diff --git a/app/Config/App.php b/app/Config/App.php
index fdfb92fb5c1422db7784d4ad049d4d70a7790229..82e27e3918f888d6c45d549c2775caebd1ff51ce 100644
--- a/app/Config/App.php
+++ b/app/Config/App.php
@@ -34,7 +34,7 @@ class App extends BaseConfig
*
* http://cdn.example.com/
*/
- public string $mediaBaseURL = 'http://127.0.0.2:8080/';
+ public string $mediaBaseURL = 'http://localhost:8080/';
/**
* --------------------------------------------------------------------------
@@ -216,87 +216,6 @@ class App extends BaseConfig
*/
public bool $sessionRegenerateDestroy = false;
- /**
- * --------------------------------------------------------------------------
- * Cookie Prefix
- * --------------------------------------------------------------------------
- *
- * Set a cookie name prefix if you need to avoid collisions.
- *
- * @deprecated use Config\Cookie::$prefix property instead.
- */
- public string $cookiePrefix = '';
-
- /**
- * --------------------------------------------------------------------------
- * Cookie Domain
- * --------------------------------------------------------------------------
- *
- * Set to `.your-domain.com` for site-wide cookies.
- *
- * @deprecated use Config\Cookie::$domain property instead.
- */
- public string $cookieDomain = '';
-
- /**
- * --------------------------------------------------------------------------
- * Cookie Path
- * --------------------------------------------------------------------------
- *
- * Typically will be a forward slash.
- *
- * @deprecated use Config\Cookie::$path property instead.
- */
- public string $cookiePath = '/';
-
- /**
- * --------------------------------------------------------------------------
- * Cookie Secure
- * --------------------------------------------------------------------------
- *
- * Cookie will only be set if a secure HTTPS connection exists.
- *
- * @deprecated use Config\Cookie::$secure property instead.
- */
- public bool $cookieSecure = false;
-
- /**
- * --------------------------------------------------------------------------
- * Cookie HttpOnly
- * --------------------------------------------------------------------------
- *
- * Cookie will only be accessible via HTTP(S) (no JavaScript).
- *
- * @var boolean
- *
- * @deprecated use Config\Cookie::$httponly property instead.
- */
- public bool $cookieHTTPOnly = true;
-
- /**
- * --------------------------------------------------------------------------
- * Cookie SameSite
- * --------------------------------------------------------------------------
- *
- * Configure cookie SameSite setting. Allowed values are:
- * - None
- * - Lax
- * - Strict
- * - ''
- *
- * Alternatively, you can use the constant names:
- * - `Cookie::SAMESITE_NONE`
- * - `Cookie::SAMESITE_LAX`
- * - `Cookie::SAMESITE_STRICT`
- *
- * Defaults to `Lax` for compatibility with modern browsers. Setting `''`
- * (empty string) means default SameSite attribute set by browsers (`Lax`)
- * will be set on cookies. If set to `None`, `$cookieSecure` must also be set.
- *
- * @deprecated use Config\Cookie::$samesite property instead.
- */
- public string $cookieSameSite = 'Lax';
-
/**
* --------------------------------------------------------------------------
* Reverse Proxy IPs
@@ -317,91 +236,6 @@ class App extends BaseConfig
*/
public string | array $proxyIPs = '';
- /**
- * --------------------------------------------------------------------------
- * CSRF Token Name
- * --------------------------------------------------------------------------
- *
- * The token name.
- *
- * @deprecated Use `Config\Security` $tokenName property instead of using this property.
- */
- public string $CSRFTokenName = 'csrf_test_name';
-
- /**
- * --------------------------------------------------------------------------
- * CSRF Header Name
- * --------------------------------------------------------------------------
- *
- * The header name.
- *
- * @deprecated Use `Config\Security` $headerName property instead of using this property.
- */
- public string $CSRFHeaderName = 'X-CSRF-TOKEN';
-
- /**
- * --------------------------------------------------------------------------
- * CSRF Cookie Name
- * --------------------------------------------------------------------------
- *
- * The cookie name.
- *
- * @deprecated Use `Config\Security` $cookieName property instead of using this property.
- */
- public string $CSRFCookieName = 'csrf_cookie_name';
-
- /**
- * --------------------------------------------------------------------------
- * CSRF Expire
- * --------------------------------------------------------------------------
- *
- * The number in seconds the token should expire.
- *
- * @deprecated Use `Config\Security` $expire property instead of using this property.
- */
- public int $CSRFExpire = 7200;
-
- /**
- * --------------------------------------------------------------------------
- * CSRF Regenerate
- * --------------------------------------------------------------------------
- *
- * Regenerate token on every submission?
