markus/finanzen
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

umstellung auf shared codeigniter und postgres php8.2

Browse Source
This commit is contained in:
Markus
2022-09-18 14:07:38 +02:00
parent 22437db1c3
commit 8d16903e40
11628 changed files with 169929 additions and 1139112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
app/Config/App.php
View File

@@ -3,6 +3,7 @@
namespace Config;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Session\Handlers\FileHandler;
class App extends BaseConfig
{
@@ -23,7 +24,7 @@ class App extends BaseConfig
*
* @var string
*/
public $baseURL = 'https://finanzen.mawim.at';
public $baseURL = 'https://finanzen.mawim.at/';
/**
* --------------------------------------------------------------------------
@@ -43,7 +44,7 @@ class App extends BaseConfig
* URI PROTOCOL
* --------------------------------------------------------------------------
*
* This item determines which getServer global should be used to retrieve the
* This item determines which server global should be used to retrieve the
* URI string. The default setting of 'REQUEST_URI' works for most servers.
* If your links do not seem to work, try one of the other delicious flavors:
*
@@ -69,7 +70,7 @@ class App extends BaseConfig
*
* @var string
*/
public $defaultLocale = 'en';
public $defaultLocale = 'de';
/**
* --------------------------------------------------------------------------
@@ -96,7 +97,7 @@ class App extends BaseConfig
*
* @var string[]
*/
public $supportedLocales = ['en'];
public $supportedLocales = ['de'];
/**
* --------------------------------------------------------------------------
@@ -108,7 +109,7 @@ class App extends BaseConfig
*
* @var string
*/
public $appTimezone = 'America/Chicago';
public $appTimezone = 'Europe/Vienna';
/**
* --------------------------------------------------------------------------
@@ -151,7 +152,7 @@ class App extends BaseConfig
*
* @var string
*/
public $sessionDriver = 'CodeIgniter\Session\Handlers\FileHandler';
public $sessionDriver = FileHandler::class;
/**
* --------------------------------------------------------------------------
@@ -318,7 +319,7 @@ class App extends BaseConfig
* (empty string) means default SameSite attribute set by browsers (`Lax`)
* will be set on cookies. If set to `None`, `$cookieSecure` must also be set.
*
* @var string
* @var string|null
*
* @deprecated use Config\Cookie::$samesite property instead.
*/
@@ -436,7 +437,7 @@ class App extends BaseConfig
* Defaults to `Lax` as recommended in this link:
*
* @see https://portswigger.net/web-security/csrf/samesite-cookies
* @deprecated Use `Config\Security` $samesite property instead of using this property.
* @deprecated `Config\Cookie` $samesite property is used.
*
* @var string
*/

