jjimenez/safekat
1
0
Fork 0
mirror of https://git.imnavajas.es/jjimenez/safekat.git synced 2025-07-25 22:52:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'mod/core_update' into 'main'

Browse Source 
Mod/core update

See merge request jjimenez/safekat!230
This commit is contained in:
Ignacio Martinez Navajas
2024-05-07 08:17:21 +00:00
parent 650ac199a0 60178b334e
commit e92e7b93f5
266 changed files with 6544 additions and 10103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

388
ci4/app/Config/App.php
View File

@ -11,52 +11,53 @@ class App extends BaseConfig
* Base Site URL
* --------------------------------------------------------------------------
*
* URL to your CodeIgniter root. Typically this will be your base URL,
* URL to your CodeIgniter root. Typically, this will be your base URL,
* WITH a trailing slash:
*
* http://example.com/
*
* If this is not set then CodeIgniter will try guess the protocol, domain
* and path to your installation. However, you should always configure this
* explicitly and never rely on auto-guessing, especially in production
* environments.
*
* @var string
* E.g., http://example.com/
*/
public $baseURL = '';
public string $baseURL = '';
/**
* Allowed Hostnames in the Site URL other than the hostname in the baseURL.
* If you want to accept multiple Hostnames, set this.
*
* E.g.,
* When your site URL ($baseURL) is 'http://example.com/', and your site
* also accepts 'http://media.example.com/' and 'http://accounts.example.com/':
* ['media.example.com', 'accounts.example.com']
*
* @var list<string>
*/
public array $allowedHostnames = [];
/**
* --------------------------------------------------------------------------
* Index File
* --------------------------------------------------------------------------
*
* Typically this will be your index.php file, unless you've renamed it to
* something else. If you are using mod_rewrite to remove the page set this
* variable so that it is blank.
*
* @var string
* Typically, this will be your `index.php` file, unless you've renamed it to
* something else. If you have configured your web server to remove this file
* from your site URIs, set this variable to an empty string.
*/
public $indexPage = '';
public string $indexPage = '';
/**
* --------------------------------------------------------------------------
* URI PROTOCOL
* --------------------------------------------------------------------------
*
* This item determines which getServer global should be used to retrieve the
* URI string. The default setting of 'REQUEST_URI' works for most servers.
* This item determines which server global should be used to retrieve the
* URI string. The default setting of 'REQUEST_URI' works for most servers.
* If your links do not seem to work, try one of the other delicious flavors:
*
* 'REQUEST_URI' Uses $_SERVER['REQUEST_URI']
* 'QUERY_STRING' Uses $_SERVER['QUERY_STRING']
* 'PATH_INFO' Uses $_SERVER['PATH_INFO']
* 'REQUEST_URI': Uses $_SERVER['REQUEST_URI']
* 'QUERY_STRING': Uses $_SERVER['QUERY_STRING']
* 'PATH_INFO': Uses $_SERVER['PATH_INFO']
*
* WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded!
*
* @var string
*/
public $uriProtocol = 'REQUEST_URI';
public string $uriProtocol = 'REQUEST_URI';
/**
* --------------------------------------------------------------------------
@ -67,10 +68,8 @@ class App extends BaseConfig
* is viewing the site from. It affects the language strings and other
* strings (like currency markers, numbers, etc), that your program
* should run under for this request.
*
* @var string
*/
public $defaultLocale = 'es';
public string $defaultLocale = 'es';
/**
* --------------------------------------------------------------------------
@ -81,10 +80,8 @@ class App extends BaseConfig
* language to use based on the value of the Accept-Language header.
*
* If false, no automatic detection will be performed.
*
* @var bool
*/
public $negotiateLocale = true;
public bool $negotiateLocale = false;
/**
* --------------------------------------------------------------------------
@ -95,9 +92,11 @@ class App extends BaseConfig
* by the application in descending order of priority. If no match is
* found, the first locale will be used.
*
* @var string[]
* IncomingRequest::setLocale() also uses this list.
*
* @var list<string>
*/
public $supportedLocales = ['en','es'];
public array $supportedLocales = ['en', 'es'];
/**
* --------------------------------------------------------------------------
@ -107,9 +106,10 @@ class App extends BaseConfig
* The default timezone that will be used in your application to display
* dates with the date helper, and can be retrieved through app_timezone()
*
* @var string
* @see https://www.php.net/manual/en/timezones.php for list of timezones
* supported by PHP.
*/
public $appTimezone = 'Europe/Madrid';
public string $appTimezone = 'Europe/Madrid';
/**
* --------------------------------------------------------------------------
@ -120,210 +120,20 @@ class App extends BaseConfig
* that require a character set to be provided.
*
