Newer
Older
framework / app / Config / App.php
@MGatner MGatner on 18 May 2021 14 KB Release v4.1.2
<?php

namespace Config;

use CodeIgniter\Config\BaseConfig;

class App extends BaseConfig
{
	/**
	 * --------------------------------------------------------------------------
	 * Base Site URL
	 * --------------------------------------------------------------------------
	 *
	 * URL to your CodeIgniter root. Typically this will be your base URL,
	 * WITH a trailing slash:
	 *
	 *    http://example.com/
	 *
	 * If this is not set then CodeIgniter will try guess the protocol, domain
	 * and path to your installation. However, you should always configure this
	 * explicitly and never rely on auto-guessing, especially in production
	 * environments.
	 *
	 * @var string
	 */
	public $baseURL = 'http://localhost:8080/';

	/**
	 * --------------------------------------------------------------------------
	 * Index File
	 * --------------------------------------------------------------------------
	 *
	 * Typically this will be your index.php file, unless you've renamed it to
	 * something else. If you are using mod_rewrite to remove the page set this
	 * variable so that it is blank.
	 *
	 * @var string
	 */
	public $indexPage = 'index.php';

	/**
	 * --------------------------------------------------------------------------
	 * URI PROTOCOL
	 * --------------------------------------------------------------------------
	 *
	 * This item determines which getServer global should be used to retrieve the
	 * URI string.  The default setting of 'REQUEST_URI' works for most servers.
	 * If your links do not seem to work, try one of the other delicious flavors:
	 *
	 * 'REQUEST_URI'    Uses $_SERVER['REQUEST_URI']
	 * 'QUERY_STRING'   Uses $_SERVER['QUERY_STRING']
	 * 'PATH_INFO'      Uses $_SERVER['PATH_INFO']
	 *
	 * WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded!
	 *
	 * @var string
	 */
	public $uriProtocol = 'REQUEST_URI';

	/**
	 * --------------------------------------------------------------------------
	 * Default Locale
	 * --------------------------------------------------------------------------
	 *
	 * The Locale roughly represents the language and location that your visitor
	 * is viewing the site from. It affects the language strings and other
	 * strings (like currency markers, numbers, etc), that your program
	 * should run under for this request.
	 *
	 * @var string
	 */
	public $defaultLocale = 'en';

	/**
	 * --------------------------------------------------------------------------
	 * Negotiate Locale
	 * --------------------------------------------------------------------------
	 *
	 * If true, the current Request object will automatically determine the
	 * language to use based on the value of the Accept-Language header.
	 *
	 * If false, no automatic detection will be performed.
	 *
	 * @var boolean
	 */
	public $negotiateLocale = false;

	/**
	 * --------------------------------------------------------------------------
	 * Supported Locales
	 * --------------------------------------------------------------------------
	 *
	 * If $negotiateLocale is true, this array lists the locales supported
	 * by the application in descending order of priority. If no match is
	 * found, the first locale will be used.
	 *
	 * @var string[]
	 */
	public $supportedLocales = ['en'];

	/**
	 * --------------------------------------------------------------------------
	 * Application Timezone
	 * --------------------------------------------------------------------------
	 *
	 * The default timezone that will be used in your application to display
	 * dates with the date helper, and can be retrieved through app_timezone()
	 *
	 * @var string
	 */
	public $appTimezone = 'America/Chicago';

	/**
	 * --------------------------------------------------------------------------
	 * Default Character Set
	 * --------------------------------------------------------------------------
	 *
	 * This determines which character set is used by default in various methods
	 * that require a character set to be provided.
	 *
	 * @see http://php.net/htmlspecialchars for a list of supported charsets.
	 *
	 * @var string
	 */
	public $charset = 'UTF-8';

	/**
	 * --------------------------------------------------------------------------
	 * URI PROTOCOL
	 * --------------------------------------------------------------------------
	 *
	 * If true, this will force every request made to this application to be
	 * made via a secure connection (HTTPS). If the incoming request is not
	 * secure, the user will be redirected to a secure version of the page
	 * and the HTTP Strict Transport Security header will be set.
	 *
	 * @var boolean
	 */
	public $forceGlobalSecureRequests = false;

	/**
	 * --------------------------------------------------------------------------
	 * Session Driver
	 * --------------------------------------------------------------------------
	 *
	 * The session storage driver to use:
	 * - `CodeIgniter\Session\Handlers\FileHandler`
	 * - `CodeIgniter\Session\Handlers\DatabaseHandler`
	 * - `CodeIgniter\Session\Handlers\MemcachedHandler`
	 * - `CodeIgniter\Session\Handlers\RedisHandler`
	 *
	 * @var string
	 */
	public $sessionDriver = 'CodeIgniter\Session\Handlers\FileHandler';

