tribe / core
Offers classes for various functions of Tribe (v3)
Installs: 266
Dependents: 4
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 4
Open Issues: 0
Language:JavaScript
Requires
- alsvanzelf/jsonapi: ^2.4
- aminyazdanpanah/php-ffmpeg-video-streaming: ^1.2
- firebase/php-jwt: >=5.2
- ifsnop/mysqldump-php: ^2.9
- verot/class.upload.php: ^2.1.3
- dev-master
- v4.1.13
- v4.1.12
- v4.1.11
- v4.1.10
- v4.1.9
- v4.1.8
- v4.1.7
- v4.1.6
- v4.1.5
- v4.1.4
- v4.1.3
- v4.1.2
- v4.1.1
- v4.1.0
- v4.0.x-dev
- v4.0.27
- v4.0.26
- v4.0.25
- v4.0.24
- v4.0.23
- v4.0.22
- v4.0.21
- v4.0.20
- v4.0.19
- v4.0.18
- v4.0.17
- v4.0.16
- v4.0.15
- v4.0.14
- v4.0.13
- v4.0.12
- v4.0.11
- v4.0.10
- v4.0.9
- v4.0.8
- v4.0.7
- v4.0.6
- v4.0.5
- v4.0.4
- v4.0.3
- v4.0.2
- v4.0.1
- v4.0.0
- v3.3.1
- v3.3.0
- v3.2.4
- v3.2.3
- v3.2.2
- v3.2.1
- 3.2
- v3.1.x-dev
- v3.1.21
- v3.1.20
- v3.1.19
- v3.1.18
- v3.1.17
- v3.1.16
- 3.1.15
- v3.1.14
- v3.1.13
- v3.1.12
- v3.1.11
- v3.1.10
- v3.1.9
- v3.1.8
- v3.1.7
- v3.1.6
- v3.1.5
- v3.1.4
- v3.1.3
- v3.1.2
- v3.1.1
- v3.1.0
- v3.0.x-dev
- v3.0.26
- v3.0.25
- v3.0.24
- v3.0.23
- v3.0.22
- v3.0.21
- v3.0.20
- v3.0.19
- v3.0.18
- v3.0.17
- v3.0.16
- v3.0.15
- v3.0.14
- v3.0.13
- v3.0.12
- v3.0.11
- v3.0.10
- v3.0.9
- v3.0.8
- v3.0.7
- v3.0.6
- v3.0.5
- v3.0.4
- v3.0.3
- v3.0.2
- v3.0.1
- v3.0.0
- v2.1.x-dev
- v2.1.29
- v2.1.28
- v2.1.27
- v2.1.26
- v2.1.25
- v2.1.24-beta
- v2.1.23-beta
- v2.1.22
- v2.1.21-beta
- v2.1.20-beta
- v2.1.19
- v2.1.18-beta
- v2.1.17-beta
- v2.1.16-beta
- v2.1.15-beta
- v2.1.14
- v2.1.13
- v2.1.13-beta
- v2.1.12
- v2.1.11
- v2.1.10
- v2.1.9
- v2.1.8
- v2.1.6
- v2.1.5
- v2.1.4
- v2.1.3
- v2.1.2
- v2.1.1
- v2.1.0
- v2.0.18
- v2.0.17
- v2.0.16
- v2.0.15
- v2.0.14
- v2.0.13
- v2.0.12
- v2.0.11
- v2.0.10
- v2.0.9
- v2.0.8
- v2.0.7
- v2.0.6
- v2.0.5
- v2.0.4
- v2.0.3
- v2.0.2
- v2.0.1
- v2.0
- v0.9
- dev-add-license-1
- dev-temp-fix-v3.0.26
- dev-blade-demo
- dev-dev
- dev-develop/2.0.0
- dev-india75
- dev-develop/1.1.0
- dev-develop/1.0.0
- dev-restructure
This package is auto-updated.
Last update: 2025-07-04 08:36:23 UTC
README
Overview
Tribe Core is a PHP-based headless CMS framework that provides a JSON API for content management. It features dynamic content types, authentication, file uploads, and comprehensive API access controls. The framework is designed to be flexible and can handle various content types with customizable modules and relationships.
Core Architecture
Database Schema
The framework uses a simplified JSON-based database schema with a single data
table containing:
id
- Primary keycontent
- JSON field storing all object datatype
- Content type identifierslug
- URL-friendly identifiercontent_privacy
- Privacy level (public, private, draft, pending)user_id
- Owner identifiercreated_on
/updated_on
- Timestamps
Core Classes
1. API Class (API.php
)
The main API handler that processes HTTP requests and returns JSON API responses.
Key Features:
- CORS Handling: Automatic CORS headers for cross-origin requests
- API Key Authentication: Multiple levels of access control
- JSON API Compliance: Follows JSON API specification
- Linked Modules: Automatic relationship resolution
- Domain Whitelisting: Security through domain restrictions
HTTP Methods Supported:
GET
- Retrieve objects or collectionsPOST
- Create new objectsPATCH
- Update existing objectsDELETE
- Remove objects
Authentication Levels:
- Junction Domains: Full access for internal domains
- API Keys with Full Access: Read/write operations
- API Keys with Read Access: Read-only operations
- Public Access: Limited to public content only
Special Features:
- Linked Modules Processing: Automatically resolves relationships between content types
- Pagination: Built-in pagination with offset/limit support
- Filtering: Advanced filtering with multiple operators
- Sorting: Flexible sorting including random ordering
2. Core Class (Core.php
)
Central logic handler for object management and database operations.