- *
- * @deprecated Use `Config\Security` $regenerate property instead of using this property.
- */
- public bool $CSRFRegenerate = true;
-
- /**
- * --------------------------------------------------------------------------
- * CSRF Redirect
- * --------------------------------------------------------------------------
- *
- * Redirect to previous page with error on failure?
- *
- * @deprecated Use `Config\Security` $redirect property instead of using this property.
- */
- public bool $CSRFRedirect = true;
-
- /**
- * --------------------------------------------------------------------------
- * CSRF SameSite
- * --------------------------------------------------------------------------
- *
- * Setting for CSRF SameSite cookie token. Allowed values are:
- * - None
- * - Lax
- * - Strict
- * - ''
- *
- * Defaults to `Lax` as recommended in this link:
- *
- * @see https://portswigger.net/web-security/csrf/samesite-cookies
- *
- * @deprecated Use `Config\Security` $samesite property instead of using this property.
- */
- public string $CSRFSameSite = 'Lax';
-
/**
* --------------------------------------------------------------------------
* Content Security Policy
diff --git a/app/Config/Autoload.php b/app/Config/Autoload.php
index 209af318968fefc3fb45cadb886f804c77bc0fa7..b74370e82b44306438ded6ebfa54738a6237713f 100644
--- a/app/Config/Autoload.php
+++ b/app/Config/Autoload.php
@@ -65,4 +65,22 @@ class Autoload extends AutoloadConfig
* @var array<string, string>
*/
public $classmap = [];
+
+ /**
+ * -------------------------------------------------------------------
+ * Files
+ * -------------------------------------------------------------------
+ * The files array provides a list of paths to __non-class__ files
+ * that will be autoloaded. This can be useful for bootstrap operations
+ * or for loading functions.
+ *
+ * Prototype:
+ * ```
+ * $files = [
+ * '/path/to/my/file.php',
+ * ];
+ * ```
+ * @var array<int, string>
+ */
+ public $files = [];
}
diff --git a/app/Config/ContentSecurityPolicy.php b/app/Config/ContentSecurityPolicy.php
index c4d17653121a8d048f430155dbf207eaf2d07cdc..ae5374e255147ab218d816d48730fc75d75aa125 100644
--- a/app/Config/ContentSecurityPolicy.php
+++ b/app/Config/ContentSecurityPolicy.php
@@ -35,7 +35,7 @@ class ContentSecurityPolicy extends BaseConfig
*
* @var string|string[]|null
*/
- public string | array | null $defaultSrc;
+ public string | array | null $defaultSrc = null;
/**
* Lists allowed scripts' URLs.
@@ -65,7 +65,7 @@ class ContentSecurityPolicy extends BaseConfig
*
* @var string|string[]|null
*/
- public string | array | null $baseURI;
+ public string | array | null $baseURI = null;
/**
* Lists the URLs for workers and embedded frame contents
@@ -102,14 +102,21 @@ class ContentSecurityPolicy extends BaseConfig
*
* @var string|string[]|null
*/
- public string | array | null $frameAncestors;
+ public string | array | null $frameAncestors = null;
+
+ /**
+ * The frame-src directive restricts the URLs which may be loaded into nested browsing contexts.
+ *
+ * @var string[]|string|null
+ */
+ public string | array | null $frameSrc = null;
/**
* Restricts the origins allowed to deliver video and audio.
*
* @var string|string[]|null
*/
- public string | array | null $mediaSrc;
+ public string | array | null $mediaSrc = null;
/**
* Allows control over Flash and other plugins.
@@ -121,19 +128,19 @@ class ContentSecurityPolicy extends BaseConfig
/**
* @var string|string[]|null
*/
- public string | array | null $manifestSrc;
+ public string | array | null $manifestSrc = null;
/**
* Limits the kinds of plugins a page may invoke.
*
* @var string|string[]|null
*/
- public string | array | null $pluginTypes;
+ public string | array | null $pluginTypes = null;
/**
* List of actions allowed.
