There are some things you should keep in mind when you work with blaze.

The folder structure

blaze is a fine tuned system which consists of lots of different components. They are well structured within the blaze folder. You should find at least these folders in there:

- assets (holding all assets blaze might need)
- locale (backend language files)
- plugins (drop plugins in this folder)
- src (main folder holding all major framework components)
- vendor (third party libraries are located here)
- views (backend and error page views)

Do not delete any of these folders or blaze will not work any more.

At runtime, blaze may place two additional folder underneath /blaze, they will be called 'cache' and 'data'. The 'cache' folder will hold rendered data, output caches and other things you might have stored using $blaze->cache or $blaze->storage. You may safely delete the 'cache' folder, as blaze will regenerate it if it needs to store something.

Make sure you did not store anything in the cache that was not meant to be temporary when you consider deleting the folder.

'data' will hold databases, sessions, uploaded brand files and some configuration - so you'd better not delete it. Backup this folder whenever you upgrade blaze.

MultiViews

blaze's .htaccess file tries to make your server allow omitting file extensions when visiting your site. So, instead of visiting yoursite.com/myfile.php, you can as well visit yoursite.com/myfile. That's great for SEO purposes.

In order to realize this behaviour, blaze needs to disable MultiViews via htaccess. Some webhosting providers do not allow to set this option, which will make your site completely fail or throw an error message. If during the installation blaze tells you that it is not able to disable the MultiViews option, you must edit the .htaccess file it creates during installation. It will be placed in your webroot during the installation.

Remove this line, which is located at the very top of the file:

Options -MultiViews

blaze will work afterwards, if the MultiViews option was the problem.

Output caching

In the backend, you'll find a feature called 'output caching'. We have not enabled this by default and it is not included in the configuration presets we ship, but blaze is able to cache outputs completely.

When output caching is enabled, blaze will render all outputs once and from there on deliver pages from the cache in order to speed up your site. Also, the asset compiler will not check if there were changes any more. So, whenever you use the asset compiler and make a change that won't get to your frontend, make sure to temporarily disable output caching in order to make blaze recompile your assets.

Be aware that dynamic contents should be excluded from caching. This is possible using $blaze->output->disableCaching() somewhere in your script.

There is more information on this topic in the core section, in the config file documentation and in the asset compiler documentation.

Security

We put some thinking into security related issues and tried to make blaze as secure as possible. But blaze is not totally bulletproof. One of the main security issues is the fact, that usernames and passwords are stored in the main config file. We decided to set things up this way in order to keep blaze easy to use.

One of the reasons for this decision was, that in order to be able to read out those passwords, an attacker would have to get to your sourcefiles. Whoever got to this point will be able to do much worse than change a password or put your page out of production mode.

However, if this level of security is not enough for your purposes, feel free to either hack the authentication component or use some other framework.

How to disable blaze on files or folders

If at any point you want to have a folder or some single files on which blaze should not take any actions, you may want to change the mod_rewrite settings that you will find in the .htaccess file. This file is generated in your webroot folder during the installation, so you may need to download it in order to edit it offline. Look out for the URL rewriting section of the file (somewhere around line 300) and read the comments.

Hacking blaze

This documentation is intended to provide you with all the information you may need to make use of all features blaze provides. If at some point you do want to change the way how blaze works, you may of course hack your way through the sourcecode. Everything should be well documented within the sources.