YII Framework学习之request与response用法(基于CHttpRequest响应)_php实例

WBOY
Release: 2016-06-07 17:08:05
Original
858 people have browsed it

本文实例讲述了YII Framework学习之request与response用法。分享给大家供大家参考,具体如下:

YII中提供了CHttpRequest,封装了请求常用的方法。具体代码如下:

class CHttpRequest extends CApplicationComponent
{
  public $enableCookieValidation=false;
  public $enableCsrfValidation=false;
  public $csrfTokenName='YII_CSRF_TOKEN';
  public $csrfCookie;
  private $_requestUri;
  private $_pathInfo;
  private $_scriptFile;
  private $_scriptUrl;
  private $_hostInfo;
  private $_baseUrl;
  private $_cookies;
  private $_preferredLanguage;
  private $_csrfToken;
  private $_deleteParams;
  private $_putParams;
  public function init()
  {
    parent::init();
    $this->normalizeRequest();
  }
  protected function normalizeRequest()
  {
    // normalize request
    if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc())
    {
      if(isset($_GET))
        $_GET=$this->stripSlashes($_GET);
      if(isset($_POST))
        $_POST=$this->stripSlashes($_POST);
      if(isset($_REQUEST))
        $_REQUEST=$this->stripSlashes($_REQUEST);
      if(isset($_COOKIE))
        $_COOKIE=$this->stripSlashes($_COOKIE);
    }
    if($this->enableCsrfValidation)
      Yii::app()->attachEventHandler('onBeginRequest',array($this,'validateCsrfToken'));
  }
  public function stripSlashes(&$data)
  {
    return is_array($data)?array_map(array($this,'stripSlashes'),$data):stripslashes($data);
  }
  public function getParam($name,$defaultValue=null)
  {
    return isset($_GET[$name]) ? $_GET[$name] : (isset($_POST[$name]) ? $_POST[$name] : $defaultValue);
  }
  public function getQuery($name,$defaultValue=null)
  {
    return isset($_GET[$name]) ? $_GET[$name] : $defaultValue;
  }
  public function getPost($name,$defaultValue=null)
  {
    return isset($_POST[$name]) ? $_POST[$name] : $defaultValue;
  }
  public function getDelete($name,$defaultValue=null)
  {
    if($this->_deleteParams===null)
      $this->_deleteParams=$this->getIsDeleteRequest() ? $this->getRestParams() : array();
    return isset($this->_deleteParams[$name]) ? $this->_deleteParams[$name] : $defaultValue;
  }
  public function getPut($name,$defaultValue=null)
  {
    if($this->_putParams===null)
      $this->_putParams=$this->getIsPutRequest() ? $this->getRestParams() : array();
    return isset($this->_putParams[$name]) ? $this->_putParams[$name] : $defaultValue;
  }
  protected function getRestParams()
  {
    $result=array();
    if(function_exists('mb_parse_str'))
      mb_parse_str(file_get_contents('php://input'), $result);
    else
      parse_str(file_get_contents('php://input'), $result);
    return $result;
  }
  public function getUrl()
  {
    return $this->getRequestUri();
  }
  public function getHostInfo($schema='')
  {
    if($this->_hostInfo===null)
    {
      if($secure=$this->getIsSecureConnection())
        $http='https';
      else
        $http='http';
      if(isset($_SERVER['HTTP_HOST']))
        $this->_hostInfo=$http.'://'.$_SERVER['HTTP_HOST'];
      else
      {
        $this->_hostInfo=$http.'://'.$_SERVER['SERVER_NAME'];
        $port=$secure ? $this->getSecurePort() : $this->getPort();
        if(($port!==80 && !$secure) || ($port!==443 && $secure))
          $this->_hostInfo.=':'.$port;
      }
    }
    if($schema!=='')
    {
      $secure=$this->getIsSecureConnection();
      if($secure && $schema==='https' || !$secure && $schema==='http')
        return $this->_hostInfo;
