summaryrefslogtreecommitdiffstats
path: root/user_guide
diff options
context:
space:
mode:
authorPhil Sturgeon <email@philsturgeon.co.uk>2011-03-10 17:39:06 +0100
committerPhil Sturgeon <email@philsturgeon.co.uk>2011-03-10 17:39:06 +0100
commit65f6ad4aadd208f3c27d3064508a5eac3fa52fc6 (patch)
tree15e63e02b3dc192116167fd47be9a599a0c91176 /user_guide
parent133beafd1746b0f5fa06794fd183289d43defdbe (diff)
parente8f5890e4b7eb52ed4d905a225c3bf985f397439 (diff)
Automated merge with http://hg.ellislab.com/CodeIgniter-Reactor
Diffstat (limited to 'user_guide')
-rw-r--r--user_guide/changelog.html3
-rw-r--r--user_guide/general/environments.html126
-rw-r--r--user_guide/general/security.html17
-rw-r--r--user_guide/installation/index.html6
-rw-r--r--user_guide/libraries/config.html41
-rw-r--r--user_guide/nav/nav.js1
6 files changed, 183 insertions, 11 deletions
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 44c07b7ac..69dc676e6 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -68,6 +68,9 @@ Hg Tag: n/a</p>
<ul>
<li>Added <kbd>$config['cookie_secure']</kbd> to the config file to allow requiring a secure (HTTPS) in order to set cookies.</li>
<li class="reactor">Added the constant <kbd>CI_CORE</kbd> to help differentiate between Core: TRUE and Reactor: FALSE.</li>
+ <li class="reactor">Added an <kbd>ENVIRONMENT</kbd> constant in index.php, which affects PHP error reporting settings, and optionally,
+ which configuration files are loaded (see below). Read more on the <a href="general/environments.html">Handling Environments</a> page.</li>
+ <li class="reactor">Added support for <a href="libraries/config.html#environments">environment-specific</a> configuration files.</li>
</ul>
</li>
<li>Libraries
diff --git a/user_guide/general/environments.html b/user_guide/general/environments.html
new file mode 100644
index 000000000..690c14c2c
--- /dev/null
+++ b/user_guide/general/environments.html
@@ -0,0 +1,126 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>Creating Libraries : CodeIgniter User Guide</title>
+
+<style type='text/css' media='all'>@import url('../userguide.css');</style>
+<link rel='stylesheet' type='text/css' media='all' href='../userguide.css' />
+
+<script type="text/javascript" src="../nav/nav.js"></script>
+<script type="text/javascript" src="../nav/prototype.lite.js"></script>
+<script type="text/javascript" src="../nav/moo.fx.js"></script>
+<script type="text/javascript" src="../nav/user_guide_menu.js"></script>
+
+<meta http-equiv='expires' content='-1' />
+<meta http-equiv= 'pragma' content='no-cache' />
+<meta name='robots' content='all' />
+<meta name='author' content='ExpressionEngine Dev Team' />
+<meta name='description' content='CodeIgniter User Guide' />
+
+</head>
+<body>
+
+<!-- START NAVIGATION -->
+<div id="nav"><div id="nav_inner"><script type="text/javascript">create_menu('../');</script></div></div>
+<div id="nav2"><a name="top"></a><a href="javascript:void(0);" onclick="myHeight.toggle();"><img src="../images/nav_toggle_darker.jpg" width="154" height="43" border="0" title="Toggle Table of Contents" alt="Toggle Table of Contents" /></a></div>
+<div id="masthead">
+<table cellpadding="0" cellspacing="0" border="0" style="width:100%">
+<tr>
+<td><h1>CodeIgniter User Guide Version 2.0.0</h1></td>
+<td id="breadcrumb_right"><a href="../toc.html">Table of Contents Page</a></td>
+</tr>
+</table>
+</div>
+<!-- END NAVIGATION -->
+
+
+<!-- START BREADCRUMB -->
+<table cellpadding="0" cellspacing="0" border="0" style="width:100%">
+<tr>
+<td id="breadcrumb">
+<a href="http://codeigniter.com/">CodeIgniter Home</a> &nbsp;&#8250;&nbsp;
+<a href="../index.html">User Guide Home</a> &nbsp;&#8250;&nbsp;
+Creating Libraries
+</td>
+<td id="searchbox"><form method="get" action="http://www.google.com/search"><input type="hidden" name="as_sitesearch" id="as_sitesearch" value="codeigniter.com/user_guide/" />Search User Guide&nbsp; <input type="text" class="input" style="width:200px;" name="q" id="q" size="31" maxlength="255" value="" />&nbsp;<input type="submit" class="submit" name="sa" value="Go" /></form></td>
+</tr>
+</table>
+<!-- END BREADCRUMB -->
+
+<br clear="all" />
+
+
+<!-- START CONTENT -->
+<div id="content">
+
+<h1>Handling Multiple Environments</h1>
+
+<p>
+ Developers often desire different system behavior depending on whether
+ an application is running in a development or production
+ environment. For example, verbose error output is something that would
+ be useful while developing an application, but it may also pose a security issue when "live".
