Here’s a step-by-step breakdown of the flow you described, represented as a diagrammatic explanation:
Just think the scenario when customer visits the restaurant:
Request = Customer arrives to the gate and gives the order to the host/hostess (Router).
Router = Host directs the customer, greets the customer and determines where to seat them based on their preference like veg or non-veg etc. Also Router directs the request to the appropriate controller (chef). After the host/hostess (Router) has taken the customer’s request, they pass the order along to the kitchen (the Controller), and that’s when the middleware (the gatekeeper) ensures everything is in order before food preparation starts.
Middleware = Before serving the customer, Server checks for rules. Server might check if the customer has special dietary restrictions or if they need to follow specific rules, like “no phones at the table.”
Dependency Injection = Kitchen manager/Stock manager ensures that the chef (controller) has all the ingredients (dependencies) they need to prepare the dish. Chef gets all ingredients from DI.
Controller = Chef cooks. Chef who prepare the food but using recipe book(model).
Model = Recipe book followed by chef. The chef uses this recipe book to ensure the food is made correctly (data is processed, retrieved, or saved).
Service Layer = Sous-chef for extra help. If the dish requires complex preparation (more advanced business logic), a sous-chef (the service layer) will handle some of the work, making the chef’s job easier
View = Finally, the dish (view) is served to the customer.
1. Request Reception
- HTTP Request arrives at the server.
- Front Controller (
index.php) acts as the single entry point.- It receives the raw HTTP request.
- It creates a
RequestObject to encapsulate request details (URL, method, headers, body, etc.).
2. Routing and Dispatching
- Router/Dispatcher
- Analyzes the
Requestobject’s URL. - Matches the URL against defined routes.
- Determines the target Controller and Method.
- Extracts any URL Parameters.
- Analyzes the
3. Middleware Execution
- Middleware Stack
- A series of middleware functions are executed sequentially.
- Each middleware can perform tasks like:
- Authentication (
Auth) - Cross-Site Request Forgery protection (
CSRF) - Logging requests (
Logging)
- Authentication (
- Short-Circuiting: If a middleware detects an issue or decides to terminate the request early, it can return a
Responsedirectly, skipping subsequent steps.
4. Dependency Injection (DI)
- DI Container
- Is responsible for instantiating objects and resolving their dependencies.
- It resolves the target Controller.
- It injects necessary Services, Repositories, the
RequestObject, etc., into the controller.
5. Controller Logic
- Controller Method
- Receives the request data and injected dependencies.
- Input Validation:
- Optionally uses a
FormRequestobject for structured validation.
- Optionally uses a
- Business Logic:
- Calls a
Servicelayer to handle complex business rules. - Or calls a
Repositoryto interact with the data layer.
- Calls a
- Goal: Keep the controller thin, focusing on orchestrating and presenting data.
6. Service/Repository/Model Layer
- Service / Repository / Model
- Services: Encapsulate business logic, orchestrate operations.
- Repositories: Abstract data access, interact with the database.
- Models: Represent data entities, may contain simple validation or attribute mapping.
- Data Access: Uses PDO or an ORM for database operations.
- Return Values: Models typically return Entities, Arrays, or Data Transfer Objects (DTOs).
7. Response Generation
- Controller
- Receives the results from the Service/Repository/Model layer.
- Chooses Response Type:
- View: Selects a
View(template) to render HTML. - JSON: Prepares data for an API response.
- Redirect: Generates a redirect response.
- Other response types (e.g., file download).
- View: Selects a
8. View Rendering
- View (Template)
- Receives data from the controller.
- Renders HTML:
- Presents the data to the user.
- Should contain minimal logic (e.g., loops, conditionals for display).
- No direct database work is performed here.
9. Sending Response
- Response Object
- Combines Headers and the Body (HTML, JSON, etc.).
- Response Sent: The complete response is sent back to the client.
- Error/Exception Handling: A Central Error/Exception Handler catches any uncaught exceptions or errors throughout the process and generates an appropriate error response.
Sure 👍 here’s a very simple PHP MVC flow example (no framework):
🧭 Folder structure
project/
│
├─ index.php
├─ core/
│ ├─ Router.php
│ ├─ Controller.php
│
├─ app/
│ ├─ Controllers/
│ │ └─ UserController.php
│ ├─ Models/
│ │ └─ User.php
│ ├─ Views/
│ └─ users.php
index.php (Front Controller)
<?php
require 'core/Router.php';
require 'app/Controllers/UserController.php';
$router = new Router();
$router->get('/users', [UserController::class, 'index']);
$router->dispatch($_SERVER['REQUEST_URI']);
core/Router.php
<?php
class Router {
private $routes = [];
public function get($path, $callback) {
$this->routes[$path] = $callback;
}
public function dispatch($uri) {
$path = parse_url($uri, PHP_URL_PATH);
if (isset($this->routes[$path])) {
[$controller, $method] = $this->routes[$path];
(new $controller)->$method();
} else {
echo "404 Not Found";
}
}
}
app/Controllers/UserController.php
<?php
require 'app/Models/User.php';
class UserController {
public function index() {
$users = (new User)->getAll();
require 'app/Views/users.php';
}
}
app/Models/User.php
<?php
class User {
public function getAll() {
return [
['name' => 'Alice'],
['name' => 'Bob'],
];
}
}
app/Views/users.php
<!DOCTYPE html>
<html>
<body>
<h2>User List</h2>
<ul>
<?php foreach ($users as $user): ?>
<li><?= htmlspecialchars($user['name']) ?></li>
<?php endforeach; ?>
</ul>
</body>
</html>
✅ Flow summary:
- Request →
index.php(front controller) - Router finds matching route
- Calls
UserController@index - Controller asks
Usermodel for data - Model returns data
- Controller loads view and passes data
- View renders HTML response
This example is pure basic MVC, no Dependency Injection (DI) or Middleware yet.
Here’s the same MVC example (with DI + Middleware)
🧭 Folder structure
project/
├─ index.php
├─ core/
│ ├─ Router.php
│ ├─ Container.php
│ └─ Middleware.php
├─ app/
│ ├─ Controllers/
│ │ └─ UserController.php
│ ├─ Models/
│ │ └─ User.php
│ ├─ Middleware/
│ │ └─ AuthMiddleware.php
│ ├─ Services/
│ │ └─ UserService.php
│ └─ Views/
│ └─ users.php
🧩 index.php – (Entry point)
<?php
// Load core system files
require 'core/Router.php';
require 'core/Container.php';
require 'core/Middleware.php';
// Load all app classes
require 'app/Controllers/UserController.php';
require 'app/Middleware/AuthMiddleware.php';
require 'app/Services/UserService.php';
require 'app/Models/User.php';
// Create Dependency Injection container
$container = new Container();
// Create router and pass the container to it
$router = new Router($container);
// Register a GET route with middleware
$router->get('/users', [UserController::class, 'index'], [AuthMiddleware::class]);
// Start routing: match and execute route
$router->dispatch($_SERVER['REQUEST_URI']);
⚙️ core/Container.php – (Simple Dependency Injection)
<?php
class Container {
private $bindings = []; // Stores custom bindings if defined
// Register custom binding if needed
public function set($abstract, $concrete) {
$this->bindings[$abstract] = $concrete;
}
// Main method to resolve a class and its dependencies
public function get($class) {
// If a custom binding exists, use it
if (isset($this->bindings[$class])) {
return $this->bindings[$class]($this);
}
// Reflection allows reading class structure
$reflector = new ReflectionClass($class);
$constructor = $reflector->getConstructor();
// If class has no constructor, just create it
if (!$constructor) return new $class;
// Resolve each constructor parameter (dependency)
$params = array_map(function ($param) {
// Automatically create the dependency object
return $this->get($param->getType()->getName());
}, $constructor->getParameters());
// Create the class with all dependencies injected
return $reflector->newInstanceArgs($params);
}
}
⚙️ core/Middleware.php – (Interface for middleware)
<?php
// Every middleware must have a handle() method
interface Middleware {
public function handle($next);
}
⚙️ core/Router.php – (Routing + Middleware handling)
<?php
class Router {
private $routes = [];
private $container;
public function __construct($container) {
$this->container = $container; // Store DI container
}
// Register a GET route
public function get($path, $callback, $middleware = []) {
$this->routes[$path] = compact('callback', 'middleware');
}
// Match the incoming URL and execute controller
public function dispatch($uri) {
$path = parse_url($uri, PHP_URL_PATH);
// If route not found
if (!isset($this->routes[$path])) {
echo "404 Not Found";
return;
}
$route = $this->routes[$path];
$callback = $route['callback']; // Controller + method
$middlewareList = $route['middleware']; // Array of middleware
// Use container to create controller (auto inject dependencies)
$controller = $this->container->get($callback[0]);
$method = $callback[1];
// Final action to call controller method
$next = function() use ($controller, $method) {
$controller->$method();
};
// Wrap controller with middleware chain (LIFO order)
foreach (array_reverse($middlewareList) as $middlewareClass) {
$middleware = $this->container->get($middlewareClass);
$next = function() use ($middleware, $next) {
$middleware->handle($next);
};
}
// Execute middleware → controller → response
$next();
}
}
🔒 app/Middleware/AuthMiddleware.php
<?php
class AuthMiddleware implements Middleware {
public function handle($next) {
echo "✅ AuthMiddleware checked.<br>"; // Example middleware action
// Here you could check login, session, or token.
$next(); // Continue to next middleware or controller
}
}
🎮 app/Controllers/UserController.php
<?php
class UserController {
private UserService $userService;
// Constructor injection: UserService is auto-created by container
public function __construct(UserService $userService) {
$this->userService = $userService;
}
// Controller method for /users route
public function index() {
$users = $this->userService->getUsers(); // Fetch data via service
require 'app/Views/users.php'; // Load view
}
}
🧠 app/Services/UserService.php
<?php
class UserService {
private User $user;
// Inject User model dependency
public function __construct(User $user) {
$this->user = $user;
}
// Business logic to fetch users
public function getUsers() {
return $this->user->getAll();
}
}
🗄️ app/Models/User.php
<?php
class User {
// Example static data — later we’ll connect this to PDO
public function getAll() {
return [
['name' => 'Alice'],
['name' => 'Bob'],
];
}
}
🖼️ app/Views/users.php
<!DOCTYPE html>
<html>
<body>
<h2>User List</h2>
<ul>
<?php foreach ($users as $user): ?>
<li><?= htmlspecialchars($user['name']) ?></li>
<?php endforeach; ?>
</ul>
</body>
</html>
✅ Now the flow (with comments explained):
- index.php — entry point; sets up container + router
- Router — finds route
/users, appliesAuthMiddleware - AuthMiddleware — runs first; if ok → calls next
- DI Container — auto-creates
UserController, injectingUserService, which injectsUser - Controller — calls service → gets data from model
- Model — returns dataset
- Controller — loads view and passes
$users - View — renders clean HTML output