	/**
	 * --------------------------------------------------------------------------
	 * Session Cookie Name
	 * --------------------------------------------------------------------------
	 *
	 * The session cookie name, must contain only [0-9a-z_-] characters
	 *
	 * @var string
	 */
	public $sessionCookieName = 'ci_session';

	/**
	 * --------------------------------------------------------------------------
	 * Session Expiration
	 * --------------------------------------------------------------------------
	 *
	 * The number of SECONDS you want the session to last.
	 * Setting to 0 (zero) means expire when the browser is closed.
	 *
	 * @var integer
	 */
	public $sessionExpiration = 7200;

	/**
	 * --------------------------------------------------------------------------
	 * Session Save Path
	 * --------------------------------------------------------------------------
	 *
	 * The location to save sessions to and is driver dependent.
	 *
	 * For the 'files' driver, it's a path to a writable directory.
	 * WARNING: Only absolute paths are supported!
	 *
	 * For the 'database' driver, it's a table name.
	 * Please read up the manual for the format with other session drivers.
	 *
	 * IMPORTANT: You are REQUIRED to set a valid save path!
	 *
	 * @var string
	 */
	public $sessionSavePath = WRITEPATH . 'session';

	/**
	 * --------------------------------------------------------------------------
	 * Session Match IP
	 * --------------------------------------------------------------------------
	 *
	 * Whether to match the user's IP address when reading the session data.
	 *
	 * WARNING: If you're using the database driver, don't forget to update
	 *          your session table's PRIMARY KEY when changing this setting.
	 *
	 * @var boolean
	 */
	public $sessionMatchIP = false;

	/**
	 * --------------------------------------------------------------------------
	 * Session Time to Update
	 * --------------------------------------------------------------------------
	 *
	 * How many seconds between CI regenerating the session ID.
	 *
	 * @var integer
	 */
	public $sessionTimeToUpdate = 300;

	/**
	 * --------------------------------------------------------------------------
	 * Session Regenerate Destroy
	 * --------------------------------------------------------------------------
	 *
	 * Whether to destroy session data associated with the old session ID
	 * when auto-regenerating the session ID. When set to FALSE, the data
	 * will be later deleted by the garbage collector.
	 *
	 * @var boolean
	 */
	public $sessionRegenerateDestroy = false;

	/**
	 * --------------------------------------------------------------------------
	 * Cookie Prefix
	 * --------------------------------------------------------------------------
	 *
	 * Set a cookie name prefix if you need to avoid collisions.
	 *
	 * @var string
	 *
	 * @deprecated use Config\Cookie::$prefix property instead.
	 */
	public $cookiePrefix = '';

	/**
	 * --------------------------------------------------------------------------
	 * Cookie Domain
	 * --------------------------------------------------------------------------
	 *
	 * Set to `.your-domain.com` for site-wide cookies.
	 *
	 * @var string
	 *
	 * @deprecated use Config\Cookie::$domain property instead.
	 */
	public $cookieDomain = '';

	/**
	 * --------------------------------------------------------------------------
	 * Cookie Path
	 * --------------------------------------------------------------------------
	 *
	 * Typically will be a forward slash.
	 *
	 * @var string
	 *
	 * @deprecated use Config\Cookie::$path property instead.
	 */
	public $cookiePath = '/';

	/**
	 * --------------------------------------------------------------------------
	 * Cookie Secure
	 * --------------------------------------------------------------------------
	 *
	 * Cookie will only be set if a secure HTTPS connection exists.
	 *
	 * @var boolean
	 *
	 * @deprecated use Config\Cookie::$secure property instead.
	 */
	public $cookieSecure = false;

	/**
	 * --------------------------------------------------------------------------
	 * Cookie HttpOnly
	 * --------------------------------------------------------------------------
	 *
	 * Cookie will only be accessible via HTTP(S) (no JavaScript).
	 *
	 * @var boolean
	 *
	 * @deprecated use Config\Cookie::$httponly property instead.
	 */
	public $cookieHTTPOnly = true;