384
app/Config/Auth.php Normal file
View File

@@ -0,0 +1,384 @@
<?php
declare(strict_types=1);
namespace Config;
use CodeIgniter\Shield\Config\Auth as ShieldAuth;
use CodeIgniter\Shield\Authentication\Actions\ActionInterface;
use CodeIgniter\Shield\Authentication\AuthenticatorInterface;
use CodeIgniter\Shield\Authentication\Authenticators\AccessTokens;
use CodeIgniter\Shield\Authentication\Authenticators\Session;
use CodeIgniter\Shield\Authentication\Passwords\ValidatorInterface;
use CodeIgniter\Shield\Models\UserModel;
class Auth extends ShieldAuth
{
/**
* ////////////////////////////////////////////////////////////////////
* AUTHENTICATION
* ////////////////////////////////////////////////////////////////////
*/
public array $views = [
'login' => '\CodeIgniter\Shield\Views\login',
'register' => '\CodeIgniter\Shield\Views\register',
'layout' => '\CodeIgniter\Shield\Views\layout',
'action_email_2fa' => '\CodeIgniter\Shield\Views\email_2fa_show',
'action_email_2fa_verify' => '\CodeIgniter\Shield\Views\email_2fa_verify',
'action_email_2fa_email' => '\CodeIgniter\Shield\Views\Email\email_2fa_email',
'action_email_activate_show' => '\CodeIgniter\Shield\Views\email_activate_show',
'action_email_activate_email' => '\CodeIgniter\Shield\Views\Email\email_activate_email',
'magic-link-login' => '\CodeIgniter\Shield\Views\magic_link_form',
'magic-link-message' => '\CodeIgniter\Shield\Views\magic_link_message',
'magic-link-email' => '\CodeIgniter\Shield\Views\Email\magic_link_email',
];
/**
* --------------------------------------------------------------------
* Redirect urLs
* --------------------------------------------------------------------
* The default URL that a user will be redirected to after
* various auth actions. If you need more flexibility you can
* override the `getUrl()` method to apply any logic you may need.
*/
public array $redirects = [
'register' => '/',
'login' => '/',
'logout' => 'login',
];
/**
* --------------------------------------------------------------------
* Authentication Actions
* --------------------------------------------------------------------
* Specifies the class that represents an action to take after
* the user logs in or registers a new account at the site.
*
* You must register actions in the order of the actions to be performed.
*
* Available actions with Shield:
* - register: 'CodeIgniter\Shield\Authentication\Actions\EmailActivator'
* - login: 'CodeIgniter\Shield\Authentication\Actions\Email2FA'
*
* @var array<string, class-string<ActionInterface>|null>
*/
public array $actions = [
'register' => null,
'login' => null,
];
/**
* --------------------------------------------------------------------
* Authenticators
* --------------------------------------------------------------------
* The available authentication systems, listed
* with alias and class name. These can be referenced
* by alias in the auth helper:
* auth('tokens')->attempt($credentials);
*
* @var array<string, class-string<AuthenticatorInterface>>
*/
public array $authenticators = [
'tokens' => AccessTokens::class,
'session' => Session::class,
];
/**
* --------------------------------------------------------------------
* Name of Authenticator Header
* --------------------------------------------------------------------
* The name of Header that the Authorization token should be found.
* According to the specs, this should be `Authorization`, but rare
* circumstances might need a different header.
*/
public array $authenticatorHeader = [
'tokens' => 'Authorization',
];
/**
* --------------------------------------------------------------------
* Unused Token Lifetime
* --------------------------------------------------------------------
* Determines the amount of time, in seconds, that an unused
* access token can be used.
*/
public int $unusedTokenLifetime = YEAR;
/**
* --------------------------------------------------------------------
* Default Authenticator
* --------------------------------------------------------------------
* The Authenticator to use when none is specified.
* Uses the $key from the $authenticators array above.
*/
public string $defaultAuthenticator = 'session';
/**
* --------------------------------------------------------------------
* Authentication Chain
* --------------------------------------------------------------------
* The Authenticators to test logged in status against
* when using the 'chain' filter. Each Authenticator listed will be checked.
* If no match is found, then the next in the chain will be checked.
*
* @var string[]
* @phpstan-var list<string>
*/
public array $authenticationChain = [
'session',
'tokens',
];
/**
* --------------------------------------------------------------------
* Allow Registration
* --------------------------------------------------------------------
* Determines whether users can register for the site.
*/
public bool $allowRegistration = true;
/**
* --------------------------------------------------------------------
* Record Last Active Date
* --------------------------------------------------------------------
* If true, will always update the `last_active` datetime for the
* logged in user on every page request.
*/
public bool $recordActiveDate = true;
/**
* --------------------------------------------------------------------
* Allow Magic Link Logins
* --------------------------------------------------------------------
* If true, will allow the use of "magic links" sent via the email
* as a way to log a user in without the need for a password.
* By default, this is used in place of a password reset flow, but
* could be modified as the only method of login once an account
* has been set up.
*/
public bool $allowMagicLinkLogins = true;
/**
* --------------------------------------------------------------------
* Magic Link Lifetime
* --------------------------------------------------------------------
* Specifies the amount of time, in seconds, that a magic link is valid.
* You can use Time Constants or any desired number.
*/
public int $magicLinkLifetime = HOUR;
/**
* --------------------------------------------------------------------
* Session Authenticator Configuration
* --------------------------------------------------------------------
* These settings only apply if you are using the Session Authenticator
* for authentication.
*
* - field The name of the key the current user info is stored in session
* - allowRemembering Does the system allow use of "remember-me"
* - rememberCookieName The name of the cookie to use for "remember-me"
* - rememberLength The length of time, in seconds, to remember a user.
*
* @var array<string, bool|int|string>
*/
public array $sessionConfig = [
'field' => 'user',
'allowRemembering' => true,
'rememberCookieName' => 'remember',
'rememberLength' => 30 * DAY,
];
/**
* --------------------------------------------------------------------
* Minimum Password Length
* --------------------------------------------------------------------
