From aeb2c3e532e78be9ac78ba6fd4a305b7be31d2ab Mon Sep 17 00:00:00 2001 From: Alex Bilbie Date: Sun, 21 Aug 2011 16:14:54 +0100 Subject: Added new config parameter "csrf_exclude_uris" which allows for URIs to be whitelisted from CSRF verification. Fixes #149 --- application/config/config.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 1ec65435e..b64b11669 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -292,11 +292,13 @@ $config['global_xss_filtering'] = FALSE; | 'csrf_token_name' = The token name | 'csrf_cookie_name' = The cookie name | 'csrf_expire' = The number in seconds the token should expire. +| 'csrf_exclude_uris' = Array of URIs which ignore CSRF checks */ $config['csrf_protection'] = FALSE; $config['csrf_token_name'] = 'csrf_test_name'; $config['csrf_cookie_name'] = 'csrf_cookie_name'; $config['csrf_expire'] = 7200; +$config['csrf_exclude_uris'] = array(); /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 333f9f98edeb11915c168ea4a05b9b76d64d9576 Mon Sep 17 00:00:00 2001 From: Nithin Date: Sun, 21 Aug 2011 16:52:06 -0400 Subject: added ability to log certain error types, not all under a threshold --- application/config/config.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 1ec65435e..7554f994a 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -176,6 +176,10 @@ $config['directory_trigger'] = 'd'; // experimental not currently in use | 3 = Informational Messages | 4 = All Messages | +| You can also pass in a array with threshold levels to show individual error types +| +| array(2) = Debug Messages, without Error Messages +| | For a live site you'll usually only enable Errors (1) to be logged otherwise | your log files will fill up very fast. | -- cgit v1.2.3-24-g4f1b From 8cc0cfe1ab1e10aad71d14e0b43e05444c00693d Mon Sep 17 00:00:00 2001 From: freewil Date: Sat, 27 Aug 2011 21:53:00 -0400 Subject: always use charset config item --- application/config/config.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 880393c29..a6d10d8dc 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -79,6 +79,8 @@ $config['language'] = 'english'; | This determines which character set is used by default in various methods | that require a character set to be provided. | +| See http://php.net/htmlspecialchars for a list of supported charsets. +| */ $config['charset'] = 'UTF-8'; -- cgit v1.2.3-24-g4f1b From f4a4bd8fac188ebc9cda822ffc811c218fd92b45 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Thu, 20 Oct 2011 12:18:42 -0500 Subject: adding new license file (OSL 3.0) and updating readme to ReST added notice of license to all source files. OSL to all except the few files we ship inside of the application folder, those are AFL. Updated license in user guide. incrementing next dev version to 3.0 due to licensing change --- application/config/config.php | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index a6d10d8dc..de1edac54 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -1,4 +1,29 @@ Date: Fri, 21 Oct 2011 09:55:40 -0500 Subject: fixing typo in attribution block --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index de1edac54..808cc33bd 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -8,7 +8,7 @@ * * Licensed under the Academic Free License version 3.0 * - * This source file is subject to the Open Software License (OSL 3.0) that is + * This source file is subject to the Academic Free License (AFL 3.0) that is * bundled with this package in the files license_afl.txt / license_afl.rst. * It is also available through the world wide web at this URL: * http://opensource.org/licenses/AFL-3.0 -- cgit v1.2.3-24-g4f1b From 6a33e55ed119cea7763a8647d7ed4355951f9776 Mon Sep 17 00:00:00 2001 From: Kyle Ridolfo Date: Thu, 27 Oct 2011 15:40:06 -0300 Subject: Added links to the user guide for Encryption class and Session class. --- application/config/config.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 808cc33bd..063c3d5d1 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -253,6 +253,9 @@ $config['cache_path'] = ''; | | If you use the Encryption class or the Session class you | MUST set an encryption key. See the user guide for info. +| +| http://codeigniter.com/user_guide/libraries/encryption.html +| http://codeigniter.com/user_guide/libraries/sessions.html | */ $config['encryption_key'] = ''; -- cgit v1.2.3-24-g4f1b From 4b2e9fea1f34b4b2cff30b3211579e883b31005d Mon Sep 17 00:00:00 2001 From: RS71 Date: Sat, 31 Dec 2011 16:02:50 -0200 Subject: Update application/config/config.php --- application/config/config.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 063c3d5d1..70a9856fd 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -326,12 +326,14 @@ $config['global_xss_filtering'] = FALSE; | 'csrf_token_name' = The token name | 'csrf_cookie_name' = The cookie name | 'csrf_expire' = The number in seconds the token should expire. +| 'csrf_regenerate' = Regenerate token on every submission | 'csrf_exclude_uris' = Array of URIs which ignore CSRF checks */ $config['csrf_protection'] = FALSE; $config['csrf_token_name'] = 'csrf_test_name'; $config['csrf_cookie_name'] = 'csrf_cookie_name'; $config['csrf_expire'] = 7200; +$config['csrf_regenerate'] = TRUE; $config['csrf_exclude_uris'] = array(); /* -- cgit v1.2.3-24-g4f1b From 0defe5d33ee2633f377a109519ca818becc60f64 Mon Sep 17 00:00:00 2001 From: Greg Aker Date: Sun, 1 Jan 2012 18:46:41 -0600 Subject: Updating copyright date to 2012 --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 063c3d5d1..bb35324c3 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2011, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/AFL-3.0 Academic Free License (AFL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From 63678a27864fdd6bb0ed89e6940a1d331121072a Mon Sep 17 00:00:00 2001 From: "Thor (atiredmachine)" Date: Tue, 24 Jan 2012 16:56:01 -0800 Subject: Rudimentary minifying of output. --- application/config/config.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 17b854b29..3231f1d19 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -355,6 +355,18 @@ $config['csrf_exclude_uris'] = array(); */ $config['compress_output'] = FALSE; +/* +|-------------------------------------------------------------------------- +| Minify +|-------------------------------------------------------------------------- +| +| Removes extra characters (usually unnecessary spaces) from your +| output for faster page load speeds. Makes your outputted HTML source +| code less readable. +| +*/ +$config['minify_output'] = FALSE; + /* |-------------------------------------------------------------------------- | Master Time Reference @@ -396,5 +408,6 @@ $config['rewrite_short_tags'] = FALSE; $config['proxy_ips'] = ''; + /* End of file config.php */ /* Location: ./application/config/config.php */ -- cgit v1.2.3-24-g4f1b From 07c1ac830b4e98aa40f48baef3dd05fb68c0a836 Mon Sep 17 00:00:00 2001 From: Phil Sturgeon Date: Fri, 9 Mar 2012 17:03:37 +0000 Subject: Bumped CodeIgniter's PHP requirement to 5.2.4. Yes I know PHP 5.4 just came out, and yes I know PHP 5.3 has lovely features, but there are plenty of corporate systems running on CodeIgniter and PHP 5.3 still is not widely supported enough. CodeIgniter is great for distributed applications, and this is the highest we can reasonably go without breaking support. PHP 5.3 will most likely happen in another year or so. Fingers crossed on that one anyway... --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 17b854b29..4ad9d1d6a 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -2,7 +2,7 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.1.6 or newer + * An open source application development framework for PHP 5.2.4 or newer * * NOTICE OF LICENSE * -- cgit v1.2.3-24-g4f1b From 4ad0fd86e8dc6dba74305dbb0c88c593b46a19a2 Mon Sep 17 00:00:00 2001 From: freewil Date: Tue, 13 Mar 2012 22:37:42 -0400 Subject: add support for httponly cookies --- application/config/config.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 4ad9d1d6a..2ffbb6693 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -297,12 +297,14 @@ $config['sess_time_to_update'] = 300; | 'cookie_domain' = Set to .your-domain.com for site-wide cookies | 'cookie_path' = Typically will be a forward slash | 'cookie_secure' = Cookies will only be set if a secure HTTPS connection exists. +| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript) | */ $config['cookie_prefix'] = ""; $config['cookie_domain'] = ""; $config['cookie_path'] = "/"; $config['cookie_secure'] = FALSE; +$config['cookie_httponly'] = FALSE; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From e734b38e0f4cde3ebe17cdb1844faa0129fe8b11 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 26 Mar 2012 13:42:36 +0300 Subject: Clear some spaces and fix some inconsistencies in application/ php files --- application/config/config.