Controller

Type
Abstract Class
Namespace
craft\web
Inherits
craft\web\Controller » yii\web\Controller » yii\base\Controller » yii\base\Component » yii\base\BaseObject
Implements
yii\base\Configurable, yii\base\ViewContextInterface
Extended by
craft\controllers\AppController, craft\controllers\AssetTransformsController, craft\controllers\AssetsController, craft\controllers\BaseElementsController, craft\controllers\BaseEntriesController, craft\controllers\BaseUpdaterController, craft\controllers\CategoriesController, craft\controllers\ChartsController, craft\controllers\DashboardController, craft\controllers\ElementIndexSettingsController, craft\controllers\ElementsController, craft\controllers\EntriesController, craft\controllers\EntryRevisionsController, craft\controllers\FieldsController, craft\controllers\GlobalsController, craft\controllers\InstallController, craft\controllers\NotFoundController, craft\controllers\PluginStoreController, craft\controllers\PluginsController, craft\controllers\QueueController, craft\controllers\RebrandController, craft\controllers\RoutesController, craft\controllers\SectionsController, craft\controllers\SitesController, craft\controllers\StructuresController, craft\controllers\SystemMessagesController, craft\controllers\SystemSettingsController, craft\controllers\TagsController, craft\controllers\TemplatesController, craft\controllers\UpdaterController, craft\controllers\UserSettingsController, craft\controllers\UsersController, craft\controllers\UtilitiesController, craft\controllers\VolumesController, craft\controllers\pluginstore\InstallController, craft\controllers\pluginstore\RemoveController
Since
3.0

Controller is a base class that all controllers in Craft extend.

It extends Yii’s yii\web\Controller, overwriting specific methods as required.

View source

Public Properties

PropertyDescription
$actionyii\base\Action – The action that is currently being executed.
$actionParamsarray – The parameters bound to the current action.
$behaviorsyii\base\Behavior – List of behaviors attached to this component
$defaultActionstring – The ID of the action that is used when the action ID is not specified in the request.
$enableCsrfValidationboolean – Whether to enable CSRF validation for the actions in this controller.
$idstring – The ID of this controller.
$layoutnull, string, false – The name of the layout to be applied to this controller's views.
$moduleyii\base\Module – The module that this controller belongs to.
$modulesyii\base\Module – All ancestor modules that this controller is located within.
$routestring – The route (module ID, controller ID and action ID) of the current request.
$uniqueIdstring – The controller ID that is prefixed with the module ID (if any).
$viewyii\base\View, yii\web\View – The view object that can be used to render views or view files.
$viewPathstring – The view path that may be prefixed to a relative view name.

Protected Properties

PropertyDescription
$allowAnonymousboolean, string[] – Whether this controller’s actions can be accessed anonymously If set to false, you are required to be logged in to execute any of the given controller's actions.

$allowAnonymous

Type
boolean, string[]

Whether this controller’s actions can be accessed anonymously If set to false, you are required to be logged in to execute any of the given controller's actions. If set to true, anonymous access is allowed for all of the given controller's actions. If the value is an array of action IDs, then you must be logged in for any actions except for the ones in the array list. If you have a controller that where the majority of actions allow anonymous access, but you only want require login on a few, you can set this to true and call requireLogin() in the individual methods.

View source

Signature

protected boolean, string[] $allowAnonymous = false

Public Methods

MethodDescription
__call()Calls the named method which is not a class method.
__clone()This method is called after the object is created by cloning an existing one.
__construct()Constructor.
__get()Returns the value of an object property.
__isset()Checks if a property is set, i.e. defined and not null.
__set()Sets value of an object property.
__unset()Sets an object property to null.
actions()Declares external actions for the controller.
afterAction()This method is invoked right after an action is executed.
asErrorJson()Responds to the request with a JSON error message.
asJson()Send data formatted as JSON.
asJsonP()Sets the response format of the given data as JSONP.
asRaw()Sets the response format of the given data as RAW.
asXml()Send data formatted as XML.
attachBehavior()Attaches a behavior to this component.
attachBehaviors()Attaches a list of behaviors to the component.
beforeAction()This method is invoked right before an action is executed.
behaviors()Returns a list of behaviors that this component should behave as.
bindActionParams()Binds the parameters to the action.
canGetProperty()Returns a value indicating whether a property can be read.
canSetProperty()Returns a value indicating whether a property can be set.
className()Returns the fully qualified name of this class.
createAction()Creates an action based on the given action ID.
detachBehavior()Detaches a behavior from the component.
detachBehaviors()Detaches all behaviors from the component.
ensureBehaviors()Makes sure that the behaviors declared in behaviors() are attached to this component.
findLayoutFile()Finds the applicable layout file.
getBehavior()Returns the named behavior object.
getBehaviors()Returns all behaviors attached to this component.
getModules()Returns all ancestor modules of this controller.
getRoute()Returns the route of the current request.
getUniqueId()Returns the unique ID of the controller.
getView()Returns the view object that can be used to render views or view files.
getViewPath()
goBack()Redirects the browser to the last visited page.
goHome()Redirects the browser to the home page.
hasEventHandlers()Returns a value indicating whether there is any handler attached to the named event.
hasMethod()Returns a value indicating whether a method is defined.
hasProperty()Returns a value indicating whether a property is defined.
init()Initializes the object.
off()Detaches an existing event handler from this component.
on()Attaches an event handler to an event.
redirect()Redirects the browser to the specified URL.
redirectToPostedUrl()Redirects to the URI specified in the POST.
refresh()Refreshes the current page.
render()Renders a view and applies layout if available.
renderAjax()Renders a view in response to an AJAX request.
renderContent()Renders a static string by applying a layout.
renderFile()Renders a view file.
renderPartial()Renders a view without applying layout.
renderTemplate()Renders a template.
requireAcceptsJson()Throws a 400 error if the request doesn't accept JSON.
requireAdmin()Throws a 403 error if the current user is not an admin.
requireAuthorization()Checks whether the current user can perform a given action, and ends the request with a 403 error if they don’t.
requireElevatedSession()Requires that the user has an elevated session.
requireLogin()Redirects the user to the login template if they're not logged in.
requirePermission()Checks whether the current user has a given permission, and ends the request with a 403 error if they don’t.
requirePostRequest()Throws a 400 error if this isn’t a POST request
requireToken()Throws a 400 error if the current request doesn’t have a valid token.
run()Runs a request specified in terms of a route.
runAction()Runs an action within this controller with the specified action ID and parameters.
setView()Sets the view object to be used by this controller.
setViewPath()Sets the directory that contains the view files.
trigger()Triggers an event.