      $port=$schema==='https' ? $this->getSecurePort() : $this->getPort();
      if($port!==80 && $schema==='http' || $port!==443 && $schema==='https')
        $port=':'.$port;
      else
        $port='';
      $pos=strpos($this->_hostInfo,':');
      return $schema.substr($this->_hostInfo,$pos,strcspn($this->_hostInfo,':',$pos+1)+1).$port;
    }
    else
      return $this->_hostInfo;
  }
  public function setHostInfo($value)
  {
    $this->_hostInfo=rtrim($value,'/');
  }
  public function getBaseUrl($absolute=false)
  {
    if($this->_baseUrl===null)
      $this->_baseUrl=rtrim(dirname($this->getScriptUrl()),'\\/');
    return $absolute ? $this->getHostInfo() . $this->_baseUrl : $this->_baseUrl;
  }
  public function setBaseUrl($value)
  {
    $this->_baseUrl=$value;
  }
  public function getScriptUrl()
  {
    if($this->_scriptUrl===null)
    {
      $scriptName=basename($_SERVER['SCRIPT_FILENAME']);
      if(basename($_SERVER['SCRIPT_NAME'])===$scriptName)
        $this->_scriptUrl=$_SERVER['SCRIPT_NAME'];
      else if(basename($_SERVER['PHP_SELF'])===$scriptName)
        $this->_scriptUrl=$_SERVER['PHP_SELF'];
      else if(isset($_SERVER['ORIG_SCRIPT_NAME']) && basename($_SERVER['ORIG_SCRIPT_NAME'])===$scriptName)
        $this->_scriptUrl=$_SERVER['ORIG_SCRIPT_NAME'];
      else if(($pos=strpos($_SERVER['PHP_SELF'],'/'.$scriptName))!==false)
        $this->_scriptUrl=substr($_SERVER['SCRIPT_NAME'],0,$pos).'/'.$scriptName;
      else if(isset($_SERVER['DOCUMENT_ROOT']) && strpos($_SERVER['SCRIPT_FILENAME'],$_SERVER['DOCUMENT_ROOT'])===0)
        $this->_scriptUrl=str_replace('\\','/',str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SERVER['SCRIPT_FILENAME']));
      else
        throw new CException(Yii::t('yii','CHttpRequest is unable to determine the entry script URL.'));
    }
    return $this->_scriptUrl;
  }
  public function setScriptUrl($value)
  {
    $this->_scriptUrl='/'.trim($value,'/');
  }
  public function getPathInfo()
  {
    if($this->_pathInfo===null)
    {
      $pathInfo=$this->getRequestUri();
      if(($pos=strpos($pathInfo,'?'))!==false)
        $pathInfo=substr($pathInfo,0,$pos);
      $pathInfo=urldecode($pathInfo);
      $scriptUrl=$this->getScriptUrl();
      $baseUrl=$this->getBaseUrl();
      if(strpos($pathInfo,$scriptUrl)===0)
        $pathInfo=substr($pathInfo,strlen($scriptUrl));
      else if($baseUrl==='' || strpos($pathInfo,$baseUrl)===0)
        $pathInfo=substr($pathInfo,strlen($baseUrl));
      else if(strpos($_SERVER['PHP_SELF'],$scriptUrl)===0)
        $pathInfo=substr($_SERVER['PHP_SELF'],strlen($scriptUrl));
      else
        throw new CException(Yii::t('yii','CHttpRequest is unable to determine the path info of the request.'));
      $this->_pathInfo=trim($pathInfo,'/');
    }
    return $this->_pathInfo;
  }
  public function getRequestUri()
  {
    if($this->_requestUri===null)
    {
      if(isset($_SERVER['HTTP_X_REWRITE_URL'])) // IIS
        $this->_requestUri=$_SERVER['HTTP_X_REWRITE_URL'];
      else if(isset($_SERVER['REQUEST_URI']))
      {
        $this->_requestUri=$_SERVER['REQUEST_URI'];
        if(isset($_SERVER['HTTP_HOST']))
        {
          if(strpos($this->_requestUri,$_SERVER['HTTP_HOST'])!==false)
            $this->_requestUri=preg_replace('/^\w+:\/\/[^\/]+/','',$this->_requestUri);
        }
        else
          $this->_requestUri=preg_replace('/^(http|https):\/\/[^\/]+/i','',$this->_requestUri);
      }
      else if(isset($_SERVER['ORIG_PATH_INFO'])) // IIS 5.0 CGI
      {