* @see http://php.net/htmlspecialchars for a list of supported charsets.
*
* @var string
*/
public $charset = 'UTF-8';
public string $charset = 'UTF-8';
/**
* --------------------------------------------------------------------------
* URI PROTOCOL
* Force Global Secure Requests
* --------------------------------------------------------------------------
*
* If true, this will force every request made to this application to be
* made via a secure connection (HTTPS). If the incoming request is not
* secure, the user will be redirected to a secure version of the page
* and the HTTP Strict Transport Security header will be set.
*
* @var bool
* and the HTTP Strict Transport Security (HSTS) header will be set.
*/
public $forceGlobalSecureRequests = false;
/**
* --------------------------------------------------------------------------
* Session Driver
* --------------------------------------------------------------------------
*
* The session storage driver to use:
* - `CodeIgniter\Session\Handlers\FileHandler`
* - `CodeIgniter\Session\Handlers\DatabaseHandler`
* - `CodeIgniter\Session\Handlers\MemcachedHandler`
* - `CodeIgniter\Session\Handlers\RedisHandler`
*
* @var string
*/
public $sessionDriver = 'CodeIgniter\Session\Handlers\FileHandler';
/**
* --------------------------------------------------------------------------
* Session Cookie Name
* --------------------------------------------------------------------------
*
* The session cookie name, must contain only [0-9a-z_-] characters
*
* @var string
*/
public $sessionCookieName = 'ci_session';
/**
* --------------------------------------------------------------------------
* Session Expiration
* --------------------------------------------------------------------------
*
* The number of SECONDS you want the session to last.
* Setting to 0 (zero) means expire when the browser is closed.
*
* @var int
*/
public $sessionExpiration = 7200;
/**
* --------------------------------------------------------------------------
* Session Save Path
* --------------------------------------------------------------------------
*
* The location to save sessions to and is driver dependent.
*
* For the 'files' driver, it's a path to a writable directory.
* WARNING: Only absolute paths are supported!
*
* For the 'database' driver, it's a table name.
* Please read up the manual for the format with other session drivers.
*
* IMPORTANT: You are REQUIRED to set a valid save path!
*
* @var string
*/
public $sessionSavePath = WRITEPATH . 'session';
/**
* --------------------------------------------------------------------------
* Session Match IP
* --------------------------------------------------------------------------
*
* Whether to match the user's IP address when reading the session data.
*
* WARNING: If you're using the database driver, don't forget to update
* your session table's PRIMARY KEY when changing this setting.
*
* @var bool
*/
public $sessionMatchIP = false;
/**
* --------------------------------------------------------------------------
* Session Time to Update
* --------------------------------------------------------------------------
*
* How many seconds between CI regenerating the session ID.
*
* @var int
*/
public $sessionTimeToUpdate = 300;
/**
* --------------------------------------------------------------------------
* Session Regenerate Destroy
* --------------------------------------------------------------------------
*
* Whether to destroy session data associated with the old session ID
* when auto-regenerating the session ID. When set to FALSE, the data
* will be later deleted by the garbage collector.
*
* @var bool
*/
public $sessionRegenerateDestroy = false;
/**
* --------------------------------------------------------------------------
* Cookie Prefix
* --------------------------------------------------------------------------
*
* Set a cookie name prefix if you need to avoid collisions.
*
* @var string
*
* @deprecated use Config\Cookie::$prefix property instead.
*/
public $cookiePrefix = '';
/**
* --------------------------------------------------------------------------
* Cookie Domain
* --------------------------------------------------------------------------
*
* Set to `.your-domain.com` for site-wide cookies.
*
* @var string
*
* @deprecated use Config\Cookie::$domain property instead.
*/
public $cookieDomain = '';
/**
* --------------------------------------------------------------------------
* Cookie Path
* --------------------------------------------------------------------------
*
* Typically will be a forward slash.
*
* @var string
*
* @deprecated use Config\Cookie::$path property instead.
*/
public $cookiePath = '/';
/**
* --------------------------------------------------------------------------
* Cookie Secure
* --------------------------------------------------------------------------
*
* Cookie will only be set if a secure HTTPS connection exists.
*
* @var bool
*
* @deprecated use Config\Cookie::$secure property instead.
*/
public $cookieSecure = false;
/**
* --------------------------------------------------------------------------