*
* @var string|string[]|null
*/
- public string | array | null $sandbox;
+ public string | array | null $sandbox = null;
}
diff --git a/app/Config/Events.php b/app/Config/Events.php
index 47224b1ec09f3533384a2e02ca96b0bc65475d53..59cc1e6c3b2301104b6618d0e612cf7812435b0a 100644
--- a/app/Config/Events.php
+++ b/app/Config/Events.php
@@ -49,7 +49,7 @@ Events::on('pre_system', function () {
*
* @phpstan-ignore-next-line
*/
- if (CI_DEBUG) {
+ if (CI_DEBUG && ! is_cli()) {
Events::on('DBQuery', 'CodeIgniter\Debug\Toolbar\Collectors\Database::collect',);
Services::toolbar()->respond();
}
diff --git a/app/Config/Exceptions.php b/app/Config/Exceptions.php
index b11e9b3f5935b5924d8fdb24f50e535744ae57f9..f264eee9bb9a3871d18240b0cf80a25fd264085a 100644
--- a/app/Config/Exceptions.php
+++ b/app/Config/Exceptions.php
@@ -41,4 +41,16 @@ class Exceptions extends BaseConfig
* Default: APPPATH.'Views/errors'
*/
public string $errorViewPath = APPPATH . 'Views/errors';
+
+ /**
+ * --------------------------------------------------------------------------
+ * HIDE FROM DEBUG TRACE
+ * --------------------------------------------------------------------------
+ * Any data that you would like to hide from the debug trace.
+ * In order to specify 2 levels, use "/" to separate.
+ * ex. ['server', 'setup/password', 'secret_token']
+ *
+ * @var string[]
+ */
+ public array $sensitiveDataInTrace = [];
}
diff --git a/app/Config/Mimes.php b/app/Config/Mimes.php
index 2229f03920c5638b547b58460b708769efce3e81..759ccac63f84ced843b5b9d73244cef10e2b8a76 100644
--- a/app/Config/Mimes.php
+++ b/app/Config/Mimes.php
@@ -207,6 +207,8 @@ class Mimes
'application/msword',
'application/x-zip',
],
+ 'xlsb' => 'application/vnd.ms-excel.sheet.binary.macroEnabled.12',
+ 'xlsm' => 'application/vnd.ms-excel.sheet.macroEnabled.12',
'word' => ['application/msword', 'application/octet-stream'],
'xl' => 'application/excel',
'eml' => 'message/rfc822',
@@ -311,32 +313,26 @@ class Mimes
$proposedExtension = trim(strtolower($proposedExtension));
- if ($proposedExtension === '') {
+ if ($proposedExtension !== '') {
+ if (array_key_exists($proposedExtension, static::$mimes) && in_array(
+ $type,
+ is_string(static::$mimes[$proposedExtension]) ? [
+ static::$mimes[$proposedExtension],
+ ] : static::$mimes[$proposedExtension],
+ true
+ )) {
+ // The detected mime type matches with the proposed extension.
+ return $proposedExtension;
+ }
+
// An extension was proposed, but the media type does not match the mime type list.
return null;
}
- if (
- array_key_exists($proposedExtension, static::$mimes) &&
- in_array(
- $type,
- is_string(static::$mimes[$proposedExtension])
- ? [static::$mimes[$proposedExtension]]
- : static::$mimes[$proposedExtension],
- true,
- )
- ) {
- // The detected mime type matches with the proposed extension.
- return $proposedExtension;
- }
-
// Reverse check the mime type list if no extension was proposed.
// This search is order sensitive!
foreach (static::$mimes as $ext => $types) {
- if (
- (is_string($types) && $types === $type) ||
- (is_array($types) && in_array($type, $types, true))
- ) {
+ if ((is_string($types) && $types === $type) || (is_array($types) && in_array($type, $types, true))) {
return $ext;
}
}
diff --git a/app/Config/Modules.php b/app/Config/Modules.php
index c87ce571585efbb466f796b8e84bb38dc08b4a6a..5fe2b53a27eb327eabbbd3aa620fcaa6e98f54e1 100644
--- a/app/Config/Modules.php
+++ b/app/Config/Modules.php
@@ -12,7 +12,7 @@ class Modules extends BaseModules
* --------------------------------------------------------------------------
*
* If true, then auto-discovery will happen across all elements listed in
- * $activeExplorers below. If false, no auto-discovery will happen at all,
+ * $aliases below. If false, no auto-discovery will happen at all,
* giving a slight performance boost.
*
* @var boolean
diff --git a/app/Config/Security.php b/app/Config/Security.php
index c5b533f77690818048aa1c9388a9ca3796840809..d0f31414b1951a69ed9e1a48b089f6ca0d4f7131 100644
--- a/app/Config/Security.php
+++ b/app/Config/Security.php
@@ -61,20 +61,4 @@ class Security extends BaseConfig
* Redirect to previous page with error on failure.
*/
public bool $redirect = true;
-
- /**
- * --------------------------------------------------------------------------
- * CSRF SameSite
- * --------------------------------------------------------------------------
- *
- * Setting for CSRF SameSite cookie token.
- *
- * Allowed values are: None - Lax - Strict - ''.
