parameters, the method signature should look like: doIt() fashion from inside a behavior method will not get the $model parameter automatically appended. Mapped methods In addition to providing ‘mixin’ methods, behaviors can also provide pattern matching methods. Behaviors can also define mapped methods. Mapped methods use pattern matching for method invocation. This allows you to create methods similar to Model::findAllByXXX methods on your behaviors. Mapped methods need to be declared in your behaviors $mapMethods array. The method signature for a mapped method is slightly different than a normal behavior mixin method: ’doSomething’); public function doSomething(Model $model, $method, $arg1, $arg2){ debug(func_get_args()); //do something } } The above will map every doXXX() method call to the behavior. As you can see, the model is still the first parameter, but the called method name will be the 2nd parameter. This allows you to munge the method name for additional information, much like Model::findAllByXX. If the above behavior was attached to a model the following would happen: doReleaseTheHounds(’homer’, ’lenny’); // would output ’ReleaseTheHounds’, ’homer’, ’lenny’ General Purpose 227 CakePHP Cookbook Documentation, Release 2.x Behavior callbacks Model Behaviors can define a number of callbacks that are triggered before/after the model callbacks of the same name. Behavior callbacks allow your behaviors to capture events in attached models and augment the parameters or splice in additional behavior. The available callbacks are: • beforeValidate is fired before a model’s beforeValidate • beforeFind is fired before a model’s beforeFind • afterFind is fired before a model’s afterFind • beforeSave is fired before a model’s beforeSave • afterSave is fired before a model’s afterSave • beforeDelete is fired after a model’s beforeDelete • afterDelete is fired before a model’s afterDelete Creating a behavior callback class ModelBehavior Model behavior callbacks are defined as simple methods in your behavior class. Much like regular behavior methods, they receive a $Model parameter as the first argument. This parameter is the model that the behavior method was invoked on. ModelBehavior::setup(Model $Model, array $settings = array()) Called when a behavior is attached to a model. The settings come from the attached model’s $actsAs property. ModelBehavior::cleanup(Model $Model) Called when a behavior is detached from a model. The base method removes model settings based on $model->alias. You can override this method and provide custom cleanup functionality. ModelBehavior::beforeFind(Model $Model, array $query) If a behavior’s beforeFind return’s false it will abort the find(). Returning an array will augment the query parameters used for the find operation. ModelBehavior::afterFind(Model $Model, mixed $results, boolean $primary) You can use the afterFind to augment the results of a find. The return value will be passed on as the results to either the next behavior in the chain or the model’s afterFind. ModelBehavior::beforeDelete(Model $Model, boolean $cascade = true) You can return false from a behavior’s beforeDelete to abort the delete. Return true to allow it con- tinue. ModelBehavior::afterDelete(Model $Model) You can use afterDelete to perform clean up operations related to your behavior. ModelBehavior::beforeSave(Model $Model) You can return false from a behavior’s beforeSave to abort the save. Return true to allow it continue. ModelBehavior::afterSave(Model $Model, boolean $created) You can use afterSave to perform clean up operations related to your behavior. $created will be true when a record is created, and false when a record is updated. 228 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x ModelBehavior::beforeValidate(Model $Model) You can use beforeValidate to modify a model’s validate array or handle any other pre-validation logic. Returning false from a beforeValidate callback will abort the validation and cause it to fail. Components Components are packages of logic that are shared between controllers. If you find yourself wanting to copy and paste things between controllers, you might consider wrapping some functionality in a component. CakePHP also comes with a fantastic set of core components you can use to aid in: • Security • Sessions • Access control lists • Emails • Cookies • Authentication • Request handling • Pagination Each of these core components are detailed in their own chapters. For now, we’ll show you how to create your own components. Creating components keeps controller code clean and allows you to reuse code between projects. Configuring Components Many of the core components require configuration. Some examples of com- ponents requiring configuration are Authentication, Cookie and EmailComponent. Configuration for these components, and for components in general, is usually done in the $components array or your controller’s beforeFilter() method: array( ’authorize’ => array(’controller’), ’loginAction’ => array(’controller’ => ’users’, ’action’ => ’login’) ), ’Cookie’ => array(’name’ => ’CookieMonster’) ); Would be an example of configuring a component with the $components array. All core components allow their configuration settings to be set in this way. In addition you can configure components in your controller’s beforeFilter() method. This is useful when you need to assign the results of a function to a component property. The above could also be expressed as: Auth->authorize= array(’controller’); $this->Auth->loginAction= array(’controller’ => ’users’, ’action’ => ’login’); General Purpose 229 CakePHP Cookbook Documentation, Release 2.x $this->Cookie->name= ’CookieMonster’; } It’s possible, however, that a component requires certain configuration options to be set before the con- troller’s beforeFilter() is run. To this end, some components allow configuration options be set in the $components array: array(’panels’ => array(’history’, ’session’)) ); Consult the relevant documentation to determine what configuration options each component provides. One common setting to use is the className option, which allows you to alias components. This feature is useful when you want to replace $this->Auth or another common Component reference with a custom implementation: array( ’className’ => ’MyAuth’ ) ); } // app/Controller/Component/MyAuthComponent.php App::uses(’AuthComponent’, ’Controller/Component’); class MyAuthComponent extends AuthComponent { // Add your code to override the core AuthComponent } The above would alias MyAuthComponent to $this->Auth in your controllers. Note: Aliasing a component replaces that instance anywhere that component is used, including inside other Components. Using Components Once you’ve included some components in your controller, using them is pretty simple. Each component you use is exposed as a property on your controller. If you had loaded up the SessionComponent and the CookieComponent in your controller, you could access them like so: Post->delete($this->request->data(’Post.id’)) { $this->Session->setFlash(’Post deleted.’); 230 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x $this->redirect(array(’action’ => ’index’)); } } Note: Since both Models and Components are added to Controllers as properties they share the same ‘namespace’. Be sure to not give a component and a model the same name. Loading components on the fly You might not need all of your components available on every controller action. In situations like this you can load a component at runtime using the Component Collection. From inside a controller you can do the following: OneTimer= $this->Components->load(’OneTimer’); $this->OneTimer->getTime(); Component Callbacks Components also offer a few request life-cycle callbacks that allow them to aug- ment the request cycle. See the base Component API for more information on the callbacks components offer. Creating a Component Suppose our online application needs to perform a complex mathematical opera- tion in many different parts of the application. We could create a component to house this shared logic for use in many different controllers. The first step is to create a new component file and class. Create the file in /app/Controller/Component/MathComponent.php. The basic structure for the compo- nent would look something like this: Math, General Purpose 231 CakePHP Cookbook Documentation, Release 2.x as well as the standard $this->Session */ public $components= array(’Math’, ’Session’); Components declared in AppController will be merged with those in your other controllers. So there is no need to re-declare the same component twice. When including Components in a Controller you can also declare a set of parameters that will be passed on to the Component’s constructor. These parameters can then be handled by the Component: array( ’precision’ =>2, ’randomGenerator’ => ’srand’ ), ’Session’, ’Auth’ ); The above would pass the array containing precision and randomGenerator to MathComponent::__construct() as the second parameter. By convention, any settings that have been passed that are also public properties on your component will have the values set based on the settings. Using other Components in your Component Sometimes one of your components may need to use another component. In this case you can include other components in your component the exact same way you include them in controllers - using the $components var: Existing->foo(); } public function bar() { // ... } } // app/Controller/Component/ExistingComponent.php App::uses(’Component’, ’Controller’); class ExistingComponent extends Component { public function foo() { // ... } } 232 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Component API class Component The base Component class offers a few methods for lazily loading other Components through ComponentCollection as well as dealing with common handling of settings. It also provides prototypes for all the component callbacks. Component::__construct(ComponentCollection $collection, $settings = array()) Constructor for the base component class. All $settings that are also public properties will have their values changed to the matching value in $settings. Callbacks Component::initialize(Controller $controller) The initialize method is called before the controller’s beforeFilter method. Component::startup(Controller $controller) The startup method is called after the controller’s beforeFilter method but before the controller exe- cutes the current action handler. Component::beforeRender(Controller $controller) The beforeRender method is called after the controller executes the requested action’s logic but before the controller’s renders views and layout. Component::shutdown(Controller $controller) The shutdown method is called before output is sent to browser. Component::beforeRedirect(Controller $controller, $url, $status=null, $exit=true) The beforeRedirect method is invoked when the controller’s redirect method is called but before any further action. If this method returns false the controller will not continue on to redirect the request. The $url, $status and $exit variables have same meaning as for the controller’s method. You can also return a string which will be interpreted as the url to redirect to or return associative array with key ‘url’ and optionally ‘status’ and ‘exit’. Helpers Helpers are the component-like classes for the presentation layer of your application. They con- tain presentational logic that is shared between many views, elements, or layouts. This chapter will show you how to create your own helpers, and outline the basic tasks CakePHP’s core helpers can help you accomplish. CakePHP features a number of helpers that aid in view creation. They assist in creating well-formed markup (including forms), aid in formatting text, times and numbers, and can even speed up Ajax functionality. For more information on the helpers included in CakePHP, check out Helpers. Using and Configuring Helpers You enable helpers in CakePHP by making a controller aware of them. Each controller has a $helpers property that lists the helpers to be made available in the view. To enable a helper in your view, add the name of the helper to the controller’s $helpers array: helpers[]= ’Time’; } public function mix{ // The Time helper is not loaded here and thus not available } } If you need to enable a helper for all controllers add the name of the helper to the $helpers array in /app/Controller/AppController.php (or create if not present). Remember to include the default Html and Form helpers: array(’option1’ => ’value1’)); } One common setting to use is the className option, which allows you to create aliased helpers in your views. This feature is useful when you want to replace $this->Html or another common Helper reference with a custom implementation: array( ’className’ => ’MyHtml’ 234 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x ) ); } // app/View/Helper/MyHtmlHelper.php App::uses(’HtmlHelper’, ’View/Helper’); class MyHtmlHelper extends HtmlHelper { // Add your code to override the core HtmlHelper } The above would alias MyHtmlHelper to $this->Html in your views. Note: Aliasing a helper replaces that instance anywhere that helper is used, including inside other Helpers. Tip: Aliasing the Html or Session Helper while using the core PagesController will not work. It is better to copy lib/Cake/Controller/PagesController.php into your app/Controller/ folder. Using helper settings allows you to declaratively configure your helpers and keep configuration logic out of your controller actions. If you have configuration options that cannot be included as part of a class declaration, you can set those in your controller’s beforeRender callback: helpers[’CustomStuff’]= $this->_getCustomStuffSettings(); } } Using Helpers Once you’ve configured which helpers you want to use in your controller, each helper is exposed as a public property in the view. For example, if you were using the HtmlHelper you would be able to access it by doing the following: Html->css(’styles’); The above would call the css method on the HtmlHelper. You can access any loaded helper using $this->{$helperName}. There may come a time where you need to dynamically load a helper from inside a view. You can use the view’s HelperCollection to do this: Helpers->load(’Media’, $mediaSettings); The HelperCollection is a collection and supports the collection API used elsewhere in CakePHP. Callback methods Helpers feature several callbacks that allow you to augment the view rendering pro- cess. See the Helper API and the Collections documentation for more information. General Purpose 235 CakePHP Cookbook Documentation, Release 2.x Creating Helpers If a core helper (or one showcased on github or the Bakery) doesn’t fit your needs, helpers are easy to create. Let’s say we wanted to create a helper that could be used to output a specifically crafted CSS-styled link you needed many different places in your application. In order to fit your logic in to CakePHP’s existing helper structure, you’ll need to create a new class in /app/View/Helper. Let’s call our helper LinkHelper. The actual PHP class file would look something like this: Html->link($title, $url, array(’class’ => ’edit’)); return ’
    ’. $link. ’
    ’; } } Using your Helper Once you’ve created your helper and placed it in /app/View/Helper/, you’ll be able to include it in your controllers using the special variable $helpers: Link->makeEdit(’Change this Recipe’, ’/recipes/edit/5’); ?> Creating Functionality for All Helpers All helpers extend a special class, AppHelper (just like models extend AppModel and controllers extend AppController). To create functionality that would be available to all helpers, create /app/View/Helper/AppHelper.php: Prg= $this->Components->load(’Prg’); $this->Prg->process(); When loading a component, if the component is not currently loaded into the collection, a new instance will be created. If the component is already loaded, another instance will not be created. When loading components, you can also provide additional configuration for them: Cookie= $this->Components->load(’Cookie’, array(’name’ => ’sweet’)); 238 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Any keys & values provided will be passed to the Component’s constructor. The one exception to this rule is className. ClassName is a special key that is used to alias objects in a collection. This allows you to have component names that do not reflect the classnames, which can be helpful when extending core components: Auth= $this->Components->load(’Auth’, array(’className’ => ’MyCustomAuth’)); $this->Auth->user(); // Actually using MyCustomAuth::user(); The inverse of loading an object, is unloading it. Unloaded objects are removed from memory, and will not have additional callbacks triggered on them: Components->unload(’Cookie’); $this->Cookie->read(); // Fatal error. Triggering callbacks Callbacks are supported by collection objects. When a collection has a callback triggered, that method will be called on all enabled objects in the collection. You can pass parameters to the callback loop as well: Behaviors->trigger(’afterFind’, array($this, $results, $primary)); In the above $viewFile would be passed as the first argument to every helper’s beforeRender method. There are several options that can be used to control how callbacks are fired: • breakOn Set to the value or values you want the callback propagation to stop on. Can either be a scalar value, or an array of values to break on. Defaults to false. • break Set to true to enabled breaking. When a trigger is broken, the last returned value will be re- turned. If used in combination with collectReturn the collected results will be returned. Defaults to false. • collectReturn Set to true to collect the return of each object into an array. This array of return values will be returned from the trigger() call. Defaults to false. • triggerDisabled Will trigger the callback on all objects in the collection even the non-enabled objects. Defaults to false. • modParams Allows each object the callback gets called on to modify the parameters to the next object. Setting modParams to an integer value will allow you to modify the parameter with that index. Any non-null value will modify the parameter index indicated. Defaults to false. Canceling a callback loop Using the break and breakOn options you can cancel a callback loop midway similar to stopping event propagation in JavaScript: Behaviors->trigger( ’beforeFind’, array($this, $query), General Purpose 239 CakePHP Cookbook Documentation, Release 2.x array(’break’ => true, ’breakOn’ => false), ); In the above example, if any behavior returns false from its beforeFind method, no further callbacks will be called. In addition, the return of trigger() will be false. Enabling and disabling objects Once an object is loaded into a collection you may need to disable it. Disabling an object in a collection prevents future callbacks from being fired on that object unless the triggerDisabled option is used: Helpers->disable(’Html’); // Re-enable the helper later on $this->Helpers->enable(’Html’); Disabled objects can still have their normal methods and properties used. The primary difference between an enabled and disabled object is with regards to callbacks. You can interrogate a collection about the enabled objects, or check if a specific object is still enabled using enabled(): Helpers->enabled(’Html’); // $enabled will contain an array of helper currently enabled. $enabled= $this->Helpers->enabled(); Object callback priorities You can prioritize the triggering object callbacks similar to event callbacks. The handling of priority values and order of triggering is the same as explained here. Here’s how you can specify priority at declaration time: array(’priority’ =>9)//Bar’s callbacks are triggered before Foo’s ); public $helpers= array( ’Cache’ => array(’priority’ => 12), //Cache’s callbacks will be triggered last ’Asset’, ’Utility’ //Utility has priority 10 same as Asset and its callbacks are trigger //after Asset’s ); } 240 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x array(’priority’ =>1), ’Media’ ); } When dynamically loading objects to a collection you can specify the priority like this: MyComponent= $this->Components->load(’MyComponent’, array(’priority’ =>9)); You can also change priorities at run time using the ObjectCollection::setPriority() function: Components->setPriority(’Foo’,2); //For multiple objects $this->Behaviors->setPriority(array(’Object1’ =>8, ’Object2’ =>9)); Behaviors Behaviors add extra functionality to your models. CakePHP comes with a number of built-in behaviors such as TreeBehavior and ContainableBehavior. To learn about creating and using behaviors, read the section on Behaviors. Behaviors ACL class AclBehavior The Acl behavior provides a way to seamlessly integrate a model with your ACL system. It can create both AROs or ACOs transparently. To use the new behavior, you can add it to the $actsAs property of your model. When adding it to the actsAs array you choose to make the related Acl entry an ARO or an ACO. The default is to create ACOs: array(’type’ => ’requester’)); } This would attach the Acl behavior in ARO mode. To join the ACL behavior in ACO mode use: Behaviors 241 CakePHP Cookbook Documentation, Release 2.x array(’type’ => ’controlled’)); } For User and Group models it is common to have both ACO and ARO nodes, to achieve this use: array(’type’ => ’both’)); } You can also attach the behavior on the fly like so: Post->Behaviors->attach(’Acl’, array(’type’ => ’controlled’)); Changed in version 2.1: You can now safely attach AclBehavior to AppModel. Aco, Aro and AclNode now extend Model instead of AppModel, which would cause an infinite loop. If your application depends on having those models to extend AppModel for some reason, then copy AclNode to your application and have it extend AppModel again. Using the AclBehavior Most of the AclBehavior works transparently on your Model’s afterSave(). However, using it requires that your Model has a parentNode() method defined. This is used by the AclBehavior to determine parent->child relationships. A model’s parentNode() method must return null or return a parent Model reference: id&& empty($this->data)) { return null; } $data= $this->data; if (empty($this->data)) { $data= $this->read(); } 242 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x if (!