* Cookie HttpOnly
* --------------------------------------------------------------------------
*
* Cookie will only be accessible via HTTP(S) (no JavaScript).
*
* @var bool
*
* @deprecated use Config\Cookie::$httponly property instead.
*/
public $cookieHTTPOnly = true;
/**
* --------------------------------------------------------------------------
* Cookie SameSite
* --------------------------------------------------------------------------
*
* Configure cookie SameSite setting. Allowed values are:
* - None
* - Lax
* - Strict
* - ''
*
* Alternatively, you can use the constant names:
* - `Cookie::SAMESITE_NONE`
* - `Cookie::SAMESITE_LAX`
* - `Cookie::SAMESITE_STRICT`
*
* Defaults to `Lax` for compatibility with modern browsers. Setting `''`
* (empty string) means default SameSite attribute set by browsers (`Lax`)
* will be set on cookies. If set to `None`, `$cookieSecure` must also be set.
*
* @var string
*
* @deprecated use Config\Cookie::$samesite property instead.
*/
public $cookieSameSite = 'Lax';
public bool $forceGlobalSecureRequests = false;
/**
* --------------------------------------------------------------------------
@ -332,116 +142,21 @@ class App extends BaseConfig
*
* If your server is behind a reverse proxy, you must whitelist the proxy
* IP addresses from which CodeIgniter should trust headers such as
* HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP in order to properly identify
* X-Forwarded-For or Client-IP in order to properly identify
* the visitor's IP address.
*
* You can use both an array or a comma-separated list of proxy addresses,
* as well as specifying whole subnets. Here are a few examples:
* You need to set a proxy IP address or IP address with subnets and
* the HTTP header for the client IP address.
*
* Comma-separated: '10.0.1.200,192.168.5.0/24'
* Array: ['10.0.1.200', '192.168.5.0/24']
* Here are some examples:
* [
* '10.0.1.200' => 'X-Forwarded-For',
* '192.168.5.0/24' => 'X-Real-IP',
* ]
*
* @var string|string[]
* @var array<string, string>
*/
public $proxyIPs = '';
/**
* --------------------------------------------------------------------------
* CSRF Token Name
* --------------------------------------------------------------------------
*
* The token name.
*
* @deprecated Use `Config\Security` $tokenName property instead of using this property.
*
* @var string
*/
public $CSRFTokenName = 'csrf_test_name';
/**
* --------------------------------------------------------------------------
* CSRF Header Name
* --------------------------------------------------------------------------
*
* The header name.
*
* @deprecated Use `Config\Security` $headerName property instead of using this property.
*
* @var string
*/
public $CSRFHeaderName = 'X-CSRF-TOKEN';
/**
* --------------------------------------------------------------------------
* CSRF Cookie Name
* --------------------------------------------------------------------------
*
* The cookie name.
*
* @deprecated Use `Config\Security` $cookieName property instead of using this property.
*
* @var string
*/
public $CSRFCookieName = 'csrf_cookie_name';
/**
* --------------------------------------------------------------------------
* CSRF Expire
* --------------------------------------------------------------------------
*
* The number in seconds the token should expire.
*
* @deprecated Use `Config\Security` $expire property instead of using this property.
*
* @var int
*/
public $CSRFExpire = 7200;
/**
* --------------------------------------------------------------------------
* CSRF Regenerate
* --------------------------------------------------------------------------
*
* Regenerate token on every submission?
*
* @deprecated Use `Config\Security` $regenerate property instead of using this property.
*
* @var bool
*/
public $CSRFRegenerate = true;
/**
* --------------------------------------------------------------------------
* CSRF Redirect
* --------------------------------------------------------------------------
*
* Redirect to previous page with error on failure?
*
* @deprecated Use `Config\Security` $redirect property instead of using this property.
*
* @var bool
*/
public $CSRFRedirect = true;
/**
* --------------------------------------------------------------------------
* CSRF SameSite
* --------------------------------------------------------------------------
*
* Setting for CSRF SameSite cookie token. Allowed values are:
* - None
* - Lax
* - Strict
* - ''
*
* Defaults to `Lax` as recommended in this link:
*
* @see https://portswigger.net/web-security/csrf/samesite-cookies
* @deprecated Use `Config\Security` $samesite property instead of using this property.
*
* @var string
*/
public $CSRFSameSite = 'Lax';
public array $proxyIPs = [];
/**
* --------------------------------------------------------------------------
@ -458,9 +173,6 @@ class App extends BaseConfig
*
* @see http://www.html5rocks.com/en/tutorials/security/content-security-policy/
* @see http://www.w3.org/TR/CSP/
*
* @var bool
*/
public $CSPEnabled = false;
public bool $CSPEnabled = false;
}