asErrorJson()

Responds to the request with a JSON error message.

View source

Arguments

  • $error (string) – The error message.

Returns

yii\web\Response

Signature

public yii\web\Response asErrorJson ( \craft\web\string $error )

asJsonP()

Sets the response format of the given data as JSONP.

See also:

View source

Arguments

  • $data (mixed) – The data that should be formatted.

Returns

yii\web\Response – A response that is configured to send $data formatted as JSON.

Signature

public yii\web\Response asJsonP ( $data )

asRaw()

Sets the response format of the given data as RAW.

See also:

View source

Arguments

  • $data (mixed) – The data that should not be formatted.

Returns

yii\web\Response – A response that is configured to send $data without formatting.

Signature

public yii\web\Response asRaw ( $data )

beforeAction()

This method is invoked right before an action is executed. The method will trigger the EVENT_BEFORE_ACTION event. The return value of the method will determine whether the action should continue to run.

In case the action should not run, the request should be handled inside of the beforeAction code by either providing the necessary output or redirecting the request. Otherwise the response will be empty.

If you override this method, your code should look like the following:

public function beforeAction($action)
{
    // your custom code here, if you want the code to run before action filters,
    // which are triggered on the [EVENT_BEFORE_ACTION](https://www.yiiframework.com/doc/api/2.0/yii-base-controller#EVENT_BEFORE_ACTION-detail) event, e.g. PageCache or AccessControl

    if (!parent::beforeAction($action)) {
        return false;
    }

    // other custom code here

    return true; // or false to not run the action
}

View source

Arguments

Returns

boolean – Whether the action should continue to run.

Signature

public boolean beforeAction ( $action )

redirect()

Redirects the browser to the specified URL.

This method is a shortcut to craft\web\Response::redirect().

You can use it in an action by returning the craft\web\Response directly:

// stop executing this action and redirect to login page
return $this->redirect(['login']);

View source

Arguments

  • $url (string, array) – The URL to be redirected to. This can be in one of the following formats:

  • a string representing a URL (e.g. "http://example.com")

  • a string representing a URL alias (e.g. "@example.com")

  • an array in the format of [$route, ...name-value pairs...] (e.g. ['site/index', 'ref' => 1]) \craft\web\Url::to() will be used to convert the array into a URL.

Any relative URL that starts with a single forward slash "/" will be converted into an absolute one by prepending it with the host info of the current request.

Returns

yii\web\Response – The current response object

Signature

public yii\web\Response redirect ( $url, $statusCode = 302 )

redirectToPostedUrl()

Redirects to the URI specified in the POST.

View source

Arguments

  • $object (mixed) – Object containing properties that should be parsed for in the URL.
  • $default (string, null) – The default URL to redirect them to, if no 'redirect' parameter exists. If this is left null, then the current request’s path will be used.

Returns

yii\web\Response

Throws

Signature

public yii\web\Response redirectToPostedUrl ( $object = null, \craft\web\string $default = null )

renderTemplate()

Renders a template.

View source

Arguments

  • $template (string) – The name of the template to load
  • $variables (array) – The variables that should be available to the template

Returns

yii\web\Response

Throws

Signature

public yii\web\Response renderTemplate ( \craft\web\string $template, array $variables = [] )

requireAcceptsJson()

Throws a 400 error if the request doesn't accept JSON.

View source

Throws

Signature

public void requireAcceptsJson ( )

requireAdmin()

Throws a 403 error if the current user is not an admin.

View source

Throws

Signature

public void requireAdmin ( )

requireAuthorization()

Checks whether the current user can perform a given action, and ends the request with a 403 error if they don’t.

View source

Arguments

  • $action (string) – The name of the action to check.

Throws

Signature

public void requireAuthorization ( \craft\web\string $action )

requireElevatedSession()

Requires that the user has an elevated session.

View source

Throws

Signature

public void requireElevatedSession ( )

requireLogin()

Redirects the user to the login template if they're not logged in.

View source

Signature

public void requireLogin ( )

requirePermission()

Checks whether the current user has a given permission, and ends the request with a 403 error if they don’t.

View source

Arguments

  • $permissionName (string) – The name of the permission.

Throws

Signature

public void requirePermission ( \craft\web\string $permissionName )

requirePostRequest()

Throws a 400 error if this isn’t a POST request

View source

Throws

Signature

public void requirePostRequest ( )

requireToken()

Throws a 400 error if the current request doesn’t have a valid token.

View source

Throws

Signature

public void requireToken ( )

runAction()

Runs an action within this controller with the specified action ID and parameters.

If the action ID is empty, the method will use $defaultAction.

View source

Arguments

  • $id (string) – The ID of the action to be executed.
  • $params (array) – The parameters (name-value pairs) to be passed to the action.

Returns

mixed – The result of the action.

Throws

Signature

public mixed runAction ( $id, $params = [] )