$data[’User’][’group_id’]) { return null; } else { return array(’Group’ => array(’id’ => $data[’User’][’group_id’])); } } In the above example the return is an array that looks similar to the results of a model find. It is important to have the id value set or the parentNode relation will fail. The AclBehavior uses this data to construct its tree structure. node() The AclBehavior also allows you to retrieve the Acl node associated with a model record. After setting $model->id. You can use $model->node() to retrieve the associated Acl node. You can also retrieve the Acl Node for any row, by passing in a data array: User->id=1; $node= $this->User->node(); $user= array(’User’ => array( ’id’ =>1 )); $node= $this->User->node($user); Will both return the same Acl Node information. If you had setup AclBehavior to create both ACO and ARO nodes, you need to specify which node type you want: User->id=1; $node= $this->User->node( null, ’Aro’); $user= array(’User’ => array( ’id’ =>1 )); $node= $this->User->node($user, ’Aro’); Containable class ContainableBehavior A new addition to the CakePHP 1.2 core is the ContainableBehavior. This model behavior allows you to filter and limit model find operations. Using Containable will help you cut down on needless wear and tear on your database, increasing the speed and overall performance of your application. The class will also help you search and filter your data for your users in a clean and consistent way. Behaviors 243 CakePHP Cookbook Documentation, Release 2.x Containable allows you to streamline and simplify operations on your model bindings. It works by temporar- ily or permanently altering the associations of your models. It does this by using supplied the containments to generate a series of bindModel and unbindModel calls. To use the new behavior, you can add it to the $actsAs property of your model: Post->Behaviors->attach(’Containable’); Using Containable To see how Containable works, let’s look at a few examples. First, we’ll start off with a find() call on a model named Post. Let’s say that Post hasMany Comment, and Post hasAndBelongsToMany Tag. The amount of data fetched in a normal find() call is rather extensive: Post->find(’all’)); [0] => Array ( [Post] => Array ( [id] =>1 [title] => First article [content] => aaa [created] => 2008-05-18 00:00:00 ) [Comment] => Array ( [0] => Array ( [id] =>1 [post_id] =>1 [author] => Daniel [email] => dan@example.com [website] => http://example.com [comment] => First comment [created] => 2008-05-18 00:00:00 ) [1] => Array ( [id] =>2 [post_id] =>1 [author] => Sam [email] => sam@example.net 244 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x [website] => http://example.net [comment] => Second comment [created] => 2008-05-18 00:00:00 ) ) [Tag] => Array ( [0] => Array ( [id] =>1 [name] => Awesome ) [1] => Array ( [id] =>2 [name] => Baking ) ) ) [1] => Array ( [Post] => Array (... For some interfaces in your application, you may not need that much information from the Post model. One thing the ContainableBehavior does is help you cut down on what find() returns. For example, to get only the post-related information, you can do the following: Post->contain(); $this->Post->find(’all’); You can also invoke Containable’s magic from inside the find() call: Post->find(’all’, array(’contain’ => false)); Having done that, you end up with something a lot more concise: [0] => Array ( [Post] => Array ( [id] => 1 [title] => First article [content] => aaa [created] => 2008-05-18 00:00:00 ) ) [1] => Array ( [Post] => Array ( Behaviors 245 CakePHP Cookbook Documentation, Release 2.x [id] => 2 [title] => Second article [content] => bbb [created] => 2008-05-19 00:00:00 ) ) This sort of help isn’t new: in fact, you can do that without the ContainableBehavior doing something like this: Post->recursive=-1; $this->Post->find(’all’); Containable really shines when you have complex associations, and you want to pare down things that sit at the same level. The model’s $recursive property is helpful if you want to hack off an entire level of recursion, but not when you want to pick and choose what to keep at each level. Let’s see how it works by using the contain() method. The contain method’s first argument accepts the name, or an array of names, of the models to keep in the find operation. If we wanted to fetch all posts and their related tags (without any comment information), we’d try something like this: Post->contain(’Tag’); $this->Post->find(’all’); Again, we can use the contain key inside a find() call: Post->find(’all’, array(’contain’ => ’Tag’)); Without Containable, you’d end up needing to use the unbindModel() method of the model, multiple times if you’re paring off multiple models. Containable creates a cleaner way to accomplish this same task. Containing deeper associations Containable also goes a step deeper: you can filter the data of the associated models. If you look at the results of the original find() call, notice the author field in the Comment model. If you are interested in the posts and the names of the comment authors — and nothing else — you could do something like the following: Post->contain(’Comment.author’); $this->Post->find(’all’); // or.. $this->Post->find(’all’, array(’contain’ => ’Comment.author’)); Here, we’ve told Containable to give us our post information, and just the author field of the associated Comment model. The output of the find call might look something like this: 246 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x [0] => Array ( [Post] => Array ( [id] => 1 [title] => First article [content] => aaa [created] => 2008-05-18 00:00:00 ) [Comment] => Array ( [0] => Array ( [author] => Daniel [post_id] => 1 ) [1] => Array ( [author] => Sam [post_id] => 1 ) ) ) [1] => Array (... As you can see, the Comment arrays only contain the author field (plus the post_id which is needed by CakePHP to map the results). You can also filter the associated Comment data by specifying a condition: Post->contain(’Comment.author = "Daniel"’); $this->Post->find(’all’); //or... $this->Post->find(’all’, array(’contain’ => ’Comment.author = "Daniel"’)); This gives us a result that gives us posts with comments authored by Daniel: [0] => Array ( [Post] => Array ( [id] => 1 [title] => First article [content] => aaa [created] => 2008-05-18 00:00:00 ) [Comment] => Array ( [0] => Array ( Behaviors 247 CakePHP Cookbook Documentation, Release 2.x [id] => 1 [post_id] => 1 [author] => Daniel [email] => dan@example.com [website] => http://example.com [comment] => First comment [created] => 2008-05-18 00:00:00 ) ) ) Additional filtering can be performed by supplying the standard find options: Post->find(’all’, array(’contain’ => array( ’Comment’ => array( ’conditions’ => array(’Comment.author =’ =>"Daniel"), ’order’ => ’Comment.created DESC’ ) ))); Here’s an example of using the ContainableBehavior when you’ve got deep and complex model relationships. Let’s consider the following model associations: User->Profile User->Account->AccountSummary User->Post->PostAttachment->PostAttachmentHistory->HistoryNotes User->Post->Tag This is how we retrieve the above associations with Containable: User->find(’all’, array( ’contain’ => array( ’Profile’, ’Account’ => array( ’AccountSummary’ ), ’Post’ => array( ’PostAttachment’ => array( ’fields’ => array(’id’, ’name’), ’PostAttachmentHistory’ => array( ’HistoryNotes’ => array( ’fields’ => array(’id’, ’note’) ) ) ), ’Tag’ => array( ’conditions’ => array(’Tag.name LIKE’ => ’%happy%’) ) ) ) 248 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x )); Keep in mind that contain key is only used once in the main model, you don’t need to use ‘contain’ again for related models Note: When using ‘fields’ and ‘contain’ options - be careful to include all foreign keys that your query directly or indirectly requires. Please also note that because Containable must to be attached to all models used in containment, you may consider attaching it to your AppModel. ContainableBehavior options The ContainableBehavior has a number of options that can be set when the Behavior is attached to a model. The settings allow you to fine tune the behavior of Containable and work with other behaviors more easily. • recursive (boolean, optional) set to true to allow containable to automatically determine the recur- siveness level needed to fetch specified models, and set the model recursiveness to this level. setting it to false disables this feature. The default value is true. • notices (boolean, optional) issues E_NOTICES for bindings referenced in a containable call that are not valid. The default value is true. • autoFields: (boolean, optional) auto-add needed fields to fetch requested bindings. The default value is true. You can change ContainableBehavior settings at run time by reattaching the behavior as seen in Additional Methods and Properties ContainableBehavior can sometimes cause issues with other behaviors or queries that use aggregate func- tions and/or GROUP BY statements. If you get invalid SQL errors due to mixing of aggregate and non- aggregate fields, try disabling the autoFields setting.: Post->Behaviors->attach(’Containable’, array(’autoFields’ => false)); Using Containable with pagination By including the ‘contain’ parameter in the $paginate property it will apply to both the find(‘count’) and the find(‘all’) done on the model See the section Using Containable for further details. Here’s an example of how to contain associations when paginating: paginate[’User’]= array( ’contain’ => array(’Profile’, ’Account’), ’order’ => ’User.username’ ); $users= $this->paginate(’User’); Behaviors 249 CakePHP Cookbook Documentation, Release 2.x Translate class TranslateBehavior TranslateBehavior is actually quite easy to setup and works out of the box with very little configuration. In this section, you will learn how to add and setup the behavior to use in any model. If you are using TranslateBehavior in alongside containable issue, be sure to set the ‘fields’ key for your queries. Otherwise you could end up with invalid SQL generated. Initializing the i18n Database Tables You can either use the CakePHP console or you can manually create it. It is advised to use the console for this, because it might happen that the layout changes in future versions of CakePHP. Sticking to the console will make sure that you have the correct layout.: ./cake i18n Select [I] which will run the i18n database initialization script. You will be asked if you want to drop any existing and if you want to create it. Answer with yes if you are sure there is no i18n table already, and answer with yes again to create the table. Attaching the Translate Behavior to your Models Add it to your model by using the $actsAs property like in the following example.: array( ’fieldOne’, ’fieldTwo’, ’and_so_on’ ) ); } 250 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x After you have done that (for example putting “title” as one of the fields) you already finished the basic setup. Great! According to our current example the model should now look something like this: array( ’title’ ) ); } When defining fields for TranslateBehavior to translate, be sure to omit those fields from the translated model’s schema. If you leave the fields in, there can be issues when retrieving data with fallback locales. Conclusion From now on each record update/creation will cause TranslateBehavior to copy the value of “title” to the translation table (default: i18n) along with the current locale. A locale is the identifier of the language, so to speak. Reading translated content By default the TranslateBehavior will automatically fetch and add in data based on the current locale. The current locale is read from Configure::read(’Config.language’) which is assigned by the L10n class. You can override this default on the fly using $Model->locale. Retrieve translated fields in a specific locale By setting $Model->locale you can read translations for a specific locale: Post->locale= ’es’; $results= $this->Post->find(’first’, array( ’conditions’ => array(’Post.id’ => $id) )); // $results will contain the spanish translation. If you need to read translated content for multiple locales at the same time you can do so by setting locale to an array of locales: Post->locale= array(’es’, ’pt’); $results= $this->Post->find(’first’, array( ’conditions’ => array(’Post.id’ => $id) )); // $results will contain the portuguese and spanish translation. Behaviors 251 CakePHP Cookbook Documentation, Release 2.x Retrieve all translation records for a field If you want to have all translation records attached to the current model record you simply extend the field array in your behavior setup as shown below. The naming is completely up to you.: array( ’title’ => ’titleTranslation’ ) ); } With this setup the result of $this->Post->find() should look something like this: Array ( [Post] => Array ( [id] => 1 [title] => Beispiel Eintrag [body] => lorem ipsum... [locale] => de_de ) [titleTranslation] => Array ( [0] => Array ( [id] => 1 [locale] => en_us [model] => Post [foreign_key] => 1 [field] => title [content] => Example entry ) [1] => Array ( [id] => 2 [locale] => de_de [model] => Post [foreign_key] => 1 [field] => title [content] => Beispiel Eintrag ) ) ) Note: The model record contains a virtual field called “locale”. It indicates which locale is used in this result. Note that only fields of the model you are directly doing ‘find‘ on will be translated. Models attached via as- 252 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x sociations won’t be translated because triggering callbacks on associated models is currently not supported. Using the bindTranslation method You can also retrieve all translations, only when you need them, using the bindTranslation method bindTranslation($fields, $reset) $fields is a named-key array of field and association name, where the key is the translatable field and the value is the fake association name.: Post->bindTranslation(array(’title’ => ’titleTranslation’)); $this->Post->find(’all’, array(’recursive’ =>1)); // need at least recursive 1 for this to work. With this setup the result of your find() should look something like this: Array ( [Post] => Array ( [id] => 1 [title] => Beispiel Eintrag [body] => lorem ipsum... [locale] => de_de ) [titleTranslation] => Array ( [0] => Array ( [id] => 1 [locale] => en_us [model] => Post [foreign_key] => 1 [field] => title [content] => Example entry ) [1] => Array ( [id] => 2 [locale] => de_de [model] => Post [foreign_key] => 1 [field] => title [content] => Beispiel Eintrag ) ) ) Behaviors 253 CakePHP Cookbook Documentation, Release 2.x Saving in another language You can force the model which is using the TranslateBehavior to save in a language other than the on detected. To tell a model in what language the content is going to be you simply change the value of the $locale property on the model before you save the data to the database. You can do that either in your controller or you can define it directly in the model. Example A: In your controller: request->data)) { $this->Post->locale= ’de_de’;// we are going to save the german version $this->Post->create(); if ($this->Post->save($this->request->data)) { $this->redirect(array(’action’ => ’index’)); } } } } Example B: In your model: array( ’title’ ) ); // Option 1) just define the property directly public $locale= ’en_us’; // Option 2) create a simple method public function setLanguage($locale){ $this->locale= $locale; } } Multiple Translation Tables If you expect a lot entries you probably wonder how to deal with a rapidly growing database table. There are two properties introduced by TranslateBehavior that allow to specify which “Model” to bind as the model containing the translations. These are $translateModel and $translateTable. 254 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Lets say we want to save our translations for all posts in the table “post_i18ns” instead of the default “i18n” table. To do so you need to setup your model like this: array( ’title’ ) ); // Use a different model (and table) public $translateModel= ’PostI18n’; } Important is that you have to pluralize the table. It is now a usual model and can be treated as such and thus comes with the conventions involved. The table schema itself must be identical with the one generated by the CakePHP console script. To make sure it fits one could just initialize a empty i18n table using the console and rename the table afterwards. Create the TranslateModel For this to work you need to create the actual model file in your models folder. Reason is that there is no property to set the displayField directly in the model using this behavior yet. Make sure that you change the $displayField to ’field’.: array( ’title’ ) ); // Use a different model public $translateModel= ’PostI18n’; // Use a different table for translateModel Behaviors 255 CakePHP Cookbook Documentation, Release 2.x public $translateTable= ’post_translations’; } Please note that you can’t use $translateTable alone. If you don’t intend to use a custom $translateModel then leave this property untouched. Reason is that it would break your setup and show you a “Missing Table” message for the default I18n model which is created in runtime. Tree class TreeBehavior It’s fairly common to want to store hierarchical data in a database table. Examples of such data might be categories with unlimited subcategories, data related to a multilevel menu system or a literal representation of hierarchy such as is used to store access control objects with ACL logic. For small trees of data, or where the data is only a few levels deep it is simple to add a parent_id field to your database table and use this to keep track of which item is the parent of what. Bun- dled with cake however, is a powerful behavior which allows you to use the benefits of MPTT logic (http://www.sitepoint.com/hierarchical-data-database-2/) without worrying about any of the intricacies of the technique - unless you want to ;). Requirements To use the tree behavior, your database table needs 3 fields as listed below (all are ints): • parent - default fieldname is parent_id, to store the id of the parent object • left - default fieldname is lft, to store the lft value of the current row. • right - default fieldname is rght, to store the rght value of the current row. If you are familiar with MPTT logic you may wonder why a parent field exists - quite simply it’s easier to do certain tasks if a direct parent link is stored on the database - such as finding direct children. Note: The parent field must be able to have a NULL value! It might seem to work if you just give the top elements a parent value of zero, but reordering the tree (and possible other operations) will fail. Basic Usage The tree behavior has a lot packed into it, but let’s start with a simple example - create the following database table and put some data in it: CREATE TABLE categories ( id INTEGER(10) UNSIGNED NOT NULL AUTO_INCREMENT, parent_id INTEGER(10) DEFAULT NULL, lft INTEGER(10) DEFAULT NULL, rght INTEGER(10) DEFAULT NULL, name VARCHAR(255) DEFAULT ’’, 256 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x PRIMARY KEY (id) ); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(1, ’My Categories’, NULL, 1, 30); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(2, ’Fun’, 1, 2, 15); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(3, ’Sport’, 2, 3, 8); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(4, ’Surfing’, 3, 4, 5); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(5, ’Extreme knitting’, 3, 6, 7); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(6, ’Friends’, 2, 9, 14); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(7, ’Gerald’, 6, 10, 11); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(8, ’Gwendolyn’, 6, 12, 13); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(9, ’Work’, 1, 16, 29); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(10, ’Reports’, 9, 17, 22); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(11, ’Annual’, 10, 18, 19); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(12, ’Status’, 10, 20, 21); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(13, ’Trips’, 9, 23, 28); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(14, ’National’, 13, 24, 25); INSERT INTO ‘categories‘ (‘id‘, ‘name‘, ‘parent_id‘, ‘lft‘, ‘rght‘) VALUES(15, ’International’, 13, 26, 27); For the purpose of checking that everything is setup correctly, we can create a test method and output the contents of our category tree to see what it looks like. With a simple controller: Category->generateTreeList( null, null, null, ’   ’); debug($data); die; } } and an even simpler model definition: Category->save($data); When using the tree behavior it’s not necessary to do any more than set the parent_id, and the tree behavior will take care of the rest. If you don’t set the parent_id, the tree behavior will add to the tree making your new addition a new top level entry: Category->save($data); Running the above two code snippets would alter your tree as follows: • My Categories – Fun * Sport · Surfing · Extreme knitting · Skating New * Friends · Gerald · Gwendolyn – Work 258 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x * Reports · Annual · Status * Trips · National · International • Other People’s Categories New Modifying data Modifying data is as transparent as adding new data. If you modify something, but do not change the parent_id field - the structure of your data will remain unchanged. For example: Category->id=5;// id of Extreme knitting $this->Category->save(array(’name’ => ’Extreme fishing’)); The above code did not affect the parent_id field - even if the parent_id is included in the data that is passed to save if the value doesn’t change, neither does the data structure. Therefore the tree of data would now look like: • My Categories • Fun • Sport – Surfing – Extreme fishing Updated – Skating • Friends – Gerald – Gwendolyn • Work • Reports – Annual – Status • Trips – National – International • Other People’s Categories Behaviors 259 CakePHP Cookbook Documentation, Release 2.x Moving data around in your tree is also a simple affair. Let’s say that Extreme fishing does not belong under Sport, but instead should be located under Other People’s Categories. With the following code: Category->id=5;// id of Extreme fishing $newParentId= $this->Category->field(’id’, array(’name’ => ’Other People\’s Categories’)); $this->Category->save(array(’parent_id’ => $newParentId)); As would be expected the structure would be modified to: • My Categories • Fun – Sport * Surfing * Skating – Friends * Gerald * Gwendolyn • Work – Reports * Annual * Status – Trips * National * International • Other People’s Categories • Extreme fishing Moved Deleting data The tree behavior provides a number of ways to manage deleting data. To start with the simplest example; let’s say that the reports category is no longer useful. To remove it and any children it may have just call delete as you would for any model. For example with the following code: Category->id= 10; $this->Category->delete(); The category tree would be modified as follows: • My Categories • Fun 260 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x – Sport * Surfing * Skating – Friends * Gerald * Gwendolyn • Work – Trips * National * International • Other People’s Categories • Extreme fishing Querying and using your data Using and manipulating hierarchical data can be a tricky business. In addition to the core find methods, with the tree behavior there are a few more tree-orientated permutations at your disposal. Note: Most tree behavior methods return and rely on data being sorted by the lft field. If you call find() and do not order by lft, or call a tree behavior method and pass a sort order, you may get undesirable results. class TreeBehavior children($id = null, $direct = false, $fields = null, $order = null, $limit = null, $page = 1, $recursive = null) Parameters • $id – The ID of the record to look up • $direct – Set to true to return only the direct descendants • $fields – Single string field name or array of fields to include in the return • $order – SQL string of ORDER BY conditions • $limit – SQL LIMIT statement • $page – for accessing paged results • $recursive – Number of levels deep for recursive associated Models Behaviors 261 CakePHP Cookbook Documentation, Release 2.x The children method takes the primary key value (the id) of a row and returns the children, by