529
ci4/app/Config/Auth.php Normal file
View File

@ -0,0 +1,529 @@
<?php
declare(strict_types=1);
/**
* This file is part of CodeIgniter Shield.
*
* (c) CodeIgniter Foundation <admin@codeigniter.com>
*
* For the full copyright and license information, please view
* the LICENSE file that was distributed with this source code.
*/
namespace Config;
use App\Models\UserModel;
use CodeIgniter\Shield\Authentication\Passwords\ValidationRules;
use CodeIgniter\Shield\Config\Auth as ShieldAuth;
use CodeIgniter\Shield\Authentication\Actions\ActionInterface;
use CodeIgniter\Shield\Authentication\AuthenticatorInterface;
use CodeIgniter\Shield\Authentication\Authenticators\AccessTokens;
use CodeIgniter\Shield\Authentication\Authenticators\HmacSha256;
use CodeIgniter\Shield\Authentication\Authenticators\Session;
use CodeIgniter\Shield\Authentication\Passwords\CompositionValidator;
use CodeIgniter\Shield\Authentication\Passwords\DictionaryValidator;
use CodeIgniter\Shield\Authentication\Passwords\NothingPersonalValidator;
use CodeIgniter\Shield\Authentication\Passwords\PwnedValidator;
use CodeIgniter\Shield\Authentication\Passwords\ValidatorInterface;
class Auth extends ShieldAuth
{
/**
* ////////////////////////////////////////////////////////////////////
* AUTHENTICATION
* ////////////////////////////////////////////////////////////////////
*/
// Constants for Record Login Attempts. Do not change.
public const RECORD_LOGIN_ATTEMPT_NONE = 0; // Do not record at all
public const RECORD_LOGIN_ATTEMPT_FAILURE = 1; // Record only failures
public const RECORD_LOGIN_ATTEMPT_ALL = 2; // Record all login attempts
/**
* --------------------------------------------------------------------
* View files
* --------------------------------------------------------------------
*/
public array $views = [
'login' => '\App\Views\Shield\login',
'register' => '\App\Views\Shield\register',
'layout' => '\App\Views\Shield\layout',
'action_email_2fa' => '\CodeIgniter\Shield\Views\email_2fa_show',
'action_email_2fa_verify' => '\CodeIgniter\Shield\Views\email_2fa_verify',
'action_email_2fa_email' => '\CodeIgniter\Shield\Views\Email\email_2fa_email',
'action_email_activate_show' => '\CodeIgniter\Shield\Views\email_activate_show',
'action_email_activate_email' => '\CodeIgniter\Shield\Views\Email\email_activate_email',
'magic-link-login' => '\App\Views\Shield\magic_link_form',
'magic-link-message' => '\CodeIgniter\Shield\Views\magic_link_message',
'magic-link-email' => '\CodeIgniter\Shield\Views\Email\magic_link_email',
];
/**
* --------------------------------------------------------------------
* Redirect URLs
* --------------------------------------------------------------------
* The default URL that a user will be redirected to after various auth
* actions. This can be either of the following:
*
* 1. An absolute URL. E.g. http://example.com OR https://example.com
* 2. A named route that can be accessed using `route_to()` or `url_to()`
* 3. A URI path within the application. e.g 'admin', 'login', 'expath'
*
* If you need more flexibility you can override the `getUrl()` method
* to apply any logic you may need.
*/
public array $redirects = [
'register' => '/',
'login' => '/',
'logout' => 'login',
'force_reset' => '/',
'permission_denied' => '/',
'group_denied' => '/',
];
/**
* --------------------------------------------------------------------
* Authentication Actions
* --------------------------------------------------------------------
* Specifies the class that represents an action to take after
* the user logs in or registers a new account at the site.
*
* You must register actions in the order of the actions to be performed.
*
* Available actions with Shield:
* - register: \CodeIgniter\Shield\Authentication\Actions\EmailActivator::class
* - login: \CodeIgniter\Shield\Authentication\Actions\Email2FA::class
*
* @var array<string, class-string<ActionInterface>|null>
*/
public array $actions = [
'register' => null,
'login' => null,
];
/**
* --------------------------------------------------------------------
* Authenticators
* --------------------------------------------------------------------
* The available authentication systems, listed
* with alias and class name. These can be referenced
* by alias in the auth helper:
* auth('tokens')->attempt($credentials);
*
* @var array<string, class-string<AuthenticatorInterface>>
*/
public array $authenticators = [
'tokens' => AccessTokens::class,
'session' => Session::class,
'hmac' => HmacSha256::class,
// 'jwt' => JWT::class,
];
/**
* --------------------------------------------------------------------
* Default Authenticator
* --------------------------------------------------------------------
* The Authenticator to use when none is specified.
* Uses the $key from the $authenticators array above.
*/
public string $defaultAuthenticator = 'session';
/**
* --------------------------------------------------------------------
* Authentication Chain
* --------------------------------------------------------------------
* The Authenticators to test logged in status against
* when using the 'chain' filter. Each Authenticator listed will be checked.
* If no match is found, then the next in the chain will be checked.
*
* @var string[]
* @phpstan-var list<string>
*/
public array $authenticationChain = [
'session',
'tokens',
'hmac',
// 'jwt',
];
/**
* --------------------------------------------------------------------
* Allow Registration
* --------------------------------------------------------------------
* Determines whether users can register for the site.
*/
public bool $allowRegistration = true;
/**
* --------------------------------------------------------------------
* Record Last Active Date
* --------------------------------------------------------------------
* If true, will always update the `last_active` datetime for the
* logged-in user on every page request.
* This feature only works when session/tokens filter is active.
*