        $this->_requestUri=$_SERVER['ORIG_PATH_INFO'];
        if(!empty($_SERVER['QUERY_STRING']))
          $this->_requestUri.='?'.$_SERVER['QUERY_STRING'];
      }
      else
        throw new CException(Yii::t('yii','CHttpRequest is unable to determine the request URI.'));
    }
    return $this->_requestUri;
  }
  public function getQueryString()
  {
    return isset($_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:'';
  }
  public function getIsSecureConnection()
  {
    return isset($_SERVER['HTTPS']) && !strcasecmp($_SERVER['HTTPS'],'on');
  }
  public function getRequestType()
  {
    return strtoupper(isset($_SERVER['REQUEST_METHOD'])?$_SERVER['REQUEST_METHOD']:'GET');
  }
  public function getIsPostRequest()
  {
    return isset($_SERVER['REQUEST_METHOD']) && !strcasecmp($_SERVER['REQUEST_METHOD'],'POST');
  }
  public function getIsDeleteRequest()
  {
    return isset($_SERVER['REQUEST_METHOD']) && !strcasecmp($_SERVER['REQUEST_METHOD'],'DELETE');
  }
  public function getIsPutRequest()
  {
    return isset($_SERVER['REQUEST_METHOD']) && !strcasecmp($_SERVER['REQUEST_METHOD'],'PUT');
  }
  public function getIsAjaxRequest()
  {
    return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH']==='XMLHttpRequest';
  }
  public function getServerName()
  {
    return $_SERVER['SERVER_NAME'];
  }
  public function getServerPort()
  {
    return $_SERVER['SERVER_PORT'];
  }
  public function getUrlReferrer()
  {
    return isset($_SERVER['HTTP_REFERER'])?$_SERVER['HTTP_REFERER']:null;
  }
  public function getUserAgent()
  {
    return isset($_SERVER['HTTP_USER_AGENT'])?$_SERVER['HTTP_USER_AGENT']:null;
  }
  public function getUserHostAddress()
  {
    return isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:'127.0.0.1';
  }
  public function getUserHost()
  {
    return isset($_SERVER['REMOTE_HOST'])?$_SERVER['REMOTE_HOST']:null;
  }
  public function getScriptFile()
  {
    if($this->_scriptFile!==null)
      return $this->_scriptFile;
    else
      return $this->_scriptFile=realpath($_SERVER['SCRIPT_FILENAME']);
  }
  public function getBrowser($userAgent=null)
  {
    return get_browser($userAgent,true);
  }
  public function getAcceptTypes()
  {
    return isset($_SERVER['HTTP_ACCEPT'])?$_SERVER['HTTP_ACCEPT']:null;
  }
  private $_port;
  public function getPort()
  {
    if($this->_port===null)
      $this->_port=!$this->getIsSecureConnection() && isset($_SERVER['SERVER_PORT']) ? (int)$_SERVER['SERVER_PORT'] : 80;
    return $this->_port;
  }
  public function setPort($value)
  {
    $this->_port=(int)$value;
    $this->_hostInfo=null;
  }
  private $_securePort;
  public function getSecurePort()
  {
    if($this->_securePort===null)
      $this->_securePort=$this->getIsSecureConnection() && isset($_SERVER['SERVER_PORT']) ? (int)$_SERVER['SERVER_PORT'] : 443;
    return $this->_securePort;
  }
  public function setSecurePort($value)
  {
    $this->_securePort=(int)$value;
    $this->_hostInfo=null;
  }
  public function getCookies()
  {
    if($this->_cookies!==null)
      return $this->_cookies;
    else
      return $this->_cookies=new CCookieCollection($this);
  }
  public function redirect($url,$terminate=true,$statusCode=302)
  {
    if(strpos($url,'/')===0)
      $url=$this->getHostInfo().$url;
    header('Location: '.$url, true, $statusCode);
    if($terminate)
      Yii::app()->end();
  }
  public function getPreferredLanguage()
  {
    if($this->_preferredLanguage===null)
    {