default in the order they appear in the tree. The second optional parameter defines whether or not only direct children should be returned. Using the example data from the previous section: Category->children(1); // a flat array with 11 items // -- or -- $this->Category->id=1; $allChildren= $this->Category->children(); // a flat array with 11 items // Only return direct children $directChildren= $this->Category->children(1, true); // a flat array with 2 items Note: If you want a recursive array use find(’threaded’) childCount($id = null, $direct = false) As with the method children, childCount takes the primary key value (the id) of a row and returns how many children it has. The second optional parameter defines whether or not only direct children are counted. Using the example data from the previous section: Category->childCount(1); // will output 11 // -- or -- $this->Category->id=1; $directChildren= $this->Category->childCount(); // will output 11 // Only counts the direct descendants of this category $numChildren= $this->Category->childCount(1, true); // will output 2 generateTreeList($conditions=null, $keyPath=null, $valuePath=null, $spacer= ‘_’, $recursive=null) Parameters • $conditions – Uses the same conditional options as find(). • $keyPath – Path to the field to use for the key. • $valuePath – Path to the field to use for the label. • $spacer – The string to use in front of each item to indicate depth. • $recursive – The number of levels deep to fetch associated records This method will return data similar to find(‘list’), with an indented prefix to show the structure of your data. Below is an example of what you can expect this method to return: Category->generateTreeList(); Output: 262 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x array( [1] => "My Categories", [2] => "_Fun", [3] => "__Sport", [4] => "___Surfing", [16] => "___Skating", [6] => "__Friends", [7] => "___Gerald", [8] => "___Gwendolyn", [9] => "_Work", [13] => "__Trips", [14] => "___National", [15] => "___International", [17] => "Other People’s Categories", [5] => "_Extreme fishing" ) getParentNode() This convenience function will, as the name suggests, return the parent node for any node, or false if the node has no parent (it’s the root node). For example: Category->getParentNode(2); //<- id for fun // $parent contains All categories getPath($id = null, $fields = null, $recursive = null) The ‘path’ when referring to hierarchal data is how you get from where you are to the top. So for example the path from the category “International” is: •My Categories •... •Work –Trips *... *International Using the id of “International” getPath will return each of the parents in turn (starting from the top).: Category->getPath(15); // contents of $parents array( [0] => array(’Category’ => array(’id’ => 1, ’name’ => ’My Categories’, ..)), [1] => array(’Category’ => array(’id’ => 9, ’name’ => ’Work’, ..)), [2] => array(’Category’ => array(’id’ => 13, ’name’ => ’Trips’, ..)), [3] => array(’Category’ => array(’id’ => 15, ’name’ => ’International’, ..)), ) Behaviors 263 CakePHP Cookbook Documentation, Release 2.x Advanced Usage The tree behavior doesn’t only work in the background, there are a number of specific meth- ods defined in the behavior to cater for all your hierarchical data needs, and any unexpected problems that might arise in the process. TreeBehavior::moveDown() Used to move a single node down the tree. You need to provide the ID of the element to be moved and a positive number of how many positions the node should be moved down. All child nodes for the specified node will also be moved. Here is an example of a controller action (in a controller named Categories) that moves a spec- ified node down the tree: Category->id= $id; if (!$this->Category->exists()) { throw new NotFoundException(__(’Invalid category’)); } if ($delta>0){ $this->Category->moveDown($this->Category->id, abs($delta)); } else { $this->Session->setFlash(’Please provide the number of positions the field should be moved down.’); } $this->redirect(array(’action’ => ’index’), null, true); } For example, if you’d like to move the “Sport” ( id of 3 ) category one position down, you would request: /categories/movedown/3/1. TreeBehavior::moveUp() Used to move a single node up the tree. You need to provide the ID of the element to be moved and a positive number of how many positions the node should be moved up. All child nodes will also be moved. Here’s an example of a controller action (in a controller named Categories) that moves a node up the tree: Category->id= $id; if (!$this->Category->exists()) { throw new NotFoundException(__(’Invalid category’)); } if ($delta>0){ $this->Category->moveUp($this->Category->id, abs($delta)); } else { $this->Session->setFlash(’Please provide a number of positions the category should be moved up.’); 264 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x } $this->redirect(array(’action’ => ’index’), null, true); } For example, if you would like to move the category “Gwendolyn” ( id of 8 ) up one position you would request /categories/moveup/8/1. Now the order of Friends will be Gwendolyn, Gerald. TreeBehavior::removeFromTree($id = null, $delete = false) Using this method will either delete or move a node but retain its sub-tree, which will be re- parented one level higher. It offers more control than delete, which for a model using the tree behavior will remove the specified node and all of its children. Taking the following tree as a starting point: • My Categories – Fun * Sport · Surfing · Extreme knitting · Skating Running the following code with the id for ‘Sport’: Node->removeFromTree($id); The Sport node will be become a top level node: • My Categories – Fun * Surfing * Extreme knitting * Skating • Sport Moved This demonstrates the default behavior of removeFromTree of moving the node to have no parent, and re-parenting all children. If however the following code snippet was used with the id for ‘Sport’: Node->removeFromTree($id, true); The tree would become • My Categories Behaviors 265 CakePHP Cookbook Documentation, Release 2.x – Fun * Surfing * Extreme knitting * Skating This demonstrates the alternate use for removeFromTree, the children have been reparented and ‘Sport’ has been deleted. TreeBehavior::reorder(array(‘id’ => null,‘field’ => $Model->displayField, ‘order’ => ‘ASC’,‘verify’ => true)) Reorders the nodes (and child nodes) of the tree according to the field and direction specified in the parameters. This method does not change the parent of any node.: reorder(array( ’id’ =>,//id of record to use as top node for reordering, default: $Model->id ’field’ =>,//which field to use in reordering, default: $Model->displayField ’order’ =>,//direction to order, default: ’ASC’ ’verify’ => //whether or not to verify the tree before reorder, default: true )); Note: If you have saved your data or made other operations on the model, you might want to set $model->id = null before calling reorder. Otherwise only the current node and it’s children will be reordered. Data Integrity Due to the nature of complex self referential data structures such as trees and linked lists, they can occasionally become broken by a careless call. Take heart, for all is not lost! The Tree Behavior contains several previously undocumented features designed to recover from such situations. TreeBehavior::recover($mode = ‘parent’, $missingParentAction = null) The mode parameter is used to specify the source of info that is valid/correct. The opposite source of data will be populated based upon that source of info. E.g. if the MPTT fields are corrupt or empty, with the $mode ’parent’ the values of the parent_id field will be used to populate the left and right fields. The missingParentAction parameter only applies to “parent” mode and determines what to do if the parent field contains an id that is not present. Available $mode options: •’parent’ - use the existing parent_id‘s to update the lft and rght fields •’tree’ - use the existing lft and rght fields to update parent_id Available missingParentActions options when using mode=’parent’: • null - do nothing and carry on 266 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x •’return’ - do nothing and return •’delete’ - delete the node • int - set the parent_id to this id Example: Category->recover(); // or $this->Category->recover(’parent’); // Rebuild all the parent_id’s based on the lft and rght fields $this->Category->recover(’tree’); TreeBehavior::reorder($options = array()) Reorders the nodes (and child nodes) of the tree according to the field and direction specified in the parameters. This method does not change the parent of any node. Reordering affects all nodes in the tree by default, however the following options can affect the process: •’id’ - only reorder nodes below this node. •’field‘ - field to use for sorting, default is the displayField for the model. •’order’ -’ASC’ for ascending, ’DESC’ for descending sort. •’verify’ - whether or not to verify the tree prior to resorting. $options is used to pass all extra parameters, and has the following possible keys by default, all of which are optional: array( ’id’ => null, ’field’ => $model->displayField, ’order’ => ’ASC’, ’verify’ => true ) TreeBehavior::verify() Returns true if the tree is valid otherwise an array of errors, with fields for type, incorrect index and message. Each record in the output array is an array of the form (type, id, message) • type is either ’index’ or ’node’ •’id’ is the id of the erroneous node. •’message’ depends on the error Example Use: Behaviors 267 CakePHP Cookbook Documentation, Release 2.x Category->verify(); Example output: Array ( [0] => Array ( [0] => node [1] => 3 [2] => left and right values identical ) [1] => Array ( [0] => node [1] => 2 [2] => The parent node 999 doesn’t exist ) [10] => Array ( [0] => index [1] => 123 [2] => missing ) [99] => Array ( [0] => node [1] => 163 [2] => left greater than right ) ) Components CakePHP has a selection of components to help take care of basic tasks in your controllers. See the section on Components for how to configure and use components. Components Access Control Lists class AclComponent(ComponentCollection $collection, array $settings = array()) CakePHP’s access control list functionality is one of the most oft-discussed, most likely because it is the most sought after, but also because it can be the most confusing. If you’re looking for a good way to get started with ACLs in general, read on. 268 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Be brave and stick with it, even if the going gets rough. Once you get the hang of it, it’s an extremely powerful tool to have on hand when developing your application. Understanding How ACL Works Powerful things require access control. Access control lists are a way to manage application permissions in a fine-grained, yet easily maintainable and manageable way. Access control lists, or ACL, handle two main things: things that want stuff, and things that are wanted. In ACL lingo, things (most often users) that want to use stuff are called access request objects, or AROs. Things in the system that are wanted (most often actions or data) are called access control objects, or ACOs. The entities are called ‘objects’ because sometimes the requesting object isn’t a person - sometimes you might want to limit the access certain Cake controllers have to initiate logic in other parts of your application. ACOs could be anything you want to control, from a controller action, to a web service, to a line on your grandma’s online diary. To review: • ACO - Access Control Object - Something that is wanted • ARO - Access Request Object - Something that wants something Essentially, ACL is what is used to decide when an ARO can have access to an ACO. In order to help you understand how everything works together, let’s use a semi-practical example. Imagine, for a moment, a computer system used by a familiar group of fantasy novel adventurers from the Lord of the Rings. The leader of the group, Gandalf, wants to manage the party’s assets while maintaining a healthy amount of privacy and security for the other members of the party. The first thing he needs to do is create a list of the AROs involved: • Gandalf • Aragorn • Bilbo • Frodo • Gollum • Legolas • Gimli • Pippin • Merry Note: Realize that ACL is not the same as authentication. ACL is what happens after a user has been authenticated. Although the two are usually used in concert, it’s important to realize the difference between knowing who someone is (authentication) and knowing what they can do (ACL). The next thing Gandalf needs to do is make an initial list of things, or ACOs, the system will handle. His list might look something like: Components 269 CakePHP Cookbook Documentation, Release 2.x • Weapons • The One Ring • Salted Pork • Diplomacy • Ale Traditionally, systems were managed using a sort of matrix, that showed a basic set of users and permissions relating to objects. If this information were stored in a table, it might look like the following table: x Weapons The Ring Salted Pork Diplomacy Ale Gandalf Allow Allow Allow Aragorn Allow Allow Allow Allow Bilbo Allow Frodo Allow Allow Gollum Allow Legolas Allow Allow Allow Allow Gimli Allow Allow Pippin Allow Allow Merry Allow Allow At first glance, it seems that this sort of system could work rather well. Assignments can be made to protect security (only Frodo can access the ring) and protect against accidents (keeping the hobbits out of the salted pork and weapons). It seems fine grained enough, and easy enough to read, right? For a small system like this, maybe a matrix setup would work. But for a growing system, or a system with a large amount of resources (ACOs) and users (AROs), a table can become unwieldy rather quickly. Imagine trying to control access to the hundreds of war encampments and trying to manage them by unit. Another drawback to matrices is that you can’t really logically group sections of users or make cascading permissions changes to groups of users based on those logical groupings. For example, it would sure be nice to automatically allow the hobbits access to the ale and pork once the battle is over: Doing it on an individual user basis would be tedious and error prone. Making a cascading permissions change to all ‘hobbits’ would be easy. ACL is most usually implemented in a tree structure. There is usually a tree of AROs and a tree of ACOs. By organizing your objects in trees, permissions can still be dealt out in a granular fashion, while still maintaining a good grip on the big picture. Being the wise leader he is, Gandalf elects to use ACL in his new system, and organizes his objects along the following lines: • Fellowship of the Ring™ – Warriors * Aragorn * Legolas * Gimli – Wizards * Gandalf 270 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x – Hobbits * Frodo * Bilbo * Merry * Pippin – Visitors * Gollum Using a tree structure for AROs allows Gandalf to define permissions that apply to entire groups of users at once. So, using our ARO tree, Gandalf can tack on a few group-based permissions: • Fellowship of the Ring (Deny: all) – Warriors (Allow: Weapons, Ale, Elven Rations, Salted Pork) * Aragorn * Legolas * Gimli – Wizards (Allow: Salted Pork, Diplomacy, Ale) * Gandalf – Hobbits (Allow: Ale) * Frodo * Bilbo * Merry * Pippin – Visitors (Allow: Salted Pork) * Gollum If we wanted to use ACL to see if the Pippin was allowed to access the ale, we’d first get his path in the tree, which is Fellowship->Hobbits->Pippin. Then we see the different permissions that reside at each of those points, and use the most specific permission relating to Pippin and the Ale. ARO Node Permission Info Result Fellowship of the Ring Deny all Denying access to ale. Hobbits Allow ‘ale’ Allowing access to ale! Pippin – Still allowing ale! Note: Since the ‘Pippin’ node in the ACL tree doesn’t specifically deny access to the ale ACO, the final result is that we allow access to that ACO. The tree also allows us to make finer adjustments for more granular control - while still keeping the ability to make sweeping changes to groups of AROs: Components 271 CakePHP Cookbook Documentation, Release 2.x • Fellowship of the Ring (Deny: all) – Warriors (Allow: Weapons, Ale, Elven Rations, Salted Pork) * Aragorn (Allow: Diplomacy) * Legolas * Gimli – Wizards (Allow: Salted Pork, Diplomacy, Ale) * Gandalf – Hobbits (Allow: Ale) * Frodo (Allow: Ring) * Bilbo * Merry (Deny: Ale) * Pippin (Allow: Diplomacy) – Visitors (Allow: Salted Pork) * Gollum This approach allows us both the ability to make wide-reaching permissions changes, but also fine-grained adjustments. This allows us to say that all hobbits can have access to ale, with one exception—Merry. To see if Merry can access the Ale, we’d find his path in the tree: Fellowship->Hobbits->Merry and work our way down, keeping track of ale-related permissions: ARO Node Permission Info Result Fellowship of the Ring Deny all Denying access to ale. Hobbits Allow ‘ale’ Allowing access to ale! Merry Deny Ale Denying ale. Defining Permissions: Cake’s INI-based ACL Cake’s first ACL implementation was based on INI files stored in the Cake installation. While it’s useful and stable, we recommend that you use the database backed ACL solution, mostly because of its ability to create new ACOs and AROs on the fly. We meant it for usage in simple applications - and especially for those folks who might not be using a database for some reason. By default, CakePHP’s ACL is database-driven. To enable INI-based ACL, you’ll need to tell CakePHP what system you’re using by updating the following lines in app/Config/core.php y Dropping tables. acos updated. aros updated. aros_acos updated. The following tables will be created. acos aros aros_acos Are you sure you want to create the tables? (y/n) 274 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x [y] > y Creating tables. acos updated. aros updated. aros_acos updated. End create. Note: This replaces an older deprecated command, “initdb”. You can also use the SQL file found in app/Config/Schema/db_acl.sql, but that’s nowhere near as fun. When finished, you should have three new database tables in your system: acos, aros, and aros_acos (the join table to create permissions information between the two trees). Note: If you’re curious about how Cake stores tree information in these tables, read up on modified database tree traversal. The ACL component uses CakePHP’s Tree to manage the trees’ inheritances. The model class files for ACL can be found in lib/Cake/Model/. Now that we’re all set up, let’s work on creating some ARO and ACO trees. Creating Access Request Objects (AROs) and Access Control Objects (ACOs) In creating new ACL objects (ACOs and AROs), realize that there are two main ways to name and access nodes. The first method is to link an ACL object directly to a record in your database by specifying a model name and foreign key value. The second method can be used when an object has no direct relation to a record in your database - you can provide a textual alias for the object. Note: In general, when you’re creating a group or higher level object, use an alias. If you’re managing access to a specific item or record in the database, use the model/foreign key method. You create new ACL objects using the core CakePHP ACL models. In doing so, there are a number of fields you’ll want to use when saving data: model, foreign_key, alias, and parent_id. The model and foreign_key fields for an ACL object allows you to link up the object to its corre- sponding model record (if there is one). For example, many AROs will have corresponding User records in the database. Setting an ARO’s foreign_key to the User’s ID will allow you to link up ARO and User information with a single User model find() call if you’ve set up the correct model associations. Conversely, if you want to manage edit operation on a specific blog post or recipe listing, you may choose to link an ACO to that specific model record. The alias for an ACL object is just a human-readable label you can use to identify an ACL object that has no direct model record correlation. Aliases are usually useful in naming user groups or ACO collections. The parent_id for an ACL object allows you to fill out the tree structure. Supply the ID of the parent node in the tree to create a new child. Before we can create new ACL objects, we’ll need to load up their respective classes. The easiest way to do this is to include Cake’s ACL Component in your controller’s $components array: Components 275 CakePHP Cookbook Documentation, Release 2.x Acl->Aro; // Here’s all of our group info in an array we can iterate through $groups= array( 0 => array( ’alias’ => ’warriors’ ), 1 => array( ’alias’ => ’wizards’ ), 2 => array( ’alias’ => ’hobbits’ ), 3 => array( ’alias’ => ’visitors’ ), ); // Iterate and create ARO groups foreach ($groups as $data){ // Remember to call create() when saving in loops... $aro->create(); // Save data $aro->save($data); } // Other action logic goes here... } Once we’ve got them in there, we can use the ACL console application to verify the tree structure. 