* @see https://codeigniter4.github.io/shield/quick_start_guide/using_session_auth/#protecting-pages for set filters.
*/
public bool $recordActiveDate = true;
/**
* --------------------------------------------------------------------
* Allow Magic Link Logins
* --------------------------------------------------------------------
* If true, will allow the use of "magic links" sent via the email
* as a way to log a user in without the need for a password.
* By default, this is used in place of a password reset flow, but
* could be modified as the only method of login once an account
* has been set up.
*/
public bool $allowMagicLinkLogins = true;
/**
* --------------------------------------------------------------------
* Magic Link Lifetime
* --------------------------------------------------------------------
* Specifies the amount of time, in seconds, that a magic link is valid.
* You can use Time Constants or any desired number.
*/
public int $magicLinkLifetime = HOUR;
/**
* --------------------------------------------------------------------
* Session Authenticator Configuration
* --------------------------------------------------------------------
* These settings only apply if you are using the Session Authenticator
* for authentication.
*
* - field The name of the key the current user info is stored in session
* - allowRemembering Does the system allow use of "remember-me"
* - rememberCookieName The name of the cookie to use for "remember-me"
* - rememberLength The length of time, in seconds, to remember a user.
*
* @var array<string, bool|int|string>
*/
public array $sessionConfig = [
'field' => 'user',
'allowRemembering' => true,
'rememberCookieName' => 'remember',
'rememberLength' => 30 * DAY,
];
/**
* --------------------------------------------------------------------
* The validation rules for username
* --------------------------------------------------------------------
*
* Do not use string rules like `required|valid_email`.
*
* @var array<string, array<int, string>|string>
*/
public array $usernameValidationRules = [
'label' => 'Auth.username',
'rules' => [
'required',
'max_length[30]',
'min_length[3]',
'regex_match[/\A[a-zA-Z0-9\.]+\z/]',
],
];
/**
* --------------------------------------------------------------------
* The validation rules for email
* --------------------------------------------------------------------
*
* Do not use string rules like `required|valid_email`.
*
* @var array<string, array<int, string>|string>
*/
public array $emailValidationRules = [
'label' => 'Auth.email',
'rules' => [
'required',
'max_length[254]',
'valid_email',
],
];
/**
* --------------------------------------------------------------------
* Minimum Password Length
* --------------------------------------------------------------------
* The minimum length that a password must be to be accepted.
* Recommended minimum value by NIST = 8 characters.
*/
public int $minimumPasswordLength = 8;
/**
* --------------------------------------------------------------------
* Password Check Helpers
* --------------------------------------------------------------------
* The PasswordValidator class runs the password through all of these
* classes, each getting the opportunity to pass/fail the password.
* You can add custom classes as long as they adhere to the
* CodeIgniter\Shield\Authentication\Passwords\ValidatorInterface.
*
* @var class-string<ValidatorInterface>[]
*/
public array $passwordValidators = [
CompositionValidator::class,
NothingPersonalValidator::class,
DictionaryValidator::class
// PwnedValidator::class,
];
/**
* --------------------------------------------------------------------
* Valid login fields
* --------------------------------------------------------------------
* Fields that are available to be used as credentials for login.
*/
public array $validFields = [
'email',
// 'username',
];
/**
* --------------------------------------------------------------------
* Additional Fields for "Nothing Personal"
* --------------------------------------------------------------------
* The NothingPersonalValidator prevents personal information from
* being used in passwords. The email and username fields are always
* considered by the validator. Do not enter those field names here.
*
* An extended User Entity might include other personal info such as
* first and/or last names. $personalFields is where you can add
* fields to be considered as "personal" by the NothingPersonalValidator.
* For example:
* $personalFields = ['firstname', 'lastname'];
*/
public array $personalFields = [];
/**
* --------------------------------------------------------------------
* Password / Username Similarity
* --------------------------------------------------------------------
* Among other things, the NothingPersonalValidator checks the
* amount of sameness between the password and username.
* Passwords that are too much like the username are invalid.
*
* The value set for $maxSimilarity represents the maximum percentage
* of similarity at which the password will be accepted. In other words, any
* calculated similarity equal to, or greater than $maxSimilarity
* is rejected.
*
* The accepted range is 0-100, with 0 (zero) meaning don't check similarity.
* Using values at either extreme of the *working range* (1-100) is
* not advised. The low end is too restrictive and the high end is too permissive.
* The suggested value for $maxSimilarity is 50.
*
* You may be thinking that a value of 100 should have the effect of accepting
* everything like a value of 0 does. That's logical and probably true,
* but is unproven and untested. Besides, 0 skips the work involved
* making the calculation unlike when using 100.
*
* The (admittedly limited) testing that's been done suggests a useful working range
* of 50 to 60. You can set it lower than 50, but site users will probably start
* to complain about the large number of proposed passwords getting rejected.
* At around 60 or more it starts to see pairs like 'captain joe' and 'joe*captain' as