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 2ffbb6693..2628885f0 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -1,13 +1,13 @@ - Date: Tue, 27 Mar 2012 18:18:15 +0200 Subject: Changed Date helper to return time() based on the timezone parameter. --- application/config/config.php | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 2628885f0..4d0e5080a 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -204,7 +204,7 @@ $config['directory_trigger'] = 'd'; // experimental not currently in use | 4 = All Messages | | You can also pass in a array with threshold levels to show individual error types -| +| | array(2) = Debug Messages, without Error Messages | | For a live site you'll usually only enable Errors (1) to be logged otherwise @@ -253,7 +253,7 @@ $config['cache_path'] = ''; | | If you use the Encryption class or the Session class you | MUST set an encryption key. See the user guide for info. -| +| | http://codeigniter.com/user_guide/libraries/encryption.html | http://codeigniter.com/user_guide/libraries/sessions.html | @@ -297,7 +297,7 @@ $config['sess_time_to_update'] = 300; | 'cookie_domain' = Set to .your-domain.com for site-wide cookies | 'cookie_path' = Typically will be a forward slash | 'cookie_secure' = Cookies will only be set if a secure HTTPS connection exists. -| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript) +| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript) | */ $config['cookie_prefix'] = ""; @@ -359,16 +359,14 @@ $config['compress_output'] = FALSE; /* |-------------------------------------------------------------------------- -| Master Time Reference +| Master Timezone |-------------------------------------------------------------------------- | -| Options are 'local' or 'gmt'. This pref tells the system whether to use -| your server's local time as the master 'now' reference, or convert it to -| GMT. See the 'date helper' page of the user guide for information -| regarding date handling. +| You can set any PHP supported timezones to be the master timezone when +| you call th now() function. | */ -$config['time_reference'] = 'local'; +$config['timezone'] = 'UTC'; /* -- cgit v1.2.3-24-g4f1b From 91a13199292d8b4495e6ecbcb6a5fea1294cd2da Mon Sep 17 00:00:00 2001 From: Iban Eguia Date: Tue, 27 Mar 2012 18:50:32 +0200 Subject: Fixed typo. --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 4d0e5080a..eb3ddddb0 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -363,7 +363,7 @@ $config['compress_output'] = FALSE; |-------------------------------------------------------------------------- | | You can set any PHP supported timezones to be the master timezone when -| you call th now() function. +| you call the now() function. | */ $config['timezone'] = 'UTC'; -- cgit v1.2.3-24-g4f1b From a9617a35ce4af051d3ad1298c2c24453460754cc Mon Sep 17 00:00:00 2001 From: Iban Eguia Date: Sun, 10 Jun 2012 00:13:04 +0200 Subject: Changed the default timezone to local and explained in the config file. --- application/config/config.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index eb3ddddb0..12ef77c76 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -363,10 +363,11 @@ $config['compress_output'] = FALSE; |-------------------------------------------------------------------------- | | You can set any PHP supported timezones to be the master timezone when -| you call the now() function. +| you call the now() function. 'local' string can be used to get the local +| time. | */ -$config['timezone'] = 'UTC'; +$config['timezone'] = 'local'; /* -- cgit v1.2.3-24-g4f1b From feb14dac4e7a417a48344a5188a8ad8074871df4 Mon Sep 17 00:00:00 2001 From: Iban Eguia Date: Tue, 12 Jun 2012 16:09:36 +0200 Subject: Changed the config parameter. The session's _get_time() function has also changed. --- application/config/config.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 12ef77c76..fd6a1aeb0 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -359,7 +359,7 @@ $config['compress_output'] = FALSE; /* |-------------------------------------------------------------------------- -| Master Timezone +| Master Time Reference |-------------------------------------------------------------------------- | | You can set any PHP supported timezones to be the master timezone when @@ -367,7 +367,7 @@ $config['compress_output'] = FALSE; | time. | */ -$config['timezone'] = 'local'; +$config['time_reference'] = 'local'; /* -- cgit v1.2.3-24-g4f1b From 7400965017f87c3aba18bf75ed7d732359fd577d Mon Sep 17 00:00:00 2001 From: Iban Eguia Date: Wed, 13 Jun 2012 22:57:50 +0200 Subject: Fixed some stuff in documentation. --- application/config/config.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index fd6a1aeb0..31ff2024d 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -362,9 +362,10 @@ $config['compress_output'] = FALSE; | Master Time Reference |-------------------------------------------------------------------------- | -| You can set any PHP supported timezones to be the master timezone when -| you call the now() function. 'local' string can be used to get the local -| time. +| Options are 'local' or any PHP supported timezone. This pref tells the +| system whether to use your server's local time as the master 'now' +| reference, or convert it to any PHP supported timezone. See the 'date +| helper' page of the user guide for information regarding date handling. | */ $config['time_reference'] = 'local'; -- cgit v1.2.3-24-g4f1b From d163e0b219b8afacea3cd0d1d7c2ce5bb6f8a933 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 14 Jun 2012 03:09:53 +0300 Subject: Polish changes from pull #1233 - Session class already has the time_reference setting - 'GMT' is a valid timezone, so nothing needs to be changed in order to work properly (upgrade notes) - Altered some description text --- application/config/config.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 31ff2024d..7da889f81 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -362,9 +362,9 @@ $config['compress_output'] = FALSE; | Master Time Reference |-------------------------------------------------------------------------- | -| Options are 'local' or any PHP supported timezone. This pref tells the -| system whether to use your server's local time as the master 'now' -| reference, or convert it to any PHP supported timezone. See the 'date +| Options are 'local' or any PHP supported timezone. This preference tells +| the system whether to use your server's local time as the master 'now' +| reference, or convert it to the configured one timezone. See the 'date | helper' page of the user guide for information regarding date handling. | */ -- cgit v1.2.3-24-g4f1b From d55f74999a24394241b398cd52679bf1b81f11c2 Mon Sep 17 00:00:00 2001 From: Dumk0 Date: Tue, 3 Jul 2012 11:21:45 +0300 Subject: replaced double quotes with single in $config['cookie_... string values --- application/config/config.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 726e3a71c..28fc406d1 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -300,9 +300,9 @@ $config['sess_time_to_update'] = 300; | 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript) | */ -$config['cookie_prefix'] = ""; -$config['cookie_domain'] = ""; -$config['cookie_path'] = "/"; +$config['cookie_prefix'] = ''; +$config['cookie_domain'] = ''; +$config['cookie_path'] = '/'; $config['cookie_secure'] = FALSE; $config['cookie_httponly'] = FALSE; -- cgit v1.2.3-24-g4f1b From ac740abc89159fe24165105253ae6048888a16ee Mon Sep 17 00:00:00 2001 From: dchill42 Date: Thu, 30 Aug 2012 10:49:28 -0400 Subject: Added session driver config items Signed-off-by: dchill42 --- application/config/config.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 28fc406d1..eaccbf75e 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -265,6 +265,9 @@ $config['encryption_key'] = ''; | Session Variables |-------------------------------------------------------------------------- | +| 'sess_driver' = the driver to load: cookie (Classic), native (PHP sessions), +| or your custom driver name +| 'sess_valid_drivers' = additional valid drivers which may be loaded | 'sess_cookie_name' = the name you want for the cookie | 'sess_expiration' = the number of SECONDS you want the session to last. | by default sessions last 7200 seconds (two hours). Set to zero for no expiration. @@ -278,6 +281,8 @@ $config['encryption_key'] = ''; | 'sess_time_to_update' = how many seconds between CI refreshing Session Information | */ +$config['sess_driver'] = 'cookie'; +$config['sess_valid_drivers'] = array(); $config['sess_cookie_name'] = 'ci_session'; $config['sess_expiration'] = 7200; $config['sess_expire_on_close'] = FALSE; -- cgit v1.2.3-24-g4f1b From 9ac557f2473844f3c2207189f371f827dbaddb71 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 6 Oct 2012 20:27:57 +0300 Subject: Add IPv6 and array() support for *proxy_ips* configuration --- application/config/config.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index eaccbf75e..ab1508e7b 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -406,15 +406,19 @@ $config['rewrite_short_tags'] = FALSE; | Reverse Proxy IPs |-------------------------------------------------------------------------- | -| If your server is behind a reverse proxy, you must whitelist the proxy IP -| addresses from which CodeIgniter should trust the HTTP_X_FORWARDED_FOR -| header in order to properly identify the visitor's IP address. -| Comma-delimited, e.g. '10.0.1.200,10.0.1.201' +| If your server is behind a reverse proxy, you must whitelist the proxy +| IP addresses from which CodeIgniter should trust headers such as +| HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP in order to properly identify +| the visitor's IP address. | +| You can use both an array or a comma-separated list of proxy addresses, +| as well as specifying whole subnets. Here are a few examples: +| +| Comma-separated: '10.0.1.200,192.168.5.0/24' +| Array: array('10.0.1.200', '192.168.5.0/24') */ $config['proxy_ips'] = ''; - /* End of file config.php */ -/* Location: ./application/config/config.php */ +/* Location: ./application/config/config.