276 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x $ cake acl view aro Aro tree: --------------------------------------------------------------- [1]warriors [2]wizards [3]hobbits [4]visitors --------------------------------------------------------------- I suppose it’s not much of a tree at this point, but at least we’ve got some verification that we’ve got four top-level nodes. Let’s add some children to those ARO nodes by adding our specific user AROs under these groups. Every good citizen of Middle Earth has an account in our new system, so we’ll tie these ARO records to specific model records in our database. Note: When adding child nodes to a tree, make sure to use the ACL node ID, rather than a foreign_key value. array( ’alias’ => ’Aragorn’, ’parent_id’ =>1, ’model’ => ’User’, ’foreign_key’ => 2356, ), 1 => array( ’alias’ => ’Legolas’, ’parent_id’ =>1, ’model’ => ’User’, ’foreign_key’ => 6342, ), 2 => array( ’alias’ => ’Gimli’, ’parent_id’ =>1, ’model’ => ’User’, ’foreign_key’ => 1564, ), 3 => array( ’alias’ => ’Gandalf’, Components 277 CakePHP Cookbook Documentation, Release 2.x ’parent_id’ =>2, ’model’ => ’User’, ’foreign_key’ => 7419, ), 4 => array( ’alias’ => ’Frodo’, ’parent_id’ =>3, ’model’ => ’User’, ’foreign_key’ => 7451, ), 5 => array( ’alias’ => ’Bilbo’, ’parent_id’ =>3, ’model’ => ’User’, ’foreign_key’ => 5126, ), 6 => array( ’alias’ => ’Merry’, ’parent_id’ =>3, ’model’ => ’User’, ’foreign_key’ => 5144, ), 7 => array( ’alias’ => ’Pippin’, ’parent_id’ =>3, ’model’ => ’User’, ’foreign_key’ => 1211, ), 8 => array( ’alias’ => ’Gollum’, ’parent_id’ =>4, ’model’ => ’User’, ’foreign_key’ => 1337, ), ); // Iterate and create AROs (as children) foreach ($users as $data){ // Remember to call create() when saving in loops... $aro->create(); //Save data $aro->save($data); } // Other action logic goes here... } Note: Typically you won’t supply both an alias and a model/foreign_key, but we’re using both here to make the structure of the tree easier to read for demonstration purposes. The output of that console application command should now be a little more interesting. Let’s give it a try: 278 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x $ cake acl view aro Aro tree: --------------------------------------------------------------- [1]warriors [5]Aragorn [6]Legolas [7]Gimli [2]wizards [8]Gandalf [3]hobbits [9]Frodo [10]Bilbo [11]Merry [12]Pippin [4]visitors [13]Gollum --------------------------------------------------------------- Now that we’ve got our ARO tree setup properly, let’s discuss a possible approach for structuring an ACO tree. While we can structure more of an abstract representation of our ACO’s, it’s often more practical to model an ACO tree after Cake’s Controller/Action setup. We’ve got five main objects we’re handling in this Fellowship scenario, and the natural setup for that in a Cake application is a group of models, and ultimately the controllers that manipulate them. Past the controllers themselves, we’ll want to control access to specific actions in those controllers. Based on that idea, let’s set up an ACO tree that will mimic a Cake app setup. Since we have five ACOs, we’ll create an ACO tree that should end up looking something like the following: • Weapons • Rings • PorkChops • DiplomaticEfforts • Ales One nice thing about a Cake ACL setup is that each ACO automatically contains four properties related to CRUD (create, read, update, and delete) actions. You can create children nodes under each of these five Components 279 CakePHP Cookbook Documentation, Release 2.x main ACOs, but using Cake’s built in action management covers basic CRUD operations on a given object. Keeping this in mind will make your ACO trees smaller and easier to maintain. We’ll see how these are used later on when we discuss how to assign permissions. Since you’re now a pro at adding AROs, use those same techniques to create this ACO tree. Create these upper level groups using the core Aco model. Assigning Permissions After creating our ACOs and AROs, we can finally assign permissions between the two groups. This is done using Cake’s core Acl component. Let’s continue on with our example. Here we’ll work in the context of a controller action. We do that because permissions are managed by the Acl Component. Acl->allow(’warriors’, ’Weapons’); // Though the King may not want to let everyone // have unfettered access $this->Acl->deny(’warriors/Legolas’, ’Weapons’, ’delete’); $this->Acl->deny(’warriors/Gimli’, ’Weapons’, ’delete’); die(print_r(’done’,1)); } The first call we make to the AclComponent allows any user under the ‘warriors’ ARO group full access to anything under the ‘Weapons’ ACO group. Here we’re just addressing ACOs and AROs by their aliases. Notice the usage of the third parameter? That’s where we use those handy actions that are in-built for all Cake ACOs. The default options for that parameter are create, read, update, and delete but you can add a column in the aros_acos database table (prefixed with _ - for example _admin) and use it alongside the defaults. The second set of calls is an attempt to make a more fine-grained permission decision. We want Aragorn to keep his full-access privileges, but deny other warriors in the group the ability to delete Weapons records. We’re using the alias syntax to address the AROs above, but you might want to use the model/foreign key syntax yourself. What we have above is equivalent to this: Acl->deny(array(’model’ => ’User’, ’foreign_key’ => 6342), ’Weapons’, ’delete’); $this->Acl->deny(array(’model’ => ’User’, ’foreign_key’ => 1564), ’Weapons’, ’delete’); Note: Addressing a node using the alias syntax uses a slash-delimited string (‘/users/employees/developers’). Addressing a node using model/foreign key syntax uses an array with two parameters: array(’model’ => ’User’, ’foreign_key’ => 8282). The next section will help us validate our setup by using the AclComponent to check the permissions we’ve just set up. Checking Permissions: The ACL Component Let’s use the AclComponent to make sure dwarves and elves can’t remove things from the armory. At this point, we should be able to use the AclComponent to make a check between the ACOs and AROs we’ve created. The basic syntax for making a permissions check is: Acl->check($aro, $aco, $action=’*’); Let’s give it a try inside a controller action: Acl->check(’warriors/Aragorn’, ’Weapons’); $this->Acl->check(’warriors/Aragorn’, ’Weapons’, ’create’); $this->Acl->check(’warriors/Aragorn’, ’Weapons’, ’read’); $this->Acl->check(’warriors/Aragorn’, ’Weapons’, ’update’); $this->Acl->check(’warriors/Aragorn’, ’Weapons’, ’delete’); // Remember, we can use the model/id syntax // for our user AROs $this->Acl->check(array(’User’ => array(’id’ => 2356)), ’Weapons’); // These also return true: $result= $this->Acl->check(’warriors/Legolas’, ’Weapons’, ’create’); $result= $this->Acl->check(’warriors/Gimli’, ’Weapons’, ’read’); // But these return false: $result= $this->Acl->check(’warriors/Legolas’, ’Weapons’, ’delete’); $result= $this->Acl->check(’warriors/Gimli’, ’Weapons’, ’delete’); } The usage here is demonstrational, but hopefully you can see how checking like this can be used to decide whether or not to allow something to happen, show an error message, or redirect the user to a login. Components 281 CakePHP Cookbook Documentation, Release 2.x Authentication class AuthComponent(ComponentCollection $collection, array $settings = array()) Identifying, authenticating and authorizing users is a common part of almost every web application. In CakePHP AuthComponent provides a pluggable way to do these tasks. AuthComponent allows you to combine authentication objects, and authorization objects to create flexible ways of identifying and checking user authorization. Authentication Authentication is the process of identifying users by provided credentials and ensuring that users are who they say they are. Generally this is done through a username and password, that are checked against a known list of users. In CakePHP, there are several built in ways of authenticating users stored in your application. • FormAuthenticate allows you to authenticate users based on form POST data. Usually this is a login form that users enter information into. • BasicAuthenticate allows you to authenticate users using Basic HTTP authentication. • DigestAuthenticate allows you to authenticate users using Digest HTTP authentication. By default AuthComponent uses FormAuthenticate. Choosing an Authentication type Generally you’ll want to offer form based authentication. It is the easiest for users using a web-browser to use. If you are building an API or webservice, you may want to consider basic authentication or digest authentication. The key differences between digest and basic authentication are mostly related to how passwords are handled. In basic authentication, the username and password are transmitted as plain-text to the server. This makes basic authentication un-suitable for applications without SSL, as you would end up exposing sensitive passwords. Digest authentication uses a digest hash of the username, password, and a few other details. This makes digest authentication more appropriate for applications without SSL encryption. You can also use authentication systems like openid as well, however openid is not part of CakePHP core. Configuring Authentication handlers You configure authentication handlers using $this->Auth->authenticate. You can configure one or many handlers for authentication. Using multiple handlers allows you to support different ways of logging users in. When logging users in, authentication handlers are checked in the order they are declared. Once one handler is able to identify the user, no other handlers will be checked. Conversely you can halt all authentication by throwing an exception. You will need to catch any thrown exceptions, and handle them as needed. You can configure authentication handlers in your controller’s beforeFilter or, in the $components array. You can pass configuration information into each authentication object, using an array: Auth->authenticate= array(’Form’); // Pass settings in 282 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x $this->Auth->authenticate= array( ’Form’ => array(’userModel’ => ’Member’), ’Basic’ => array(’userModel’ => ’Member’) ); In the second example you’ll notice that we had to declare the userModel key twice. To help you keep your code DRY, you can use the all key. This special key allows you to set settings that are passed to every attached object. The all key is also exposed as AuthComponent::ALL: Auth->authenticate= array( AuthComponent::ALL => array(’userModel’ => ’Member’), ’Form’, ’Basic’ ); In the above example, both Form and Basic will get the settings defined for the ‘all’ key. Any settings passed to a specific authentication object will override the matching key in the ‘all’ key. The core authenti- cation objects support the following configuration keys. • fields The fields to use to identify a user by. • userModel The model name of the User, defaults to User. • scope Additional conditions to use when looking up and authenticating users, i.e. array(’User.is_active’ => 1). • contain Containable options for when the user record is loaded. New in version 2.2. To configure different fields for user in $components array: array( ’authenticate’ => array( ’Form’ => array( ’fields’ => array(’username’ => ’email’) ) ) ) ); Note: Do not put other Auth configuration keys (like authError, loginAction etc) within the authenticate or Form element. They should be at the same level as the authenticate key. Above setup with other Auth configurations should look something like: array( ’loginAction’ => array( ’controller’ => ’users’, Components 283 CakePHP Cookbook Documentation, Release 2.x ’action’ => ’login’, ’plugin’ => ’users’ ), ’authError’ => ’Did you really think you are allowed to see that?’, ’authenticate’ => array( ’Form’ => array( ’fields’ => array(’username’ => ’email’) ) ) ) ); In addition to the common configuration, Basic authentication supports the following keys: • realm The realm being authenticated. Defaults to env(’SERVER_NAME’). In addition to the common configuration Digest authentication supports the following keys: • realm The realm authentication is for, Defaults to the servername. • nonce A nonce used for authentication. Defaults to uniqid(). • qop Defaults to auth, no other values are supported at this time. • opaque A string that must be returned unchanged by clients. Defaults to md5($settings[’realm’]) Creating Custom Authentication objects Because authentication objects are pluggable, you can create custom authentication objects in your application or plugins. If for example you wanted to create an OpenID authentication object. In app/Controller/Component/Auth/OpenidAuthenticate.php you could put the following: Auth->authenticate= array( ’Openid’,// app authentication object. ’AuthBag.Combo’,// plugin authentication object. ); Identifying users and logging them in In the past AuthComponent auto-magically logged users in. This was confusing for many people, and made using AuthComponent a bit difficult at times. For 2.0, you’ll need to manually call $this->Auth->login() to log a user in. When authenticating users, attached authentication objects are checked in the order they are attached. Once one of the objects can identify the user, no other objects are checked. A sample login function for working with a login form could look like: request->is(’post’)) { if ($this->Auth->login()) { return $this->redirect($this->Auth->redirect()); } else { $this->Session->setFlash(__(’Username or password is incorrect’), ’default’, array(), ’auth’); } } } The above code (without any data passed to the login method), will attempt to log a user in us- ing the POST data, and if successful redirect the user to either the last page they were visiting, or AuthComponent::$loginRedirect. If the login is unsuccessful, a flash message is set. Warning: In 2.0 $this->Auth->login($this->request->data) will log the user in with whatever data is posted, whereas in 1.3 $this->Auth->login($this->data) would try to iden- tify the user first and only log in when successful. Using Digest and Basic Authentication for logging in Because basic and digest authentication don’t require an initial POST to be performed before they initiate the login sequence, your login() function will look a bit different than when using FormAuthentication: Auth->login()) { return $this->redirect($this->Auth->redirect()); } else { $this->Session->setFlash(__(’Username or password is incorrect’), ’default’, array(), ’auth’); } } Once logged in, users using digest and basic auth are not required to have cookies. In fact, all authentication objects are able to provide stateless authentication through implementing the getUser() method. If the client supports cookies, basic and digest auth will store a user in session much like any other authentication Components 285 CakePHP Cookbook Documentation, Release 2.x object. If a client doesn’t support cookies, (such as a simple HTTP client built on top of CURL) stateless authentication is also supported. Stateless authentication will re-verify the user’s credentials on each request, this creates a small amount of additional overhead, but allows clients that cannot or do not support cookies to login in. Creating stateless authentication systems Authentication objects can implement a getUser() method that can be used to support user login systems that don’t rely on cookies. A typical getUser method looks at the request/environment and uses the information there to confirm the identity of the user. HTTP Basic au- thentication for example uses $_SERVER[’PHP_AUTH_USER’] and $_SERVER[’PHP_AUTH_PW’] for the username and password fields. On each request, if a client doesn’t support cookies, these val- ues are used to re-identify the user and ensure they are valid user. As with authentication object’s authenticate() method the getUser() method should return an array of user information on suc- cess, and false on failure.: _findUser($username, $pass); } The above is how you could implement getUser method for HTTP basic authentication. The _findUser() method is part of BaseAuthenticate and identifies a user based on a username and password. Displaying auth related flash messages In order to display the session error messages that Auth generates, you need to add the following code to your layout. Add the following two lines to the app/View/Layouts/default.ctp file in the body section preferable before the content_for_layout line.: Session->flash(); echo $this->Session->flash(’auth’); ?> You can customize the error messages, and flash settings AuthComponent uses. Using $this->Auth->flash you can configure the parameters AuthComponent uses for setting flash mes- sages. The available keys are • element - The element to use, defaults to ‘default’. • key - The key to use, defaults to ‘auth’ • params - The array of additional params to use, defaults to array() In addition to the flash message settings you can customize other error messages AuthComponent uses. In your controller’s beforeFilter, or component settings you can use authError to customize the error used 286 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x for when authorization fails: Auth->authError="This error shows up with the user tries to access a part of the website that is protected."; Hashing passwords AuthComponent no longer automatically hashes every password it can find. This was removed because it made a number of common tasks like validation difficult. You should never store plain text passwords, and before saving a user record you should always hash the password. You can use the static AuthComponent::password() to hash passwords before saving them. This will use the configured hashing strategy for your application. After validating the password, you can hash a password in the beforeSave callback of your model: data[’User’][’password’])) { $this->data[’User’][’password’]= AuthComponent::password($this->data[’User’][’password’]); } return true; } } You don’t need to hash passwords before calling $this->Auth->login(). The various authentica- tion objects will hash passwords individually. If you are using Digest authentication, you should not use AuthComponent::password() for generating passwords. See below for how to generate digest hashes. Hashing passwords for digest authentication Because Digest authentication requires a password hashed in the format defined by the RFC. In order to correctly hash a password for use with Digest authentication you should use the special password hashing function on DigestAuthenticate. If you are going to be combining digest authentication with any other authentication strategies, it’s also recommended that you store the digest password in a separate column, from the normal password hash: data[’User’][’digest_hash’]= DigestAuthenticate::password( $this->data[’User’][’username’], $this->data[’User’][’password’], env(’SERVER_NAME’) ); return true; } } Passwords for digest authentication need a bit more information than other password hashes, based on the RFC for digest authentication. If you use AuthComponent::password() for digest hashes you will not be able to login. Note: The third parameter of DigestAuthenticate::password() must match the ‘realm’ config value defined when DigestAuthentication was configured in AuthComponent::$authenticate. This defaults to Components 287 CakePHP Cookbook Documentation, Release 2.x env(’SCRIPT_NAME). You may wish to use a static string if you want consistent hashes in multiple environments. Manually logging users in Sometimes the need arises where you need to manually log a user in, such as just after they registered for your application. You can do this by calling $this->Auth->login() with the user data you want to ‘login’: User->save($this->request->data)) { $id= $this->User->id; $this->request->data[’User’]= array_merge($this->request->data[’User’], array(’id’ => $id)); $this->Auth->login($this->request->data[’User’]); $this->redirect(’/users/home’); } } Warning: Be sure to manually add the new User id to the array passed to the login method. Otherwise you won’t have the user id available. Accessing the logged in user Once a user is logged in, you will often need some particular information about the current user. You can access the currently logged in user using AuthComponent::user(). This method is static, and can be used globally after the AuthComponent has been loaded. You can access it both as an instance method or as a static method: Auth->user(’id’); Logging users out Eventually you’ll want a quick way to de-authenticate someone, and redirect them to where they need to go. This method is also useful if you want to provide a ‘Log me out’ link inside a members’ area of your application: redirect($this->Auth->logout()); } Logging out users that logged in with Digest or Basic auth is difficult to accomplish for all clients. Most browsers will retain credentials for the duration they are still open. Some clients can be forced to logout by sending a 401 status code. Changing the authentication realm is another solution that works for some clients. 288 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Authorization Authorization is the process of ensuring that an identified/authenticated user is allowed to access the re- sources they are requesting. If enabled AuthComponent can automatically check authorization handlers and ensure that logged in users are allowed to access the resources they are requesting. There are several built-in authorization handlers, and you can create custom ones for your application, or as part of a plugin. • ActionsAuthorize Uses the AclComponent to check for permissions on an action level. • CrudAuthorize Uses the AclComponent and action -> CRUD mappings to check permissions for resources. • ControllerAuthorize Calls isAuthorized() on the active controller, and uses the return of that to authorize a user. This is often the most simple way to authorize users. Configuring Authorization handlers You configure authorization handlers using $this->Auth->authorize. You can configure one or many handlers for authorization. Using multiple handlers allows you to support different ways of checking authorization. When authorization handlers are checked, they will be called in the order they are declared. Handlers should return false, if they are unable to check authorization, or the check has failed. Handlers should return true if they were able to check authorization successfully. Handlers will be called in sequence until one passes. If all checks fail, the user will be redirected to the page they came from. Additionally you can halt all authorization by throwing an exception. You will need to catch any thrown exceptions, and handle them. You can configure authorization handlers in your controller’s beforeFilter or, in the $components array. You can pass configuration information into each authorization object, using an array: Auth->authorize= array(’Controller’); // Pass settings in $this->Auth->authorize= array( ’Actions’ => array(’actionPath’ => ’controllers/’), ’Controller’ ); Much like Auth->authenticate, Auth->authorize, helps you keep your code DRY, by using the all key. This special key allows you to set settings that are passed to every attached object. The all key is also exposed as AuthComponent::ALL: Auth->authorize= array( AuthComponent::ALL => array(’actionPath’ => ’controllers/’), ’Actions’, ’Controller’ ); In the above example, both the Actions and Controller will get the settings defined for the ‘all’ key. Any settings passed to a specific authorization object will override the matching key in the ‘all’ key. The core authorize objects support the following configuration keys. Components 289 CakePHP Cookbook Documentation, Release 2.x • actionPath Used by ActionsAuthorize to locate controller action ACO’s in the ACO tree. • actionMap Action -> CRUD mappings. Used by CrudAuthorize and authorization objects that want to map actions to CRUD roles. • userModel The name of the ARO/Model node user information can be found under. Used with ActionsAuthorize. Creating Custom Authorize objects Because authorize objects are pluggable, you can create custom au- thorize objects in your application or plugins. If for example you wanted to create an LDAP authorize object. In app/Controller/Component/Auth/LdapAuthorize.php you could put the following: Auth->authorize= array( ’Ldap’,// app authorize object. ’AuthBag.Combo’,// plugin authorize object. ); Using no authorization If you’d like to not use any of the built-in authorization objects, and want to han- dle things entirely outside of AuthComponent you can set $this->Auth->authorize = false;. By default AuthComponent starts off with authorize = false. If you don’t use an authorization scheme, make sure to check authorization yourself in your controller’s beforeFilter, or with another compo- nent. Making actions public There are often times controller actions that you wish to remain entirely public, or that don’t require users to be logged in. AuthComponent is pessimistic, and defaults to denying access. You can mark actions as public actions by using AuthComponent::allow(). By marking actions as public, AuthComponent, will not check for a logged in user, nor will authorize objects be checked: Auth->allow(’*’); 290 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x // Allow all actions. CakePHP 2.1 $this->Auth->allow(); // Allow only the view and index actions. $this->Auth->allow(’view’, ’index’); // Allow only the view and index actions. $this->Auth->allow(array(’view’, ’index’)); You can provide as many action names as you need to allow(). You can also