- *
- * Defaults to `Lax` as recommended in this link:
- * @see https://portswigger.net/web-security/csrf/samesite-cookies
- *
- * @var string 'Lax'|'None'|'Strict'
- */
- public string $samesite = 'Lax';
}
diff --git a/app/Views/errors/html/debug.css b/app/Views/errors/html/debug.css
index ec6dc81fea0fd31dff3122e3e0d5fa27f6803005..2ef4358315a9b90f030f226e3babea73e0cb3150 100644
--- a/app/Views/errors/html/debug.css
+++ b/app/Views/errors/html/debug.css
@@ -1,8 +1,19 @@
+:root {
+ --main-bg-color: #fff;
+ --main-text-color: #555;
+ --dark-text-color: #222;
+ --light-text-color: #c7c7c7;
+ --brand-primary-color: #e06e3f;
+ --light-bg-color: #ededee;
+ --dark-bg-color: #404040;
+}
+
body {
height: 100%;
- background: #fafafa;
- font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
- color: #777;
+ background: var(--main-bg-color);
+ font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial,
+ sans-serif, "Apple Color Emoji", "Segoe UI Emoji";
+ color: var(--main-text-color);
font-weight: 300;
margin: 0;
padding: 0;
@@ -11,7 +22,7 @@ h1 {
font-weight: lighter;
letter-spacing: 0.8;
font-size: 3rem;
- color: #222;
+ color: var(--dark-text-color);
margin: 0;
}
h1.headline {
@@ -30,11 +41,15 @@ p.lead {
padding: 1rem;
}
.header {
- background: #85271f;
- color: #fff;
+ background: var(--light-bg-color);
+ color: var(--dark-text-color);
+}
+.header .container {
+ padding: 1rem 1.75rem 1.75rem 1.75rem;
}
.header h1 {
- color: #fff;
+ font-size: 2.5rem;
+ font-weight: 500;
}
.header p {
font-size: 1.2rem;
@@ -42,7 +57,7 @@ p.lead {
line-height: 2.5;
}
.header a {
- color: rgba(255, 255, 255, 0.5);
+ color: var(--brand-primary-color);
margin-left: 2rem;
display: none;
text-decoration: none;
@@ -51,6 +66,10 @@ p.lead {
display: inline;
}
+.footer {
+ background: var(--dark-bg-color);
+ color: var(--light-text-color);
+}
.footer .container {
border-top: 1px solid #e7e7e7;
margin-top: 1rem;
@@ -58,11 +77,12 @@ p.lead {
}
.source {
- background: #333;
- color: #c7c7c7;
+ background: #343434;
+ color: var(--light-text-color);
padding: 0.5em 1em;
border-radius: 5px;
font-family: Menlo, Monaco, Consolas, "Courier New", monospace;
+ font-size: 0.85rem;
margin: 0;
overflow-x: scroll;
}
@@ -74,8 +94,8 @@ p.lead {
}
.source .line .highlight {
display: block;
- background: #555;
- color: #fff;
+ background: var(--dark-text-color);
+ color: var(--light-text-color);
}
.source span.highlight .number {
color: #fff;
@@ -96,24 +116,25 @@ p.lead {
padding: 0rem 1rem;
line-height: 2.7;
text-decoration: none;
- color: #a7a7a7;
- background: #f1f1f1;
- border: 1px solid #e7e7e7;
+ color: var(--dark-text-color);
+ background: var(--light-bg-color);
+ border: 1px solid rgba(0, 0, 0, 0.15);
border-bottom: 0;
border-top-left-radius: 5px;
border-top-right-radius: 5px;
display: inline-block;
}
.tabs a:hover {
- background: #e7e7e7;
- border-color: #e1e1e1;
+ background: var(--light-bg-color);
+ border-color: rgba(0, 0, 0, 0.15);
}
.tabs a.active {
- background: #fff;
+ background: var(--main-bg-color);
+ color: var(--main-text-color);
}
.tab-content {
- background: #fff;
- border: 1px solid #efefef;
+ background: var(--main-bg-color);
+ border: 1px solid rgba(0, 0, 0, 0.15);
}
.content {
padding: 1rem;
@@ -167,7 +188,7 @@ td pre {
font-weight: bold;
}
.trace td {
- background: #e7e7e7;
+ background: var(--light-bg-color);
padding: 0 1rem;
}
.trace td pre {
diff --git a/app/Views/errors/html/error_exception.php b/app/Views/errors/html/error_exception.php
index 815f79904576e43b13ed1ef5ad18ed0e8a88206e..845953b1b63772aa94011b1b80aef87e440b7a04 100644
--- a/app/Views/errors/html/error_exception.php
+++ b/app/Views/errors/html/error_exception.php
@@ -1,10 +1,9 @@
<?php
-use Config\Services;
use CodeIgniter\CodeIgniter;
+use Config\Services;