Primary Methods:
Object Management:
pushObject(array $post)
- Create or update objectsgetObject($identifier)
- Retrieve single objectgetObjects($identifier)
- Retrieve multiple objectsdeleteObject(int $id)
- Delete single objectdeleteObjects(array $ids)
- Bulk delete objects
Search and Filtering:
getIDs($search_array, $limit, $sort_field, $sort_order, ...)
- Advanced search with multiple parametersgetIDsTotalCount(...)
- Get total count for pagination
Utility Functions:
slugify($string)
- Generate URL-friendly slugsgetAttribute($id, $key)
- Get specific attributepushAttribute($id, $key, $value)
- Update specific attribute
Advanced Features:
- Soft Delete: Optional soft deletion of records
- Unique Constraints: Automatic uniqueness validation
- Type Validation: Variable type enforcement
- Partial Search: Flexible text searching capabilities
3. Config Class (Config.php
)
Manages configuration and content type definitions.
Configuration Sources:
- Dynamic Types: Latest uploaded types configuration
- Local Config: Static configuration files
- Remote Blueprints: GitHub-hosted default configurations
Type Management:
- Module Definitions: Field definitions for content types
- Linked Modules: Relationship configurations
- Primary Modules: Main identifier fields
- Privacy Controls: Content visibility settings
Auto-Generated Fields:
- Automatically adds
content_privacy
field to all types - Configures appropriate privacy options based on type capabilities
4. MySQL Class (MySQL.php
)
Database abstraction layer providing secure MySQL operations.
Features:
- Prepared Statements: SQL injection protection
- UTF8MB4 Support: Full Unicode support
- Connection Management: Automatic connection handling
- Error Handling: Comprehensive error reporting
- Result Processing: Automatic result formatting
Schema Awareness:
Maintains knowledge of table schema for optimized queries and proper field handling.
5. Uploads Class (Uploads.php
)
Comprehensive file management system with automatic image processing.
Upload Features:
- Multiple File Types: Images, videos, documents, audio
- Image Variants: Automatic generation of multiple sizes (xs, sm, md, lg, xl)
- Video Processing: Cloudflare Stream integration
- File Search: Content-based file searching
- URL Copying: Remote file importing
Image Processing:
Automatically generates 5 different sizes for uploaded images:
- XL: 2100x2100px maximum
- LG: 1400x1400px maximum
- MD: 700x700px maximum
- SM: 350x350px maximum
- XS: 100x100px maximum
Security Features:
- MIME Type Validation: Restricts allowed file types
- Organized Storage: Date-based directory structure
- Secure Filenames: Prevents directory traversal attacks
6. Backup Class (Backup.php
)
Automated backup system for database and file storage.
Backup Types:
- MySQL Database: Compressed SQL dumps with password protection
- File Uploads: S3 synchronization for redundancy
- Retention Policies: Intelligent backup cleanup
Integration:
- S3 Compatible: Works with any S3-compatible storage
- Compression: 7zip compression for database backups
- Background Processing: Non-blocking backup operations
API Usage Examples
Basic Object Retrieval
GET /api/v1.1/post
Returns paginated list of posts.
Single Object
GET /api/v1.1/post/123
Returns specific post with ID 123.
Filtering
GET /api/v1.1/post?filter[title]=example&filter[status]=published
Returns posts matching filter criteria.
Pagination
GET /api/v1.1/post?page[offset]=20&page[limit]=10
Returns 10 posts starting from offset 20.
Sorting
GET /api/v1.1/post?sort=-created_on,title
Sorts by creation date (descending) then title (ascending).
Creating Objects
POST /api/v1.1/post Content-Type: application/vnd.api+json { "data": { "type": "post", "attributes": { "modules": { "title": "My Post", "content": "Post content here" } } } }
Security Features
API Key Management
- Read-Only Keys: Limited to GET operations
- Full Access Keys: Complete CRUD operations
- Domain Whitelisting: Restrict keys to specific domains
- Development Mode: Special localhost access for development
Content Privacy Levels
- Public: Accessible without authentication
- Private: Requires valid API key
- Draft: Author-only access
- Pending: Awaiting moderation
CORS Protection
- Origin Validation: Checks request origins
- Credential Support: Secure cookie handling
- Preflight Handling: Proper OPTIONS request handling
Configuration
Environment Variables
DB_HOST
,DB_NAME
,DB_USER
,DB_PASS
- Database connectionSSL
- Enable HTTPS-only cookiesTRIBE_API_SECRET_KEY
- JWT signing secretS3_*
- S3 backup configurationCLOUDFLARE_STREAM_*
- Video processing integration
Content Types
Content types are defined in JSON format and can be:
- Stored locally in
/config/types.json
- Uploaded dynamically through the API
- Loaded from remote GitHub repositories
File Organization
/uploads/
/YYYY/
/MM-Month/
/DD-Day/
/original-files
/xs/ (100px thumbnails)
/sm/ (350px thumbnails)
/md/ (700px thumbnails)
/lg/ (1400px thumbnails)
/xl/ (2100px thumbnails)
Error Handling
The framework provides comprehensive error handling:
- HTTP Status Codes: Proper REST status codes
- JSON Error Responses: Structured error messages
- Development Logging: Detailed error information in development
- Graceful Degradation: Fallback behaviors for missing data
Performance Features
Optimization Strategies:
- Bulk Operations: Efficient batch processing for related objects
- Query Optimization: Smart JOIN elimination and selective loading
- Caching Headers: Proper HTTP caching directives
- Lazy Loading: On-demand relationship resolution
Scalability:
- Stateless Design: Horizontal scaling capability
- JSON Storage: Flexible schema evolution
- CDN Integration: Asset delivery optimization
- Background Processing: Non-blocking operations