supply an array containing all the action names. Making actions require authorization If after making actions public, you want to revoke the public access. You can do so using AuthComponent::deny(): Auth->deny(’add’); // remove all the actions. $this->Auth->deny(); // remove a group of actions. $this->Auth->deny(’add’, ’edit’); $this->Auth->deny(array(’add’, ’edit’)); You can provide as many action names as you need to deny(). You can also supply an array containing all the action names. Mapping actions when using CrudAuthorize When using CrudAuthorize or any other authorize objects that use action mappings, it might be necessary to map additional methods. You can map actions -> CRUD permissions using mapAction(). Calling this on AuthComponent will delegate to all the of the configured authorize objects, so you can be sure the settings were applied every where: Auth->mapActions(array( ’create’ => array(’register’), ’view’ => array(’show’, ’display’) )); The keys for mapActions should be the CRUD permissions you want to set, while the values should be an array of all the actions that are mapped to the CRUD permission. Using ControllerAuthorize ControllerAuthorize allows you to handle authorization checks in a controller callback. This is ideal when you have very simple authorization, or you need to use a combination of models + components to do your authorization, and don’t want to create a custom authorize object. The callback is always called isAuthorized() and it should return a boolean as to whether or not the user is allowed to access resources in the request. The callback is passed the active user, so it can be checked: Components 291 CakePHP Cookbook Documentation, Release 2.x array(’authorize’ => ’Controller’), ); public function isAuthorized($user= null){ // Any registered user can access public functions if (empty($this->request->params[’admin’])) { return true; } // Only admins can access admin functions if (isset($this->request->params[’admin’])) { return (bool)($user[’role’] === ’admin’); } // Default deny return false; } } The above callback would provide a very simple authorization system where, only users with role = admin could access actions that were in the admin prefix. Using ActionsAuthorize ActionsAuthorize integrates with the AclComponent, and provides a fine grained per action ACL check on each request. ActionsAuthorize is often paired with DbAcl to give dynamic and flexible permission systems that can be edited by admin users through the application. It can however, be combined with other Acl implementations such as IniAcl and custom application Acl backends. Using CrudAuthorize CrudAuthorize integrates with AclComponent, and provides the ability to map requests to CRUD operations. Provides the ability to authorize using CRUD mappings. These mapped results are then checked in the AclComponent as specific permissions. For example, taking /posts/index as the current request. The default mapping for index, is a read permission check. The Acl check would then be for the posts controller with the read permission. This allows you to create permission systems that focus more on what is being done to resources, rather than the specific actions being visited. AuthComponent API AuthComponent is the primary interface to the built-in authorization and authentication mechanics in CakePHP. property AuthComponent::$ajaxLogin The name of an optional view element to render when an Ajax request is made with an invalid or expired session property AuthComponent::$authenticate Set to an array of Authentication objects you want to use when logging users in. There are several 292 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x core authentication objects, see the section on Authentication property AuthComponent::$authError Error to display when user attempts to access an object or action to which they do not have access. property AuthComponent::$authorize Set to an array of Authorization objects you want to use when authorizing users on each request, see the section on Authorization property AuthComponent::$components Other components utilized by AuthComponent property AuthComponent::$flash Settings to use when Auth needs to do a flash message with SessionComponent::setFlash(). Available keys are: •element - The element to use, defaults to ‘default’. •key - The key to use, defaults to ‘auth’ •params - The array of additional params to use, defaults to array() property AuthComponent::$loginAction A URL (defined as a string or array) to the controller action that handles logins. Defaults to /users/login property AuthComponent::$loginRedirect The URL (defined as a string or array) to the controller action users should be redirected to after logging in. This value will be ignored if the user has an Auth.redirect value in their session. property AuthComponent::$logoutRedirect The default action to redirect to after the user is logged out. While AuthComponent does not han- dle post-logout redirection, a redirect URL will be returned from AuthComponent::logout(). Defaults to AuthComponent::$loginAction. property AuthComponent::$request Request object property AuthComponent::$response Response object property AuthComponent::$sessionKey The session key name where the record of the current user is stored. If unspecified, it will be “Auth.User”. AuthComponent::allow($action[, $action,...]) Set one or more actions as public actions, this means that no authorization checks will be performed for the specified actions. The special value of ’*’ will mark all the current controllers actions as public. Best used in your controller’s beforeFilter method. AuthComponent::constructAuthenticate() Loads the configured authentication objects. AuthComponent::constructAuthorize() Loads the authorization objects configured. Components 293 CakePHP Cookbook Documentation, Release 2.x AuthComponent::deny($action[, $action,...]) Toggle one more more actions previously declared as public actions, as non-public methods. These methods will now require authorization. Best used inside your controller’s beforeFilter method. AuthComponent::flash($message) Set a flash message. Uses the Session component, and values from AuthComponent::$flash. AuthComponent::identify($request, $response) Parameters • $request (CakeRequest) – The request to use. • $response (CakeResponse) – The response to use, headers can be sent if authen- tication fails. This method is used by AuthComponent to identify a user based on the information contained in the current request. AuthComponent::initialize($Controller) Initializes AuthComponent for use in the controller. AuthComponent::isAuthorized($user = null, $request = null) Uses the configured Authorization adapters to check whether or not a user is authorized. Each adapter will be checked in sequence, if any of them return true, then the user will be authorized for the request. AuthComponent::loggedIn() Returns true if the current client is a logged in user, or false if they are not. AuthComponent::login($user) Parameters • $user (array) – Array of logged in user data. Takes an array of user data to login with. Allows for manual logging of users. Calling user() will populate the session value with the provided information. If no user is provided, AuthComponent will try to identify a user using the current request information. See AuthComponent::identify() AuthComponent::logout() Returns A string url to redirect the logged out user to. Logs out the current user. AuthComponent::mapActions($map = array()) Maps action names to CRUD operations. Used for controller-based authentication. Make sure to configure the authorize property before calling this method. As it delegates $map to all the attached authorize objects. static AuthComponent::password($pass) Hash a password with the application’s salt value. AuthComponent::redirect($url = null) If no parameter is passed, gets the authentication redirect URL. Pass a url in to set the destination a user should be redirected to upon logging in. Will fallback to AuthComponent::$loginRedirect if there is no stored redirect value. 294 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x AuthComponent::shutdown($Controller) Component shutdown. If user is logged in, wipe out redirect. AuthComponent::startup($Controller) Main execution method. Handles redirecting of invalid users, and processing of login form data. static AuthComponent::user($key = null) Parameters • $key (string) – The user data key you want to fetch if null, all user data will be returned. Can also be called as an instance method. Get data concerning the currently logged in user, you can use a property key to fetch specific data about the user: Auth->user(’id’); If the current user is not logged in or the key doesn’t exist, null will be returned. Cookie class CookieComponent(ComponentCollection $collection, array $settings = array()) The CookieComponent is a wrapper around the native PHP setcookie method. It also includes a host of delicious icing to make coding cookies in your controllers very convenient. Before attempting to use the CookieComponent, you must make sure that ‘Cookie’ is listed in your controllers’ $components array. Controller Setup There are a number of controller variables that allow you to configure the way cookies are created and managed. Defining these special variables in the beforeFilter() method of your controller allows you to define how the CookieComponent works. Components 295 CakePHP Cookbook Documentation, Release 2.x Cookie variable de- fault description string $name ‘Cake- Cookie’ The name of the cookie. string $key null This string is used to encrypt the value written to the cookie. This string should be random and difficult to guess. When using rijndael encryption this value must be longer than 32 bytes. string $domain ‘’ The domain name allowed to access the cookie. e.g. Use ‘.yourdomain.com’ to allow access from all your subdomains. int or string $time ‘5 Days’ The time when your cookie will expire. Integers are Interpreted as seconds and a value of 0 is equivalent to a ‘session cookie’: i.e. the cookie expires when the browser is closed. If a string is set, this will be interpreted with PHP function strtotime(). You can set this directly within the write() method. string $path ‘/’ The server path on which the cookie will be applied. If $cookiePath is set to ‘/foo/’, the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of your domain. The default value is the entire domain. You can set this directly within the write() method. boolean $secure false Indicates that the cookie should only be transmitted over a secure HTTPS connection. When set to true, the cookie will only be set if a secure connection exists. You can set this directly within the write() method. boolean $httpOnly false Set to true to make HTTP only cookies. Cookies that are HTTP only are not accessible in Javascript. The following snippet of controller code shows how to include the CookieComponent and set up the con- troller variables needed to write a cookie named ‘baker_id’ for the domain ‘example.com’ which needs a secure connection, is available on the path ‘/bakers/preferences/’, expires in one hour and is HTTP only: Cookie->name= ’baker_id’; $this->Cookie->time= 3600;// or ’1 hour’ $this->Cookie->path= ’/bakers/preferences/’; $this->Cookie->domain= ’example.com’; $this->Cookie->secure= true;// i.e. only sent if using secure HTTPS $this->Cookie->key= ’qSI232qs *&sXOw!adre@34SAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^’; $this->Cookie->httpOnly= true; } Next, let’s look at how to use the different methods of the Cookie Component. Using the Component The CookieComponent offers a number of methods for working with Cookies. CookieComponent::write(mixed $key, mixed $value = null, boolean $encrypt = true, mixed $expires = null) The write() method is the heart of cookie component, $key is the cookie variable name you want, and the $value is the information to be stored: 296 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Cookie->write(’name’, ’Larry’); You can also group your variables by supplying dot notation in the key parameter: Cookie->write(’User.name’, ’Larry’); $this->Cookie->write(’User.role’, ’Lead’); If you want to write more than one value to the cookie at a time, you can pass an array: Cookie->write(’User’, array(’name’ => ’Larry’, ’role’ => ’Lead’) ); All values in the cookie are encrypted by default. If you want to store the values as plain-text, set the third parameter of the write() method to false. The encryption performed on cookie values is fairly uncomplicated encryption system. It uses Security.salt and a predefined Configure class var Security.cipherSeed to encrypt values. To make your cookies more secure you should change Security.cipherSeed in app/Config/core.php to ensure a better encryption.: Cookie->write(’name’, ’Larry’, false); The last parameter to write is $expires – the number of seconds before your cookie will expire. For convenience, this parameter can also be passed as a string that the php strtotime() function under- stands: Cookie->write(’first_name’, ’Larry’, false, 3600); $this->Cookie->write(’last_name’, ’Masters’, false, ’1 hour’); CookieComponent::read(mixed $key = null) This method is used to read the value of a cookie variable with the name specified by $key.: Cookie->read(’name’); // You can also use the dot notation for read echo $this->Cookie->read(’User.name’); // To get the variables which you had grouped // using the dot notation as an array use something like $this->Cookie->read(’User’); // this outputs something like array(’name’ => ’Larry’, ’role’ => ’Lead’) CookieComponent::check($key) Parameters Components 297 CakePHP Cookbook Documentation, Release 2.x • $key (string) – The key to check. Used to check if a key/path exists and has not-null value. New in version 2.3: CookieComponent::check() was added in 2.3 CookieComponent::delete(mixed $key) Deletes a cookie variable of the name in $key. Works with dot notation: Cookie->delete(’bar’); // Delete the cookie variable bar, but not all under foo $this->Cookie->delete(’foo.bar’); CookieComponent::destroy() Destroys the current cookie. CookieComponent::type($type) Allows you to change the encryption scheme. By default the ‘cipher’ scheme is used. However, you should use the ‘rijndael’ scheme for improved security. Changed in version 2.2: The ‘rijndael’ type was added. EmailComponent EmailComponent is now deprecated, but it will keep working. Internally this class is using CakeEmail to send emails. Unfortunately, you will need to move your files from app/views/elements/emails to app/View/Emails. Also, rename the directory email to Emails in the layouts path. If it affects others places in your application, we recommend to you create symbolic links. We recommend to you upgrade your code to use CakeEmail class instead of the EmailComponent. Below some tips about the migration. • The headers are not changed to be X-... What you set is what is used. So, remember to put X- in your custom headers. • The send() method receives only the message content. The template and layout should be set using CakeEmail::template() method. • The list of attachments should be an array of filenames (that will appear in email) as key and value the full path to real file. • At any error, CakeEmail will throw an exception instead of return false. We recommend to you use try/catch to ensure your messages are delivered correctly. Below some examples of using EmailComponent ($component) and now with CakeEmail ($lib): • From $component->to = ’some@example.com’; to $lib->to(’some@example.com’); • From $component->to = ’Alias ’; to $lib->to(’some@example.com’, ’Alias’); or $lib->to(array(’some@example.com’ => ’Alias’)); 298 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x • From $component->subject = ’My subject’; to $lib->subject(’My subject’); • From $component->date = ’Sun, 25 Apr 2011 01:00:00 -0300’; to $lib->addHeaders(array(’Date’ => ’Sun, 25 Apr 2011 01:00:00 -0300’)); • From $component->header[’Custom’] = ’only my’; to $lib->addHeaders(array(’X-Custom’ => ’only my’)); • From $component->send(null, ’template’, ’layout’); to $lib->template(’template’, ’layout’)->send(); • From $component->delivery = ’smtp’; to $lib->transport(’smtp’); • From $component->smtpOptions = array(’host’ => ’smtp.example.com’); to $lib->config(array(’host’ => ’smtp.example.com’)); • From $sent = $component->httpMessage; to $sent = $lib->message(CakeEmail::MESSAGE_HTML); For more information you should read the CakeEmail documentation. Request Handling class RequestHandlerComponent(ComponentCollection $collection, array $settings = ar- ray()) The Request Handler component is used in CakePHP to obtain additional information about the HTTP requests that are made to your applications. You can use it to inform your controllers about Ajax as well as gain additional insight into content types that the client accepts and automatically changes to the appropriate layout when file extensions are enabled. By default RequestHandler will automatically detect Ajax requests based on the HTTP-X- Requested-With header that many javascript libraries use. When used in conjunction with Router::parseExtensions() RequestHandler will automatically switch the layout and view files to those that match the requested type. Furthermore, if a helper with the same name as the requested exten- sion exists, it will be added to the Controllers Helper array. Lastly, if XML/JSON data is POST’ed to your Controllers, it will be parsed into an array which is assigned to $this->request->data, and can then be saved as model data. In order to make use of RequestHandler it must be included in your $components array: RequestHandler->accepts(’html’)) { // Execute code only if client accepts an HTML (text/html) response } elseif ($this->RequestHandler->accepts(’xml’)) { // Execute XML-only code } if ($this->RequestHandler->accepts(array(’xml’, ’rss’, ’atom’))) { // Executes if the client accepts any of the above: XML, RSS or Atom } } } Other request ‘type’ detection methods include: RequestHandlerComponent::isXml() Returns true if the current request accepts XML as a response. RequestHandlerComponent::isRss() Returns true if the current request accepts RSS as a response. RequestHandlerComponent::isAtom() Returns true if the current call accepts an Atom response, false otherwise. RequestHandlerComponent::isMobile() Returns true if user agent string matches a mobile web browser, or if the client accepts WAP content. The supported Mobile User Agent strings are: •Android •AvantGo •BlackBerry •DoCoMo •Fennec •iPad •iPhone •iPod 300 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x •J2ME •MIDP •NetFront •Nokia •Opera Mini •Opera Mobi •PalmOS •PalmSource •portalmmm •Plucker •ReqwirelessWeb •SonyEricsson •Symbian •UP.Browser •webOS •Windows CE •Windows Phone OS •Xiino RequestHandlerComponent::isWap() Returns true if the client accepts WAP content. All of the above request detection methods can be used in a similar fashion to filter functionality intended for specific content types. For example when responding to Ajax requests, you often will want to disable browser caching, and change the debug level. However, you want to allow caching for non-ajax requests. The following would accomplish that: request->is(’ajax’)) { $this->disableCache(); } // Continue Controller action Obtaining Additional Client Information RequestHandlerComponent::getAjaxVersion() Gets Prototype version if call is Ajax, otherwise empty string. The Prototype library sets a special “Prototype version” HTTP header. Components 301 CakePHP Cookbook Documentation, Release 2.x Automatically decoding request data RequestHandlerComponent::addInputType($type, $handler) Parameters • $type (string) – The content type alias this attached decoder is for. e.g. ‘json’ or ‘xml’ • $handler (array) – The handler information for the type. Add a request data decoder. The handler should contain a callback, and any additional arguments for the callback. The callback should return an array of data contained in the request input. For example adding a CSV handler in your controllers’ beforeFilter could look like: RequestHandler->addInputType(’csv’, array($parser)); The above example requires PHP 5.3, however you can use any callable (http://php.net/callback) for the handling function. You can also pass additional arguments to the callback, this is useful for callbacks like json_decode: RequestHandler->addInputType(’json’, array(’json_decode’, true)); The above will make $this->request->data an array of the JSON input data, without the additional true you’d get a set of StdClass objects. Responding To Requests In addition to request detection RequestHandler also provides easy access to altering the output and content type mappings for your application. RequestHandlerComponent::setContent($name, $type = null) •$name string - The name or file extension of the Content-type ie. html, css, json, xml. •$type mixed - The mime-type(s) that the Content-type maps to. setContent adds/sets the Content-types for the given name. Allows content-types to be mapped to friendly aliases and or extensions. This allows RequestHandler to automatically respond to requests of each type in its startup method. If you are using Router::parseExtension, you should use the file extension as the name of the Content-type. Furthermore, these content types are used by prefers() and accepts(). 