-$errorId = uniqid('error', true);
-?>
+$errorId = uniqid('error', true); ?>
<!doctype html>
<html>
@@ -14,11 +13,7 @@ $errorId = uniqid('error', true);
<title><?= esc($title) ?></title>
<style type="text/css">
- <?= preg_replace(
- '~[\r\n\t ]+~',
- ' ',
- file_get_contents(__DIR__ . DIRECTORY_SEPARATOR . 'debug.css'),
- ) ?>
+ <?= preg_replace('~[\r\n\t ]+~', ' ', file_get_contents(__DIR__ . DIRECTORY_SEPARATOR . 'debug.css')) ?>
</style>
<script type="text/javascript">
@@ -31,28 +26,21 @@ $errorId = uniqid('error', true);
<!-- Header -->
<div class="header">
<div class="container">
- <h1><?= esc($title),
- esc($exception->getCode() ? ' #' . $exception->getCode() : '') ?></h1>
+ <h1><?= esc($title), esc($exception->getCode() ? ' #' . $exception->getCode() : '') ?></h1>
<p>
- <?= esc($exception->getMessage()) ?>
- <a href="https://www.google.com/search?q=<?= urlencode(
- $title .
- ' ' .
- preg_replace('~\'.*\'|".*"~Us', '', $exception->getMessage()),
- ) ?>" rel="noreferrer" target="_blank">search →</a>
+ <?= nl2br(esc($exception->getMessage())) ?>
+ <a href="https://www.duckduckgo.com/?q=<?= urlencode($title . ' ' . preg_replace('~\'.*\'|".*"~Us', '', $exception->getMessage())) ?>" rel="noreferrer" target="_blank">search →</a>
</p>
</div>
</div>
<!-- Source -->
<div class="container">
- <p><b><?= esc(static::cleanPath($file, $line)) ?></b> at line <b><?= esc(
- $line,
-) ?></b></p>
+ <p><b><?= esc(static::cleanPath($file, $line)) ?></b> at line <b><?= esc($line) ?></b></p>
<?php if (is_file($file)): ?>
<div class="source">
- <?= static::highlightFile($file, $line, 15) ?>
+ <?= static::highlightFile($file, $line, 15); ?>
</div>
<?php endif; ?>
</div>
@@ -66,7 +54,6 @@ $errorId = uniqid('error', true);
<li><a href="#response">Response</a></li>
<li><a href="#files">Files</a></li>
<li><a href="#memory">Memory</a></li>
- </li>
</ul>
<div class="tab-content">
@@ -81,56 +68,41 @@ $errorId = uniqid('error', true);
<p>
<!-- Trace info -->
<?php if (isset($row['file']) && is_file($row['file'])): ?>
- <?php if (
- isset($row['function']) &&
- in_array(
- $row['function'],
- ['include', 'include_once', 'require', 'require_once'],
- true,
- )
- ) {
- echo esc($row['function'] . ' ' . static::cleanPath($row['file']));
- } else {
- echo esc(static::cleanPath($row['file']) . ' : ' . $row['line']);
- } ?>
+ <?php
+ if (isset($row['function']) && in_array($row['function'], ['include', 'include_once', 'require', 'require_once'], true)) {
+ echo esc($row['function'] . ' ' . static::cleanPath($row['file']));
+ } else {
+ echo esc(static::cleanPath($row['file']) . ' : ' . $row['line']);
+ }
+ ?>
<?php else: ?>
{PHP internal code}
<?php endif; ?>
<!-- Class/Method -->
- <?php if (isset($row['class'])): ?>
- — <?= esc(
- $row['class'] . $row['type'] . $row['function'],
- ) ?>
- <?php if (array_key_exists('args', $row)): ?>
- <?php $argsId = $errorId . 'args' . $index; ?>
- ( <a href="#" onclick="return toggle('<?= esc(
- $argsId,
- 'attr',
- ) ?>');">arguments</a> )
- <div class="args" id="<?= esc($argsId, 'attr') ?>">
+ <?php if (isset($row['class'])) : ?>
+ — <?= esc($row['class'] . $row['type'] . $row['function']) ?>
+ <?php if (!empty($row['args'])) : ?>
+ <?php $args_id = $errorId . 'args' . $index ?>
+ ( <a href="#" onclick="return toggle('<?= esc($args_id, 'attr') ?>');">arguments</a> )
+ <div class="args" id="<?= esc($args_id, 'attr') ?>">
<table cellspacing="0">
<?php
- $params = null;
- // Reflection by name is not available for closure function
- if (substr($row['function'], -1) !== '}') {
- $mirror = isset($row['class'])
- ? new ReflectionMethod($row['class'], $row['function'])
- : new ReflectionFunction($row['function']);
- $params = $mirror->getParameters();
- }
- foreach ($row['args'] as $key => $value): ?>