* perfectly acceptable which clearly they are not.
*
* To disable similarity checking set the value to 0.
* public $maxSimilarity = 0;
*/
public int $maxSimilarity = 50;
/**
* --------------------------------------------------------------------
* Hashing Algorithm to use
* --------------------------------------------------------------------
* Valid values are
* - PASSWORD_DEFAULT (default)
* - PASSWORD_BCRYPT
* - PASSWORD_ARGON2I - As of PHP 7.2 only if compiled with support for it
* - PASSWORD_ARGON2ID - As of PHP 7.3 only if compiled with support for it
*/
public string $hashAlgorithm = PASSWORD_DEFAULT;
/**
* --------------------------------------------------------------------
* ARGON2I/ARGON2ID Algorithm options
* --------------------------------------------------------------------
* The ARGON2I method of hashing allows you to define the "memory_cost",
* the "time_cost" and the number of "threads", whenever a password hash is
* created.
*/
public int $hashMemoryCost = 65536; // PASSWORD_ARGON2_DEFAULT_MEMORY_COST;
public int $hashTimeCost = 4; // PASSWORD_ARGON2_DEFAULT_TIME_COST;
public int $hashThreads = 1; // PASSWORD_ARGON2_DEFAULT_THREADS;
/**
* --------------------------------------------------------------------
* BCRYPT Algorithm options
* --------------------------------------------------------------------
* The BCRYPT method of hashing allows you to define the "cost"
* or number of iterations made, whenever a password hash is created.
* This defaults to a value of 12 which is an acceptable number.
* However, depending on the security needs of your application
* and the power of your hardware, you might want to increase the
* cost. This makes the hashing process takes longer.
*
* Valid range is between 4 - 31.
*/
public int $hashCost = 12;
/**
* ////////////////////////////////////////////////////////////////////
* OTHER SETTINGS
* ////////////////////////////////////////////////////////////////////
*/
/**
* --------------------------------------------------------------------
* Customize the DB group used for each model
* --------------------------------------------------------------------
*/
public ?string $DBGroup = null;
/**
* --------------------------------------------------------------------
* Customize Name of Shield Tables
* --------------------------------------------------------------------
* Only change if you want to rename the default Shield table names
*
* It may be necessary to change the names of the tables for
* security reasons, to prevent the conflict of table names,
* the internal policy of the companies or any other reason.
*
* - users Auth Users Table, the users info is stored.
* - auth_identities Auth Identities Table, Used for storage of passwords, access tokens, social login identities, etc.
* - auth_logins Auth Login Attempts, Table records login attempts.
* - auth_token_logins Auth Token Login Attempts Table, Records Bearer Token type login attempts.
* - auth_remember_tokens Auth Remember Tokens (remember-me) Table.
* - auth_groups_users Groups Users Table.
* - auth_permissions_users Users Permissions Table.
*
* @var array<string, string>
*/
public array $tables = [
'users' => 'users',
'identities' => 'auth_identities',
'logins' => 'auth_logins',
'token_logins' => 'auth_token_logins',
'remember_tokens' => 'auth_remember_tokens',
'groups_users' => 'auth_groups_users',
'permissions_users' => 'auth_permissions_users',
];
/**
* --------------------------------------------------------------------
* User Provider
* --------------------------------------------------------------------
* The name of the class that handles user persistence.
* By default, this is the included UserModel, which
* works with any of the database engines supported by CodeIgniter.
* You can change it as long as they adhere to the
* CodeIgniter\Shield\Models\UserModel.
*
* @var class-string<UserModel>
*/
public string $userProvider = UserModel::class;
/**
* Returns the URL that a user should be redirected
* to after a successful login.
*/
public function loginRedirect(): string
{
$session = session();
$url = $session->getTempdata('beforeLoginUrl') ?? setting('Auth.redirects')['login'];
return $this->getUrl($url);
}
/**
* Returns the URL that a user should be redirected
* to after they are logged out.
*/
public function logoutRedirect(): string
{
$url = setting('Auth.redirects')['logout'];
return $this->getUrl($url);
}
/**
* Returns the URL the user should be redirected to
* after a successful registration.
*/
public function registerRedirect(): string
{
$url = setting('Auth.redirects')['register'];
return $this->getUrl($url);
}
/**
* Returns the URL the user should be redirected to
* if force_reset identity is set to true.
*/
public function forcePasswordResetRedirect(): string
{
$url = setting('Auth.redirects')['force_reset'];
return $this->getUrl($url);
}
/**
* Returns the URL the user should be redirected to
* if permission denied.
*/
public function permissionDeniedRedirect(): string
{
$url = setting('Auth.redirects')['permission_denied'];
return $this->getUrl($url);
}
/**
* Returns the URL the user should be redirected to
* if group denied.
*/
public function groupDeniedRedirect(): string
{
$url = setting('Auth.redirects')['group_denied'];
return $this->getUrl($url);
}
/**
* Accepts a string which can be an absolute URL or
* a named route or just a URI path, and returns the
* full path.
*
* @param string $url an absolute URL or a named route or just URI path
*/
protected function getUrl(string $url): string
{
// To accommodate all url patterns
$final_url = '';
switch (true) {
case strpos($url, 'http://') === 0 || strpos($url, 'https://') === 0: // URL begins with 'http' or 'https'. E.g. http://example.com
$final_url = $url;
break;
case route_to($url) !== false: // URL is a named-route
$final_url = rtrim(url_to($url), '/ ');
break;
default: // URL is a route (URI path)
$final_url = rtrim(site_url($url), '/ ');
break;
}
return $final_url;
}
}