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From f2b19fee7876708c7a7bb5cba6b7df682a9d2a53 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 31 Oct 2012 16:16:24 +0200 Subject: Multiple improvements to the URI class (thanks to @sourcejedi, PR #1326 for most of the ideas) - Renamed _detect_uri() and _parse_cli_args() to _parse_request_uri() and _parse_argv() respectively. - Added _parse_query_string() which allows us to detect the URI path from QUERY_STRING much like it is done in _parse_request_uri(). (the above changes also allow for a simpler logic in the case where the *uri_protocol* setting is not set to 'AUTO') - Updated application/config/config.php with a better list of the *uri_protocol* options. - Added _reset_query_string() to aid in re-processing from the QUERY_STRING (utilized in _parse_request_uri() and _parse_query_string()). --- application/config/config.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index ab1508e7b..6867cee88 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -62,11 +62,12 @@ $config['index_page'] = 'index.php'; | URI string. The default setting of 'AUTO' works for most servers. | If your links do not seem to work, try one of the other delicious flavors: | -| 'AUTO' Default - auto detects -| 'PATH_INFO' Uses the PATH_INFO -| 'QUERY_STRING' Uses the QUERY_STRING -| 'REQUEST_URI' Uses the REQUEST_URI -| 'ORIG_PATH_INFO' Uses the ORIG_PATH_INFO +| 'AUTO' Default - auto detects +| 'CLI' or 'argv' Uses $_SERVER['argv'] (for php-cli only) +| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] +| 'PATH_INFO' Uses $_SERVER['PATH_INFO'] +| 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] +| 'ORIG_PATH_INFO' Uses $_SERVER['ORIG_PATH_INFO'] | */ $config['uri_protocol'] = 'AUTO'; -- cgit v1.2.3-24-g4f1b From 3b72eb58e61581b7e92012a322be48e216491d7c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 1 Nov 2012 00:45:26 +0200 Subject: Changed URI auto-detection to try PATH_INFO first (thanks to @sourcejedi, PR #1326) Up until PHP 5.2.4 (which is our new lowest requirement), there was a bug related to PATH_INFO which made REQUEST_URI a more reliable choice. This is now no longer the case, see https://bugs.php.net/bug.php?id=31892 for more details. Also removed ORIG_PATH_INFO from the suggested alternatives for uri_protocol in application/config/config.php as it will not exist in most of PHP's recent versions and is pointless when you can use PATH_INFO anyway. --- application/config/config.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 6867cee88..0562953b0 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -64,10 +64,9 @@ $config['index_page'] = 'index.php'; | | 'AUTO' Default - auto detects | 'CLI' or 'argv' Uses $_SERVER['argv'] (for php-cli only) -| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] | 'PATH_INFO' Uses $_SERVER['PATH_INFO'] +| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] | 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] -| 'ORIG_PATH_INFO' Uses $_SERVER['ORIG_PATH_INFO'] | */ $config['uri_protocol'] = 'AUTO'; -- cgit v1.2.3-24-g4f1b From 80500afbd188600212ca913a7bac073009feac73 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 1 Jan 2013 08:16:53 +0200 Subject: [ci skip] Happy new year --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 0562953b0..a4ef19137 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2012, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/AFL-3.0 Academic Free License (AFL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From cdd80bf46bf2e75a127e4104ff3aa13fab59e3d5 Mon Sep 17 00:00:00 2001 From: OsamaAbbas Date: Wed, 23 Jan 2013 04:46:24 +0200 Subject: Update application/config/config.php --- application/config/config.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index a4ef19137..bd4aad73d 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -241,7 +241,7 @@ $config['log_date_format'] = 'Y-m-d H:i:s'; |-------------------------------------------------------------------------- | | Leave this BLANK unless you would like to set something other than the default -| system/cache/ folder. Use a full server path with trailing slash. +| application/cache/ folder. Use a full server path with trailing slash. | */ $config['cache_path'] = ''; @@ -421,4 +421,4 @@ $config['proxy_ips'] = ''; /* End of file config.php */ -/* Location: ./application/config/config.php */ \ No newline at end of file +/* Location: ./application/config/config.php */ -- cgit v1.2.3-24-g4f1b From 1a0014941dcf399e97d3586bd6d3382166b413dd Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 24 Jan 2013 11:32:29 +0200 Subject: Move db_select() call from CI_DB_driver::initialize() to db_connect() so that it's only called by drivers that need it ('mysql', 'mssql'). As proposed in issue #2187. --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index bd4aad73d..415474e06 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -421,4 +421,4 @@ $config['proxy_ips'] = ''; /* End of file config.php */ -/* Location: ./application/config/config.php */ +/* Location: ./application/config/config.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From 0bd6b28045c9b9a820e580b3f651f474b60348a3 Mon Sep 17 00:00:00 2001 From: Chris Passas Date: Wed, 13 Feb 2013 14:16:18 -0500 Subject: Added support for changing the default log file extension from .php to whatever is preferred. example (.log) This is a follow up to this pull request. https://github.com/EllisLab/CodeIgniter/pull/2243 --- application/config/config.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 415474e06..6f597b1e2 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -224,6 +224,17 @@ $config['log_threshold'] = 0; */ $config['log_path'] = ''; +/* +|-------------------------------------------------------------------------- +| Log File Extension +|-------------------------------------------------------------------------- +| +| Leave this BLANK unless you would like to set something other than the default +| 'php'. For example you could change it to 'log'. +| +*/ +$config['log_file_extension'] = ''; + /* |-------------------------------------------------------------------------- | Date Format for Logs -- cgit v1.2.3-24-g4f1b From a107a0fd79d0ee5f6292138a76398ed390041710 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 15 Feb 2013 22:30:31 +0200 Subject: Fix some stuff from recent pull requests --- application/config/config.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 6f597b1e2..0608348c6 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -229,8 +229,11 @@ $config['log_path'] = ''; | Log File Extension |-------------------------------------------------------------------------- | -| Leave this BLANK unless you would like to set something other than the default -| 'php'. For example you could change it to 'log'. +| The default filename extension for log files. The default 'php' allows for +| protecting the log files via basic scripting, when they are to be stored +| under a publicly accessible directory. +| +| Note: Leaving it blank will default to 'php'. | */ $config['log_file_extension'] = ''; -- cgit v1.2.3-24-g4f1b From 02a16129a23409af956392a5a36755489290a2e8 Mon Sep 17 00:00:00 2001 From: brenjt Date: Sat, 14 Sep 2013 11:10:25 -0600 Subject: Updated config to include list of valid characters to `sess_cookie_name` Added list of valid characters to sess_cookie_name --- application/config/config.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 0608348c6..3114f417b 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -282,7 +282,7 @@ $config['encryption_key'] = ''; | 'sess_driver' = the driver to load: cookie (Classic), native (PHP sessions), | or your custom driver name | 'sess_valid_drivers' = additional valid drivers which may be loaded -| 'sess_cookie_name' = the name you want for the cookie +| 'sess_cookie_name' = the name you want for the cookie, must contain only [0-9a-z_-] characters | 'sess_expiration' = the number of SECONDS you want the session to last. | by default sessions last 7200 seconds (two hours). Set to zero for no expiration. | 'sess_expire_on_close' = Whether to cause the session to expire automatically @@ -435,4 +435,4 @@ $config['proxy_ips'] = ''; /* End of file config.php */ -/* Location: ./application/config/config.php */ \ No newline at end of file +/* Location: ./application/config/config.php */ -- cgit v1.2.3-24-g4f1b From 9c98991705432d9c179715bc7f3b4fb0c6d51b4b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 14 Sep 2013 20:55:12 +0300 Subject: [ci skip] Remove empty line at application/config/config.php EOF --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 3114f417b..8d08a7401 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -435,4 +435,4 @@ $config['proxy_ips'] = ''; /* End of file config.php */ -/* Location: ./application/config/config.php */ +/* Location: ./application/config/config.