PHPackages zephyrphp/framework - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Framework](/categories/framework) 4. / 5. zephyrphp/framework ActiveLibrary[Framework](/categories/framework) zephyrphp/framework =================== ZephyrPHP - An open-source, GUI-first CMS platform for building modern websites. v0.4.50(1mo ago)0997MITPHPPHP >=8.2 Since Jan 27Pushed 2mo agoCompare [ Source](https://github.com/Techwonia/zephyrphp-framework)[ Packagist](https://packagist.org/packages/zephyrphp/framework)[ Docs](https://github.com/Techwonia/zephyrphp-framework)[ RSS](/packages/zephyrphp-framework/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (12)Versions (51)Used By (7) ZephyrPHP Framework =================== [](#zephyrphp-framework) *Light as a breeze. Fast as the wind.* A lightweight, fast, and secure PHP framework for building modern web applications. Features -------- [](#features) - **Lightweight** - Minimal footprint, only what you need - **Fast** - Optimized for performance with template caching - **Secure** - Built-in CSRF protection, input sanitization, security headers - **MVC Architecture** - Clean separation of concerns - **Twig Templating** - Powerful and secure template engine with auto-escaping - **Dependency Injection** - Built-in PHP-DI container support - **Routing** - Flexible routing with middleware support - **Validation** - Fluent validation with custom rules - **File Upload** - Secure file upload handling with MIME validation - **CLI Tools** - Craftsman CLI for code generation Requirements ------------ [](#requirements) - PHP >= 8.2 - Composer Installation ------------ [](#installation) ``` composer require zephyrphp/framework ``` Or create a new project: ``` composer create-project zephyrphp/starter my-app cd my-app php craftsman serve ``` Quick Start ----------- [](#quick-start) ### Define Routes [](#define-routes) ``` // routes/web.php use Zephyr\Router\Route; use App\Controllers\HomeController; Route::get('/', [new HomeController(), 'index']); Route::get('/users/{id}', [new UserController(), 'show']); Route::post('/users', [new UserController(), 'store']); // Route groups with prefix Route::group('/api', function() { Route::get('/users', [new ApiController(), 'users']); }); ``` ### Create Controllers [](#create-controllers) ``` // app/Controllers/HomeController.php namespace App\Controllers; use Zephyr\Core\Controllers\Controller; class HomeController extends Controller { public function index() { return $this->render('home', [ 'title' => 'Welcome to ZephyrPHP' ]); } public function store() { // CSRF validation if (!$this->validateCSRF()) { return; // Returns 403 automatically } // Get sanitized input $email = $this->request->sanitized('email', 'email'); $name = $this->request->sanitized('name', 'string'); // Your logic here return $this->json(['success' => true]); } } ``` ### Validation [](#validation) ``` use Zephyr\Validation\Validator; $validator = Validator::make($request->all(), [ 'name' => 'required|min:3|max:255', 'email' => 'required|email', 'password' => 'required|min:8|confirmed', 'age' => 'nullable|integer|between:18,120', ]); if ($validator->fails()) { return $this->json(['errors' => $validator->errors()], 422); } $validated = $validator->validated(); ``` ### Secure File Upload [](#secure-file-upload) ``` use Zephyr\Security\FileUpload; $uploader = FileUpload::forImages() ->setMaxFileSize(5 * 1024 * 1024) // 5MB ->setUploadDir(BASE_PATH . '/storage/uploads'); $file = $this->request->file('avatar'); if ($filename = $uploader->upload($file)) { // File uploaded successfully } else { $error = $uploader->getLastError(); } ``` ### CSRF Protection [](#csrf-protection) ``` // In your Twig template {{ csrf_field() | raw }} // In controller if (!