302 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x setContent is best used in the beforeFilter() of your controllers, as this will best leverage the automag- icness of content-type aliases. The default mappings are: •javascript text/javascript •js text/javascript •json application/json •css text/css •html text/html, */* •text text/plain •txt text/plain •csv application/vnd.ms-excel, text/plain •form application/x-www-form-urlencoded •file multipart/form-data •xhtml application/xhtml+xml, application/xhtml, text/xhtml •xhtml-mobile application/vnd.wap.xhtml+xml •xml application/xml, text/xml •rss application/rss+xml •atom application/atom+xml •amf application/x-amf •wap text/vnd.wap.wml, text/vnd.wap.wmlscript, image/vnd.wap.wbmp •wml text/vnd.wap.wml •wmlscript text/vnd.wap.wmlscript •wbmp image/vnd.wap.wbmp •pdf application/pdf •zip application/x-zip •tar application/x-tar RequestHandlerComponent::prefers($type = null) Determines which content-types the client prefers. If no parameter is given the most likely content type is returned. If $type is an array the first type the client accepts will be returned. Preference is determined primarily by the file extension parsed by Router if one has been provided, and secondly by the list of content-types in HTTP_ACCEPT. RequestHandlerComponent::renderAs($controller, $type) Parameters • $controller (Controller) – Controller Reference Components 303 CakePHP Cookbook Documentation, Release 2.x • $type (string) – friendly content type name to render content for ex. xml, rss. Change the render mode of a controller to the specified type. Will also append the appropriate helper to the controller’s helper array if available and not already in the array. RequestHandlerComponent::respondAs($type, $options) Parameters • $type (string) – Friendly content type name ex. xml, rss or a full content type like application/x-shockwave • $options (array) – If $type is a friendly type name that has more than one content association, $index is used to select the content type. Sets the response header based on content-type map names. RequestHandlerComponent::responseType() Returns the current response type Content-type header or null if one has yet to be set. Taking advantage of HTTP cache validation New in version 2.1. The HTTP cache validation model is one of the processes used for cache gateways, also known as reverse proxies, to determine if they can serve a stored copy of a response to the client. Under this model, you mostly save bandwidth, but when used correctly you can also save some CPU processing, reducing this way response times. Enabling the RequestHandlerComponent in your controller automatically activates a check done before rendering the view. This check compares the response object against the original request to determine whether the response was not modified since the last time the client asked for it. If response is evaluated as not modified, then the view rendering process is stopped, saving processing time an no content is returned to the client, saving bandwidth. The response status code is then set to 304 Not Modified. You can opt-out this automatic checking by setting the checkHttpCache setting to false: array( ’checkHttpCache’ => false )); Using custom ViewClasses New in version 2.3. When using JsonView/XmlView you might want to override the default serialization with a custom View class, or add View classes for other types. You can map existing and new types to your custom classes. RequestHandlerComponent::viewClassMap($type, $viewClass) Parameters 304 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x • $type (string|array) – The type string or map array with format array(’json’ => ’MyJson’) • $viewClass (string) – The viewClass to be used for the type without View ap- pended You can also set this automatically by using the viewClassMap setting: array( ’viewClassMap’ => array( ’json’ => ’ApiKit.MyJson’, ’xml’ => ’ApiKit.MyXml’, ’csv’ => ’ApiKit.Csv’ ) )); Pagination class PaginatorComponent(ComponentCollection $collection, array $settings = array()) One of the main obstacles of creating flexible and user-friendly web applications is designing an intuitive UI. Many applications tend to grow in size and complexity quickly, and designers and programmers alike find they are unable to cope with displaying hundreds or thousands of records. Refactoring takes time, and performance and user satisfaction can suffer. Displaying a reasonable number of records per page has always been a critical part of every application and used to cause many headaches for developers. CakePHP eases the burden on the developer by providing a quick, easy way to paginate data. Pagination in CakePHP is offered by a Component in the controller, to make building paginated queries easier. In the View PaginatorHelper is used to make the generation of pagination links & buttons simple. Query Setup In the controller, we start by defining the query conditions pagination will use by default in the $paginate controller variable. These conditions, serve as the basis of your pagination queries. They are augmented by the sort, direction limit, and page parameters passed in from the url. It is important to note here that the order key must be defined in an array structure like below: 25, ’order’ => array( ’Post.title’ => ’asc’ ) Components 305 CakePHP Cookbook Documentation, Release 2.x ); } You can also include other find() options, such as fields: array(’Post.id’, ’Post.created’), ’limit’ => 25, ’order’ => array( ’Post.title’ => ’asc’ ) ); } Other keys that can be included in the $paginate array are similar to the parameters of the Model->find(’all’) method, that is: conditions, fields, order, limit, page, contain, joins, and recursive. In addition to the aforementioned keys, any additional keys will also be passed directly to the model find methods. This makes it very simple to use behaviors like ContainableBehavior with pagination: 25, ’contain’ => array(’Article’) ); } In addition to defining general pagination values, you can define more than one set of pagination defaults in the controller, you just name the keys of the array after the model you wish to configure: array (...), ’Author’ => array (...) ); } The values of the Post and Author keys could contain all the properties that a model/key less $paginate array could. Once the $paginate variable has been defined, we can call the paginate() method in a controller ac- tion. This method will dynamically load the PaginatorComponent, and call its paginate() method. This will return find() results from the model. It also sets some additional paging statistics, which are added to the request object. The additional information is set to $this->request->params[’paging’], and is used by PaginatorHelper for creating links. Controller::paginate() also adds Pagina- torHelper to the list of helpers in your controller, if it has not been added already.: 306 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x paginate(’Recipe’); $this->set(’data’, $data); } You can filter the records by passing conditions as second parameter to the paginate() function.: paginate(’Recipe’, array(’Recipe.title LIKE’ => ’a%’)); Or you can also set conditions and other keys in the $paginate array inside your action.: paginate= array( ’conditions’ => array(’Recipe.title LIKE’ => ’a%’), ’limit’ => 10 ); $data= $this->paginate(’Recipe’); $this->set(compact(’data’)); ); Custom Query Pagination If you’re not able to use the standard find options to create the query you need to display your data, there are a few options. You can use a custom find type. You can also implement the paginate() and paginateCount() methods on your model, or include them in a behavior attached to your model. Behaviors implementing paginate and/or paginateCount should implement the method signatures defined below with the normal additional first parameter of $model: ’popular’ ); The paginate() method should implement the following method signature. To use your own method/logic override it in the model you wish to get the data from: find(’all’, compact(’conditions’, ’fields’, ’order’, ’limit’, ’page’, ’recursive’, ’group’)); } You also need to override the core paginateCount(), this method expects the same arguments as Model::find(’count’). The example below uses some Postgres-specifc features, so please adjust accordingly depending on what database you are using: recursive= $recursive; $results= $this->query($sql); return count($results); } The observant reader will have noticed that the paginate method we’ve defined wasn’t actually necessary - All you have to do is add the keyword in controller’s $paginate class variable: array( ’limit’ => 20, ’order’ => array(’week’ => ’desc’), ’group’ => array(’week’, ’home_team_id’, ’away_team_id’) ) ); /** * Or on-the-fly from within the action */ public function index() { $this->paginate= array( ’MyModel’ => array( ’limit’ => 20, 308 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x ’order’ => array(’week’ => ’desc’), ’group’ => array(’week’, ’home_team_id’, ’away_team_id’) ) ); In CakePHP 2.0, you no longer need to implement paginateCount() when using group clauses. The core find(’count’) will correctly count the total number of rows. Control which fields used for ordering By default sorting can be done with any column on a model. This is sometimes undesirable as it can allow users to sort on un-indexed columns, or virtual fields that can be expensive to calculate. You can use the 3rd parameter of Controller::paginate() to restrict the columns sorting will be done on: paginate(’Post’, array(), array(’title’, ’slug’)); This would allow sorting on the title and slug columns only. A user that sets sort to any other value will be ignored. Limit the maximum number of rows that can be fetched The number of results that are fetched is exposed to the user as the limit parameter. It is generally undesirable to allow users to fetch all rows in a paginated set. By default CakePHP limits the maximum number of rows that can be fetched to 100. If this default is not appropriate for your application, you can adjust it as part of the pagination options: 10 ); If the request’s limit param is greater than this value, it will be reduced to the maxLimit value. Pagination with GET parameters In previous versions of CakePHP you could only generate pagination links using named parameters. But if pages were requested with GET parameters they would still work. For 2.0, we decided to make how you generate pagination parameters more controlled and consistent. You can choose to use either querys- tring or named parameters in the component. Incoming requests will accept only the chosen type, and the PaginatorHelper will generate links with the chosen type of parameter: ’querystring’ ); Components 309 CakePHP Cookbook Documentation, Release 2.x The above would enable querystring parameter parsing and generation. You can also modify the $settings property on the PaginatorComponent: Paginator->settings[’paramType’]= ’querystring’; By default all of the typical paging parameters will be converted into GET arguments. Note: You can run into a situation where assigning a value to a nonexistent property will throw errors: paginate[’limit’]= 10; will throw the error “Notice: Indirect modification of overloaded property $paginate has no effect”. Assign- ing an initial value to the property solves the issue: paginate= array(); $this->paginate[’limit’]= 10; //or $this->paginate= array(’limit’ => 10); Or just declare the property in the controller class: Paginator->settings = array(’limit’ => 10); Make sure you have added the Paginator component to your $components array if you want to modify the $settings property of the PaginatorComponent. Either of these approaches will solve the notice errors. AJAX Pagination It’s very easy to incorporate Ajax functionality into pagination. Using the JsHelper and RequestHandlerComponent you can easily add Ajax pagination to your application. See Ajax Pagi- nation for more information. Pagination in the view Check the PaginatorHelper documentation for how to create links for pagination navigation. Security class SecurityComponent(ComponentCollection $collection, array $settings = array()) 310 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x The Security Component creates an easy way to integrate tighter security in your application. It provides methods for various tasks like: • Restricting which HTTP methods your application accepts. • CSRF protection. • Form tampering protection • Requiring that SSL be used. • Limiting cross controller communication. Like all components it is configured through several configurable parameters. All of these properties can be set directly or through setter methods of the same name in your controller’s beforeFilter. By using the Security Component you automatically get CSRF (http://en.wikipedia.org/wiki/Cross- site_request_forgery) and form tampering protection. Hidden token fields will automatically be inserted into forms and checked by the Security component. Among other things, a form submission will not be accepted after a certain period of inactivity, which is controlled by the csrfExpires time. If you are using Security component’s form protection features and other components that process form data in their startup() callbacks, be sure to place Security Component before those components in your $components array. Note: When using the Security Component you must use the FormHelper to create your forms. In addition, you must not override any of the fields’ “name” attributes. The Security Component looks for certain indica- tors that are created and managed by the FormHelper (especially those created in create() and end()). Dynamically altering the fields that are submitted in a POST request (e.g. disabling, deleting or creating new fields via JavaScript) is likely to trigger a black-holing of the request. See the $validatePost or $disabledFields configuration parameters. Handling blackhole callbacks If an action is restricted by the Security Component it is black-holed as an invalid request which will result in a 404 error by default. You can configure this behavior by setting the $this->Security->blackHoleCallback property to a callback function in the controller. SecurityComponent::blackHole(object $controller, string $error) Black-hole an invalid request with a 404 error or a custom callback. With no callback, the request will be exited. If a controller callback is set to SecurityComponent::blackHoleCallback, it will be called and passed any error information. property SecurityComponent::$blackHoleCallback A Controller callback that will handle and requests that are blackholed. A blackhole callback can be any public method on a controllers. The callback should expect an parameter indicating the type of error: Security->blackHoleCallback= ’blackhole’; Components 311 CakePHP Cookbook Documentation, Release 2.x } public function blackhole($type){ // handle errors. } The $type parameter can have the following values: •‘auth’ Indicates a form validation error, or a controller/action mismatch error. •‘csrf’ Indicates a CSRF error. •‘get’ Indicates an HTTP method restriction failure. •‘post’ Indicates an HTTP method restriction failure. •‘put’ Indicates an HTTP method restriction failure. •‘delete’ Indicates an HTTP method restriction failure. •‘secure’ Indicates an SSL method restriction failure. Restricting HTTP methods SecurityComponent::requirePost() Sets the actions that require a POST request. Takes any number of arguments. Can be called with no arguments to force all actions to require a POST. SecurityComponent::requireGet() Sets the actions that require a GET request. Takes any number of arguments. Can be called with no arguments to force all actions to require a GET. SecurityComponent::requirePut() Sets the actions that require a PUT request. Takes any number of arguments. Can be called with no arguments to force all actions to require a PUT. SecurityComponent::requireDelete() Sets the actions that require a DELETE request. Takes any number of arguments. Can be called with no arguments to force all actions to require a DELETE. Restrict actions to SSL SecurityComponent::requireSecure() Sets the actions that require a SSL-secured request. Takes any number of arguments. Can be called with no arguments to force all actions to require a SSL-secured. SecurityComponent::requireAuth() Sets the actions that require a valid Security Component generated token. Takes any number of arguments. Can be called with no arguments to force all actions to require a valid authentication. 312 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Restricting cross controller communication property SecurityComponent::$allowedControllers A List of Controller from which the actions of the current controller are allowed to receive requests from. This can be used to control cross controller requests. property SecurityComponent::$allowedActions Actions from which actions of the current controller are allowed to receive requests. This can be used to control cross controller requests. Form tampering prevention By default SecurityComponent prevents users from tampering with forms. It does this by working with FormHelper and tracking which files are in a form. It also keeps track of the values of hidden input elements. All of this data is combined and turned into a hash. When a form is submitted, SecurityComponent will use the POST data to build the same structure and compare the hash. property SecurityComponent::$unlockedFields Set to a list of form fields to exclude from POST validation. Fields can be unlocked either in the Component, or with FormHelper::unlockField(). Fields that have been unlocked are not required to be part of the POST and hidden unlocked fields do not have their values checked. property SecurityComponent::$validatePost Set to false to completely skip the validation of POST requests, essentially turning off form valida- tion. CSRF configuration property SecurityComponent::$csrfCheck Whether to use CSRF protected forms. Set to false to disable CSRF protection on forms. property SecurityComponent::$csrfExpires The duration from when a CSRF token is created that it will expire on. Each form/page request will generate a new token that can only be submitted once unless it expires. Can be any value compatible with strtotime(). The default is +30 minutes. property SecurityComponent::$csrfUseOnce Controls whether or not CSRF tokens are use and burn. Set to false to not generate new tokens on each request. One token will be reused until it expires. This reduces the chances of users getting invalid requests because of token consumption. It has the side effect of making CSRF less secure, as tokens are reusable. Usage Using the security component is generally done in the controller beforeFilter(). You would specify the security restrictions you want and the Security Component will enforce them on its startup: Components 313 CakePHP Cookbook Documentation, Release 2.x Security->requirePost(’delete’); } } In this example the delete action can only be successfully triggered if it receives a POST request: request->params[’admin’])) { $this->Security->requireSecure(); } } } This example would force all actions that had admin routing to require secure SSL requests: params[’admin’])) { $this->Security->blackHoleCallback= ’forceSSL’; $this->Security->requireSecure(); } } public function forceSSL() { $this->redirect(’https://’. env(’SERVER_NAME’). $this->here); } } This example would force all actions that had admin routing to require secure SSL requests. When the request is black holed, it will call the nominated forceSSL() callback which will redirect non-secure requests to secure requests automatically. CSRF protection CSRF or Cross Site Request Forgery is a common vulnerability in web applications. It allows an attacker to capture and replay a previous request, and sometimes submit data requests using image tags or resources on other domains. 314 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Double submission and replay attacks are handled by the SecurityComponent’s CSRF features. They work by adding a special token to each form request. This token once used cannot be used again. If an attempt is made to re-use an expired token the request will be blackholed. Using CSRF protection Simply by adding the SecurityComponent to your components array, you can benefit from the CSRF protection it provides. By default CSRF tokens are valid for 30 minutes and expire on use. You can control how long tokens last by setting csrfExpires on the component.: array( ’csrfExpires’ => ’+1 hour’ ) ); You can also set this property in your controller’s beforeFilter: Security->csrfExpires= ’+1 hour’; // ... } The csrfExpires property can be any value that is compatible with strtotime() (http://php.net/manual/en/function.strtotime.php). By default the FormHelper will add a data[_Token][key] containing the CSRF token to every form when the component is enabled. Handling missing or expired tokens Missing or expired tokens are handled similar to other security violations. The SecurityComponent’s blackHoleCallback will be called with a ‘csrf’ parameter. This helps you filter out CSRF token failures, from other warnings. Using per-session tokens instead of one-time use tokens By default a new CSRF token is generated for each request, and each token can only be used one. If a token is used twice, it will be blackholed. Sometimes, this behaviour is not desirable, as it can create issues with single page applications. You can toggle on longer, multi-use tokens by setting csrfUseOnce to false. This can be done in the components array, or in the beforeFilter of your controller: array( ’csrfUseOnce’ => false ) ); This will tell the component that you want to re-use a CSRF token until it expires - which is controlled by the csrfExpires value. If you are having issues with expired tokens, this is a good balance between security and ease of use. Components 315 CakePHP Cookbook Documentation, Release 2.x Disabling the CSRF protection There may be cases where you want to disable CSRF protec- tion on your forms for some reason. If you do want to disable this feature, you can set $this->Security->csrfCheck = false; in your beforeFilter or use the components ar- ray. By default CSRF protection is enabled, and configured to use one-use tokens. Disabling Security Component For Specific Actions There may be cases where you want to disable all security checks for an action (ex. ajax request). You may “unlock” these actions by listing them in $this->Security->unlockedActions in your beforeFilter. New in version 2.3. Sessions class SessionComponent(ComponentCollection $collection, array $settings = array()) The CakePHP SessionComponent provides a way to persist client data between page requests. It acts as a wrapper for the $_SESSION as well as providing convenience methods for several $_SESSION related functions. Sessions can be configured in a number of ways in CakePHP. For more information, you should see the Session configuration documentation. Interacting with Session data The Session component is used to interact with session information. It includes basic CRUD functions as well as features for creating feedback messages to users. It should be noted that Array structures can be created in the Session by using dot notation. So User.username would reference the following: array( ’username’ => ’clark-kent@dailyplanet.com’ )); Dots are used to indicate nested arrays. This notation is used for all Session component methods wherever a name/key is used. SessionComponent::write($name, $value) Write to the Session puts $value into $name. $name can be a dot separated array. For example: Session->write(’Person.eyeColor’, ’Green’); This writes the value ‘Green’ to the session under Person => eyeColor. SessionComponent::read($name) Returns the value at $name in the Session. If $name is null the entire session will be returned. E.g: 316 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Session->read(’Person.eyeColor’); Retrieve the value Green from the session. Reading data that does not exist will return null. SessionComponent::check($name) Used to check if a Session variable has been set. Returns true on existence and false on non-existence. SessionComponent::delete($name) Clear the session data at $name. E.g: Session->delete(’Person.eyeColor’); Our session data no longer has the value ‘Green’, or the index eyeColor set. However, Person is still in the Session. To delete the entire Person information from the session use: Session->delete(’Person’); SessionComponent::destroy() The destroy method will delete the session cookie and all session data stored in the temporary file system. It will then destroy the PHP session and then create a fresh session: Session->destroy(); Creating notification messages SessionComponent::setFlash(string $message, string $element = ‘default’, array $params = array(), string $key = ‘flash’) Return type void Often in web applications, you will need to display a one-time notification message to the user after processing a form or acknowledging data. In CakePHP, these are referred to as “flash messages”. You can set flash message with the SessionComponent and display them with the SessionHelper::flash(). To set a message, use setFlash: Session->setFlash(’Your stuff has been saved.’); This will create a one-time message that can be displayed to the user, using the SessionHelper: Session->flash(); // The above will output.