* The minimum length that a password must be to be accepted.
* Recommended minimum value by NIST = 8 characters.
*/
public int $minimumPasswordLength = 8;
/**
* --------------------------------------------------------------------
* Password Check Helpers
* --------------------------------------------------------------------
* The PasswordValidator class runs the password through all of these
* classes, each getting the opportunity to pass/fail the password.
* You can add custom classes as long as they adhere to the
* CodeIgniter\Shield\Authentication\Passwords\ValidatorInterface.
*
* @var class-string<ValidatorInterface>[]
*/
public array $passwordValidators = [
'CodeIgniter\Shield\Authentication\Passwords\CompositionValidator',
'CodeIgniter\Shield\Authentication\Passwords\NothingPersonalValidator',
'CodeIgniter\Shield\Authentication\Passwords\DictionaryValidator',
//'CodeIgniter\Shield\Authentication\Passwords\PwnedValidator',
];
/**
* --------------------------------------------------------------------
* Valid login fields
* --------------------------------------------------------------------
* Fields that are available to be used as credentials for login.
*/
public array $validFields = [
'email',
'username',
];
/**
* --------------------------------------------------------------------
* Additional Fields for "Nothing Personal"
* --------------------------------------------------------------------
* The NothingPersonalValidator prevents personal information from
* being used in passwords. The email and username fields are always
* considered by the validator. Do not enter those field names here.
*
* An extended User Entity might include other personal info such as
* first and/or last names. $personalFields is where you can add
* fields to be considered as "personal" by the NothingPersonalValidator.
* For example:
* $personalFields = ['firstname', 'lastname'];
*/
public array $personalFields = [];
/**
* --------------------------------------------------------------------
* Password / Username Similarity
* --------------------------------------------------------------------
* Among other things, the NothingPersonalValidator checks the
* amount of sameness between the password and username.
* Passwords that are too much like the username are invalid.
*
* The value set for $maxSimilarity represents the maximum percentage
* of similarity at which the password will be accepted. In other words, any
* calculated similarity equal to, or greater than $maxSimilarity
* is rejected.
*
* The accepted range is 0-100, with 0 (zero) meaning don't check similarity.
* Using values at either extreme of the *working range* (1-100) is
* not advised. The low end is too restrictive and the high end is too permissive.
* The suggested value for $maxSimilarity is 50.
*
* You may be thinking that a value of 100 should have the effect of accepting
* everything like a value of 0 does. That's logical and probably true,
* but is unproven and untested. Besides, 0 skips the work involved
* making the calculation unlike when using 100.
*
* The (admittedly limited) testing that's been done suggests a useful working range
* of 50 to 60. You can set it lower than 50, but site users will probably start
* to complain about the large number of proposed passwords getting rejected.
* At around 60 or more it starts to see pairs like 'captain joe' and 'joe*captain' as
* perfectly acceptable which clearly they are not.
*
* To disable similarity checking set the value to 0.
* public $maxSimilarity = 0;
*/
public int $maxSimilarity = 50;
/**
* --------------------------------------------------------------------
* Encryption Algorithm to use
* --------------------------------------------------------------------
* Valid values are
* - PASSWORD_DEFAULT (default)
* - PASSWORD_BCRYPT
* - PASSWORD_ARGON2I - As of PHP 7.2 only if compiled with support for it
* - PASSWORD_ARGON2ID - As of PHP 7.3 only if compiled with support for it
*
* If you choose to use any ARGON algorithm, then you might want to
* uncomment the "ARGON2i/D Algorithm" options to suit your needs
*/
public string $hashAlgorithm = PASSWORD_DEFAULT;
/**
* --------------------------------------------------------------------
* ARGON2i/D Algorithm options
* --------------------------------------------------------------------
* The ARGON2I method of encryption allows you to define the "memory_cost",
* the "time_cost" and the number of "threads", whenever a password hash is
* created.
* This defaults to a value of 10 which is an acceptable number.
* However, depending on the security needs of your application
* and the power of your hardware, you might want to increase the
* cost. This makes the hashing process takes longer.
*/
public int $hashMemoryCost = 2048; // PASSWORD_ARGON2_DEFAULT_MEMORY_COST;
public int $hashTimeCost = 4; // PASSWORD_ARGON2_DEFAULT_TIME_COST;
public int $hashThreads = 4; // PASSWORD_ARGON2_DEFAULT_THREADS;
/**
* --------------------------------------------------------------------
* Password Hashing Cost
* --------------------------------------------------------------------
* The BCRYPT method of encryption allows you to define the "cost"
* or number of iterations made, whenever a password hash is created.
* This defaults to a value of 10 which is an acceptable number.
* However, depending on the security needs of your application
* and the power of your hardware, you might want to increase the
* cost. This makes the hashing process takes longer.
*
* Valid range is between 4 - 31.
*/
public int $hashCost = 10;
/**
* ////////////////////////////////////////////////////////////////////
* OTHER SETTINGS
* ////////////////////////////////////////////////////////////////////
*/
/**
* --------------------------------------------------------------------
* User Provider
* --------------------------------------------------------------------
* The name of the class that handles user persistence.
* By default, this is the included UserModel, which
* works with any of the database engines supported by CodeIgniter.
* You can change it as long as they adhere to the
* CodeIgniter\Shield\Models\UserModel.
*
* @var class-string<UserModel>
*/
public string $userProvider = 'CodeIgniter\Shield\Models\UserModel';
/**
* Returns the URL that a user should be redirected
* to after a successful login.
*/
public function loginRedirect(): string
{
$url = setting('Auth.redirects')['login'];
return $this->getUrl($url);
}
/**
* Returns the URL that a user should be redirected
* to after they are logged out.
*/
public function logoutRedirect(): string
{
$url = setting('Auth.redirects')['logout'];
return $this->getUrl($url);
}
/**
* Returns the URL the user should be redirected to
* after a successful registration.
*/
public function registerRedirect(): string
{
$url = setting('Auth.redirects')['register'];
return $this->getUrl($url);
}
protected function getUrl(string $url): string
{
return strpos($url, 'http') === 0
? $url
: rtrim(site_url($url), '/ ');
}
}

