ci4-app-template
ci4-app-template copied to clipboard
CodeIgniter4 Application Template - This template changes the CI4 default config more secure.
CodeIgniter 4 Application Template
This template changes the default configuration of CI4 more secure.
This repository includes:
- CodeIgniter 4.4.5
- Translations for CodeIgniter 4 System Messages dev-develop
- CodeIgniter DevKit 1.2.0
- PHPUnit 9.6.16
- Tatter\Patches 2.1.0
- Liaison Revision 1.1.0
- bear/qatools 1.10.0
Requirements
- PHP 7.4 or later
How to Install
Composer
$ composer create-project kenjis/ci4-app-template your-project
Git
$ git clone https://github.com/kenjis/ci4-app-template.git your-project
$ cd your-project/
$ composer install
$ git checkout -b main
How to Update
Update Composer packages:
$ composer update
Update your CodeIgniter4 project files:
$ php spark revision:update
How to Use
Services
- All Services must be manually added to
app/Config/Services.php, even if third-party CI4 packages have their own Services.
CSRF
- You must set CSRF token field in your form manually. See https://codeigniter4.github.io/CodeIgniter4/libraries/security.html#html-forms
CSP
- You must set CSP when you need. See https://codeigniter4.github.io/CodeIgniter4/outgoing/response.html#content-security-policy
- You need to use
csp_script_nonce()andcsp_style_nonce()for inline contents. See https://codeigniter4.github.io/CodeIgniter4/outgoing/response.html#inline-content
Changes from the CI4 Default Configuration
Services
- Auto-Discovery of services is disabled. app/Config/Modules.php.
Config\ServicesextendsCodeIgniter\Config\Services. app/Config/Services.php.
Configs
- BaseURL's
index.phpis removed. - Auto Routing (Improved) is enabled.
- app/Config/Routing.php and app/Config/Feature.php
- See https://codeigniter4.github.io/CodeIgniter4/incoming/routing.html#auto-routing-improved
Config\CURLRequest::$shareOptionsis disabled. (Since v4.4.0, this is set by default.)- app/Config/CURLRequest.php.
- See https://codeigniter4.github.io/CodeIgniter4/libraries/curlrequest.html#sharing-options
- MySQLi's
numberNativeis enabled.- app/Config/Database.php
- See https://codeigniter4.github.io/CodeIgniter4/database/configuration.html#explanation-of-values
- Using Session-based CSRF protection.
- app/Config/Security.php.
- See https://codeigniter4.github.io/CodeIgniter4/libraries/security.html#csrf-protection-methods
- CSRF protection
$tokenRandomizeis enabled.- app/Config/Security.php.
- See https://codeigniter4.github.io/CodeIgniter4/libraries/security.html#token-randomization
- CSP is enabled.
- app/Config/App.
- See https://codeigniter4.github.io/CodeIgniter4/outgoing/response.html#turning-csp-on
- CSP
$autoNonceis disabled.- app/Config/ContentSecurityPolicy.
- See https://codeigniter4.github.io/CodeIgniter4/outgoing/response.html#inline-content
- Strict Validation Rules are used. (Since v4.3.0, this is set by default.)
- app/Config/Validation.php.
- See https://codeigniter4.github.io/CodeIgniter4/libraries/validation.html#traditional-and-strict-rules
Filters
- CSRF filter is enabled.
- app/Config/Filters.php.
- See https://codeigniter4.github.io/CodeIgniter4/libraries/security.html#enable-csrf-protection
- InvalidChars filter is enabled.
- app/Config/Filters.php.
- See https://codeigniter4.github.io/CodeIgniter4/incoming/filters.html#invalidchars
- SecureHeaders filter is enabled.
- app/Config/Filters.php.
- See https://codeigniter4.github.io/CodeIgniter4/incoming/filters.html#secureheaders
Features
Config\Feature::$multipleFiltersis enabled.- app/Config/Feature.php.
- See https://codeigniter4.github.io/CodeIgniter4/incoming/routing.html#applying-filters
Others
- Using
developversion CI4. app/Config/Paths.php.
Available Commands
composer test // Run PHPUnit
composer cs-fix // Fix the coding style
composer cs // Check the coding style
composer sa // Run static analysis
composer run-script --list // List all commands
Related Projects for CodeIgniter 4.x
Libraries
- CodeIgniter 3 to 4 Upgrade Helper
- CodeIgniter3-like Captcha
- PHPUnit Helper
- CodeIgniter4 Attribute Routes
- CodeIgniter Simple and Secure Twig
- CodeIgniter4 Viewi Demo
Tutorials
- CodeIgniter 4 News Tutorial
- CodeIgniter 4 Validation Tutorial
- CodeIgniter4 Code Modules Test
- CodeIgniter 4 File Upload