+</p>
+
+<h2>The ENVIRONMENT Constant</h2>
+
+<p>
+ By default, CodeIgniter comes with the environment constant set to
+ '<kbd>development</kbd>'. At the top of index.php, you will see:
+</p>
+
+<code>
+define('<var>ENVIRONMENT</var>', '<var>development</var>');
+</code>
+
+<p>
+ In addition to affecting some basic framework behavior (see the next section),
+ you may use this constant in your own development to differentiate
+ between which environment you are running in.
+</p>
+
+<h2>Effects On Default Framework Behavior</h2>
+
+<p>
+ There are some places in the CodeIgniter system where the <kbd>ENVIRONMENT</kbd>
+ constant is used. This section describes how default framework behavior is
+ affected.
+</p>
+
+<h3>Error Reporting</h3>
+
+<p>
+ Setting the <kbd>ENVIRONMENT</kbd> constant to a value of '<kbd>development</kbd>' will
+ cause all PHP errors to be rendered to the browser when they occur. Conversely,
+ setting the constant to '<kbd>production</kbd>' will disable all error output. Disabling
+ error reporting in production is a <a href="security.html">good security practice</a>.
+</p>
+
+<h3>Configuration Files</h3>
+
+<p>
+ Optionally, you can have CodeIgniter load environment-specific
+ configuration files. This may be useful for managing things like differing API keys
+ across multiple environments. This is described in more detail in the
+ environment section of the <a href="../libraries/config.html#environments">Config Class</a> documentation.
+</p>
+
+</div>
+<!-- END CONTENT -->
+
+
+<div id="footer">
+<p>
+Previous Topic:&nbsp;&nbsp;<a href="libraries.html">Using CodeIgniter Libraries</a>
+&nbsp;&nbsp;&nbsp;&middot;&nbsp;&nbsp;
+<a href="#top">Top of Page</a>&nbsp;&nbsp;&nbsp;&middot;&nbsp;&nbsp;
+<a href="../index.html">User Guide Home</a>&nbsp;&nbsp;&nbsp;&middot;&nbsp;&nbsp;
+Next Topic:&nbsp;&nbsp;<a href="drivers.html">Using CodeIgniter Drivers</a>
+</p>
+<p><a href="http://codeigniter.com">CodeIgniter</a> &nbsp;&middot;&nbsp; Copyright &#169; 2006 - 2011 &nbsp;&middot;&nbsp; <a href="http://ellislab.com/">EllisLab, Inc.</a></p>
+</div>
+
+</body>
+</html> \ No newline at end of file
diff --git a/user_guide/general/security.html b/user_guide/general/security.html
index 8cb6b8041..c47b5b25e 100644
--- a/user_guide/general/security.html
+++ b/user_guide/general/security.html
@@ -87,6 +87,23 @@ array is <strong>unset</strong> by the Input class during system initialization.
<p>During system initialization all global variables are unset, except those found in the $_POST and $_COOKIE arrays. The unsetting
routine is effectively the same as register_globals = off.</p>
+<a name="error_reporting"></a>
+<h2>error_reporting</h2>
+
+<p>
+ In production environments, it is typically desirable to disable PHP's
+ error reporting by setting the internal error_reporting flag to a value of 0. This disables native PHP
+ errors from being rendered as output, which may potentially contain
+ sensitive information.
+</p>
+
+<p>
+ Setting CodeIgniter's <kbd>ENVIRONMENT</kbd> constant in index.php to a
+ value of '<kbd>production</kbd>' will turn off these errors. In development
+ mode, it is recommended that a value of '<kbd>development</kbd>' is used.
+ More information about differentiating between environments can be found
+ on the <a href="environments.html">Handling Environments</a> page.
