View ==== View is an important part of MVC and is reponsible for how data is presented to the end user. Basics ------ Yii uses PHP in view templates by default so in a web application a view typically contains some HTML, `echo`, `foreach` and such basic constructs. It may also contain widget calls. Using complex code in views is considered a bad practice. Such code should be moved to controller or widgets. View is typically called from controller action like the following: ```php public function actionIndex() { return $this->render('index', array( 'username' => 'samdark', )); } ``` First argument is the view name. In context of the controller Yii will search for its views in `views/site/` where `site` is controller ID. For details on how view name is resolved please refer to [yii\base\Controller::render] method. Second argument is data array that contains key-value pairs. Value is available in the view as a variable named the same as the corresponding key. So the view for the action above should be in `views/site/index.php` and can be something like: ```php

Hello, !

``` Intead of just scalar values you can pass anything else such as arrays or objects. Widgets ------- Security -------- One of the main security principles is to always escape output. If violated it leads to script execution and, most probably, to cross-site scripting known as XSS leading to leaking of admin passwords, making a user to automatically perform actions etc. Yii provides a good toolset in order help you escaping your output. The very basic thing to escape is a text without any markup. You can deal with it like the following: ```php
name); ?>
``` When you want to render HTML it becomes complex so we're delegating the task to excellent [HTMLPurifier](http://htmlpurifier.org/) library. In order to use it you need to modify your `composer.json` first by adding the following to `require`: ```javascript "ezyang/htmlpurifier": "v4.5.0" ``` After it's done run `php composer.phar install` and wait till package is downloaded. Now everything is prepared to use Yii's HtmlPurifier helper: ```php
text); ?>
``` Note that besides HTMLPurifier does excellent job making output safe it's not very fast so consider [caching result](caching.md). Alternative template languages ------------------------------ There are offlicial extensions for [Smarty](http://www.smarty.net/) and [Twig](http://twig.sensiolabs.org/). In order to learn more refer to [Using template engines](template.md) section of the guide. Using View object ----------------- An instance of `yii\base\View` is available in view templates as `$this` variable. Using it you can do many useful things including setting page title and meta, registering scripts and accessing the context. ### Setting page title A common place to set page title are view templates. Since we can access view object with `$this`, setting a title becomes as easy as: ```php $this->title = 'My page title'; ``` ### Adding meta tags Adding meta tags such as encodig, description, keywords is easy with view object as well: ```php $this->registerMetaTag(array('encoding' => 'utf-8')); ``` The first argument is an map of `` tag option names and values. The code above will produce: ```html ``` Sometimes there's a need to have only a single tag of a type. In this case you need to specify the second argument: ```html $this->registerMetaTag(array('description' => 'This is my cool website made with Yii!'), 'meta-description'); $this->registerMetaTag(array('description' => 'This website is about funny raccoons.'), 'meta-description'); ``` If there are multiple calls with the same value of the second argument (`meta-description` in this case), the latter will override the former and only a single tag will be rendered: ```html ``` ### Registering link tags `` tag is useful in many cases such as customizing favicon, ponting to RSS feed or delegating OpenID to another server. Yii view object has a method to work with these: ```php $this->registerLinkTag(array( 'title' => 'Lives News for Yii Framework', 'rel' => 'alternate', 'type' => 'application/rss+xml', 'href' => 'http://www.yiiframework.com/rss.xml/', )); ``` The code above will result in ```html ``` Same as with meta tags you can specify additional argument to make sure there's only one link of a type registered. ### Registering CSS You can register CSS using `registerCss` or `registerCssFile`. Former is for outputting code in ` ``` If you want to specify additional properties of the style tag, pass array of name-values to the second argument. If you need to make sure there's only a single style tag use third argument as was mentioned in meta tags description. ```php $this->registerCssFile("http://example.com/css/themes/black-and-white.css", array('media' => 'print'), 'css-print-theme'); ``` The code above will add a link to CSS file to the head section of the page. The CSS will be used only when printing the page. We're using third argument so one of the views could override it. ### Registering scripts ### Registering asset bundles As was mentioned earlier it's preferred to use asset bundles instead of using CSS and JavaScript directly. You can get details on how to define asset bundles in [asset manager](assets.md) section of the guide. As for using already defined asset bundle, it's very straightforward: ```php frontend\config\AppAsset::register($this); ``` ### Layout ### Partials Often you need to reuse some HTML markup in many views and often it's too simple to create a full-featured widget for it. In this case you may use partials. Partial is a view as well. It resides in one of directories under `views` and by convention is often started with `_`. For example, we need to render a list of user profiles and, at the same time, display individual profile elsewhere. First we need to define a partial for user profile in `_profile.php`: ```php

``` Then we're using it in `index.php` view where we display a list of users: ```php
render('_profile', array( 'username' => $user->name, 'tagline' => $user->tagline, )); } ?>
``` Same way we can reuse it in another view displaying a single user profile: ```php echo $this->render('_profile', array( 'username' => $user->name, 'tagline' => $user->tagline, )); ``` ### Accessing context Views are generally used either by controller or by widget. In both cases the object that called view rendering is available in the view as `$this->context`. For example if we need to print out the current internal request route in a view rendered by controller we can use the following: ```php echo $this->context->getRoute(); ``` ### Caching blocks