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From bfb635b276d880336db795f1a603de66ccfc80f6 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 8 Jan 2014 18:32:05 +0200 Subject: Make newline standardization configurable Added ['standardize_newlines'] Also altered the Session cookie driver, which experienced issues with this feature due to it's HMAC verification failing after the Input class alters newlines in non-encrypted session cookies. Supersedes PR #2470 --- application/config/config.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 8d08a7401..cd2ca479b 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -325,6 +325,20 @@ $config['cookie_path'] = '/'; $config['cookie_secure'] = FALSE; $config['cookie_httponly'] = FALSE; +/* +|-------------------------------------------------------------------------- +| Standardize newlines +|-------------------------------------------------------------------------- +| +| Determines whether to standardize newline characters in input data, +| meaning to replace \r\n, \r, \n occurences with the PHP_EOL value. +| +| This is particularly useful for portability between UNIX-based OSes, +| (usually \n) and Windows (\r\n). +| +*/ +$config['standardize_newlines'] = TRUE; + /* |-------------------------------------------------------------------------- | Global XSS Filtering -- cgit v1.2.3-24-g4f1b From 155ee7231c0ef72dc362c7d6423b2e4600024d3c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 10 Jan 2014 15:50:54 +0200 Subject: Compress output before storing it to cache, if output compression is enabled Based on PR #964 --- application/config/config.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index cd2ca479b..c46839330 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -381,6 +381,9 @@ $config['csrf_exclude_uris'] = array(); | Even if it does, however, not all browsers support compression | so enable only if you are reasonably sure your visitors can handle it. | +| Only used if zlib.output_compression is turned off in your php.ini. +| Please do not use it together with httpd-level output compression. +| | VERY IMPORTANT: If you are getting a blank page when compression is enabled it | means you are prematurely outputting something to your browser. It could | even be a line of whitespace at the end of one of your scripts. For -- cgit v1.2.3-24-g4f1b From de14aa5a29b1b122bfd536f979dfda7f2fd9f53d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jan 2014 15:51:08 +0200 Subject: CI_URI changes related to the 'permitted_uri_chars' setting - Initialize and cache the value in the class constructor instead of searching for it every time - Removed the preg_quote() call from _filter_uri() to allow more fine-tuning from configuration - Renamed _filter_uri() to filter_uri() - it was public anyway and using it cannot break anything Related: issue #2799 --- application/config/config.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index cd2ca479b..5240f6c26 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -141,15 +141,18 @@ $config['subclass_prefix'] = 'MY_'; | Allowed URL Characters |-------------------------------------------------------------------------- | -| This lets you specify with a regular expression which characters are permitted -| within your URLs. When someone tries to submit a URL with disallowed -| characters they will get a warning message. +| This lets you specify which characters are permitted within your URLs. +| When someone tries to submit a URL with disallowed characters they will +| get a warning message. | | As a security measure you are STRONGLY encouraged to restrict URLs to | as few characters as possible. By default only these are allowed: a-z 0-9~%.:_- | | Leave blank to allow all characters -- but only if you are insane. | +| The configured value is actually a regular expression character group +| and it will be executed as: ! preg_match('/^[]+$/i +| | DO NOT CHANGE THIS UNLESS YOU FULLY UNDERSTAND THE REPERCUSSIONS!! | */ -- cgit v1.2.3-24-g4f1b From 871754af60251993d640981e107d2def5f2db396 Mon Sep 17 00:00:00 2001 From: darwinel Date: Tue, 11 Feb 2014 17:34:57 +0100 Subject: 2013 > 2014 Update copyright notices from 2013 to 2014. And update one calendar example in user_guide from year 2013/2014 to 2014/2015. --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index ae748defd..e0b5a4c16 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -18,7 +18,7 @@ * * @package CodeIgniter * @author EllisLab Dev Team - * @copyright Copyright (c) 2008 - 2013, EllisLab, Inc. (http://ellislab.com/) + * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) * @license http://opensource.org/licenses/AFL-3.0 Academic Free License (AFL 3.0) * @link http://codeigniter.com * @since Version 1.0 -- cgit v1.2.3-24-g4f1b From d8bef8a878238c6974f01758469af1c13ac8b8d7 Mon Sep 17 00:00:00 2001 From: darwinel Date: Tue, 11 Feb 2014 20:13:22 +0100 Subject: "BASEPATH check" consistency MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As described in issue #2870 + A change in the „How to create a library” example in the user_guide --- application/config/config.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index e0b5a4c16..ae89715c0 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -1,4 +1,4 @@ - Date: Sat, 12 Apr 2014 07:33:42 +0200 Subject: Make the error templates path configurable --- application/config/config.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index ae89715c0..069162097 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -253,6 +253,17 @@ $config['log_file_extension'] = ''; */ $config['log_date_format'] = 'Y-m-d H:i:s'; +/* +|-------------------------------------------------------------------------- +| Error Templates Directory Path +|-------------------------------------------------------------------------- +| +| Leave this BLANK unless you would like to set something other than the default +| application/views/errors/ folder. Use a full server path with trailing slash. +| +*/ +$config['error_templates_path'] = ''; + /* |-------------------------------------------------------------------------- | Cache Directory Path -- cgit v1.2.3-24-g4f1b From 511a6b8eb67e34820c1b9446cfc8891b52df90c7 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Mon, 14 Apr 2014 14:33:55 +0200 Subject: Rename config item "error_templates_path" to "error_views_path" --- application/config/config.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 069162097..85d8da08a 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -255,14 +255,14 @@ $config['log_date_format'] = 'Y-m-d H:i:s'; /* |-------------------------------------------------------------------------- -| Error Templates Directory Path +| Error Views Directory Path |-------------------------------------------------------------------------- | | Leave this BLANK unless you would like to set something other than the default | application/views/errors/ folder. Use a full server path with trailing slash. | */ -$config['error_templates_path'] = ''; +$config['error_views_path'] = ''; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 6cf456da85ffcae78884d9244877f9b7e259c9b4 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Mon, 14 Apr 2014 14:38:29 +0200 Subject: Replace "folder" with "directory" in config.php --- application/config/config.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 85d8da08a..ba6867fb7 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -223,7 +223,7 @@ $config['log_threshold'] = 0; |-------------------------------------------------------------------------- | | Leave this BLANK unless you would like to set something other than the default -| application/logs/ folder. Use a full server path with trailing slash. +| application/logs/ directory. Use a full server path with trailing slash. | */ $config['log_path'] = ''; @@ -259,7 +259,7 @@ $config['log_date_format'] = 'Y-m-d H:i:s'; |-------------------------------------------------------------------------- | | Leave this BLANK unless you would like to set something other than the default -| application/views/errors/ folder. Use a full server path with trailing slash. +| application/views/errors/ directory. Use a full server path with trailing slash. | */ $config['error_views_path'] = ''; @@ -270,7 +270,7 @@ $config['error_views_path'] = ''; |-------------------------------------------------------------------------- | | Leave this BLANK unless you would like to set something other than the default -| application/cache/ folder. Use a full server path with trailing slash. +| application/cache/ directory. Use a full server path with trailing slash. | */ $config['cache_path'] = ''; -- cgit v1.2.3-24-g4f1b From aeed15eb8556ab671507f17ef9a8cf28903999aa Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 14 Apr 2014 16:56:23 +0300 Subject: Change 'standardize_newlines' default to FALSE I don't see why it should be enabled by default. Also, this is the functionality triggering #2923 --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index ba6867fb7..d269b6e5d 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -352,7 +352,7 @@ $config['cookie_httponly'] = FALSE; | (usually \n) and Windows (\r\n). | */ -$config['standardize_newlines'] = TRUE; +$config['standardize_newlines'] = FALSE; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From ed86ee14f3a36de1034b8fa19ff6d41aeb428a93 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 11 Jul 2014 19:48:37 +0300 Subject: Add setting ['composer_autoload'] Supersedes PR #3132 --- application/config/config.php | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index d269b6e5d..b6b3c9fdf 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -121,7 +121,6 @@ $config['charset'] = 'UTF-8'; */ $config['enable_hooks'] = FALSE; - /* |-------------------------------------------------------------------------- | Class Extension Prefix @@ -136,6 +135,27 @@ $config['enable_hooks'] = FALSE; */ $config['subclass_prefix'] = 'MY_'; +/* +|-------------------------------------------------------------------------- +| Composer auto-loading +|-------------------------------------------------------------------------- +| +| Enabling this setting will tell CodeIgniter to look for a Composer +| package auto-loader script in application/vendor/autoload.php. +| +| $config['composer_autoload'] = TRUE; +| +| Or if you have your vendor/ directory located somewhere else, you +| can opt to set a specific path as well: +| +| $config['composer_autoload'] = '/path/to/vendor/autoload.php'; +| +| For more information about Composer, please visit http://getcomposer.org/ +| +| Note: This will NOT disable or override the CodeIgniter-specific +| autoloading (application/config/autoload.php) +*/ +$config['composer_autoload'] = FALSE; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 459657415189f4fe3f8d4eb05b209ab78409f9b0 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 27 Aug 2014 20:40:11 +0300 Subject: Fix #2963 Changed all file permissions settings throught the framework and the documentation. Also added configuration settings for CI_Log and CI_Image_lib --- application/config/config.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index b6b3c9fdf..e8d30b625 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -262,6 +262,18 @@ $config['log_path'] = ''; */ $config['log_file_extension'] = ''; +/* +|-------------------------------------------------------------------------- +| Log File Permissions +|-------------------------------------------------------------------------- +| +| The file system permissions to be applied on newly created log files. +| +| IMPORTANT: This MUST be an integer (no quotes) and you MUST use octal +| integer notation (i.e. 0700, 0644, etc.) +*/ +$config['log_file_permissions'] = 0644; + /* |-------------------------------------------------------------------------- | Date Format for Logs -- cgit v1.2.3-24-g4f1b From dfb39bec5faf77e806e55f3ee9d2138e57d55010 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 6 Oct 2014 01:50:14 +0300 Subject: feature/session (#3073): Refactor configuration & fix cookie expiry times --- application/config/config.php | 58 ++++++++++++++++++++++++------------------- 1 file changed, 33 insertions(+), 25 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index e8d30b625..333e2e988 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -326,33 +326,41 @@ $config['encryption_key'] = ''; | Session Variables |-------------------------------------------------------------------------- | -| 'sess_driver' = the driver to load: cookie (Classic), native (PHP sessions), -| or your custom driver name -| 'sess_valid_drivers' = additional valid drivers which may be loaded -| 'sess_cookie_name' = the name you want for the cookie, must contain only [0-9a-z_-] characters -| 'sess_expiration' = the number of SECONDS you want the session to last. -| by default sessions last 7200 seconds (two hours). Set to zero for no expiration. -| 'sess_expire_on_close' = Whether to cause the session to expire automatically -| when the browser window is closed -| 'sess_encrypt_cookie' = Whether to encrypt the cookie -| 'sess_use_database' = Whether to save the session data to a database -| 'sess_table_name' = The name of the session database table -| 'sess_match_ip' = Whether to match the user's IP address when reading the session data -| 'sess_match_useragent' = Whether to match the User Agent when reading the session data -| 'sess_time_to_update' = how many seconds between CI refreshing Session Information +| 'sess_driver' +| +| The storage driver to use: files, database, redis, memcache +| +| 'sess_cookie_name' +| +| The session cookie name, must contain only [0-9a-z_-] characters +| +| 'sess_expiration' +| +| The number of SECONDS you want the session to last. +| Setting to 0 (zero) means expire when the browser is closed. +| +| 'sess_save_path' +| +| The location to save sessions to, driver dependant. +| +| 'sess_match_ip' +| +| Whether to match the user's IP address when reading the session data. +| +| 'sess_time_to_update' +| +| How many seconds between CI regenerating the session ID. +| +| Other session cookie settings are shared with the rest of the application, +| except for 'cookie_prefix', which is ignored here. | */ -$config['sess_driver'] = 'cookie'; -$config['sess_valid_drivers'] = array(); -$config['sess_cookie_name'] = 'ci_session'; -$config['sess_expiration'] = 7200; -$config['sess_expire_on_close'] = FALSE; -$config['sess_encrypt_cookie'] = FALSE; -$config['sess_use_database'] = FALSE; -$config['sess_table_name'] = 'ci_sessions'; -$config['sess_match_ip'] = FALSE; -$config['sess_match_useragent'] = TRUE; -$config['sess_time_to_update'] = 300; +$config['sess_driver'] = 'files'; +$config['sess_cookie_name'] = 'ci_session'; +$config['sess_expiration'] = 7200; +$config['sess_save_path'] = NULL; +$config['sess_match_ip'] = FALSE; +$config['sess_time_to_update'] = 300; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From bdb96ca1b1dbfc1791172fd169d7751cbc4d7d55 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 28 Oct 2014 00:13:31 +0200 Subject: [ci skip] Switch to MIT license; close #3293 --- application/config/config.php | 39 +++++++++++++++++++++++++-------------- 1 file changed, 25 insertions(+), 14 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index e8d30b625..f02856544 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -4,24 +4,35 @@ * * An open source application development framework for PHP 5.2.4 or newer * - * NOTICE OF LICENSE + * This content is released under the MIT License (MIT) * - * Licensed under the Academic Free License version 3.0 + * Copyright (c) 2014, British Columbia Institute of Technology * - * This source file is subject to the Academic Free License (AFL 3.0) that is - * bundled with this package in the files license_afl.txt / license_afl.rst. - * It is also available through the world wide web at this URL: - * http://opensource.org/licenses/AFL-3.0 - * If you did not receive a copy of the license and are unable to obtain it - * through the world wide web, please send an email to - * licensing@ellislab.com so we can send you a copy immediately. + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: * - * @package CodeIgniter - * @author EllisLab Dev Team + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @package CodeIgniter + * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @license http://opensource.org/licenses/AFL-3.0 Academic Free License (AFL 3.0) - * @link http://codeigniter.com - * @since Version 1.0 + * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @license http://opensource.org/licenses/MIT MIT License + * @link http://codeigniter.com + * @since Version 1.0.0 * @filesource */ defined('BASEPATH') OR exit('No direct script access allowed'); -- cgit v1.2.3-24-g4f1b From 815ac8a3be770b7de7a805a551f136cc6bb9f83c Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 28 Oct 2014 21:32:20 +0200 Subject: Close #3292 --- application/config/config.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index f02856544..675cb4fa2 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -47,11 +47,13 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | | http://example.com/ | -| If this is not set then CodeIgniter will guess the protocol, domain and -| path to your installation. +| If this is not set then CodeIgniter will try guess the protocol, domain +| and path to your installation. However, you should always configure this +| explicitly and never rely on auto-guessing, especially in production +| environments. | */ -$config['base_url'] = ''; +$config['base_url'] = ''; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From a8f29f9ddaeac5cee582a51ce7f255459e1ca711 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 10 Nov 2014 18:55:55 +0200 Subject: #3073 (feature/session): (Try to) fix memcached driver --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 333e2e988..15785b809 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -328,7 +328,7 @@ $config['encryption_key'] = ''; | | 'sess_driver' | -| The storage driver to use: files, database, redis, memcache +| The storage driver to use: files, database, redis, memcached | | 'sess_cookie_name' | -- cgit v1.2.3-24-g4f1b From 81c934729d9fcbb294a8914608c315eed30ff9c4 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 11 Nov 2014 12:36:30 +0200 Subject: Close #3322 [ci skip] --- application/config/config.