The toolkit that makes XOOPS module development faster, safer, and more consistent.
Building XOOPS modules means solving the same problems over and over: filtering input, managing sessions, handling permissions, generating meta tags, working with databases. XMF gives you battle-tested solutions for all of them so you can focus on what makes your module unique.
| What you get | Why it matters | |
|---|---|---|
| Input & Security | Request handling, input filtering, IP address validation | Stop writing your own sanitization — use proven, audited code |
| Database | Schema migrations, table management, bulk loading | Evolve your database safely across module versions |
| Authentication | JWT tokens, key management, secure storage | Add token-based auth without pulling in heavyweight packages |
| Module Helpers | Admin panels, permissions, sessions, caching | Common module tasks reduced to one-liners |
| Content Tools | Meta tag generation, SEO titles, YAML config, search summaries | Improve SEO and content handling with zero effort |
| Identifiers | ULID and UUID generation | Generate unique, sortable identifiers out of the box |
| Developer Tools | Debugging (Kint), YAML import/export, assertions | Debug and inspect with a single call |
composer require xoops/xmfuse Xmf\Request;
use Xmf\FilterInput;
use Xmf\Metagen;
// Safe input handling
$id = Request::getInt('id', 0, 'GET');
$name = Request::getString('name', '', 'POST');
// Generate SEO-friendly meta tags
Metagen::generateMetaTags($title, $body);
// Generate a ULID
$ulid = \Xmf\Ulid::generate();xmf/src/
|
|-- Request.php HTTP request handling & input retrieval
|-- FilterInput.php Input sanitization & XSS prevention
|-- IPAddress.php IPv4/IPv6 validation & subnet checks
|-- ProxyCheck.php Proxy detection for real client IPs
|
|-- Database/
| |-- Tables.php Schema definition & ALTER operations
| |-- Migrate.php Module schema migrations
| +-- TableLoad.php Bulk data import
|
|-- Jwt/
| |-- JsonWebToken Create & decode signed JWT tokens
| |-- TokenFactory Convenient token builder
| +-- TokenReader Token verification & claim extraction
|
|-- Key/
| |-- Basic.php Key pair generation
| |-- FileStorage Persistent key storage (filesystem)
| +-- ArrayStorage In-memory key storage (testing)
|
|-- Module/
| |-- Admin.php Admin panel rendering & config display
| +-- Helper/
| |-- Permission Group permission management
| |-- Session Secure session read/write
| |-- Cache Module-scoped caching
| +-- GenericHelper Common helper utilities
|
|-- Metagen.php Meta keywords, descriptions & SEO titles
|-- Highlighter.php Search term highlighting
|-- StopWords.php Keyword filtering (multi-language)
|
|-- Ulid.php ULID generation (monotonic & standard)
|-- Uuid.php UUID v4 generation
|-- Random.php Cryptographically secure random bytes
|
|-- Yaml.php YAML read/write with PHP-wrapped security
|-- Language.php Safe language file loading
|-- Debug.php Kint-powered variable inspection
+-- Assert.php Runtime assertion helpers
| Requirement | Version |
|---|---|
| PHP | 7.4+ |
| XOOPS | 2.5.x or 2.6.x |
| Composer | Required |
firebase/php-jwt— JWT encoding/decodingsymfony/yaml— YAML parsingkint-php/kint— Debug outputwebmozart/assert— Assertion library
Via Composer (recommended):
composer require xoops/xmfAs part of XOOPS:
XMF is included in XOOPS 2.5.8+ as a core library. No separate installation needed.
# Install dependencies
composer install
# Run tests
composer test
# Static analysis
composer analyse
# Code style check
composer lint
# Auto-fix code style
composer fix
# Run all CI checks
composer ci
# Regenerate PHPStan baseline
composer baselineContributions are welcome! Please see our Contributing Guide for details.
- Fork the repository
- Create a feature branch (
git checkout -b feature/my-feature) - Make your changes and add tests
- Run
composer cito verify - Submit a Pull Request
XMF is licensed under the GPL-2.0-or-later.
Thank you to JetBrains for supporting open-source development by providing free IDE licenses to this project.
Made with ❤️ by the XOOPS Project community