diff options
Diffstat (limited to 'application/config/config.php')
| -rw-r--r-- | application/config/config.php | 66 |
1 files changed, 45 insertions, 21 deletions
diff --git a/application/config/config.php b/application/config/config.php index 1e399590b..4f8f81406 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -11,10 +11,16 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | | http://example.com/ | -| If this is not set then CodeIgniter will try guess the protocol, domain -| and path to your installation. However, you should always configure this -| explicitly and never rely on auto-guessing, especially in production -| environments. +| WARNING: You MUST set this value! +| +| If it is not set, then CodeIgniter will try guess the protocol and path +| your installation, but due to security concerns the hostname will be set +| to $_SERVER['SERVER_ADDR'] if available, or localhost otherwise. +| The auto-detection mechanism exists only for convenience during +| development and MUST NOT be used in production! +| +| If you need to allow multiple domains, remember that this file is still +| a PHP script and you can easily do that on your own. | */ $config['base_url'] = ''; @@ -37,17 +43,16 @@ $config['index_page'] = 'index.php'; |-------------------------------------------------------------------------- | | This item determines which server global should be used to retrieve the -| URI string. The default setting of 'AUTO' works for most servers. +| URI string. The default setting of 'REQUEST_URI' works for most servers. | If your links do not seem to work, try one of the other delicious flavors: | -| 'AUTO' Default - auto detects -| 'CLI' or 'argv' Uses $_SERVER['argv'] (for php-cli only) -| 'PATH_INFO' Uses $_SERVER['PATH_INFO'] -| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] -| 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] +| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] +| 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] +| 'PATH_INFO' Uses $_SERVER['PATH_INFO'] | +| WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded! */ -$config['uri_protocol'] = 'AUTO'; +$config['uri_protocol'] = 'REQUEST_URI'; /* |-------------------------------------------------------------------------- @@ -59,7 +64,6 @@ $config['uri_protocol'] = 'AUTO'; | | http://codeigniter.com/user_guide/general/urls.html */ - $config['url_suffix'] = ''; /* @@ -156,7 +160,6 @@ $config['composer_autoload'] = FALSE; */ $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; - /* |-------------------------------------------------------------------------- | Enable Query Strings @@ -193,8 +196,6 @@ $config['directory_trigger'] = 'd'; | Error Logging Threshold |-------------------------------------------------------------------------- | -| If you have enabled error logging, you can set an error threshold to -| determine what gets logged. Threshold options are: | You can enable error logging by setting a threshold over zero. The | threshold determines what gets logged. Threshold options are: | @@ -204,7 +205,7 @@ $config['directory_trigger'] = 'd'; | 3 = Informational Messages | 4 = All Messages | -| You can also pass in a array with threshold levels to show individual error types +| You can also pass an array with threshold levels to show individual error types | | array(2) = Debug Messages, without Error Messages | @@ -289,8 +290,15 @@ $config['cache_path'] = ''; | Cache Include Query String |-------------------------------------------------------------------------- | -| Set this to TRUE if you want to use different cache files depending on the -| URL query string. Please be aware this might result in numerous cache files. +| Whether to take the URL query string into consideration when generating +| output cache files. Valid options are: +| +| FALSE = Disabled +| TRUE = Enabled, take all query parameters into account. +| Please be aware that this may result in numerous cache +| files generated for the same page over and over again. +| array('q') = Enabled, but only take into account the specified list +| of query parameters. | */ $config['cache_query_string'] = FALSE; @@ -328,9 +336,11 @@ $config['encryption_key'] = ''; | | 'sess_save_path' | -| The location to save sessions to, driver dependant. +| The location to save sessions to, driver dependent. | | For the 'files' driver, it's a path to a writable directory. +| WARNING: Only absolute paths are supported! +| | For the 'database' driver, it's a table name. | Please read up the manual for the format with other session drivers. | @@ -340,10 +350,19 @@ $config['encryption_key'] = ''; | | Whether to match the user's IP address when reading the session data. | +| WARNING: If you're using the database driver, don't forget to update +| your session table's PRIMARY KEY when changing this setting. +| | 'sess_time_to_update' | | How many seconds between CI regenerating the session ID. | +| 'sess_regenerate_destroy' +| +| Whether to destroy session data associated with the old session ID +| when auto-regenerating the session ID. When set to FALSE, the data +| will be later deleted by the garbage collector. +| | Other session cookie settings are shared with the rest of the application, | except for 'cookie_prefix' and 'cookie_httponly', which are ignored here. | @@ -354,6 +373,7 @@ $config['sess_expiration'] = 7200; $config['sess_save_path'] = NULL; $config['sess_match_ip'] = FALSE; $config['sess_time_to_update'] = 300; +$config['sess_regenerate_destroy'] = FALSE; /* |-------------------------------------------------------------------------- @@ -382,7 +402,7 @@ $config['cookie_httponly'] = FALSE; |-------------------------------------------------------------------------- | | Determines whether to standardize newline characters in input data, -| meaning to replace \r\n, \r, \n occurences with the PHP_EOL value. +| meaning to replace \r\n, \r, \n occurrences with the PHP_EOL value. | | This is particularly useful for portability between UNIX-based OSes, | (usually \n) and Windows (\r\n). @@ -398,6 +418,9 @@ $config['standardize_newlines'] = FALSE; | Determines whether the XSS filter is always active when GET, POST or | COOKIE data is encountered | +| WARNING: This feature is DEPRECATED and currently available only +| for backwards compatibility purposes! +| */ $config['global_xss_filtering'] = FALSE; @@ -466,10 +489,11 @@ $config['time_reference'] = 'local'; | can rewrite the tags on-the-fly, enabling you to utilize that syntax | in your view files. Options are TRUE or FALSE (boolean) | +| Note: You need to have eval() enabled for this to work. +| */ $config['rewrite_short_tags'] = FALSE; - /* |-------------------------------------------------------------------------- | Reverse Proxy IPs |