+ $params = null;
+ // Reflection by name is not available for closure function
+ if (substr($row['function'], -1) !== '}') {
+ $mirror = isset($row['class']) ? new ReflectionMethod($row['class'], $row['function']) : new ReflectionFunction($row['function']);
+ $params = $mirror->getParameters();
+ }
+ foreach ($row['args'] as $key => $value): ?>
<tr>
- <td><code><?= esc(
- isset($params[$key]) ? '$' . $params[$key]->name : "#{$key}",
- ) ?></code></td>
+ <td><code><?= esc(isset($params[$key]) ? '$' . $params[$key]->name : "#{$key}") ?></code></td>
<td>
<pre><?= esc(print_r($value, true)) ?></pre>
</td>
</tr>
- <?php endforeach;
- ?>
+ <?php endforeach; ?>
</table>
</div>
@@ -145,11 +117,7 @@ $errorId = uniqid('error', true);
</p>
<!-- Source? -->
- <?php if (
- isset($row['file']) &&
- is_file($row['file']) &&
- isset($row['class'])
- ): ?>
+ <?php if (isset($row['file']) && is_file($row['file']) && isset($row['class'])): ?>
<div class="source">
<?= static::highlightFile($row['file'], $row['line']) ?>
</div>
@@ -165,8 +133,8 @@ $errorId = uniqid('error', true);
<div class="content" id="server">
<?php foreach (['_SERVER', '_SESSION'] as $var): ?>
<?php if (empty($GLOBALS[$var]) || !is_array($GLOBALS[$var])) {
- continue;
- } ?>
+ continue;
+ } ?>
<h3>$<?= esc($var) ?></h3>
@@ -267,8 +235,8 @@ $errorId = uniqid('error', true);
<?php $empty = true; ?>
<?php foreach (['_GET', '_POST', '_COOKIE'] as $var): ?>
<?php if (empty($GLOBALS[$var]) || !is_array($GLOBALS[$var])) {
- continue;
- } ?>
+ continue;
+ } ?>
<?php $empty = false; ?>
@@ -322,12 +290,12 @@ $errorId = uniqid('error', true);
<tbody>
<?php foreach ($headers as $value): ?>
<?php if (empty($value)) {
- continue;
- } ?>
+ continue;
+ } ?>
<?php if (!is_array($value)) {
- $value = [$value];
- } ?>
- <?php foreach ($value as $h): ?>
+ $value = [$value];
+ } ?>
+ <?php foreach ($value as $h) : ?>
<tr>
<td><?= esc($h->getName(), 'html') ?></td>
<td><?= esc($h->getValueLine(), 'html') ?></td>
@@ -342,9 +310,9 @@ $errorId = uniqid('error', true);
<!-- Response -->
<?php
- $response = Services::response();
- $response->setStatusCode(http_response_code());
- ?>
+ $response = Services::response();
+ $response->setStatusCode(http_response_code());
+ ?>
<div class="content" id="response">
<table>
<tr>
diff --git a/env b/env
index 5893f099d66d20906b373e33c06a41963ee0b136..1106ce46f932ccf9fbc4117779f2c9fccb89bb2c 100644
--- a/env
+++ b/env
@@ -25,26 +25,12 @@
# app.sessionDriver = 'CodeIgniter\Session\Handlers\FileHandler'
# app.sessionCookieName = 'ci_session'
+# app.sessionExpiration = 7200
# app.sessionSavePath = NULL
# app.sessionMatchIP = false
# app.sessionTimeToUpdate = 300
# app.sessionRegenerateDestroy = false
-# app.cookiePrefix = ''
-# app.cookieDomain = ''
-# app.cookiePath = '/'
-# app.cookieSecure = false
-# app.cookieHTTPOnly = false
-# app.cookieSameSite = 'Lax'
-
-# app.CSRFProtection = false
-# app.CSRFTokenName = 'csrf_test_name'
-# app.CSRFCookieName = 'csrf_cookie_name'
-# app.CSRFExpire = 7200
-# app.CSRFRegenerate = true
-# app.CSRFExcludeURIs = []
-# app.CSRFSameSite = 'Lax'
-
# app.CSPEnabled = false
#--------------------------------------------------------------------
@@ -56,12 +42,14 @@
# database.default.username = root
# database.default.password = root
# database.default.DBDriver = MySQLi
+# database.default.DBPrefix =
# database.tests.hostname = localhost
# database.tests.database = ci4
# database.tests.username = root
# database.tests.password = root
# database.tests.DBDriver = MySQLi
+# database.tests.DBPrefix =
#--------------------------------------------------------------------
# CONTENT SECURITY POLICY
@@ -78,6 +66,7 @@
