Akelos Framework v1 forum archive. This forum is no longer maintained. To report bugs please visit https://github.com/akelos/akelos/issues
    I got this when I tried use some static vars from a class inside a .tpl

    Template C:\xampp\htdocs\akelos_tests\app\views\person\show.tpl security error:

    * You can't use the following classes within templates: Predet
    * You can't use the following methods within templates: Predet::$buttons

    why akelos doesn't let me use a class inside a template???
    How can I do to solve this? to make able to use it..

    please.. help me..
    • CommentAuthorinsanet
    from what i heard somewhere, this is for security reasons. the way to go is using helpers.
    security of what??

    I got the same error doing:

    {loop posts}
        `<?= $post_loop_counter; ?>

    This should not be like this...
    $posts is a two index array that I got with $params, first is numeric, second represent columns.
    How do I do to to access every record????
    I can't believe that I'm not able to do:

    `<?= $id = $post[$pos_loop_counter]["id"]; ?>

    Actually I think that one is not able to set any variable in a .tpl...
    Why is this?? can I change it?? it looks absurd to me... And it doesn't let me go on...


    That is to keep on with best practices and avoid writing unsustainable/hard to test code. Views should not contain logic at all. If you need presentation logic, that is what helpers are for.

    Some best practices taken from Kaushik G's blog and adapted to Akelos

    1. Thin controllers : put as much of your logic in the model as possible and keep the controller slim and trim. Ideally, you should be able to glance at a controller method and figure out what information it grabs.
    2. Fat models : Most of the logic will be about fetching, manipulating and parsing model data. So this IS the model's business.
    3. Use layouts : its a bit like css for tpl
    4. Slim views : resist the temptation to write PHP code in tpl - use a helper
    5. Fat helpers : move involved view code from views and controllers into helpers

    If you still hungry for some spaghetti, then just add

    define('AK_TEMPLATE_SECURITY_CHECK', false);

    in your config/config.php file and have nice meal ;)


    Ehmmm... I see..
    I only wanted to use a class with some static methods an attributes as a kind of common helper, one wich holds standars and conventions...

    understanding the reasons, I'll try to move these into a place wich does not trigger the security error :(

    But I'm not completelly agree ;)
    Considering the premise of not to include logic into views, how do we define "logic"? if it is the fact of asigning a value or making an operarion...
    we'll still should be able of JUST make a call to an static function or invoking an static attribute ;)

    well.. thanks...


    Trying to keep views simple by avoiding "dangerous" code to empower best practices is hard. Any help to improve the PHP tokenizer to allow more safe constructions on views is welcomed.

    As I said before you can all ways skip this verification if you really need to use that static calls, but be aware that other static calls like Ak::delete() can be used as well in views.


    ok I got it...