68
ci4/app/Config/AuthGroups.php Normal file
View File

@ -0,0 +1,68 @@
<?php
declare(strict_types=1);
/**
* This file is part of CodeIgniter Shield.
*
* (c) CodeIgniter Foundation <admin@codeigniter.com>
*
* For the full copyright and license information, please view
* the LICENSE file that was distributed with this source code.
*/
namespace Config;
require "RBAC/roles.php";
require "RBAC/permissions.php";
require "RBAC/permissionMatrix.php";
use CodeIgniter\Shield\Config\AuthGroups as ShieldAuthGroups;
class AuthGroups extends ShieldAuthGroups
{
/**
* --------------------------------------------------------------------
* Default Group
* --------------------------------------------------------------------
* The group that a newly registered user is added to.
*/
public string $defaultGroup = 'cliente';
/**
* --------------------------------------------------------------------
* Groups
* --------------------------------------------------------------------
* An associative array of the available groups in the system, where the keys
* are the group names and the values are arrays of the group info.
*
* Whatever value you assign as the key will be used to refer to the group
* when using functions such as:
* $user->addGroup('superadmin');
*
* @var array<string, array<string, string>>
*
* @see https://codeigniter4.github.io/shield/quick_start_guide/using_authorization/#change-available-groups for more info
*/
public array $groups = SK_ROLES;
/**
* --------------------------------------------------------------------
* Permissions
* --------------------------------------------------------------------
* The available permissions in the system.
*
* If a permission is not listed here it cannot be used.
*/
public array $permissions = SK_PERMISSIONS;
/**
* --------------------------------------------------------------------
* Permissions Matrix
* --------------------------------------------------------------------
* Maps permissions to groups.
*
* This defines group-level permissions.
*/
public array $matrix = SK_PERMISSION_MATRIX;
}