101
app/Config/AuthGroups.php Normal file
View File

@@ -0,0 +1,101 @@
<?php
declare(strict_types=1);
namespace Config;
use CodeIgniter\Shield\Config\AuthGroups as ShieldAuthGroups;
class AuthGroups extends ShieldAuthGroups
{
/**
* --------------------------------------------------------------------
* Default Group
* --------------------------------------------------------------------
* The group that a newly registered user is added to.
*/
public string $defaultGroup = 'user';
/**
* --------------------------------------------------------------------
* Groups
* --------------------------------------------------------------------
* The available authentication systems, listed
* with alias and class name. These can be referenced
* by alias in the auth helper:
* auth('api')->attempt($credentials);
*/
public array $groups = [
'superadmin' => [
'title' => 'Super Admin',
'description' => 'Complete control of the site.',
],
'admin' => [
'title' => 'Admin',
'description' => 'Day to day administrators of the site.',
],
'developer' => [
'title' => 'Developer',
'description' => 'Site programmers.',
],
'user' => [
'title' => 'User',
'description' => 'General users of the site. Often customers.',
],
'beta' => [
'title' => 'Beta User',
'description' => 'Has access to beta-level features.',
],
];
/**
* --------------------------------------------------------------------
* Permissions
* --------------------------------------------------------------------
* The available permissions in the system. Each system is defined
* where the key is the
*
* If a permission is not listed here it cannot be used.
*/
public array $permissions = [
'admin.access' => 'Can access the sites admin area',
'admin.settings' => 'Can access the main site settings',
'users.manage-admins' => 'Can manage other admins',
'users.create' => 'Can create new non-admin users',
'users.edit' => 'Can edit existing non-admin users',
'users.delete' => 'Can delete existing non-admin users',
'beta.access' => 'Can access beta-level features',
];
/**
* --------------------------------------------------------------------
* Permissions Matrix
* --------------------------------------------------------------------
* Maps permissions to groups.
*/
public array $matrix = [
'superadmin' => [
'admin.*',
'users.*',
'beta.*',
],
'admin' => [
'admin.access',
'users.create',
'users.edit',
'users.delete',
'beta.access',
],
'developer' => [
'admin.access',
'admin.settings',
'users.create',
'users.edit',
'beta.access',
],
'user' => [],
'beta' => [
'beta.access',
],
];
}