      if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) && ($n=preg_match_all('/([\w\-_]+)\s*(;\s*q\s*=\s*(\d*\.\d*))?/',$_SERVER['HTTP_ACCEPT_LANGUAGE'],$matches))>0)
      {
        $languages=array();
        for($i=0;$i<$n;++$i)
          $languages[$matches[1][$i]]=empty($matches[3][$i]) &#63; 1.0 : floatval($matches[3][$i]);
        arsort($languages);
        foreach($languages as $language=>$pref)
          return $this->_preferredLanguage=CLocale::getCanonicalID($language);
      }
      return $this->_preferredLanguage=false;
    }
    return $this->_preferredLanguage;
  }
  public function sendFile($fileName,$content,$mimeType=null,$terminate=true)
  {
    if($mimeType===null)
    {
      if(($mimeType=CFileHelper::getMimeTypeByExtension($fileName))===null)
        $mimeType='text/plain';
    }
    header('Pragma: public');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header("Content-type: $mimeType");
    if(ini_get("output_handler")=='')
      header('Content-Length: '.(function_exists('mb_strlen') &#63; mb_strlen($content,'8bit') : strlen($content)));
    header("Content-Disposition: attachment; filename=\"$fileName\"");
    header('Content-Transfer-Encoding: binary');
    if($terminate)
    {
      // clean up the application first because the file downloading could take long time
      // which may cause timeout of some resources (such as DB connection)
      Yii::app()->end(0,false);
      echo $content;
      exit(0);
    }
    else
      echo $content;
  }
  public function xSendFile($filePath, $options=array())
  {
    if(!is_file($filePath))
      return false;
    if(!isset($options['saveName']))
      $options['saveName']=basename($filePath);
    if(!isset($options['mimeType']))
    {
      if(($options['mimeType']=CFileHelper::getMimeTypeByExtension($filePath))===null)
        $options['mimeType']='text/plain';
    }
    if(!isset($options['xHeader']))
      $options['xHeader']='X-Sendfile';
    header('Content-type: '.$options['mimeType']);
    header('Content-Disposition: attachment; filename="'.$options['saveName'].'"');
    header(trim($options['xHeader']).': '.$filePath);
    if(!isset($options['terminate']) || $options['terminate'])
      Yii::app()->end();
    return true;
  }
  public function getCsrfToken()
  {
    if($this->_csrfToken===null)
    {
      $cookie=$this->getCookies()->itemAt($this->csrfTokenName);
      if(!$cookie || ($this->_csrfToken=$cookie->value)==null)
      {
        $cookie=$this->createCsrfCookie();
        $this->_csrfToken=$cookie->value;
        $this->getCookies()->add($cookie->name,$cookie);
      }
    }
    return $this->_csrfToken;
  }
  protected function createCsrfCookie()
  {
    $cookie=new CHttpCookie($this->csrfTokenName,sha1(uniqid(mt_rand(),true)));
    if(is_array($this->csrfCookie))
    {
      foreach($this->csrfCookie as $name=>$value)
        $cookie->$name=$value;
    }
    return $cookie;
  }
  public function validateCsrfToken($event)
  {
    if($this->getIsPostRequest())
    {
      // only validate POST requests
      $cookies=$this->getCookies();
      if($cookies->contains($this->csrfTokenName) && isset($_POST[$this->csrfTokenName]))
      {
        $tokenFromCookie=$cookies->itemAt($this->csrfTokenName)->value;
        $tokenFromPost=$_POST[$this->csrfTokenName];
        $valid=$tokenFromCookie===$tokenFromPost;
      }
      else
        $valid=false;
      if(!$valid)
        throw new CHttpException(400,Yii::t('yii','The CSRF token could not be verified.'));
    }
  }
}