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 675cb4fa2..fc4547b9b 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -218,11 +218,11 @@ $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; | use segment based URLs. | */ -$config['allow_get_array'] = TRUE; +$config['allow_get_array'] = TRUE; $config['enable_query_strings'] = FALSE; -$config['controller_trigger'] = 'c'; -$config['function_trigger'] = 'm'; -$config['directory_trigger'] = 'd'; // experimental not currently in use +$config['controller_trigger'] = 'c'; +$config['function_trigger'] = 'm'; +$config['directory_trigger'] = 'd'; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From a704aa715b682df78552fab76a7f5ba9cbe06923 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Thu, 4 Dec 2014 12:37:07 +0200 Subject: Add 'cache_query_string' configuration option Close #2349 --- application/config/config.php | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index fc4547b9b..4ee33358a 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -320,6 +320,17 @@ $config['error_views_path'] = ''; */ $config['cache_path'] = ''; +/* +|-------------------------------------------------------------------------- +| Cache Include Query String +|-------------------------------------------------------------------------- +| +| Set this to TRUE if you want to use different cache files depending on the +| URL query string. Please be aware this might result in numerous cache files. +| +*/ +$config['cache_query_string'] = FALSE; + /* |-------------------------------------------------------------------------- | Encryption Key -- cgit v1.2.3-24-g4f1b From 466e8ccb0ad647fd8e477e881dfddc14c6d7cbc8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 15 Dec 2014 17:28:23 +0200 Subject: Remove output minifier This feature has proven to be problematic and it's not nearly as flexible as a dedicated minifier library like Minify (http://www.minifier.org/, https://github.com/matthiasmullie/minify). The same results in terms of saving traffic can also be achievied via gzip compression (which should also be done on the httpd level, but we also support anyway) and stuff like mod_pagespeed. Reverts PR #965 Related issues as a track record proving how problematic this has been: #2078 #1499 #2163 #2092 #2387 #2637 #2710 #2120 #2171 #2631 #2326 #2795 #2791 #2772 Additionally, the count of contributors suggesting that the only way to fix the minifier problems is to remove it, is around the same as the count of people suggesting the feature to be implemented in the first place. It was experimental anyway ... the experiment failed. --- application/config/config.php | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 4ee33358a..4958b467e 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -464,18 +464,6 @@ $config['csrf_exclude_uris'] = array(); */ $config['compress_output'] = FALSE; -/* -|-------------------------------------------------------------------------- -| Minify -|-------------------------------------------------------------------------- -| -| Removes extra characters (usually unnecessary spaces) from your -| output for faster page load speeds. Makes your outputted HTML source -| code less readable. -| -*/ -$config['minify_output'] = FALSE; - /* |-------------------------------------------------------------------------- | Master Time Reference @@ -489,7 +477,6 @@ $config['minify_output'] = FALSE; */ $config['time_reference'] = 'local'; - /* |-------------------------------------------------------------------------- | Rewrite PHP Short Tags -- cgit v1.2.3-24-g4f1b From fe9309d22c1b088f5363954d6dac013c8c955894 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Fri, 9 Jan 2015 17:48:58 +0200 Subject: Bulk (mostly documentation) update - Remove PHP version from license notices - Bump year number in copyright notices - Recommend PHP 5.4 or newer to be used - Tell Travis-CI to test on PHP 5.3.0 instead of the latest 5.3 version Related: #3450 --- application/config/config.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 4958b467e..c45c66b1a 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -2,11 +2,11 @@ /** * CodeIgniter * - * An open source application development framework for PHP 5.2.4 or newer + * An open source application development framework for PHP * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014, British Columbia Institute of Technology + * Copyright (c) 2014 - 2015, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,7 +29,7 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/) - * @copyright Copyright (c) 2014, British Columbia Institute of Technology (http://bcit.ca/) + * @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/) * @license http://opensource.org/licenses/MIT MIT License * @link http://codeigniter.com * @since Version 1.0.0 -- cgit v1.2.3-24-g4f1b From 973a6542e0e447c811818969108bdea78d9ca9f7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jan 2015 13:25:24 +0200 Subject: feature/session (#3073): Update config file and session docs Upgrade instructions are still pending. --- application/config/config.php | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 204307065..03dc368a2 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -336,11 +336,10 @@ $config['cache_query_string'] = FALSE; | Encryption Key |-------------------------------------------------------------------------- | -| If you use the Encryption class or the Session class you -| MUST set an encryption key. See the user guide for info. +| If you use the Encryption class must set the an encryption key. +| See the user guide for info. | | http://codeigniter.com/user_guide/libraries/encryption.html -| http://codeigniter.com/user_guide/libraries/sessions.html | */ $config['encryption_key'] = ''; @@ -365,7 +364,11 @@ $config['encryption_key'] = ''; | | 'sess_save_path' | -| The location to save sessions to, driver dependant. +| The location to save sessions to, driver dependant +| +| For the 'files' driver, it's a path to a directory. +| For the 'database' driver, it's a table name. +| Please read up the manual for the format with other session drivers. | | 'sess_match_ip' | @@ -376,7 +379,7 @@ $config['encryption_key'] = ''; | How many seconds between CI regenerating the session ID. | | Other session cookie settings are shared with the rest of the application, -| except for 'cookie_prefix', which is ignored here. +| except for 'cookie_prefix' and 'cookie_httponly', which are ignored here. | */ $config['sess_driver'] = 'files'; @@ -391,12 +394,15 @@ $config['sess_time_to_update'] = 300; | Cookie Related Variables |-------------------------------------------------------------------------- | -| 'cookie_prefix' = Set a prefix if you need to avoid collisions -| 'cookie_domain' = Set to .your-domain.com for site-wide cookies -| 'cookie_path' = Typically will be a forward slash -| 'cookie_secure' = Cookies will only be set if a secure HTTPS connection exists. +| 'cookie_prefix' = Set a cookie name prefix if you need to avoid collisions +| 'cookie_domain' = Set to .your-domain.com for site-wide cookies +| 'cookie_path' = Typically will be a forward slash +| 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists. | 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript) | +| Note: These settings (with the exception of 'cookie_prefix' and +| 'cookie_httponly') will also affect sessions. +| */ $config['cookie_prefix'] = ''; $config['cookie_domain'] = ''; -- cgit v1.2.3-24-g4f1b From 9e82b0d00cbe83d6cdfa914628023cb98d70c933 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 19 Jan 2015 13:26:46 +0200 Subject: [ci skip] Add missing word in a comment --- application/config/config.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 03dc368a2..d0cfdfaca 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -336,8 +336,8 @@ $config['cache_query_string'] = FALSE; | Encryption Key |-------------------------------------------------------------------------- | -| If you use the Encryption class must set the an encryption key. -| See the user guide for info. +| If you use the Encryption class, you must set the an encryption key. +| See the user guide for more info. | | http://codeigniter.com/user_guide/libraries/encryption.html | -- cgit v1.2.3-24-g4f1b From a7e24ecec7b5c86a6016024510853332680fbe84 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 21 Jan 2015 11:18:32 +0200 Subject: [ci skip] Fix incorrect wording in config.php Related: 9e82b0d00cbe83d6cdfa914628023cb98d70c933 --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index d0cfdfaca..147405555 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -336,7 +336,7 @@ $config['cache_query_string'] = FALSE; | Encryption Key |-------------------------------------------------------------------------- | -| If you use the Encryption class, you must set the an encryption key. +| If you use the Encryption class, you must set an encryption key. | See the user guide for more info. | | http://codeigniter.com/user_guide/libraries/encryption.html -- cgit v1.2.3-24-g4f1b From 4cbe463b4c442e0e2dae2f43565e77f7ac5ecb86 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Wed, 21 Jan 2015 22:56:22 +0100 Subject: Remove closing blocks at end of PHP files --- application/config/config.php | 4 ---- 1 file changed, 4 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 147405555..f307c6f6a 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -521,7 +521,3 @@ $config['rewrite_short_tags'] = FALSE; | Array: array('10.0.1.200', '192.168.5.0/24') */ $config['proxy_ips'] = ''; - - -/* End of file config.php */ -/* Location: ./application/config/config.php */ \ No newline at end of file -- cgit v1.2.3-24-g4f1b From b56de6537e9d9a6156dbeaa325f52d3b6e3792a4 Mon Sep 17 00:00:00 2001 From: vlakoff Date: Thu, 22 Jan 2015 21:27:38 +0100 Subject: Remove license blocks in /application files These blocks are annoying for the user and serve little to no purpose as the files are just config files, a boilerplate controller and some views. --- application/config/config.php | 36 ------------------------------------ 1 file changed, 36 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index f307c6f6a..7640df479 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -1,40 +1,4 @@ Date: Mon, 2 Feb 2015 14:07:57 +0200 Subject: [ci skip] Improve note about sess_save_path in config.php --- application/config/config.