4
app/Config/Autoload.php
View File

@@ -64,9 +64,7 @@ class Autoload extends AutoloadConfig
*
* @var array<string, string>
*/
public $classmap = [
'Booking'=>APPPATH .'Libraries/Booking.php'
];
public $classmap = [];
/**
* -------------------------------------------------------------------

41
app/Config/Constants.php
View File

@@ -23,7 +23,7 @@ defined('APP_NAMESPACE') || define('APP_NAMESPACE', 'App');
| The path that Composer's autoload file is expected to live. By default,
| the vendor folder is in the Root directory, but you can customize that here.
*/
defined('COMPOSER_PATH') || define('COMPOSER_PATH', ROOTPATH . 'vendor/autoload.php');
defined('COMPOSER_PATH') || define('COMPOSER_PATH', ROOTPATH . '../vendor/autoload.php');
/*
|--------------------------------------------------------------------------
@@ -38,9 +38,9 @@ defined('MINUTE') || define('MINUTE', 60);
defined('HOUR') || define('HOUR', 3600);
defined('DAY') || define('DAY', 86400);
defined('WEEK') || define('WEEK', 604800);
defined('MONTH') || define('MONTH', 2592000);
defined('YEAR') || define('YEAR', 31536000);
defined('DECADE') || define('DECADE', 315360000);
defined('MONTH') || define('MONTH', 2_592_000);
defined('YEAR') || define('YEAR', 31_536_000);
defined('DECADE') || define('DECADE', 315_360_000);
/*
| --------------------------------------------------------------------------
@@ -67,13 +67,28 @@ defined('DECADE') || define('DECADE', 315360000);
| http://tldp.org/LDP/abs/html/exitcodes.html
|
*/
defined('EXIT_SUCCESS') || define('EXIT_SUCCESS', 0); // no errors
defined('EXIT_ERROR') || define('EXIT_ERROR', 1); // generic error
defined('EXIT_CONFIG') || define('EXIT_CONFIG', 3); // configuration error
defined('EXIT_UNKNOWN_FILE') || define('EXIT_UNKNOWN_FILE', 4); // file not found
defined('EXIT_UNKNOWN_CLASS') || define('EXIT_UNKNOWN_CLASS', 5); // unknown class
defined('EXIT_SUCCESS') || define('EXIT_SUCCESS', 0); // no errors
defined('EXIT_ERROR') || define('EXIT_ERROR', 1); // generic error
defined('EXIT_CONFIG') || define('EXIT_CONFIG', 3); // configuration error
defined('EXIT_UNKNOWN_FILE') || define('EXIT_UNKNOWN_FILE', 4); // file not found
defined('EXIT_UNKNOWN_CLASS') || define('EXIT_UNKNOWN_CLASS', 5); // unknown class
defined('EXIT_UNKNOWN_METHOD') || define('EXIT_UNKNOWN_METHOD', 6); // unknown class member
defined('EXIT_USER_INPUT') || define('EXIT_USER_INPUT', 7); // invalid user input
defined('EXIT_DATABASE') || define('EXIT_DATABASE', 8); // database error
defined('EXIT__AUTO_MIN') || define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code
defined('EXIT__AUTO_MAX') || define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code
defined('EXIT_USER_INPUT') || define('EXIT_USER_INPUT', 7); // invalid user input
defined('EXIT_DATABASE') || define('EXIT_DATABASE', 8); // database error
defined('EXIT__AUTO_MIN') || define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code
defined('EXIT__AUTO_MAX') || define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_LOW instead.
*/
define('EVENT_PRIORITY_LOW', 200);
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_NORMAL instead.
*/
define('EVENT_PRIORITY_NORMAL', 100);
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_HIGH instead.
*/
define('EVENT_PRIORITY_HIGH', 10);