    Your stuff has been saved.
    Components 317 CakePHP Cookbook Documentation, Release 2.x You can use the additional parameters of setFlash() to create different kinds of flash messages. For example, error and positive notifications may look differently. CakePHP gives you a way to do that. Using the $key parameter you can store multiple messages, which can be output separately: Session->setFlash(’Something bad.’, ’default’, array(), ’bad’); // set a good message. $this->Session->setFlash(’Something good.’, ’default’, array(), ’good’); In the view, these messages can be output and styled differently: Session->flash(’good’); echo $this->Session->flash(’bad’); The $element parameter allows you to control which element (located in /app/View/Elements) should be used to render the message in. In the element the mes- sage is available as $message. First we set the flash in our controller: Session->setFlash(’Something custom!’, ’flash_custom’); Then we create the file app/View/Elements/flash_custom.ctp and build our custom flash element:
    $params allows you to pass additional view variables to the rendered layout. Parameters can be passed affecting the rendered div, for example adding “class” in the $params array will apply a class to the div output using $this->Session->flash() in your layout or view.: Session->setFlash(’Example message text’, ’default’, array(’class’ => ’example_class’)); The output from using $this->Session->flash() with the above example would be:
    Example message text
    To use an element from a plugin just specify the plugin in the $params: Session->setFlash(’Message!’, ’flash_no_spam’, array(’plugin’ => ’Comment’)); Helpers CakePHP features a number of helpers that aid in view creation. They assist in creating well-formed markup (including forms), aid in formatting text, times and numbers, and can even integrate with popular javascript libraries. Here is a summary of the built-in helpers. 318 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Read Helpers to learn more about helpers, their api, and how you can create and use your own helpers. Helpers CacheHelper class CacheHelper(View $view, array $settings = array()) The Cache helper assists in caching entire layouts and views, saving time repetitively retrieving data. View Caching in Cake temporarily stores parsed layouts and views as simple PHP + HTML files It should be noted that the Cache helper works quite differently than other helpers. It does not have methods that are directly called. Instead a view is marked with cache tags indicating which blocks of content should not be cached. The CacheHelper then uses helper callbacks to process the file and output to generate the cache file. When a URL is requested, CakePHP checks to see if that request string has already been cached. If it has, the rest of the url dispatching process is skipped. Any nocache blocks are processed normally and the view is served. This creates a big savings in processing time for each request to a cached URL as minimal code is executed. If Cake doesn’t find a cached view, or the cache has expired for the requested URL it continues to process the request normally. Using the Helper There are two steps you have to take before you can use the CacheHelper. First in your APP/Config/core.php uncomment the Configure write call for Cache.check. This will tell CakePHP to check for, and generate view cache files when handling requests. Once you’ve uncommented the Cache.check line you will need to add the helper to your controller’s $helpers array: 36000, ’index’ => 48000 ); Helpers 319 CakePHP Cookbook Documentation, Release 2.x This will cache the view action 10 hours, and the index action 13 hours. By making $cacheAction a strtotime() friendly value you can cache every action in the controller: array(’callbacks’ => true, ’duration’ => 21600), ’add’ => array(’callbacks’ => true, ’duration’ => 36000), ’index’ => array(’callbacks’ => true, ’duration’ => 48000) ); By setting callbacks => true you tell CacheHelper that you want the generated files to create the components and models for the controller. Additionally, fire the component initialize, controller beforeFilter, and component startup callbacks. Note: Setting callbacks => true partly defeats the purpose of caching. This is also the reason it is disabled by default. Marking Non-Cached Content in Views There will be times when you don’t want an entire view cached. For example, certain parts of the page may look different whether a user is currently logged in or browsing your site as a guest. To indicate blocks of content that are not to be cached, wrap them in like so: Session->check(’User.name’)):?> Welcome, Session->read(’User.name’)); ?>. link(’Login’, ’users/login’); ?> Note: You cannot use nocache tags in elements. Since there are no callbacks around elements, they cannot be cached. It should be noted that once an action is cached, the controller method for the action will not be called. When a cache file is created, the request object, and view variables are serialized with PHP’s serialize(). Warning: If you have view variables that contain un-serializable content such as SimpleXML objects, resource handles, or closures you might not be able to use view caching. 320 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Clearing the Cache It is important to remember that the CakePHP will clear a cached view if a model used in the cached view is modified. For example, if a cached view uses data from the Post model, and there has been an INSERT, UPDATE, or DELETE query made to a Post, the cache for that view is cleared, and new content is generated on the next request. Note: This automatic cache clearing requires the controller/model name to be part of the URL. If you’ve used routing to change your urls this feature will not work. If you need to manually clear the cache, you can do so by calling Cache::clear(). This will clear all cached data, excluding cached view files. If you need to clear the cached view files, use clearCache(). FormHelper class FormHelper(View $view, array $settings = array()) The FormHelper does most of the heavy lifting in form creation. The FormHelper focuses on creating forms quickly, in a way that will streamline validation, re-population and layout. The FormHelper is also flexible - it will do almost everything for you using conventions, or you can use specific methods to get only what you need. Creating Forms The first method you’ll need to use in order to take advantage of the FormHelper is create(). This special method outputs an opening form tag. FormHelper::create(string $model = null, array $options = array()) All parameters are optional. If create() is called with no parameters supplied, it assumes you are building a form that submits to the current controller, via either the current URL. The default method for form submission is POST. The form element is also returned with a DOM ID. The ID is generated using the name of the model, and the name of the controller action, CamelCased. If I were to call create() inside a UsersController view, I’d see something like the following output in the rendered view: Note: You can also pass false for $model. This will place your form data into the array: $this->request->data (instead of in the sub-array: $this->request->data[’Model’]). This can be handy for short forms that may not represent anything in your database. The create() method allows us to customize much more using the parameters, however. First, you can specify a model name. By specifying a model for a form, you are creating that form’s context. All fields are assumed to belong to this model (unless otherwise specified), and all models referenced Helpers 321 CakePHP Cookbook Documentation, Release 2.x are assumed to be associated with it. If you do not specify a model, then it assumes you are using the default model for the current controller: // If you are on /recipes/add Form->create(’Recipe’); ?> Output: This will POST the form data to the add() action of RecipesController. However, you can also use the same logic to create an edit form. The FormHelper uses the $this->request->data prop- erty to automatically detect whether to create an add or edit form. If $this->request->data contains an array element named after the form’s model, and that array contains a non-empty value of the model’s primary key, then the FormHelper will create an edit form for that record. For example, if we browse to http://site.com/recipes/edit/5, we would get the following: // Controller/RecipesController.php: request->data)) { $this->request->data= $this->Recipe->findById($id); } else { // Save logic goes here } } // View/Recipes/edit.ctp: // Since $this->request->data[’Recipe’][’id’] = 5, we will get an edit form Form->create(’Recipe’); ?> Output: Note: Since this is an edit form, a hidden input field is generated to override the default HTTP method. When creating forms for models in plugins, you should always use plugin syntax when creating a form. This will ensure the form is correctly generated: Form->create(’ContactManager.Contact’); The $options array is where most of the form configuration happens. This special array can contain a number of different key-value pairs that affect the way the form tag is generated. Changed in version 2.0: The default url for all forms, is now the current url including passed, named, and querystring parameters. You can override this default by supplying $options[’url’] in the second parameter of $this->Form->create(). 322 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Options for create() There are a number of options for create(): • $options[’type’] This key is used to specify the type of form to be created. Valid values include ‘post’, ‘get’, ‘file’, ‘put’ and ‘delete’. Supplying either ‘post’ or ‘get’ changes the form submission method accordingly: Form->create(’User’, array(’type’ => ’get’)); ?> Output: Specifying ‘file’ changes the form submission method to ‘post’, and includes an enctype of “multipart/form-data” on the form tag. This is to be used if there are any file elements inside the form. The absence of the proper enctype attribute will cause the file uploads not to function: Form->create(’User’, array(’type’ => ’file’)); ?> Output: When using ‘put’ or ‘delete’, your form will be functionally equivalent to a ‘post’ form, but when submitted, the HTTP request method will be overridden with ‘PUT’ or ‘DELETE’, respectively. This allows CakePHP to emulate proper REST support in web browsers. • $options[’action’] The action key allows you to point the form to a specific action in your current controller. For example, if you’d like to point the form to the login() action of the current controller, you would supply an $options array like the following: Form->create(’User’, array(’action’ => ’login’)); ?> Output: • $options[’url’] If the desired form action isn’t in the current controller, you can specify a URL for the form action using the ‘url’ key of the $options array. The supplied URL can be relative to your CakePHP application: Form->create(null, array(’url’ => ’/recipes/add’)); // or echo $this->Form->create(null, array( ’url’ => array(’controller’ => ’recipes’, ’action’ => ’add’) )); Output:
    or can point to an external domain: Helpers 323 CakePHP Cookbook Documentation, Release 2.x Form->create(null, array( ’url’ => ’http://www.google.com/search’, ’type’ => ’get’ )); Output: Also check HtmlHelper::url() method for more examples of different types of urls. • $options[’default’] If ‘default’ has been set to boolean false, the form’s submit action is changed so that pressing the submit button does not submit the form. If the form is meant to be submitted via AJAX, setting ‘default’ to false suppresses the form’s default behavior so you can grab the data and submit it via AJAX instead. • $options[’inputDefaults’] You can declare a set of default options for input() with the inputDefaults key to customize your default input creation: Form->create(’User’, array( ’inputDefaults’ => array( ’label’ => false, ’div’ => false ) )); All inputs created from that point forward would inherit the options declared in inputDefaults. You can override the defaultOptions by declaring the option in the input() call: Form->input(’password’); // No div, no label echo $this->Form->input(’username’, array(’label’ => ’Username’)); // has a label element Closing the Form FormHelper::end($options = null) The FormHelper includes an end() method that completes the form. Often, end() only outputs a closing form tag, but using end() also allows the FormHelper to insert needed hidden form elements that SecurityComponent requires: Form->create(); ?> Form->end(); ?> If a string is supplied as the first parameter to end(), the FormHelper outputs a submit button named accordingly along with the closing form tag: 324 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Form->end(’Finish’); ?> Will output:
    You can specify detail settings by passing an array to end(): ’Update’, ’div’ => array( ’class’ => ’glass-pill’, ) ); echo $this->Form->end($options); Will output:
    See the API (http://api20.cakephp.org) for further details. Note: If you are using SecurityComponent in your application you should always end your forms with end(). Creating form elements There are a few ways to create form inputs with the FormHelper. We’ll start by looking at input(). This method will automatically inspect the model field it has been supplied in order to create an appropriate input for that field. Internally input() delegates to other methods in FormHelper. FormHelper::input(string $fieldName, array $options = array()) Creates the following elements given a particular Model.field: •Wrapping div. •Label element •Input element(s) •Error element with message if applicable. The type of input created depends on the column datatype: Column Type Resulting Form Field string (char, varchar, etc.) text boolean, tinyint(1) checkbox Helpers 325 CakePHP Cookbook Documentation, Release 2.x text textarea text, with name of password, passwd, or psword password date day, month, and year selects datetime, timestamp day, month, year, hour, minute, and meridian selects time hour, minute, and meridian selects The $options parameter allows you to customize how input() works, and finely control what is generated. The wrapping div will have a required classname appended if the validation rules for the Model’s field do not specify allowEmpty => true. One limitation of this behavior is the field’s model must have been loaded during this request. Or be directly associated to the model supplied to create(). For example, let’s assume that your User model includes fields for a username (varchar), password (varchar), approved (datetime) and quote (text). You can use the input() method of the FormHelper to create appropriate inputs for all of these form fields: Form->create(); echo $this->Form->input(’username’); //text echo $this->Form->input(’password’); //password echo $this->Form->input(’approved’); //day, month, year, hour, minute, meridian echo $this->Form->input(’quote’); //textarea echo $this->Form->end(’Add’); A more extensive example showing some options for a date field: Form->input(’birth_dt’, array( ’label’ => ’Date of birth’, ’dateFormat’ => ’DMY’, ’minYear’ => date(’Y’)- 70, ’maxYear’ => date(’Y’)- 18, )); Besides the specific options for input() found below, you can specify any option for the in- put type & any html attribute (for instance onfocus). For more information on $options and $htmlAttributes see HtmlHelper. Assuming that User hasAndBelongsToMany Group. In your controller, set a camelCase plural vari- able (group -> groups in this case, or ExtraFunkyModel -> extraFunkyModels) with the select options. In the controller action you would put the following: set(’groups’, $this->User->Group->find(’list’)); And in the view a multiple select can be created with this simple code: 326 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Form->input(’Group’); If you want to create a select field while using a belongsTo - or hasOne - Relation, you can add the following to your Users-controller (assuming your User belongsTo Group): set(’groups’, $this->User->Group->find(’list’)); Afterwards, add the following to your form-view: Form->input(’group_id’); If your model name consists of two or more words, e.g., “UserGroup”, when passing the data using set() you should name your data in a pluralised and camelCased format as follows: set(’userGroups’, $this->UserGroup->find(’list’)); // or $this->set(’reallyInappropriateModelNames’, $this->ReallyInappropriateModelName->find(’list’)); Note: Try to avoid using FormHelper::input() to generate submit buttons. Use FormHelper::submit() instead. FormHelper::inputs(mixed $fields = null, array $blacklist = null) Generate a set of inputs for $fields. If $fields is null the current model will be used. In addition to controller fields output, $fields can be used to control legend and fieldset render- ing with the fieldset and legend keys. $form->inputs(array(’legend’ => ’My legend’)); Would generate an input set with a custom legend. You can customize individual inputs through $fields as well.: inputs(array( ’name’ => array(’label’ => ’custom label’) )); In addition to fields control, inputs() allows you to use a few additional options. •fieldset Set to false to disable the fieldset. If a string is supplied it will be used as the classname for the fieldset element. •legend Set to false to disable the legend for the generated input set. Or supply a string to customize the legend text. Field naming conventions The Form helper is pretty smart. Whenever you specify a field name with the form helper methods, it’ll automatically use the current model name to build an input with a format like the following: Helpers 327 CakePHP Cookbook Documentation, Release 2.x This allows you to omit the model name when generating inputs for the model that the form was created for. You can create inputs for associated models, or arbitrary models by passing in Modelname.fieldname as the first parameter: Form->input(’Modelname.fieldname’); If you need to specify multiple fields using the same field name, thus creating an array that can be saved in one shot with saveAll(), use the following convention: Form->input(’Modelname.0.fieldname’); echo $this->Form->input(’Modelname.1.fieldname’); Output: FormHelper uses several field-suffixes internally for datetime input creation. If you are using fields named year, month, day, hour, minute, or meridian and having issues getting the correct input, you can set the name attribute to override the default behavior: Form->input(’Model.year’, array( ’type’ => ’text’, ’name’ => ’data[Model][year]’ )); Options FormHelper::input() supports a large number of options. In addition to its own options input() accepts options for the generated input types, as well as html attributes. The following will cover the options specific to FormHelper::input(). • $options[’type’] You can force the type of an input, overriding model introspection, by spec- ifying a type. In addition to the field types found in the Creating form elements, you can also create ‘file’, ‘password’, and any type supported by HTML5: Form->input(’field’, array(’type’ => ’file’)); echo $this->Form->input(’email’, array(’type’ => ’email’)); Output:
    328 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x • $options[’div’] Use this option to set attributes of the input’s containing div. Using a string value will set the div’s class name. An array will set the div’s attributes to those specified by the array’s keys/values. Alternatively, you can set this key to false to disable the output of the div. Setting the class name: Form->input(’User.name’, array( ’div’ => ’class_name’ )); Output:
    Setting multiple attributes: Form->input(’User.name’, array( ’div’ => array( ’id’ => ’mainDiv’, ’title’ => ’Div Title’, ’style’ => ’display:block’ ) )); Output:
    Disabling div output: Form->input(’User.name’, array(’div’ => false)); ?> Output: • $options[’label’] Set this key to the string you would like to be displayed within the label that usually accompanies the input: Form->input(’User.name’, array( ’label’ => ’The User Alias’ )); Output: Helpers 329 CakePHP Cookbook Documentation, Release 2.x
    Alternatively, set this key to false to disable the output of the label: Form->input(’User.name’, array(’label’ => false)); Output:
    Set this to an array to provide additional options for the label element. If you do this, you can use a text key in the array to customize the label text: Form->input(’User.name’, array( ’label’ => array( ’class’ => ’thingy’, ’text’ => ’The User Alias’ ) )); Output:
    • $options[’error’] Using this key allows you to override the default model error messages and can be used, for example, to set i18n messages. It has a number of suboptions which control the wrapping element, wrapping element class name, and whether HTML in the error message will be escaped. To disable error message output set the error key to false: Form->input(’Model.field’, array(’error’ => false)); To modify the wrapping element type and its class, use the following format: Form->input(’Model.field’, array( ’error’ => array(’attributes’ => array(’wrap’ => ’span’, ’class’ => ’bzzz’)) )); To prevent HTML being automatically escaped in the error message output, set the escape suboption to false: 330 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Form->input(’Model.field’, array( ’error’ => array( ’attributes’ => array(’escape’ => false) ) )); To override the model error messages use an array with the keys matching the validation rule names: Form->input(’Model.field’, array( ’error’ => array(’tooShort’ => __(’This is not long enough’)) )); As seen above you can set the error message for each validation rule you have in your models. In addition you can provide i18n messages for your forms. • $options[’before’], $options[’between’], $options[’separator’], and $options[’after’] Use these keys if you need to inject some markup inside the output of the input() method: Form->input(’field’, array( ’before’ => ’--before--’, ’after’ => ’--after--’, ’between’ => ’--between---’ )); Output:
    --before-- --between--- --after--
    For radio inputs the ‘separator’ attribute can be used to inject markup to separate each input/label pair: Form->input(’field’, array( ’before’ => ’--before--’, ’after’ => ’--after--’, ’between’ => ’--between---’, ’separator’ => ’--separator--’, ’options’ => array(’1’, ’2’) )); Output:
    --before-- Helpers 331 CakePHP Cookbook Documentation, Release 2.x --separator-- --between--- --after--
    For date and datetime type elements the ‘separator’ attribute can be used to change the string between select elements. Defaults to ‘-‘. • $options[’format’] The ordering of the html generated FormHelper is controllable as well. The ‘format’ options supports an array of strings describing the template you would like said ele- ment to follow. The supported array keys are: array(’before’, ’input’, ’between’, ’label’, ’after’,’error’). • $options[’inputDefaults’] If you find yourself repeating the same options in multiple in- put() calls, you can use inputDefaults‘ to keep your code dry: Form->create(’User’, array( ’inputDefaults’ => array( ’label’ => false, ’div’ => false ) )); All inputs created from that point forward would inherit the options declared in inputDefaults. You can override the defaultOptions by declaring the option in the input() call: Form->input(’password’); // has a label element echo $this->Form->input(’username’, array(’label’ => ’Username’)); If you need to later change the defaults you can use FormHelper::inputDefaults(). Generating specific types of inputs In addition to the generic input() method, FormHelper has specific methods for generating a number of different types of inputs. These can be used to generate just the input widget itself, and combined with other methods like label() and error() to generate fully custom form layouts. Common options Many of the various input element methods support a common set of options. All of these options are also supported by input(). To reduce repetition the common options shared by all input methods are as follows: • $options[’class’] You can set the classname for an input: 332 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Form->input(’title’, array(’class’ => ’custom-class’)); • $options[’id’] Set this key to force the value of the DOM id for the input. • $options[’default’] Used to set a default value for the input field. The value is used if the data passed to the form does not contain a value for the field (or if no data is passed at all). Example usage: Form->input(’ingredient’, array(’default’ => ’Sugar’)); Example with select field (Size “Medium” will be selected as default): ’Small’, ’m’ => ’Medium’, ’l’ => ’Large’); echo $this->Form->input(’size’, array(’options’ => $sizes, ’default’ => ’m’)); Note: You cannot use default to check a checkbox - instead you might set the value in $this->request->data in your controller, or set the input option checked to true. Note: Date and datetime fields’ default values can be set by using the ‘selected’ key. Note: Beware of using false to assign a default value. A false value is used to disable/exclude options of an input field, so ’default’ => false would not set any value at all. Instead use ’default’ => 0. In addition to the above options, you can mixin any html attribute you wish to use. Any non-special option name will be treated as an HTML attribute, and applied to the generated HTML input element. Options for select, checkbox and radio inputs • $options[’selected’] Used in combination with a select-type input (i.e. For types select, date, time, datetime). Set ‘selected’ to the value of the item you wish to be selected by default when the input is rendered: Form->input(’close_time’, array( ’type’ => ’time’, ’selected’ => ’13:30:00’ )); Note: The selected key for date and datetime inputs may also be a UNIX timestamp. • $options[’empty’] If set to true, forces the input to remain empty. Helpers 333 CakePHP Cookbook Documentation, Release 2.x When passed to a select list, this creates a blank option with an empty value in your drop down list. If you want to have a empty value with text displayed instead of just a blank option, pass in a string to empty: Form->input(’field’, array( ’options’ => array(1,2,3,4,5), ’empty’ => ’(choose one)’ )); Output:
    Note: If you need to set the default value in a password field to blank, use ‘value’ => ‘’ instead. Options can also supplied as key-value pairs. • $options[’hiddenField’] For certain input types (checkboxes, radios) a hidden input is cre- ated so that the key in $this->request->data will exist even without a value specified: This can be disabled by setting the $options[’hiddenField’] = false: Form->checkbox(’published’, array(’hiddenField’ => false)); Which outputs: If you want to create multiple blocks of inputs on a form that are all grouped together, you should use this parameter on all inputs except the first. If the hidden input is on the page in multiple places, only the last group of input’s values will be saved In this example, only the tertiary colors would be passed, and the primary colors would be overridden:

    Primary Colors

    334 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x

    Tertiary Colors

    Disabling the ’hiddenField’ on the second input group would prevent this behavior. You can set a different hidden field value other than 0 such as ‘N’: Form->checkbox(’published’, array( ’value’ => ’Y’, ’hiddenField’ => ’N’, )); Datetime options • $options[’timeFormat’] Used to specify the format of the select inputs for a time-related set of inputs. Valid values include ‘12’, ‘24’, and null. • $options[’dateFormat’] Used to specify the format of the select inputs for a date-related set of inputs. Valid values include any combination of ‘D’, ‘M’ and ‘Y’ or null. The inputs will be put in the order defined by the dateFormat option. • $options[’minYear’], $options[’maxYear’] Used in combination with a date/datetime input. Defines the lower and/or upper end of values shown in the years select field. • $options[’orderYear’] Used in combination with a date/datetime input. Defines the order in which the year values will be set. Valid values include ‘asc’, ‘desc’. The default value is ‘desc’. • $options[’interval’] This option specifies the number of minutes between each option in the minutes select box: Form->input(’Model.time’, array( ’type’ => ’time’, ’interval’ => 15 )); Would create 4 options in the minute select. One for each 15 minutes. Helpers 335 CakePHP Cookbook Documentation, Release 2.x Form Element-Specific Methods FormHelper::label(string $fieldName, string $text, array $options) Create a label element. $fieldName is used for generating the DOM id. If $text is undefined, $fieldName will be used to inflect the label’s text: Form->label(’User.name’); echo $this->Form->label(’User.name’, ’Your username’); Output: $options can either be an array of html attributes, or a string that will be used as a classname: Form->label(’User.name’, null, array(’id’ => ’user-label’)); echo $this->Form->label(’User.name’, ’Your username’, ’highlight’); Output: FormHelper::text(string $name, array $options) The rest of the methods available in the FormHelper are for creating specific form elements. Many of these methods also make use of a special $options parameter. In this case, however, $options is used primarily to specify HTML tag attributes (such as the value or DOM id of an element in the form): Form->text(’username’, array(’class’ => ’users’)); ?> Will output: FormHelper::password(string $fieldName, array $options) Creates a password field.: Form->password(’password’); Will output: FormHelper::hidden(string $fieldName, array $options) Creates a hidden form input. Example: Form->hidden(’id’); Will output: 336 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Changed in version 2.0: Hidden fields no longer remove the class attribute. This means that if there are validation errors on hidden fields, the error-field classname will be applied. FormHelper::textarea(string $fieldName, array $options) Creates a textarea input field.: Form->textarea(’notes’); Will output: Note: The textarea input type allows for the $options attribute of ’escape’ which deter- mines whether or not the contents of the textarea should be escaped. Defaults to true. Form->textarea(’notes’, array(’escape’ => false); // OR.... echo $this->Form->input(’notes’, array(’type’ => ’textarea’, ’escape’ => false); Options In addition to the Common options, textarea() supports a few specific options: •$options[’rows’], $options[’cols’] These two keys specify the number of rows and columns: Form->textarea(’textarea’, array(’rows’ => ’5’, ’cols’ => ’5’)); Output: FormHelper::checkbox(string $fieldName, array $options) Creates a checkbox form element. This method also generates an associated hidden form input to force the submission of data for the specified field.: Form->checkbox(’done’); ?> Will output: It is possible to specify the value of the checkbox by using the $options array: Form->checkbox(’done’, array(’value’ => 555)); ?> Helpers 337 CakePHP Cookbook Documentation, Release 2.x Will output: If you don’t want the Form helper to create a hidden input: Form->checkbox(’done’, array(’hiddenField’ => false)); ?> Will output: FormHelper::radio(string $fieldName, array $options, array $attributes) Creates a set of radio button inputs. Options •$attributes[’value’] to set which value should be selected default. •$attributes[’separator’] to specify HTML in between radio buttons (e.g.
    ). •$attributes[’between’] specify some content to be inserted between the legend and first element. •$attributes[’disabled’] Setting this to true or ’disabled’ will disable all of the generated radio buttons. •$attributes[’legend’] Radio elements are wrapped with a label and fieldset by default. Set $attributes[’legend’] to false to remove them.: ’Male’, ’F’ => ’Female’); $attributes= array(’legend’ => false); echo $this->Form->radio(’gender’, $options, $attributes); Will output: If for some reason you don’t want the hidden input, setting $attributes[’value’] to a selected value or boolean false will do just that. Changed in version 2.1: The $attributes[’disabled’] option was added in 2.1. FormHelper::select(string $fieldName, array $options, array $attributes) Creates a select element, populated with the items in $options, with the option specified by $attributes[’value’] shown as selected by default. Set to false the the ‘empty’ key in the $attributes variable to turn off the default empty option: ’Male’, ’F’ => ’Female’); echo $this->Form->select(’gender’, $options); 338 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Will output: The select input type allows for a special $option attribute called ’escape’ which accepts a bool and determines whether to HTML entity encode the contents of the select options. Defaults to true: ’Male’, ’F’ => ’Female’); echo $this->Form->select(’gender’, $options, array(’escape’ => false)); •$attributes[’options’] This key allows you to manually specify options for a select input, or for a radio group. Unless the ‘type’ is specified as ‘radio’, the FormHelper will assume that the target output is a select input: Form->select(’field’, array(1,2,3,4,5)); Output: Options can also be supplied as key-value pairs: Form->select(’field’, array( ’Value 1’ => ’Label 1’, ’Value 2’ => ’Label 2’, ’Value 3’ => ’Label 3’ )); Output: If you would like to generate a select with optgroups, just pass data in hierarchical format. This works on multiple checkboxes and radio buttons too, but instead of optgroups wraps elements in fieldsets: Helpers 339 CakePHP Cookbook Documentation, Release 2.x array( ’Value 1’ => ’Label 1’, ’Value 2’ => ’Label 2’ ), ’Group 2’ => array( ’Value 3’ => ’Label 3’ ) ); echo $this->Form->select(’field’, $options); Output: •$options[’multiple’] If ‘multiple’ has been set to true for an input that outputs a select, the select will allow multiple selections: Form->select(’Model.field’, $options, array(’multiple’ => true)); Alternatively set ‘multiple’ to ‘checkbox’ to output a list of related check boxes: ’Label 1’, ’Value 2’ => ’Label 2’ ); echo $this->Form->select(’Model.field’, $options, array( ’multiple’ => ’checkbox’ )); Output:
    340 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x
    •$options[’disabled’] When creating checkboxes, this option can be set to disable all or some checkboxes. To disable all checkboxes set disabled to true: ’Label 1’, ’Value 2’ => ’Label 2’ ); echo $this->Form->select(’Model.field’, $options, array( ’multiple’ => ’checkbox’, ’disabled’ => array(’Value 1’) )); Output:
    Changed in version 2.3: Support for arrays in $options[’disabled’] was added in 2.3. FormHelper::file(string $fieldName, array $options) To add a file upload field to a form, you must first make sure that the form enctype is set to “multipart/form-data”, so start off with a create function such as the following: Form->create(’Document’, array(’enctype’ => ’multipart/form-data’)); // OR echo $this->Form->create(’Document’, array(’type’ => ’file’)); Next add either of the two lines to your form view file: Form->input(’Document.submittedfile’, array( ’between’ => ’
    ’, ’type’ => ’file’ )); // OR echo $this->Form->file(’Document.submittedfile’); Helpers 341 CakePHP Cookbook Documentation, Release 2.x Due to the limitations of HTML itself, it is not possible to put default values into input fields of type ‘file’. Each time the form is displayed, the value inside will be empty. Upon submission, file fields provide an expanded data array to the script receiving the form data. For the example above, the values in the submitted data array would be organized as follows, if the CakePHP was installed on a Windows server. ‘tmp_name’ will have a different path in a Unix environment: request->data[’Document’][’submittedfile’]= array( ’name’ => ’conference_schedule.pdf’, ’type’ => ’application/pdf’, ’tmp_name’ => ’C:/WINDOWS/TEMP/php1EE.tmp’, ’error’ =>0, ’size’ => 41737, ); This array is generated by PHP itself, so for more detail on the way PHP handles data passed via file fields read the PHP manual section on file uploads (http://php.net/features.file-upload). Validating Uploads Below is an example validation method you could define in your model to validate whether a file has been successfully uploaded: Form->create(’User’, array(’type’ => ’file’)); echo $this->Form->file(’avatar’); Will output:
    Note: When using $this->Form->file(), remember to set the form encoding-type, by setting the type option to ‘file’ in $this->Form->create() 342 Chapter 9. Core Libraries CakePHP Cookbook Documentation, Release 2.x Creating buttons and submit elements FormHelper::submit(string $caption, array $options) Creates a submit button with caption $caption. If the supplied $caption is a URL to an image (it contains a ‘.’ character), the submit button will be rendered as an image. It is enclosed between div tags by default; you can avoid this by declaring $options[’div’] = false: Form->submit(); Will output:
    You can also pass a relative or absolute url to an image for the caption parameter instead of caption text.: Form->submit(’ok.png’); Will output:
    FormHelper::button(string $title, array $options = array()) Creates an HTML button with the specified title and a default type of “button”. Setting $options[’type’] will output one of the three possible button types: 1.submit: Same as the $this->Form->submit method - (the default). 2.reset: Creates a form reset button. 3.button: Creates a standard push button. Form->button(’A Button’); echo $this->Form->button(’Another Button’, array(’type’ => ’button’)); echo $this->Form->button(’Reset the Form’, array(’type’ => ’reset’)); echo $this->Form->button(’Submit Form’, array(’type’ => ’submit’)); Will output: The button input type supports the escape option, which accepts a bool and determines whether to HTML entity encode the $title of the button. Defaults to false: Form->button(’Submit Form’, array(’type’ => ’submit’, ’escape’ => true)); Helpers 343 CakePHP Cookbook Documentation, Release 2.x FormHelper::postButton(string $title, mixed $url, array $options = array ()) Create a