$this->validateCSRF()) { return; // Automatically returns 403 } ``` ### Input Sanitization [](#input-sanitization) ``` use Zephyr\Security\Sanitizer; $email = Sanitizer::email($input); $slug = Sanitizer::slug($input); $clean = Sanitizer::string($input); $number = Sanitizer::int($input); // Or via Request $email = $this->request->sanitized('email', 'email'); ``` Security Features ----------------- [](#security-features) ### Built-in Security Headers [](#built-in-security-headers) ZephyrPHP automatically applies security headers: - `X-Content-Type-Options: nosniff` - `X-Frame-Options: SAMEORIGIN` - `X-XSS-Protection: 1; mode=block` - `Referrer-Policy: strict-origin-when-cross-origin` - `Permissions-Policy` - `Content-Security-Policy` (customizable) ### Environment-based Configuration [](#environment-based-configuration) ``` // Production mode disables: // - Debug output // - Error display // - Twig debug extension // And enables: // - Template caching // - Strict error logging // - HSTS headers (with HTTPS) ``` CLI Commands ------------ [](#cli-commands) ``` # Start development server php craftsman serve # Start on custom host/port php craftsman serve 0.0.0.0 3000 # Create a new controller php craftsman make:controller UserController # Create a new model php craftsman make:model User # Create a new middleware php craftsman make:middleware AuthMiddleware # Create a new migration php craftsman make:migration create_users_table # Run database migrations php craftsman db:create # List all routes php craftsman route:list # Clear cache php craftsman cache:clear # Generate application key php craftsman key:generate ``` Directory Structure ------------------- [](#directory-structure) ``` project/ ├── app/ │ ├── Controllers/ │ ├── Models/ │ └── Views/ ├── config/ ├── pages/ # Twig templates ├── public/ │ ├── index.php # Entry point │ ├── .htaccess # Security rules │ └── assets/ │ └── .htaccess # Blocks PHP execution ├── routes/ │ ├── web.php │ └── api.php # Optional ├── storage/ │ ├── compiled/ # Template cache │ ├── logs/ │ ├── uploads/ │ └── .htaccess # Blocks all access ├── .env ├── .env.example ├── composer.json └── craftsman ``` Configuration ------------- [](#configuration) Environment variables via `.env`: ``` APP_NAME=ZephyrPHP APP_DEBUG=false # Disable in production! ENV=production # dev, staging, production VIEWS_PATH=/pages APP_KEY= # Generate: php craftsman key:generate ``` Documentation ------------- [](#documentation) Full documentation coming soon at [zephyrphp.com](https://zephyrphp.com) Contributing ------------ [](#contributing) Contributions are welcome! Please feel free to submit a Pull Request. License ------- [](#license) The ZephyrPHP framework is open-sourced software licensed under the [MIT license](LICENSE). Author ------ [](#author) **Techwonia** - ZephyrPHP: [zephyrphp.com](https://zephyrphp.com) - Company: [techwonia.com](https://techwonia.com) - Email: - GitHub: [@Techwonia](https://github.com/Techwonia) ### Health Score 42 — FairBetter than 90% of packages Maintenance86 Actively maintained with recent releases Popularity13 Limited adoption so far Community11 Small or concentrated contributor base Maturity50 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 50 Last Release 55d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/1be9828bb9a101493b8483216e25ea19035d0896773d34bd48840bc8def1bcf2?d=identicon)[techwonia](/maintainers/techwonia) --- Tags phpframeworkguicmssecurezephyrphpzephyr ### Code Quality TestsPHPUnit Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/zephyrphp-framework/health.svg) ``` [![Health](https://phpackages.com/badges/zephyrphp-framework/health.svg)](https://phpackages.com/packages/zephyrphp-framework) ``` ### Alternatives [laravel/framework The Laravel Framework. 34.7k509.9M17.0k](/packages/laravel-framework)[shopware/platform The Shopware e-commerce core 3.3k1.5M3](/packages/shopware-platform)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.3M152](/packages/sulu-sulu)[laravel-zero/framework The Laravel Zero Framework. 3371.4M369](/packages/laravel-zero-framework)[ec-cube/ec-cube EC-CUBE EC open platform. 78527.0k1](/packages/ec-cube-ec-cube)[quantum/framework The Quantum PHP Framework 402.8k1](/packages/quantum-framework) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)