+</p>
<h2>magic_quotes_runtime</h2>
diff --git a/user_guide/installation/index.html b/user_guide/installation/index.html
index 4c6c7c62e..5d26a42ec 100644
--- a/user_guide/installation/index.html
+++ b/user_guide/installation/index.html
@@ -74,6 +74,12 @@ variables at the top of the file with the new name you've chosen.</p>
<p>After moving them, open your main <kdb>index.php</kbd> file and set the <samp>$system_folder</samp> and <samp>$application_folder</samp> variables, preferably with a full path, e.g. '<dfn>/www/MyUser/system</dfn>'.</p>
+<p>
+ One additional measure to take in production environments is to disable
+ PHP error reporting and any other development-only functionality. In CodeIgniter,
+ this can be done by setting the <kbd>ENVIRONMENT</kbd> constant, which is
+ more fully described on the <a href="../general/security.html">security page</a>.
+</p>
<p>That's it!</p>
diff --git a/user_guide/libraries/config.html b/user_guide/libraries/config.html
index 91b349a92..71c68332c 100644
--- a/user_guide/libraries/config.html
+++ b/user_guide/libraries/config.html
@@ -150,23 +150,42 @@ $site_name = $blog_config['site_name'];</code>
<p>Where <var>item_name</var> is the $config array index you want to change, and <var>item_value</var> is its value.</p>
+<a name="environments"></a>
<h2>Environments</h2>
-<p>You can set the environment of you application and load config items depending on the current environment. It also disables PHP from displaying errors in environments other than development. To set your environment, open <strong>index.php</strong>, located at the root and change the <var>ENVIRONMENT</var> constant. By default, there is support for a development, test and production environment.</p>
-
-<code>
-define('<var>ENVIRONMENT</var>', '<var>development</var>');
-</code>
+<p>
+ You may load different configuration files depending on the current environment.
+ The <kbd>ENVIRONMENT</kbd> constant is defined in index.php, and is described
+ in detail in the <a href="../general/environments.html">Handling Environments</a>
+ section.
+</p>
+
+<p>
+ To create an environment-specific configuration file,
+ create or copy a configuration file in application/config/{ENVIRONMENT}/{FILENAME}.php
+</p>
+
+<p>For example, to create a production-only config.php, you would:</p>
+
+<ol>
+ <li>Create the directory application/config/production/</li>
+ <li>Copy your existing config.php into the above directory</li>
+ <li>Edit application/config/production/config.php so it contains your production settings</li>
+</ol>
+
+<p>
+ When you set the <kbd>ENVIRONMENT</kbd> constant to 'production', the settings
+ for your new production-only config.php will be loaded.
+</p>
-<p>To make a config file environment-aware, copy the file from <samp>application/config/</samp> to <samp>application/config/development/</samp>, depending on the environment the config file belongs to. You can place the following configuration files in environment folders:</p>
+<p>You can place the following configuration files in environment-specific folders:</p>
<ul>
-<li>Default config files</li>
-<li>Database config files</li>
-<li>Custom config files</li>
+<li>Default CodeIgniter configuration files</li>
+<li>Your own custom configuration files</li>
</ul>
-<p><strong>Note:</strong> CodeIgniter always tries to load the config file for the current environment first. If the file does not exist, the global config file (i.e. <samp>application/config/</samp>) is loaded. This means you are not obligated to place <strong>all</strong> your config files (but rather the files that change per environment) in an environment folder.</p>
+<p><strong>Note:</strong> CodeIgniter always tries to load the configuration files for the current environment first. If the file does not exist, the global config file (i.e., the one in <samp>application/config/</samp>) is loaded. This means you are not obligated to place <strong>all</strong> of your configuration files in an environment folder &minus; only the files that change per environment.</p>
<h2>Helper Functions</h2>
@@ -195,4 +214,4 @@ Next Topic:&nbsp;&nbsp;<a href="../database/index.html">Database Class</a>
</div>
</body>
-</html> \ No newline at end of file
+</html>
diff --git a/user_guide/nav/nav.js b/user_guide/nav/nav.js
index 8f16e275f..eaa5f6237 100644
--- a/user_guide/nav/nav.js
+++ b/user_guide/nav/nav.js
@@ -59,6 +59,7 @@ function create_menu(basepath)
'<li><a href="'+base+'general/caching.html">Caching</a></li>' +
'<li><a href="'+base+'general/profiling.html">Profiling Your Application</a></li>' +
'<li><a href="'+base+'general/managing_apps.html">Managing Applications</a></li>' +
+ '<li><a href="'+base+'general/environments.html">Handling Multiple Environments</a></li>' +
'<li><a href="'+base+'general/alternative_php.html">Alternative PHP Syntax</a></li>' +
'<li><a href="'+base+'general/security.html">Security</a></li>' +
'<li><a href="'+base+'general/styleguide.html">PHP Style Guide</a></li>' +