	/**
	 * --------------------------------------------------------------------------
	 * Cookie SameSite
	 * --------------------------------------------------------------------------
	 *
	 * Configure cookie SameSite setting. Allowed values are:
	 * - None
	 * - Lax
	 * - Strict
	 * - ''
	 *
	 * Alternatively, you can use the constant names:
	 * - `Cookie::SAMESITE_NONE`
	 * - `Cookie::SAMESITE_LAX`
	 * - `Cookie::SAMESITE_STRICT`
	 *
	 * Defaults to `Lax` for compatibility with modern browsers. Setting `''`
	 * (empty string) means default SameSite attribute set by browsers (`Lax`)
	 * will be set on cookies. If set to `None`, `$cookieSecure` must also be set.
	 *
	 * @var string
	 *
	 * @deprecated use Config\Cookie::$samesite property instead.
	 */
	public $cookieSameSite = 'Lax';

	/**
	 * --------------------------------------------------------------------------
	 * Reverse Proxy IPs
	 * --------------------------------------------------------------------------
	 *
	 * If your server is behind a reverse proxy, you must whitelist the proxy
	 * IP addresses from which CodeIgniter should trust headers such as
	 * HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP in order to properly identify
	 * the visitor's IP address.
	 *
	 * You can use both an array or a comma-separated list of proxy addresses,
	 * as well as specifying whole subnets. Here are a few examples:
	 *
	 * Comma-separated:	'10.0.1.200,192.168.5.0/24'
	 * Array: ['10.0.1.200', '192.168.5.0/24']
	 *
	 * @var string|string[]
	 */
	public $proxyIPs = '';

	/**
	 * --------------------------------------------------------------------------
	 * CSRF Token Name
	 * --------------------------------------------------------------------------
	 *
	 * The token name.
	 *
	 * @deprecated Use `Config\Security` $tokenName property instead of using this property.
	 *
	 * @var string
	 */
	public $CSRFTokenName = 'csrf_test_name';

	/**
	 * --------------------------------------------------------------------------
	 * CSRF Header Name
	 * --------------------------------------------------------------------------
	 *
	 * The header name.
	 *
	 * @deprecated Use `Config\Security` $headerName property instead of using this property.
	 *
	 * @var string
	 */
	public $CSRFHeaderName = 'X-CSRF-TOKEN';

	/**
	 * --------------------------------------------------------------------------
	 * CSRF Cookie Name
	 * --------------------------------------------------------------------------
	 *
	 * The cookie name.
	 *
	 * @deprecated Use `Config\Security` $cookieName property instead of using this property.
	 *
	 * @var string
	 */
	public $CSRFCookieName = 'csrf_cookie_name';

	/**
	 * --------------------------------------------------------------------------
	 * CSRF Expire
	 * --------------------------------------------------------------------------
	 *
	 * The number in seconds the token should expire.
	 *
	 * @deprecated Use `Config\Security` $expire property instead of using this property.
	 *
	 * @var integer
	 */
	public $CSRFExpire = 7200;

	/**
	 * --------------------------------------------------------------------------
	 * CSRF Regenerate
	 * --------------------------------------------------------------------------
	 *
	 * Regenerate token on every submission?
	 *
	 * @deprecated Use `Config\Security` $regenerate property instead of using this property.
	 *
	 * @var boolean
	 */
	public $CSRFRegenerate = true;

	/**
	 * --------------------------------------------------------------------------
	 * CSRF Redirect
	 * --------------------------------------------------------------------------
	 *
	 * Redirect to previous page with error on failure?
	 *
	 * @deprecated Use `Config\Security` $redirect property instead of using this property.
	 *
	 * @var boolean
	 */
	public $CSRFRedirect = true;

	/**
	 * --------------------------------------------------------------------------
	 * CSRF SameSite
	 * --------------------------------------------------------------------------
	 *
	 * Setting for CSRF SameSite cookie token. Allowed values are:
	 * - None
	 * - Lax
	 * - Strict
	 * - ''
	 *
	 * Defaults to `Lax` as recommended in this link:
	 *
	 * @see https://portswigger.net/web-security/csrf/samesite-cookies
	 *
	 * @deprecated Use `Config\Security` $samesite property instead of using this property.
	 *
	 * @var string
	 */
	public $CSRFSameSite = 'Lax';

	/**
	 * --------------------------------------------------------------------------
	 * Content Security Policy
	 * --------------------------------------------------------------------------
	 *
	 * Enables the Response's Content Secure Policy to restrict the sources that
	 * can be used for images, scripts, CSS files, audio, video, etc. If enabled,
	 * the Response object will populate default values for the policy from the
	 * `ContentSecurityPolicy.php` file. Controllers can always add to those
	 * restrictions at run time.
	 *
	 * For a better understanding of CSP, see these documents:
	 *
	 * @see http://www.html5rocks.com/en/tutorials/security/content-security-policy/
	 * @see http://www.w3.org/TR/CSP/
	 *
	 * @var boolean
	 */
	public $CSPEnabled = false;
}