Menu
Language
SK EN
Theme
Your preference will be saved in your browser.
Quick contact
Joto.sk, s.r.o.
Bratislavská 2543/108, 90201 Pezinok, Slovensko
We are not VAT registered
Mon – Fri: 9:00 AM – 5:00 PM
Phone: +421948100119 Email: info@skeletio.com WhatsApp Navigate to the company

System

An overview of the SKELETIO core: routing, DB pages, template packs, partial sandbox, and security rules.

Core

What SKELETIO is

A mini-framework for DB-driven websites with strict routing rules, i18n, and secure partial rendering.

DB pages and translations

Content (including SEO meta) lives in the DB and is ready for multiple languages.

Template packs

Design is separated from logic. A pack defines partials and the visual style.

Partial sandbox

PartialRenderer runs only within the pack root and blocks path traversal.

Routing

URL rules

Everything goes through the front controller. Language is the first URL segment and the router handles a multi-level slug.

Front controller
.htaccess routes everything to index.php, which sets context and calls the router.
Language in URL
The first segment is /sk or /en. If missing, a default language is used.
multi-level slug
The router only resolves the first segment after the language (no multi-level routing).
URL examples
/sk
/sk/contact
/en/system
Template packs

Pack, layout, and partials

The layout selects the template pack from the page or settings. DB content may include partials relative to the pack root.

Pack selection
Uses $page[template_pack], otherwise $settings[template_pack], fallback skeletio.
baseUrl vs packDir
$baseUrl is only for URLs/links/assets. $packDir is filesystem path for includes/render only. Never mix them.
Partials in DB content
Use [[partial:...]] (e.g. [[partial:home/carousel.php]]). The renderer runs only inside the pack-root sandbox.
Example in content
[[partial:header/header.php]]
... HTML content ...
[[partial:home/carousel.php]]
[[partial:footer/footer.php]]
Security

Rules you don’t bypass

Security comes first. The framework is designed to minimize risky shortcuts.

XSS

Always escape HTML via the h() helper.

SQLi

Use PDO prepared statements—no string-concatenated SQL.

Traversal

PartialRenderer prevents includes outside the pack root and blocks forbidden files.

URLs and assets

Never hardcode /web/… Use route()/linkTag() and asset().

Next step

Want to ship this to your website?

We’ll start with core pages, pick a pack, and then you compose content via DB and partials.

Home Contact
2009 - 2026 Copyright © This website is generated by the Skeletio system by Joto.sk [Skeletio.com]
All rights to the content are reserved for the website operator and content owner of Joto.sk
AI Assistant
Hello, I’m the Skeletio AI assistant. I’ll be happy to briefly explain what Skeletio can do and whether it is a good fit for your project. What are you currently working on?