Header Small Ahoy!

The Underscore Naming Convention

An element of Trongate's syntax that has been the source of some misunderstanding is Trongate's usage of the underscore naming convention. This is the practice of starting method names with an underscore character and thereby preventing them from being accessed directly via a URL.

There is a widely held misconception that the underscore naming convention has the effect of making methods 'private' or 'protected'. Early PHP frameworks (such as Zend Framework 1, early versions of CodeIgniter, Yii1, etc.) used their own versions of the underscore naming convention but later abandoned the practice in favor of using full access modifiers in their respective codebases. This has led to the erroneous assumption that Trongate is out of date or somehow out of touch with the modern PHP landscape. These assumptions are incorrect and indicate a misunderstanding of the fundamentals of object-oriented programming.

Trongate has a unique and modular architecture that lets developers easily load 'Module B' from 'Module A' and vice versa. The code sample below demonstrates how this can be achieved with Trongate:


The rules of OOP state that private methods can only be invoked from within their containing classes. Protected methods follow the same rule but with the additional allowance that protected methods can be invoked from a class that extends the containing class of the target method.

Since modules in the Trongate framework exist entirely independently of one another, it means that it would be literally impossible to load 'Module B' from 'Module A' in the manner shown above unless the method being invoked has been assigned with a scope of 'public'. Trongate's usage of the underscore naming convention is, therefore, an essential and carefully thought-out component of the framework - not a throwback from the past and certainly not a shorthand way of making methods 'private'. If Trongate did not utilize the underscore naming convention, developers who use Trongate would be forced to use YAML files or some other kind of configuration option to actively and explicitly declare which methods can and cannot be invoked via the URL.

Learn more how to use the underscore naming convention to secure PHP methods from direct URL access here.