21
app/Config/ContentSecurityPolicy.php
View File

@@ -164,4 +164,25 @@ class ContentSecurityPolicy extends BaseConfig
* @var string|string[]|null
*/
public $sandbox;
/**
* Nonce tag for style
*
* @var string
*/
public $styleNonceTag = '{csp-style-nonce}';
/**
* Nonce tag for script
*
* @var string
*/
public $scriptNonceTag = '{csp-script-nonce}';
/**
* Replace nonce tag automatically
*
* @var bool
*/
public $autoNonce = true;
}

66
app/Config/Database.php
View File

@@ -31,23 +31,20 @@ class Database extends Config
* @var array
*/
public $default = [
'DSN' => '',
'hostname' => 'localhost',
'username' => 'root',
'password' => 'SmartDb19',
'database' => 'finanzen',
'DBDriver' => 'MySQLi',
'DBPrefix' => '',
'pConnect' => false,
'DBDebug' => (ENVIRONMENT !== 'production'),
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => 3306,
'DSN' => 'host=192.168.16.14;dbname=mawim;user=finanzen;password=/mA!FZ22Wi',
// 'hostname' => 'localhost',
'DBDriver' => 'Postgre',
'schema' => 'finanzen,verwaltung',
// 'DBPrefix' => '',
// 'pConnect' => false,
'DBDebug' => (ENVIRONMENT !== 'production'),
// 'charset' => 'utf8',
// 'DBCollat' => 'utf8_general_ci',
// 'swapPre' => '',
// 'encrypt' => false,
// 'compress' => false,
// 'strictOn' => false,
// 'failover' => [],
];
/**
@@ -57,23 +54,24 @@ class Database extends Config
* @var array
*/
public $tests = [
'DSN' => '',
'hostname' => '127.0.0.1',
'username' => '',
'password' => '',
'database' => ':memory:',
'DBDriver' => 'SQLite3',
'DBPrefix' => 'db_', // Needed to ensure we're working correctly with prefixes live. DO NOT REMOVE FOR CI DEVS
'pConnect' => false,
'DBDebug' => (ENVIRONMENT !== 'production'),
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => 3306,
'DSN' => '',
'hostname' => '127.0.0.1',
'username' => '',
'password' => '',
'database' => ':memory:',
'DBDriver' => 'SQLite3',
'DBPrefix' => 'db_', // Needed to ensure we're working correctly with prefixes live. DO NOT REMOVE FOR CI DEVS
'pConnect' => false,
'DBDebug' => (ENVIRONMENT !== 'production'),
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => 3306,
'foreignKeys' => true,
];
public function __construct()

0
app/Config/DocTypes.php Normal file → Executable file
View File

4
app/Config/Events.php
View File

@@ -32,9 +32,7 @@ Events::on('pre_system', static function () {
ob_end_flush();
}
ob_start(static function ($buffer) {
return $buffer;
});
ob_start(static fn ($buffer) => $buffer);
}
/*

7
app/Config/Feature.php
View File

@@ -10,7 +10,7 @@ use CodeIgniter\Config\BaseConfig;
class Feature extends BaseConfig
{
/**
* Enable multiple filters for a route or not
* Enable multiple filters for a route or not.
*
* If you enable this:
* - CodeIgniter\CodeIgniter::handleRequest() uses:
@@ -24,4 +24,9 @@ class Feature extends BaseConfig
* @var bool
*/
public $multipleFilters = false;
/**
* Use improved new auto routing instead of the default legacy version.
*/
public bool $autoRoutesImproved = false;
}

6
app/Config/Filters.php
View File

@@ -49,7 +49,11 @@ class Filters extends BaseConfig
* particular HTTP method (GET, POST, etc.).
*
* Example:
* 'post' => ['csrf', 'throttle']
* 'post' => ['foo', 'bar']
*
* If you use this, you should disable auto-routing because auto-routing
* permits any HTTP method to access a controller. Accessing the controller
* with a method you dont expect could bypass the filter.
*
* @var array
*/