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 7640df479..1e399590b 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -328,12 +328,14 @@ $config['encryption_key'] = ''; | | 'sess_save_path' | -| The location to save sessions to, driver dependant +| The location to save sessions to, driver dependant. | -| For the 'files' driver, it's a path to a directory. +| For the 'files' driver, it's a path to a writable directory. | For the 'database' driver, it's a table name. | Please read up the manual for the format with other session drivers. | +| IMPORTANT: You are REQUIRED to set a valid save path! +| | 'sess_match_ip' | | Whether to match the user's IP address when reading the session data. -- cgit v1.2.3-24-g4f1b From 789b1fe3e78f59cdb35ac5e6cf7166f6b97436c7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Feb 2015 19:30:30 +0200 Subject: Add 'sess_regenerate_destroy' setting --- application/config/config.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 1e399590b..5b60ae92a 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -344,6 +344,12 @@ $config['encryption_key'] = ''; | | How many seconds between CI regenerating the session ID. | +| 'sess_regenerate_delete' +| +| Whether to destroy session data associated with the old session ID +| when auto-regenerating the session ID. When set to FALSE, the data +| will be later deleted by the garbage collector. +| | Other session cookie settings are shared with the rest of the application, | except for 'cookie_prefix' and 'cookie_httponly', which are ignored here. | @@ -354,6 +360,7 @@ $config['sess_expiration'] = 7200; $config['sess_save_path'] = NULL; $config['sess_match_ip'] = FALSE; $config['sess_time_to_update'] = 300; +$config['sess_regenerate_destroy'] = FALSE; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 4e7f85a9fbf5d5ee8c62cd70f1a98713d75a513f Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 7 Feb 2015 19:33:48 +0200 Subject: [ci skip] Fix a setting name in a comment --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 5b60ae92a..306fc2cae 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -344,7 +344,7 @@ $config['encryption_key'] = ''; | | How many seconds between CI regenerating the session ID. | -| 'sess_regenerate_delete' +| 'sess_regenerate_destroy' | | Whether to destroy session data associated with the old session ID | when auto-regenerating the session ID. When set to FALSE, the data -- cgit v1.2.3-24-g4f1b From 0ae4e6c0bd95b7264bee735fb635f317c882bbef Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 18 Feb 2015 21:14:55 +0200 Subject: Fix #3593 Revert "fixes" for #167, #388, #705 (also #1326) as it turns out URL-decoding isn't compliant with the CGI/1.1 specification. RFC 3875: http://www.faqs.org/rfcs/rfc3875.html --- application/config/config.php | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 306fc2cae..7d5c24c84 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -37,17 +37,16 @@ $config['index_page'] = 'index.php'; |-------------------------------------------------------------------------- | | This item determines which server global should be used to retrieve the -| URI string. The default setting of 'AUTO' works for most servers. +| URI string. The default setting of 'REQUEST_URI' works for most servers. | If your links do not seem to work, try one of the other delicious flavors: | -| 'AUTO' Default - auto detects -| 'CLI' or 'argv' Uses $_SERVER['argv'] (for php-cli only) -| 'PATH_INFO' Uses $_SERVER['PATH_INFO'] -| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] -| 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] +| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI'] +| 'QUERY_STRING' Uses $_SERVER['QUERY_STRING'] +| 'PATH_INFO' Uses $_SERVER['PATH_INFO'] | +| WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded! */ -$config['uri_protocol'] = 'AUTO'; +$config['uri_protocol'] = 'REQUEST_URI'; /* |-------------------------------------------------------------------------- -- cgit v1.2.3-24-g4f1b From 9187ed3516ba403d09fc88ebcf6ead7364f75c4d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 28 Feb 2015 19:54:17 +0200 Subject: [ci skip] Formally deprecate 'global_xss_filtering' --- application/config/config.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 7d5c24c84..7be482b85 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -404,6 +404,9 @@ $config['standardize_newlines'] = FALSE; | Determines whether the XSS filter is always active when GET, POST or | COOKIE data is encountered | +| WARNING: This feature is DEPRECATED and currently available only +| for backwards compatibility purposes! +| */ $config['global_xss_filtering'] = FALSE; -- cgit v1.2.3-24-g4f1b From 43ba5a2da25ff1e0af527da92d89063a3f9d4263 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sun, 1 Mar 2015 18:17:28 +0200 Subject: [ci skip] Fix a typo in config.php --- application/config/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 7be482b85..cc1307ca9 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -203,7 +203,7 @@ $config['directory_trigger'] = 'd'; | 3 = Informational Messages | 4 = All Messages | -| You can also pass in a array with threshold levels to show individual error types +| You can also pass an array with threshold levels to show individual error types | | array(2) = Debug Messages, without Error Messages | -- cgit v1.2.3-24-g4f1b From dd8c0ed8d595425cd935c2f4638c398d2a2d23e2 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Sat, 14 Mar 2015 17:01:36 +0200 Subject: [ci skip] Add a note about sess_save_path in config.php --- application/config/config.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index cc1307ca9..f78371f13 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -330,6 +330,8 @@ $config['encryption_key'] = ''; | The location to save sessions to, driver dependant. | | For the 'files' driver, it's a path to a writable directory. +| WARNING: Only absolute paths are supported! +| | For the 'database' driver, it's a table name. | Please read up the manual for the format with other session drivers. | -- cgit v1.2.3-24-g4f1b From 541e8b2d40d24d2dd37e6c6a0bf6fbd956c0b9b8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 27 Apr 2015 13:03:58 +0300 Subject: [ci skip] Remove redundant comment about log_threshold --- application/config/config.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index f78371f13..94e5d28a9 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -192,8 +192,6 @@ $config['directory_trigger'] = 'd'; | Error Logging Threshold |-------------------------------------------------------------------------- | -| If you have enabled error logging, you can set an error threshold to -| determine what gets logged. Threshold options are: | You can enable error logging by setting a threshold over zero. The | threshold determines what gets logged. Threshold options are: | -- cgit v1.2.3-24-g4f1b From d2d21e83028e9a49ffb9d79281c59408e16cf544 Mon Sep 17 00:00:00 2001 From: Calvin Tam Date: Sat, 4 Jul 2015 12:54:51 -0700 Subject: Fixed typos --- application/config/config.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 94e5d28a9..d76769209 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -325,7 +325,7 @@ $config['encryption_key'] = ''; | | 'sess_save_path' | -| The location to save sessions to, driver dependant. +| The location to save sessions to, driver dependent. | | For the 'files' driver, it's a path to a writable directory. | WARNING: Only absolute paths are supported! @@ -388,7 +388,7 @@ $config['cookie_httponly'] = FALSE; |-------------------------------------------------------------------------- | | Determines whether to standardize newline characters in input data, -| meaning to replace \r\n, \r, \n occurences with the PHP_EOL value. +| meaning to replace \r\n, \r, \n occurrences with the PHP_EOL value. | | This is particularly useful for portability between UNIX-based OSes, | (usually \n) and Windows (\r\n). -- cgit v1.2.3-24-g4f1b From adf7636fb82a01ea4c9acf3322715a9e653e37fe Mon Sep 17 00:00:00 2001 From: Calvin Tam Date: Sat, 4 Jul 2015 13:04:35 -0700 Subject: Standardized new lines --- application/config/config.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index d76769209..86ca312b7 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -58,7 +58,6 @@ $config['uri_protocol'] = 'REQUEST_URI'; | | http://codeigniter.com/user_guide/general/urls.html */ - $config['url_suffix'] = ''; /* @@ -155,7 +154,6 @@ $config['composer_autoload'] = FALSE; */ $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; - /* |-------------------------------------------------------------------------- | Enable Query Strings @@ -478,7 +476,6 @@ $config['time_reference'] = 'local'; */ $config['rewrite_short_tags'] = FALSE; - /* |-------------------------------------------------------------------------- | Reverse Proxy IPs -- cgit v1.2.3-24-g4f1b From 4a4cbb376b1d17a9e74edad8f7cb7f27a50c01c7 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 15 Jul 2015 17:39:44 +0300 Subject: [ci skip] Add changelog entries for PR #3828 --- application/config/config.