Copy after login

request操作的相关方法,一目了然。

public function init()
{
  parent::init();
  $this->normalizeRequest();
}
protected function normalizeRequest()
{
  // normalize request
  if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc())
  {
    if(isset($_GET))
      $_GET=$this->stripSlashes($_GET);
    if(isset($_POST))
      $_POST=$this->stripSlashes($_POST);
    if(isset($_REQUEST))
      $_REQUEST=$this->stripSlashes($_REQUEST);
    if(isset($_COOKIE))
      $_COOKIE=$this->stripSlashes($_COOKIE);
  }
  if($this->enableCsrfValidation)
    Yii::app()->attachEventHandler('onBeginRequest',array($this,'validateCsrfToken'));
}
public function stripSlashes(&$data)
{
  return is_array($data)&#63;array_map(array($this,'stripSlashes'),$data):stripslashes($data);
}

Copy after login

可以看到yii对$_GET\$_POST\$_REQUEST\$_COOKIE进行了必要的过滤处理,所以可以放心的使用数据。

常用的有如下方法:

获取get参数

public function getParam($name,$defaultValue=null)

Copy after login

获取get参数

public function getQuery($name,$defaultValue=null)

Copy after login

获取post数据

public function getPost($name,$defaultValue=null)

Copy after login

获取请求的url

public function getUrl()

Copy after login

获取主机信息

public function getHostInfo($schema='')

Copy after login

设置

public function setHostInfo($value)

Copy after login

获取根目录

public function getBaseUrl($absolute=false)

Copy after login

获取当前url

public function getScriptUrl()

Copy after login

获取请求的url

public function getRequestUri()

Copy after login

获取querystring

public function getQueryString()

Copy after login

判断是否是https

public function getIsSecureConnection()

Copy after login

获取请求类型

public function getRequestType()

Copy after login

是否是post请求

public function getIsPostRequest()

Copy after login

是否是ajax请求

public function getIsAjaxRequest()

Copy after login

获取服务器名称

public function getServerName()

Copy after login

获取服务端口

public function getServerPort()

Copy after login

获取引用路径

public function getUrlReferrer()

Copy after login

获取用户ip地址

public function getUserHostAddress()

Copy after login

获取用户主机名称

public function getUserHost()

Copy after login

获取执行脚本名称

public function getScriptFile()

Copy after login

获取cookie

public function getCookies()

Copy after login

重定向

public function redirect($url,$terminate=true,$statusCode=302)

Copy after login

设置下载文件头

public function sendFile($fileName,$content,$mimeType=null,$terminate=true)
{
if($mimeType===null)
{
if(($mimeType=CFileHelper::getMimeTypeByExtension($fileName))===null)
$mimeType='text/plain';
}
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header("Content-type: $mimeType");
if(ini_get("output_handler")=='')
header('Content-Length: '.(function_exists('mb_strlen') &#63; mb_strlen($content,'8bit') : strlen($content)));
header("Content-Disposition: attachment; filename=\"$fileName\"");
header('Content-Transfer-Encoding: binary');
if($terminate)
{
// clean up the application first because the file downloading could take long time
// which may cause timeout of some resources (such as DB connection)
Yii::app()->end(0,false);
echo $content;
exit(0);
}
else
echo $content;
}
public function xSendFile($filePath, $options=array())
{
if(!is_file($filePath))
return false;
if(!isset($options['saveName']))
$options['saveName']=basename($filePath);
if(!isset($options['mimeType']))
{
if(($options['mimeType']=CFileHelper::getMimeTypeByExtension($filePath))===null)
$options['mimeType']='text/plain';
}
if(!isset($options['xHeader']))
$options['xHeader']='X-Sendfile';
header('Content-type: '.$options['mimeType']);
header('Content-Disposition: attachment; filename="'.$options['saveName'].'"');
header(trim($options['xHeader']).': '.$filePath);
if(!isset($options['terminate']) || $options['terminate'])
Yii::app()->end();
return true;
}