8
app/Config/Format.php
View File

@@ -4,6 +4,8 @@ namespace Config;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Format\FormatterInterface;
use CodeIgniter\Format\JSONFormatter;
use CodeIgniter\Format\XMLFormatter;
class Format extends BaseConfig
{
@@ -40,9 +42,9 @@ class Format extends BaseConfig
* @var array<string, string>
*/
public $formatters = [
'application/json' => 'CodeIgniter\Format\JSONFormatter',
'application/xml' => 'CodeIgniter\Format\XMLFormatter',
'text/xml' => 'CodeIgniter\Format\XMLFormatter',
'application/json' => JSONFormatter::class,
'application/xml' => XMLFormatter::class,
'text/xml' => XMLFormatter::class,
];
/**

5
app/Config/Logger.php
View File

@@ -2,6 +2,7 @@
namespace Config;
use CodeIgniter\Log\Handlers\FileHandler;
use CodeIgniter\Config\BaseConfig;
class Logger extends BaseConfig
@@ -59,7 +60,7 @@ class Logger extends BaseConfig
* The logging system supports multiple actions to be taken when something
* is logged. This is done by allowing for multiple Handlers, special classes
* designed to write the log to their chosen destinations, whether that is
* a file on the getServer, a cloud-based service, or even taking actions such
* a file on the server, a cloud-based service, or even taking actions such
* as emailing the dev team.
*
* Each handler is defined by the class name used for that handler, and it
@@ -83,7 +84,7 @@ class Logger extends BaseConfig
* File Handler
* --------------------------------------------------------------------
*/
'CodeIgniter\Log\Handlers\FileHandler' => [
FileHandler::class => [
// The log levels that this handler will handle.
'handles' => [

20
app/Config/Mimes.php
View File

@@ -102,8 +102,6 @@ class Mimes
],
'pptx' => [
'application/vnd.openxmlformats-officedocument.presentationml.presentation',
'application/x-zip',
'application/zip',
],
'wbxml' => 'application/wbxml',
'wmlc' => 'application/wmlc',
@@ -260,6 +258,7 @@ class Mimes
'image/png',
'image/x-png',
],
'webp' => 'image/webp',
'tif' => 'image/tiff',
'tiff' => 'image/tiff',
'css' => [
@@ -511,20 +510,19 @@ class Mimes
$proposedExtension = trim(strtolower($proposedExtension ?? ''));
if ($proposedExtension !== '') {
if (array_key_exists($proposedExtension, static::$mimes) && in_array($type, is_string(static::$mimes[$proposedExtension]) ? [static::$mimes[$proposedExtension]] : static::$mimes[$proposedExtension], true)) {
// The detected mime type matches with the proposed extension.
return $proposedExtension;
}
// An extension was proposed, but the media type does not match the mime type list.
return null;
if (
$proposedExtension !== ''
&& array_key_exists($proposedExtension, static::$mimes)
&& in_array($type, (array) static::$mimes[$proposedExtension], true)
) {
// The detected mime type matches with the proposed extension.
return $proposedExtension;
}
// Reverse check the mime type list if no extension was proposed.
// This search is order sensitive!
foreach (static::$mimes as $ext => $types) {
if ((is_string($types) && $types === $type) || (is_array($types) && in_array($type, $types, true))) {
if (in_array($type, (array) $types, true)) {
return $ext;
}
}

6
app/Config/Paths.php
View File

@@ -25,7 +25,7 @@ class Paths
*
* @var string
*/
public $systemDirectory = __DIR__ . '/../../system';
public $systemDirectory = __DIR__ . '/../../../vendor/codeigniter4/framework/system';
/**
* ---------------------------------------------------------------
@@ -34,8 +34,8 @@ class Paths
*
* If you want this front controller to use a different "app"
* folder than the default one you can set its name here. The folder
* can also be renamed or relocated anywhere on your getServer. If
* you do, use a full getServer path.
* can also be renamed or relocated anywhere on your server. If
* you do, use a full server path.
*
* @see http://codeigniter.com/user_guide/general/managing_apps.html
*

2
app/Config/Publisher.php
View File

@@ -23,6 +23,6 @@ class Publisher extends BasePublisher
*/
public $restrictions = [
ROOTPATH => '*',
FCPATH => '#\.(?css|js|map|htm?|xml|json|webmanifest|tff|eot|woff?|gif|jpe?g|tiff?|png|webp|bmp|ico|svg)$#i',
FCPATH => '#\.(s?css|js|map|html?|xml|json|webmanifest|ttf|eot|woff2?|gif|jpe?g|tiff?|png|webp|bmp|ico|svg)$#i',
];
}