# contentsecuritypolicy.fontSrc = null
# contentsecuritypolicy.formAction = null
# contentsecuritypolicy.frameAncestors = null
+# contentsecuritypolicy.frameSrc = null
# contentsecuritypolicy.mediaSrc = null
# contentsecuritypolicy.objectSrc = null
# contentsecuritypolicy.pluginTypes = null
@@ -85,6 +74,19 @@
# contentsecuritypolicy.sandbox = false
# contentsecuritypolicy.upgradeInsecureRequests = false
+#--------------------------------------------------------------------
+# COOKIE
+#--------------------------------------------------------------------
+
+# cookie.prefix = ''
+# cookie.expires = 0
+# cookie.path = '/'
+# cookie.domain = ''
+# cookie.secure = false
+# cookie.httponly = false
+# cookie.samesite = 'Lax'
+# cookie.raw = false
+
#--------------------------------------------------------------------
# ENCRYPTION
#--------------------------------------------------------------------
@@ -108,16 +110,16 @@
# SECURITY
#--------------------------------------------------------------------
-# security.tokenName = 'csrf_token_name'
+# security.tokenName = 'csrf_token_name'
# security.headerName = 'X-CSRF-TOKEN'
# security.cookieName = 'csrf_cookie_name'
-# security.expires = 7200
+# security.expires = 7200
# security.regenerate = true
-# security.redirect = true
-# security.samesite = 'Lax'
+# security.redirect = true
+# security.samesite = 'Lax'
#--------------------------------------------------------------------
# LOGGER
#--------------------------------------------------------------------
-# logger.threshold = 4
\ No newline at end of file
+# logger.threshold = 4
diff --git a/public/.htaccess b/public/.htaccess
index 4ae666b78b9a3d911e1559e46af716737bf1c36c..a5d6c2a541286ca75c7d65fb6ac5944dfd123bd6 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -1,21 +1,49 @@
# Disable directory browsing
Options All -Indexes
-# Disable server signature
-ServerSignature Off
+# ----------------------------------------------------------------------
+# Rewrite engine
+# ----------------------------------------------------------------------
+# Turning on the rewrite engine is necessary for the following rules and features.
+# FollowSymLinks must be enabled for this to work.
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
- RewriteCond %{REQUEST_FILENAME} -s [OR]
- RewriteCond %{REQUEST_FILENAME} -l [OR]
- RewriteCond %{REQUEST_FILENAME} -d
- RewriteRule ^.*$ - [NC,L]
- RewriteRule ^.*$ index.php [NC,L]
+
+ # If you installed CodeIgniter in a subfolder, you will need to
+ # change the following line to match the subfolder you need.
+ # http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
+ # RewriteBase /
+
+ # Redirect Trailing Slashes...
+ RewriteCond %{REQUEST_FILENAME} !-d
+ RewriteCond %{REQUEST_URI} (.+)/$
+ RewriteRule ^ %1 [L,R=301]
+
+ # Rewrite "www.example.com -> example.com"
+ RewriteCond %{HTTPS} !=on
+ RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
+ RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
+
+ # Checks to see if the user is attempting to access a valid file,
+ # such as an image or css document, if this isn't true it sends the
+ # request to the front controller, index.php
+ RewriteCond %{REQUEST_FILENAME} !-f
+ RewriteCond %{REQUEST_FILENAME} !-d
+ RewriteRule ^([\s\S]*)$ index.php/$1 [L,NC,QSA]
+
+ # Ensure Authorization header is passed along
+ RewriteCond %{HTTP:Authorization} .
+ RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
- ErrorDocument 404 /index.php
+ ErrorDocument 404 index.php
</IfModule>
+
+# Disable server signature start
+ ServerSignature Off
+# Disable server signature end
diff --git a/public/index.php b/public/index.php
index 3ae1e59b7429843dfe58424f349210f44a53e4b5..752c63dbde5ea5255f15ff4f3f6801ab2c5164d8 100644
--- a/public/index.php
+++ b/public/index.php
@@ -2,16 +2,6 @@
use Config\Paths;
-// Valid PHP Version?
