Working With an Existing Framework Overview

Course 3 · Ch 6
Working With an Existing Framework: Laravel/Symfony Basics
Recognising the everything Chapters 1-5 built, now in the shape of a real, production-grade framework

Chapter 3's mini-framework deliberately built a Router, Controllers, Models, and Views from scratch to see exactly what each piece does. Laravel and Symfony are full, mature implementations of the same ideas, plus a great deal more. This chapter maps what's already been learned onto Laravel specifically (the more common starting point for new PHP developers), with Symfony noted as the main alternative.

Laravel vs Symfony — A Brief Comparison

Laravel

  • Opinionated — one "right way" to do most things
  • Extensive built-in tooling (auth, queues, mail)
  • Generally faster to start a new project with
  • Eloquent ORM by default

Symfony

  • More modular — pick only the components needed
  • Often used as the foundation OTHER frameworks (including parts of Laravel) build on
  • Favoured for large, long-lived enterprise applications
  • Doctrine ORM by default

Mapping This Course's Concepts Onto Laravel

This courseLaravel's equivalent
Chapter 3's Routerroutes/web.php, routes/api.php
Chapter 3's Controllerapp/Http/Controllers/
Intermediate's PDO + Post classEloquent ORM models (app/Models/)
Plain PHP view filesBlade templates (resources/views/*.blade.php)
Composer's vendor/autoload.phpSame — Laravel IS a Composer package itself
Chapter 2's Singleton/Factory patternsLaravel's "Service Container" — built-in dependency injection
Chapter 5's CSRF tokensBuilt-in automatically via @csrf in Blade + VerifyCsrfToken middleware
Chapter 4's PHPUnit testsSame PHPUnit, with extra Laravel-specific test helpers

This mapping is the entire point of this chapter: nothing here is conceptually new — Laravel mostly automates and polishes work this course has already done by hand.

Routes

routes/web.php
<?php use App\Http\Controllers\PostController; use Illuminate\Support\Facades\Route; Route::get('/posts', [PostController::class, 'index']); Route::get('/posts/{id}', [PostController::class, 'show']); ?>

Recognisably similar to Chapter 3's $router->get('/posts', [...]) — Laravel's Route::get() does the same job, with the {id} placeholder syntax matching Chapter 3's final challenge exactly.

Controllers

app/Http/Controllers/PostController.php
<?php namespace App\Http\Controllers; use App\Models\Post; class PostController extends Controller { public function index() { $posts = Post::all(); // Eloquent — no SQL, no PDO calls written at all return view('posts.index', ['posts' => $posts]); } } ?>

Post::all() replaces the hand-written SELECT * FROM posts from Intermediate's capstone entirely — Eloquent generates the SQL automatically based on the model's name and a small amount of convention.

Eloquent — An ORM, Compared to Plain PDO

<?php namespace App\Models; use Illuminate\Database\Eloquent\Model; class Post extends Model { // that's it — no constructor, no SQL written anywhere } // Equivalent operations, Eloquent vs Intermediate's hand-written Post class: Post::find(1); // vs $post->find(1) with manual PDO Post::where('title', 'LIKE', '%php%')->get(); // vs hand-writing a prepared statement Post::create(['title' => 'New', 'body' => '...']); // vs $post->create(...) ?>

An ORM (Object-Relational Mapper) automates the pattern from Intermediate Chapter 4 and this course's Repository pattern — mapping database rows to objects and back, without hand-writing SQL for routine operations. Eloquent still uses prepared statements internally; the SQL-injection protections from Intermediate Chapter 4 are never bypassed, just generated automatically instead.

Blade — Laravel's Templating Engine

resources/views/posts/index.blade.php
<ul> @foreach ($posts as $post) <li>{{ $post->title }}</li> @endforeach </ul>
{{ $variable }} automatically escapes output
Blade's {{ }} syntax calls htmlspecialchars() automatically behind the scenes — the XSS-prevention discipline from Intermediate Chapter 8 is baked into the template syntax itself, rather than needing to be remembered and applied manually on every single echoed value.

Why Frameworks Still Matter, Having Built One From Scratch

  • Security fixes (CSRF, session handling) are maintained by a large community, not one developer
  • Conventions mean another Laravel developer can understand a new project quickly
  • A vast ecosystem of pre-built packages exists for almost anything (payments, search, file storage)
  • Time is spent on the actual application's logic, not re-solving routing/ORM/templating from scratch every time
Chapter 3's mini-framework wasn't wasted effort
Understanding exactly what a Router, Controller, Model, and View each do — built by hand — is precisely what makes a real framework's structure and conventions make sense immediately, rather than feeling like arbitrary magic to memorise.

Coding Challenges

Challenge 1

For each of these Chapter 3 mini-framework pieces, write out the corresponding Laravel equivalent and a one-sentence explanation: (a) $router->get('/about', [...]), (b) require __DIR__.'/../views/post_list.php', (c) the Post class's hand-written find() method using PDO prepared statements.

📄 View solution
Challenge 2

Write a Blade template fragment that loops over an array of $products (each with 'name' and 'price' keys) and displays them in a list, using Blade's @foreach/@endforeach and {{ }} syntax. Explain in a comment exactly what security protection {{ }} provides automatically that this course's plain-PHP views always had to apply manually.

📄 View solution
Challenge 3

Write a short comparison (4-6 sentences) of building the Intermediate capstone blog by hand versus building the same blog in Laravel using Eloquent and Blade — covering what would be faster, what would be more educational, and one specific risk of relying entirely on a framework without understanding what it's doing underneath.

📄 View solution

Chapter 6 Quick Reference

  • Laravel — opinionated, batteries-included, Eloquent ORM, Blade templates
  • Symfony — modular, component-based, often underlies other frameworks, Doctrine ORM
  • Route::get('/path', [Controller::class, 'method']) — maps directly onto Chapter 3's Router
  • Eloquent (Model::all(), ::find(), ::create()) — an ORM automating Intermediate Chapter 4's PDO patterns
  • Blade's {{ $var }} — auto-escapes output, baking in Intermediate Chapter 8's XSS discipline
  • @csrf in Blade — automates Chapter 5's CSRF token pattern
  • Frameworks automate, not replace, the concepts already learned — that's why building one from scratch first matters
  • Next chapter: building a REST API in PHP — routing, JSON responses, status codes