Copy after login

为了防止csrf,yii提供了相应的方法

CSRF(Cross-site request forgery),中文名称:跨站请求伪造,也被称为:one click attack/session riding,缩写为:CSRF/XSRF。
《CSRF的攻击方式详解 黑客必备知识》

public function getCsrfToken()
{
if($this->_csrfToken===null)
{
$cookie=$this->getCookies()->itemAt($this->csrfTokenName);
if(!$cookie || ($this->_csrfToken=$cookie->value)==null)
{
$cookie=$this->createCsrfCookie();
$this->_csrfToken=$cookie->value;
$this->getCookies()->add($cookie->name,$cookie);
}
}
return $this->_csrfToken;
}
protected function createCsrfCookie()
{
$cookie=new CHttpCookie($this->csrfTokenName,sha1(uniqid(mt_rand(),true)));
if(is_array($this->csrfCookie))
{
foreach($this->csrfCookie as $name=>$value)
$cookie->$name=$value;
}
return $cookie;
}
public function validateCsrfToken($event)
{
if($this->getIsPostRequest())
{
// only validate POST requests
$cookies=$this->getCookies();
if($cookies->contains($this->csrfTokenName) && isset($_POST[$this->csrfTokenName]))
{
$tokenFromCookie=$cookies->itemAt($this->csrfTokenName)->value;
$tokenFromPost=$_POST[$this->csrfTokenName];
$valid=$tokenFromCookie===$tokenFromPost;
}
else
$valid=false;
if(!$valid)
throw new CHttpException(400,Yii::t('yii','The CSRF token could not be verified.'));
}
}

Copy after login

对于$_GET的使用,不仅仅可以使用$_GET和以上提供的相关方法,在action中,可以绑定到action的方法参数。

http://www.yiiframework.com/doc/guide/1.1/zh_cn/basics.controller

这里就一并罗列官方给出的说明。

从版本 1.1.4 开始,Yii 提供了对自动动作参数绑定的支持。 就是说,控制器动作可以定义命名的参数,参数的值将由 Yii 自动从 $_GET 填充。

为了详细说明此功能,假设我们需要为 PostController 写一个 create 动作。此动作需要两个参数:

category: 一个整数,代表帖子(post)要发表在的那个分类的ID。
language: 一个字符串,代表帖子所使用的语言代码。
从 $_GET 中提取参数时,我们可以不再下面这种无聊的代码了:

class PostController extends CController
{
  public function actionCreate()
  {
    if(isset($_GET['category']))
      $category=(int)$_GET['category'];
    else
      throw new CHttpException(404,'invalid request');
    if(isset($_GET['language']))
      $language=$_GET['language'];
    else
      $language='en';
    // ... fun code starts here ...
  }
}

Copy after login

现在使用动作参数功能,我们可以更轻松的完成任务:

class PostController extends CController
{
  public function actionCreate($category, $language='en')
  {
    $category=(int)$category;
    // ... fun code starts here ...
  }
}

Copy after login

注意我们在动作方法 actionCreate 中添加了两个参数。 这些参数的名字必须和我们想要从 $_GET 中提取的名字一致。 当用户没有在请求中指定 $language 参数时,这个参数会使用默认值 en 。 由于 $category 没有默认值,如果用户没有在 $_GET 中提供 category 参数, 将会自动抛出一个 CHttpException (错误代码 400) 异常。 Starting from version 1.1.5, Yii also supports array type detection for action parameters. This is done by PHP type hinting using the syntax like the following:

class PostController extends CController
{
  public function actionCreate(array $categories)
  {
    // Yii will make sure $categories be an array
  }
}

Copy after login

That is, we add the keyword array in front of $categories in the method parameter declaration. By doing so, if $_GET['categories'] is a simple string, it will be converted into an array consisting of that string.

Note: If a parameter is declared without the array type hint, it means the parameter must be a scalar (i.e., not an array). In this case, passing in an array parameter via $_GET would cause an HTTP exception.

request的使用你只要保持和以前在php中的使用方式一样,在yii中是不会出错的

更多关于Yii相关内容感兴趣的读者可查看本站专题:《Yii框架入门及常用技巧总结》、《php优秀开发框架总结》、《smarty模板入门基础教程》、《php日期与时间用法总结》、《php面向对象程序设计入门教程》、《php字符串(string)用法总结》、《php+mysql数据库操作入门教程》及《php常见数据库操作技巧汇总》

希望本文所述对大家基于Yii框架的PHP程序设计有所帮助。

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template