30
app/Config/Routes.php
View File

@@ -7,7 +7,7 @@ $routes = Services::routes();
// Load the system's routing file first, so that the app and ENVIRONMENT
// can override as needed.
if (file_exists(SYSTEMPATH . 'Config/Routes.php')) {
if (is_file(SYSTEMPATH . 'Config/Routes.php')) {
require SYSTEMPATH . 'Config/Routes.php';
}
@@ -21,7 +21,11 @@ $routes->setDefaultController('Home');
$routes->setDefaultMethod('index');
$routes->setTranslateURIDashes(false);
$routes->set404Override();
$routes->setAutoRoute(true);
// The Auto Routing (Legacy) is very dangerous. It is easy to create vulnerable apps
// where controller filters or CSRF protection are bypassed.
// If you don't want to define all routes, please use the Auto Routing (Improved).
// Set `$autoRoutesImproved` to true in `app/Config/Feature.php` and set the following to true.
$routes->setAutoRoute(false);
/*
* --------------------------------------------------------------------
@@ -31,7 +35,25 @@ $routes->setAutoRoute(true);
// We get a performance increase by specifying the default
// route since we don't have to scan directories.
$routes->get('/', 'Home::index');
$routes->get('/', 'Home::overview');
$routes->get('Ajax/(:segment)', 'Ajax::$1');
$routes->post('Ajax/(:segment)', 'Ajax::$1');
$routes->get('newBill', 'Home::newBill');
$routes->get('newTransfer', 'Home::newTransfer');
$routes->get('newScheduled', 'Home::newScheduled');
$routes->post('newBill', 'Home::attemptNewBilling');
$routes->post('editAccount', 'Home::attemptEditAccount');
$routes->get('editBill/(:num)', 'Home::editBill/$1');
$routes->get('editScheduled/(:num)', 'Home::editScheduled/$1');
$routes->get('syncScheduled', 'Home::syncScheduled');
$routes->get('viewAccounts', 'Home::viewAccountsTree');
$routes->get('viewActivities', 'Home::viewAccountActivities');
$routes->get('viewScheduled', 'Home::viewScheduled');
service('auth')->routes($routes);
/*
* --------------------------------------------------------------------
@@ -46,6 +68,6 @@ $routes->get('/', 'Home::index');
* You will have access to the $routes object within that file without
* needing to reload it.
*/
if (file_exists(APPPATH . 'Config/' . ENVIRONMENT . '/Routes.php')) {
if (is_file(APPPATH . 'Config/' . ENVIRONMENT . '/Routes.php')) {
require APPPATH . 'Config/' . ENVIRONMENT . '/Routes.php';
}

4
app/Config/Security.php
View File

@@ -15,7 +15,7 @@ class Security extends BaseConfig
*
* @var string 'cookie' or 'session'
*/
public $csrfProtection = 'cookie';
public $csrfProtection = 'session';
/**
* --------------------------------------------------------------------------
@@ -111,7 +111,7 @@ class Security extends BaseConfig
*
* @var string
*
* @deprecated
* @deprecated `Config\Cookie` $samesite property is used.
*/
public $samesite = 'Lax';
}

3
app/Config/Validation.php
View File

@@ -2,12 +2,13 @@
namespace Config;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Validation\CreditCardRules;
use CodeIgniter\Validation\FileRules;
use CodeIgniter\Validation\FormatRules;
use CodeIgniter\Validation\Rules;
class Validation
class Validation extends BaseConfig
{
//--------------------------------------------------------------------
// Setup

12
app/Config/View.php
View File

@@ -3,6 +3,7 @@
namespace Config;
use CodeIgniter\Config\View as BaseView;
use CodeIgniter\View\ViewDecoratorInterface;
class View extends BaseView
{
@@ -41,4 +42,15 @@ class View extends BaseView
* @var array
*/
public $plugins = [];
/**
* View Decorators are class methods that will be run in sequence to
* have a chance to alter the generated output just prior to caching
* the results.
*
* All classes must implement CodeIgniter\View\ViewDecoratorInterface
*
* @var class-string<ViewDecoratorInterface>[]
*/
public array $decorators = [];
}