For understanding controllers we need to know how the Magento processes requests from the browser. Look at the following diagram which shows the page request flow. This diagram will give you an idea of the job of controllers.
Job of the controller:
The controller receives a URL request from the browser. The controller has to process this request to find what code to run. This is done via a router. Routing is the process of taking a URL and decomposing it into parameters to determine which module, controller, and action of that controller should receive the request. The URL gets “routed” to a particular Controller, which in turns tells Magento what to do. The Controller tells Magento which layout is to be used. This determines which modules are put into place, which in turn tells Magento what Views to output. The data from the Models are given to the Views to be displayed. In the scheme of things here, Blocks fit roughly between the View and the Model.
Decomposing the URL:
Now we will see how a browser request to a URL gets translated into module execution. Generally speaking any URL can be deconstructed as follows:
As you can see the above URL has been decomposed to get the module as ‘customer’, the controller as ‘AccountController’ and the action to be performed as ‘indexAction()’. Checkout the AccountController file in Mage\Customer\controllers\ . You will see an indexAction() function. This is the function that is executed by the above URL request.
If the URL was http://example.com/magento/(index.php)/customer/account/login then the loginAction() will be executed.
So The front controller (the controller that receives requests from browser) “dispatches” the request to its internal list of “routers” and determines if any of the routers “match()” the request’s parameters. If so, then a new MVC Controller (‘AccountController’ in this case) is created from the matching module and, again, the request is “dispatched” to this controller object. The final MVC-style controller is technically a “Front Action” (Notice that AccountController extends Mage_Core_Controller_Front_Action).This new Action object dynamically calls one of its own action methods (‘indexAction()’) and marks the request as being “dispatched” (i.e. finished).
How the routers find a match?
The front controller has an array of “routers” that it uses to decide which module the URL should trigger. This correlation between URL and module name is defined in the config.xml files of the modules. Checkout the config.xml file of the Customer module you will see this:
Once a router has found a match of the first part of the URL to a defined frontName value from the XML, this value gets directly translated into a module name with a little adjustment to the capitalization of the words (ie. ‘customer’ to ‘Customer’) The controller and the action names are taken from the URL.
What if you only enter example.com/customer/ and not specify the controller and action you want. Find out what result you get. You will be directed to the 404 Not Found error page. How did that happen? If any value is missing, the defaults are taken from the config.xml of the Core module. If any indicators of module, controller, or action are missing from the URL the values are read from the default tag under web. By default, the CMS supplies these XML values it its own config.xml file. You can change these values by going to System->Configuration->Web.
Actions:
Actions are classes that extend Mage_Core_Controller_Front_Action which, in turn, extends Mage_Core_Controller_Varien_Action.(‘AccountController’ is an Action). A request is dispatched to an action method (‘indexAction()’). Action methods have the word “Action” appended to their names to distinguish them from normal class methods. Appending a word to the method name also helps to stop people from running unexpected methods from the URL. Imagine someone requesting example.com/index.php/customer/account/__destruct. If the system did not protect action names, the resulting method call would look something like this:
$controllerInstance->__destruct();
Something like this could potentially be a vector to open up attacks on your site. So Magento protects the action method names by appending Action to any value taken from the URL. Action and action methods are where the primary business logic for a request happens. Typically the action methods will load a model or two based on IDs or other URL parameters, kick off a few methods of these models, and then run the layout sequence.
Launch your browser and type http://127.0.0.1/magento/index.php/customer/account/login/. This should execute the loginAction() method in AccountController class of Customer module.
The Output will be as follows:
