v1.0.0 • PHP 8+ • Bootstrap 5

The Last Boilerplate
You'll Ever Need

A production-ready, modular starter kit with secure PDO, CSRF protection, standardized API responses, and a full UI component library — all out of the box.

🔒 CSRF Protected 📦 PDO + Prepared Stmts ⚡ SweetAlert2 📊 DataTables 📈 ApexCharts 🎯 Select2
api/example.php
// 1. Validate CSRF token
if (!func_ValidateCSRFToken($token)) {
    func_GenerateResponse(false, [], 403,
        'Invalid CSRF token.');
}

// 2. Pull data with prepared statements
$result = func_PullData(
    'users', ['role' => 'admin'],
    'created_at DESC', 10
);

// 3. Return standardized JSON
func_GenerateResponse(
    $result['success'],
    $result['data'],
    $result['meta']['code']
);
// JSON response
{
  "success": true,
  "data": [ ... ],
  "meta": {
    "code": 200,
    "detail": "5 record(s) retrieved."
  }
}
What's Included

Everything You Need, Nothing You Don't

A curated, minimal set of tools and patterns that solve the 80% of boilerplate work in every PHP project.

Secure by Default

CSRF tokens, PDO prepared statements, bcrypt hashing, session hardening, and XSS escaping built in.

CRUD Helper Layer

Four clean functions (func_InsertData, func_UpdateData, func_PullData, func_DeleteData) with consistent return shapes.

Standardized API Engine

Every endpoint returns the same JSON envelope: { success, data, meta }. Frontend always knows what to expect.

Full Dashboard Layout

Responsive sidebar + top bar + main content shell. Collapses gracefully to mobile offcanvas.

Component Showcase

DataTables, Chart.js, ApexCharts, Select2, Flatpickr, SweetAlert2, and Bootstrap 5 native components — all wired up.

Master AJAX Handler

App.request() auto-injects CSRF, parses JSON responses, surfaces errors as SweetAlert2 modals, and handles spinners.

Ready to Build?

Clone the repo, configure your database, and start building in minutes.

Explore Dashboard