-$minPHPVersionId = 80000; // 8.0
-if ($minPHPVersionId > PHP_VERSION_ID) {
- die(
- 'Your PHP version must be 8.0 or higher to run Castopod Host. Current version: ' .
- PHP_VERSION
- );
-}
-unset($minPHPVersion);
-
// Path to the front controller (this file)
define('FCPATH', __DIR__ . DIRECTORY_SEPARATOR);
@@ -29,17 +19,12 @@ chdir(__DIR__);
// Load our paths config file
// This is the line that might need to be changed, depending on your folder structure.
-require realpath(FCPATH . '../app/Config/Paths.php') ?:
- FCPATH . '../app/Config/Paths.php';
-// ^^^ Change this if you move your application folder
+require realpath(FCPATH . '../app/Config/Paths.php') ?: FCPATH . '../app/Config/Paths.php';
$paths = new Paths();
// Location of the framework bootstrap file.
-$bootstrap =
- rtrim($paths->systemDirectory, '\\/ ') .
- DIRECTORY_SEPARATOR .
- 'bootstrap.php';
+$bootstrap = rtrim($paths->systemDirectory, '\\/ ') . DIRECTORY_SEPARATOR . 'bootstrap.php';
$app = require realpath($bootstrap) ?: $bootstrap;
/*
diff --git a/spark b/spark
index 6446786fd6cca54fa775d839c9b850c0f5dff734..c4ad645a366ba4a0204246d4d1131ad957583e0c 100644
--- a/spark
+++ b/spark
@@ -1,14 +1,5 @@
#!/usr/bin/env php
<?php
-// Valid PHP Version?
-$minPHPVersion = "8.0";
-if (version_compare(PHP_VERSION, $minPHPVersion, "<")) {
- die(
- "Your PHP version must be {$minPHPVersion} or higher to run CodeIgniter. Current version: " .
- PHP_VERSION
- );
-}
-unset($minPHPVersion);
/*
* --------------------------------------------------------------------
@@ -21,7 +12,7 @@ unset($minPHPVersion);
* this class mainly acts as a passthru to the framework itself.
*/
-define("SPARKED", true);
+define('SPARKED', true);
/*
*---------------------------------------------------------------
@@ -33,20 +24,16 @@ define("SPARKED", true);
*/
// Refuse to run when called from php-cgi
-if (strpos(PHP_SAPI, "cgi") === 0) {
- die(
- "The cli tool is not supported when running php-cgi. It needs php-cli to function!\n\n"
- );
+if (strpos(PHP_SAPI, 'cgi') === 0)
+{
+ die("The cli tool is not supported when running php-cgi. It needs php-cli to function!\n\n");
}
// Path to the front controller
-define(
- "FCPATH",
- __DIR__ . DIRECTORY_SEPARATOR . "public" . DIRECTORY_SEPARATOR
-);
+define('FCPATH', __DIR__ . DIRECTORY_SEPARATOR . 'public' . DIRECTORY_SEPARATOR);
// Load our paths config file
-require realpath("app/Config/Paths.php") ?: "app/Config/Paths.php";
+require realpath('app/Config/Paths.php') ?: 'app/Config/Paths.php';
// ^^^ Change this line if you move your application folder
$paths = new Config\Paths();
@@ -54,25 +41,28 @@ $paths = new Config\Paths();
// Ensure the current directory is pointing to the front controller's directory
chdir(FCPATH);
-$bootstrap =
- rtrim($paths->systemDirectory, "\\/ ") .
- DIRECTORY_SEPARATOR .
- "bootstrap.php";
-$app = require realpath($bootstrap) ?: $bootstrap;
+$bootstrap = rtrim($paths->systemDirectory, '\\/ ') . DIRECTORY_SEPARATOR . 'bootstrap.php';
+$app = require realpath($bootstrap) ?: $bootstrap;
// Grab our Console
$console = new CodeIgniter\CLI\Console($app);
// We want errors to be shown when using it from the CLI.
error_reporting(-1);
-ini_set("display_errors", "1");
+ini_set('display_errors', '1');
// Show basic information before we do anything else.
-$console->showHeader();
+if (is_int($suppress = array_search('--no-header', $_SERVER['argv'], true)))
+{
+ unset($_SERVER['argv'][$suppress]); // @codeCoverageIgnore
+ $suppress = true;
+}
+
+$console->showHeader($suppress);
// fire off the command in the main framework.
$response = $console->run();
-if ($response->getStatusCode() >= 300) {
- exit($response->getStatusCode());
+if ($response->getStatusCode() >= 300)
+{
+ exit($response->getStatusCode());
}
-