THT | Programming Language for Web Development

A Quick Look

// Familiar variable and List syntax.
$colors = ['red', 'blue', 'green'];

// New JSON-style syntax for Maps
$colorHex = {
    red:   '#FF0000',
    green: '#00FF00',
    blue:  '#0000FF',
};

// Built-in types have methods using
// the mainstream 'dot' syntax.
$colors.push('purple');

// Extra parens aren't needed.
if $colors.length() > 3 {
    $colors.pop();
}

// The standard library is organized
// into modules.
Response.sendPage({
    title: 'Colors',
    body: bodyHtml($colors),
});

// Template Functions let you organize
// your output (views) however you like.
// (e.g. by component, module, file, etc.)
template bodyHtml($colors) {

    <h1>Colors</>
    <ul>
    -- foreach $colors as $c {
        <li>{{ $c.toUpperCaseFirst() }}</>
    -- }
    </>
}

THT Keeps the Good Parts of PHP

Despite its flaws, PHP has a few unique strengths that has made it one of the most popular languages in the world.

Easy Setup

PHP is available on every major web host and OS. Using it with Apache is fast out of the box, with virtually no system administration.

Simple Routes

In PHP, every file has a URL. THT automatically provides clean URLs (e.g. "/myBlog.tht" becomes "/my-blog"), and blocks access to private code.

Atomic Requests

State and data are automatically cleaned up after every request. This "share nothing" approach enables horizontal scaling and simplifies your app flow.

Web Focused

PHP is a web language at its core. THT embraces this even further by building in web security and framework features.

Batteries Included

PHP comes with a massive library of convenient functions. THT completely re-organizes this library and makes it more consistent.

Read More: Taking PHP Seriously (article)

Key THT Features

Organized Library.

PHP's massive library (5,000+ functions) is curated and organized into modules & classes.

Lists & Maps.

PHP arrays are split into clear List and Map types.

Module System.

File inclusion is supported via modules with built-in autoloading. No verbose namespaces.

Concise Syntax.

Optional syntax shortcuts make common patterns more convenient. (e.g. ||= for default assignment.)

Cleaner Code.

A compile-time format checker helps you write code that is easier to read and maintain.

Unicode Support.

String functions work with UTF-8 by default.

Friendly Errors.

The error pages are easy to read and have full stack traces.

Web Framework Included

THT includes many tools that are useful for modern web development:

Router for clean URLs (e.g. “/blog/123/top-ten-things”)
Templates that support the full THT syntax
Input validation and secure file uploads
Stylesheet with reset styles, grid system & SVG icons
Litemark parser for Markdown-style content
JCON for human-friendly JSON-style configuration
Session support with secure defaults & flash data
Database module with CRUD methods & parameterized queries
Cache module for performance tuning

Built-In Security

By default, THT defends against the most common security risks.

These safeguards are integrated into the language, providing better protection than if they were imported from a third-party library.

TypeStrings

TypeStrings are used to prevent injection attacks, which are considered the #1 security vulnerability on the internet.

They can not be mixed with (unsafe) regular strings. Dynamic values are inserted via placeholders.

// SQL Queries
$q = sql'select name from users where id = {}';
$q.fill(123);

// URLs
$u = url'/users?sort={}'.fill('desc');

// System Commands
$c = cmd'chmod {perms} {file}';
$c.fill('755', 'my_file.conf');

Other Safeguards

User input (which should never be trusted) can only be accessed through validation methods, via the Input module.
Template variables are automatically escaped.
Response headers include CSP to prevent Cross-Site Scripting (XSS).
Direct calls to high-risk PHP commands like eval are prohibited.
File functions are sandboxed to a data directory, and can’t be used with external (potentially dangerous) URLs.

Read More: All Security Enhancements

Performance

Out of the box, PHP is more than fast enough for most apps.

PHP 7 already offers major speed gains, but you can benefit even more by using an opcode cache like APC.

On a MacBook Pro, the core THT test suite (800 tests) finishes in 13 milliseconds.

It is also compact. The combined THT transpiler and runtime is only 180 KB (in comparison, Laravel is 16 MB).

THT also has built-in performance tools:

The Perf Panel is an easy way to profile your overall page speed.
The Cache module can help you minimize the biggest performance hits.
Responses are automatically minified & GZIP compressed, reducing most page sizes by up to 70%.

How It Works

Once you set up a THT app, your workflow is the same as with PHP. After you edit a file, just save and refresh.
There are no build steps, background tasks, or server restarts to disrupt your flow.
When you add or update a .tht file, it is automatically transpiled to PHP on the first request. Then it is cached for performance.
The transpiled code is compatible with PHP 7.1+.
The transpiler itself is written in 100% PHP with no dependencies.
Third-party PHP libraries can be accessed through the PHP Interface.

Give It a Try

THT is still in Beta, but if you’d like to try it out, it’s already suitable for most small-to-medium web apps.

Next: Get Started