kenjis / ci4-app-template
CodeIgniter4 application template
Installs: 353
Dependents: 0
Suggesters: 0
Security: 0
Stars: 19
Watchers: 3
Forks: 3
Open Issues: 1
Type:project
Requires
- php: ^7.4 || ^8.0
- codeigniter4/codeigniter4: ^4.2
- codeigniter4/translations: dev-develop
- liaison/revision: ^1.0
Requires (Dev)
- bamarni/composer-bin-plugin: ^1.4
- codeigniter4/devkit: ^1.0
- fakerphp/faker: ^1.9
- mikey179/vfsstream: ^1.6
- phpunit/phpunit: ^9.1
- tatter/patches: ^2.1
Suggests
- ext-fileinfo: Improves mime type detection for files
README
This template changes the default configuration of CI4 more secure.
This repository includes:
- CodeIgniter 4.4.5
- Translations for CodeIgniter 4 System Messages dev-develop
- CodeIgniter DevKit 1.2.0
- PHPUnit 9.6.16
- Tatter\Patches 2.1.0
- Liaison Revision 1.1.0
- bear/qatools 1.10.0
Requirements
- PHP 7.4 or later
How to Install
Composer
$ composer create-project kenjis/ci4-app-template your-project
Git
$ git clone https://github.com/kenjis/ci4-app-template.git your-project $ cd your-project/ $ composer install $ git checkout -b main
How to Update
Update Composer packages:
$ composer update
Update your CodeIgniter4 project files:
$ php spark revision:update
How to Use
Services
- All Services must be manually added to
app/Config/Services.php, even if third-party CI4 packages have their own Services.
CSRF
- You must set CSRF token field in your form manually. See https://codeigniter4.github.io/CodeIgniter4/libraries/security.html#html-forms
CSP
- You must set CSP when you need. See https://codeigniter4.github.io/CodeIgniter4/outgoing/response.html#content-security-policy
- You need to use
csp_script_nonce()andcsp_style_nonce()for inline contents. See https://codeigniter4.github.io/CodeIgniter4/outgoing/response.html#inline-content
Changes from the CI4 Default Configuration
Services
- Auto-Discovery of services is disabled. app/Config/Modules.php.
Config\ServicesextendsCodeIgniter\Config\Services. app/Config/Services.php.
Configs
- BaseURL's
index.phpis removed. - Auto Routing (Improved) is enabled.
Config\CURLRequest::$shareOptionsis disabled. (Since v4.4.0, this is set by default.)- MySQLi's
numberNativeis enabled. - Using Session-based CSRF protection.
- CSRF protection
$tokenRandomizeis enabled. - CSP is enabled.
- CSP
$autoNonceis disabled. - Strict Validation Rules are used. (Since v4.3.0, this is set by default.)
Filters
- CSRF filter is enabled.
- InvalidChars filter is enabled.
- SecureHeaders filter is enabled.
Features
Config\Feature::$multipleFiltersis enabled.
Others
- Using
developversion CI4. app/Config/Paths.php.
Available Commands
composer test // Run PHPUnit
composer cs-fix // Fix the coding style
composer cs // Check the coding style
composer sa // Run static analysis
composer run-script --list // List all commands
Related Projects for CodeIgniter 4.x
Libraries
- CodeIgniter 3 to 4 Upgrade Helper
- CodeIgniter3-like Captcha
- PHPUnit Helper
- CodeIgniter4 Attribute Routes
- CodeIgniter Simple and Secure Twig
- CodeIgniter4 Viewi Demo
Tutorials
- CodeIgniter 4 News Tutorial
- CodeIgniter 4 Validation Tutorial
- CodeIgniter4 Code Modules Test
- CodeIgniter 4 File Upload