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 86ca312b7..f4ba70a4e 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -284,8 +284,15 @@ $config['cache_path'] = ''; | Cache Include Query String |-------------------------------------------------------------------------- | -| Set this to TRUE if you want to use different cache files depending on the -| URL query string. Please be aware this might result in numerous cache files. +| Whether to take the URL query string into consideration when generating +| output cache files. Valid options are: +| +| FALSE = Disabled +| TRUE = Enabled, take all query parameters into account. +| Please be aware that this may result in numerous cache +| files generated for the same page over and over again. +| array('q') = Enabled, but only take into account the specified list +| of query parameters. | */ $config['cache_query_string'] = FALSE; -- cgit v1.2.3-24-g4f1b From 07355daccd7f2d0e1fbea3c6d9a9eab575aa9ad8 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 22 Jul 2015 12:46:16 +0300 Subject: Fix #3991 --- application/config/config.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index f4ba70a4e..a4d883fab 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -480,6 +480,8 @@ $config['time_reference'] = 'local'; | can rewrite the tags on-the-fly, enabling you to utilize that syntax | in your view files. Options are TRUE or FALSE (boolean) | +| Note: You need to have eval() enabled for this to work. +| */ $config['rewrite_short_tags'] = FALSE; -- cgit v1.2.3-24-g4f1b From 20573bd472bdeaa831074e563f239585554ffaf5 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 1 Sep 2015 12:46:06 +0300 Subject: [ci skip] Correct session database setup docs --- application/config/config.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index a4d883fab..479d591a4 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -344,6 +344,9 @@ $config['encryption_key'] = ''; | | Whether to match the user's IP address when reading the session data. | +| WARNING: If you're using the database driver, don't forget to update +| your session table's PRIMARY KEY when changing this setting. +| | 'sess_time_to_update' | | How many seconds between CI regenerating the session ID. -- cgit v1.2.3-24-g4f1b From 0a6b0661305f20ac1fbd219d43f59193bea90d1d Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 26 Oct 2015 15:31:38 +0200 Subject: Prevent Host header injections --- application/config/config.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 479d591a4..4f8f81406 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -11,10 +11,16 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | | http://example.com/ | -| If this is not set then CodeIgniter will try guess the protocol, domain -| and path to your installation. However, you should always configure this -| explicitly and never rely on auto-guessing, especially in production -| environments. +| WARNING: You MUST set this value! +| +| If it is not set, then CodeIgniter will try guess the protocol and path +| your installation, but due to security concerns the hostname will be set +| to $_SERVER['SERVER_ADDR'] if available, or localhost otherwise. +| The auto-detection mechanism exists only for convenience during +| development and MUST NOT be used in production! +| +| If you need to allow multiple domains, remember that this file is still +| a PHP script and you can easily do that on your own. | */ $config['base_url'] = ''; -- cgit v1.2.3-24-g4f1b From bd202c91b0e9cf0a8c93bcaa71df9574f5909346 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Mon, 11 Jan 2016 12:50:18 +0200 Subject: [ci skip] Update codeigniter.com links to https --- application/config/config.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 4f8f81406..23ef5a528 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -62,7 +62,7 @@ $config['uri_protocol'] = 'REQUEST_URI'; | This option allows you to add a suffix to all URLs generated by CodeIgniter. | For more information please see the user guide: | -| http://codeigniter.com/user_guide/general/urls.html +| https://codeigniter.com/user_guide/general/urls.html */ $config['url_suffix'] = ''; @@ -110,8 +110,8 @@ $config['enable_hooks'] = FALSE; | This item allows you to set the filename/classname prefix when extending | native libraries. For more information please see the user guide: | -| http://codeigniter.com/user_guide/general/core_classes.html -| http://codeigniter.com/user_guide/general/creating_libraries.html +| https://codeigniter.com/user_guide/general/core_classes.html +| https://codeigniter.com/user_guide/general/creating_libraries.html | */ $config['subclass_prefix'] = 'MY_'; @@ -311,7 +311,7 @@ $config['cache_query_string'] = FALSE; | If you use the Encryption class, you must set an encryption key. | See the user guide for more info. | -| http://codeigniter.com/user_guide/libraries/encryption.html +| https://codeigniter.com/user_guide/libraries/encryption.html | */ $config['encryption_key'] = ''; -- cgit v1.2.3-24-g4f1b From 25aab832ff5b064166b5af4f5c4269407c56b338 Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 14 Dec 2016 13:04:40 +0200 Subject: [ci skip] Deprecate 'allow_get_array', 'standardize_newlines' --- application/config/config.php | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 23ef5a528..10315220e 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -168,9 +168,6 @@ $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; | By default CodeIgniter uses search-engine friendly segment based URLs: | example.com/who/what/where/ | -| By default CodeIgniter enables access to the $_GET array. If for some -| reason you would like to disable it, set 'allow_get_array' to FALSE. -| | You can optionally enable standard query string based URLs: | example.com?who=me&what=something&where=here | @@ -185,12 +182,25 @@ $config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-'; | use segment based URLs. | */ -$config['allow_get_array'] = TRUE; $config['enable_query_strings'] = FALSE; $config['controller_trigger'] = 'c'; $config['function_trigger'] = 'm'; $config['directory_trigger'] = 'd'; +/* +|-------------------------------------------------------------------------- +| Allow $_GET array +|-------------------------------------------------------------------------- +| +| By default CodeIgniter enables access to the $_GET array. If for some +| reason you would like to disable it, set 'allow_get_array' to FALSE. +| +| WARNING: This feature is DEPRECATED and currently available only +| for backwards compatibility purposes! +| +*/ +$config['allow_get_array'] = TRUE; + /* |-------------------------------------------------------------------------- | Error Logging Threshold @@ -404,8 +414,8 @@ $config['cookie_httponly'] = FALSE; | Determines whether to standardize newline characters in input data, | meaning to replace \r\n, \r, \n occurrences with the PHP_EOL value. | -| This is particularly useful for portability between UNIX-based OSes, -| (usually \n) and Windows (\r\n). +| WARNING: This feature is DEPRECATED and currently available only +| for backwards compatibility purposes! | */ $config['standardize_newlines'] = FALSE; -- cgit v1.2.3-24-g4f1b From 19f0aab3221dd7760387cbec745c1eca9b215af7 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Sat, 9 Sep 2017 16:08:00 +0200 Subject: WIP: CI3 migration Signed-off-by: Florian Pritz --- application/config/config.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 1f71d74eb..40212b2f3 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -384,7 +384,7 @@ $config['encryption_key'] = ''; $config['sess_driver'] = 'database'; $config['sess_cookie_name'] = 'ci_session'; $config['sess_expiration'] = 7200; -$config['sess_save_path'] = NULL; +$config['sess_save_path'] = "ci_sessions"; $config['sess_match_ip'] = FALSE; $config['sess_time_to_update'] = 300; $config['sess_regenerate_destroy'] = FALSE; @@ -641,4 +641,4 @@ $config['download_nginx_location'] = '/protected-uploads'; if (file_exists(APPPATH.'config/config-local.php')) { include APPPATH.'config/config-local.php'; -} \ No newline at end of file +} -- cgit v1.2.3-24-g4f1b From 0569ecc413e75ca132d515b75faa8581d9672220 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 18 Sep 2017 17:31:58 +0200 Subject: Automatically set baseurl for tests Signed-off-by: Florian Pritz --- application/config/config.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'application/config/config.php') diff --git a/application/config/config.php b/application/config/config.php index 40212b2f3..8abf1ff6f 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -642,3 +642,7 @@ $config['download_nginx_location'] = '/protected-uploads'; if (file_exists(APPPATH.'config/config-local.php')) { include APPPATH.'config/config-local.php'; } + +if (getenv("ENVIRONMENT") === "testsuite" && isset($_SERVER['SERVER_PORT'])) { + $config['base_url'] = 'http://127.0.0.1:'.$_SERVER['SERVER_PORT'].'/'; +} -- cgit v1.2.3-24-g4f1b