138
ci4/app/Config/AuthToken.php Normal file
View File

@ -0,0 +1,138 @@
<?php
declare(strict_types=1);
/**
* This file is part of CodeIgniter Shield.
*
* (c) CodeIgniter Foundation <admin@codeigniter.com>
*
* For the full copyright and license information, please view
* the LICENSE file that was distributed with this source code.
*/
namespace Config;
use CodeIgniter\Shield\Config\AuthToken as ShieldAuthToken;
/**
* Configuration for Token Auth and HMAC Auth
*/
class AuthToken extends ShieldAuthToken
{
/**
* --------------------------------------------------------------------
* Record Login Attempts for Token Auth and HMAC Auth
* --------------------------------------------------------------------
* Specify which login attempts are recorded in the database.
*
* Valid values are:
* - Auth::RECORD_LOGIN_ATTEMPT_NONE
* - Auth::RECORD_LOGIN_ATTEMPT_FAILURE
* - Auth::RECORD_LOGIN_ATTEMPT_ALL
*/
public int $recordLoginAttempt = Auth::RECORD_LOGIN_ATTEMPT_FAILURE;
/**
* --------------------------------------------------------------------
* Name of Authenticator Header
* --------------------------------------------------------------------
* The name of Header that the Authorization token should be found.
* According to the specs, this should be `Authorization`, but rare
* circumstances might need a different header.
*/
public array $authenticatorHeader = [
'tokens' => 'Authorization',
'hmac' => 'Authorization',
];
/**
* --------------------------------------------------------------------
* Unused Token Lifetime for Token Auth and HMAC Auth
* --------------------------------------------------------------------
* Determines the amount of time, in seconds, that an unused token can
* be used.
*/
public int $unusedTokenLifetime = YEAR;
/**
* --------------------------------------------------------------------
* Secret2 storage character limit
* --------------------------------------------------------------------
* Database size limit for the identities 'secret2' field.
*/
public int $secret2StorageLimit = 255;
/**
* --------------------------------------------------------------------
* HMAC secret key byte size
* --------------------------------------------------------------------
* Specify in integer the desired byte size of the
* HMAC SHA256 byte size
*/
public int $hmacSecretKeyByteSize = 32;
/**
* --------------------------------------------------------------------
* HMAC encryption Keys
* --------------------------------------------------------------------
* This sets the key to be used when encrypting a user's HMAC Secret Key.
*
* 'keys' is an array of keys which will facilitate key rotation. Valid
* keyTitles must include only [a-zA-Z0-9_] and should be kept to a
* max of 8 characters.
*
* Each keyTitle is an associative array containing the required 'key'
* value, and the optional 'driver' and 'digest' values. If the
* 'driver' and 'digest' values are not specified, the default 'driver'
* and 'digest' values will be used.
*
* Old keys will are used to decrypt existing Secret Keys. It is encouraged
* to run 'php spark shield:hmac reencrypt' to update existing Secret
* Key encryptions.
*
* @see https://codeigniter.com/user_guide/libraries/encryption.html
*
* @var array<string, array{key: string, driver?: string, digest?: string}>|string
*
* NOTE: The value becomes temporarily a string when setting value as JSON
* from environment variable.
*
* [key_name => ['key' => key_value]]
* or [key_name => ['key' => key_value, 'driver' => driver, 'digest' => digest]]
*/
public $hmacEncryptionKeys = [
'k1' => [
'key' => '',
],
];
/**
* --------------------------------------------------------------------
* HMAC Current Encryption Key Selector
* --------------------------------------------------------------------
* This specifies which of the encryption keys should be used.
*/
public string $hmacEncryptionCurrentKey = 'k1';
/**
* --------------------------------------------------------------------
* HMAC Encryption Key Driver
* --------------------------------------------------------------------
* This specifies which of the encryption drivers should be used.
*
* Available drivers:
* - OpenSSL
* - Sodium
*/
public string $hmacEncryptionDefaultDriver = 'OpenSSL';
/**
* --------------------------------------------------------------------
* HMAC Encryption Key Driver
* --------------------------------------------------------------------
* THis specifies the type of encryption to be used.
* e.g. 'SHA512' or 'SHA256'.
*/
public string $hmacEncryptionDefaultDigest = 'SHA512';
}

38
ci4/app/Config/Autoload.php
View File

@ -13,7 +13,12 @@ use CodeIgniter\Config\AutoloadConfig;
* can find the files as needed.
*
* NOTE: If you use an identical key in $psr4 or $classmap, then
* the values in this file will overwrite the framework's values.
* the values in this file will overwrite the framework's values.
*
* NOTE: This class is required prior to Autoloader instantiation,
* and does not extend BaseConfig.
*
* @immutable
*/
class Autoload extends AutoloadConfig
{
@ -31,14 +36,12 @@ class Autoload extends AutoloadConfig
* else you will need to modify all of those classes for this to work.
*
* Prototype:
*```
* $psr4 = [
* 'CodeIgniter' => SYSTEMPATH,
* 'App' => APPPATH
* 'App' => APPPATH
* ];
*```
*
* @var array<string, string>
* @var array<string, list<string>|string>
*/
public $psr4 = [
APP_NAMESPACE => APPPATH, // For custom app namespace
@ -57,11 +60,9 @@ class Autoload extends AutoloadConfig
* were being autoloaded through a namespace.
*
* Prototype:
*```
* $classmap = [
* 'MyClass' => '/path/to/class/file.php'
* ];
*```
*
* @var array<string, string>
*/
@ -76,13 +77,24 @@ class Autoload extends AutoloadConfig
* or for loading functions.
*
* Prototype:
* ```
* $files = [
* '/path/to/my/file.php',
* ];
* ```
* $files = [
* '/path/to/my/file.php',
* ];
*
* @var array<int, string>
* @var list<string>
*/
public $files = [];
/**
* -------------------------------------------------------------------
* Helpers
* -------------------------------------------------------------------
* Prototype:
* $helpers = [
* 'form',
* ];
*
* @var list<string>
*/
public $helpers = ['auth', 'setting'];
}

4
ci4/app/Config/Boot/development.php
View File

@ -7,8 +7,10 @@
| In development, we want to show as many errors as possible to help
| make sure they don't make it to production. And save us hours of
| painful debugging.
|
| If you set 'display_errors' to '1', CI4's detailed error report will show.
*/
error_reporting(-1);
error_reporting(E_ALL);
ini_set('display_errors', '1');
/*

2
ci4/app/Config/Boot/production.php
View File

@ -6,6 +6,8 @@
|--------------------------------------------------------------------------
| Don't show ANY in production environments. Instead, let the system catch
| it and display a generic error message.
|
| If you set 'display_errors' to '1', CI4's detailed error report will show.
*/
ini_set('display_errors', '0');
error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED);

8
ci4/app/Config/Boot/testing.php
View File

@ -1,5 +1,11 @@
<?php
/*
* The environment testing is reserved for PHPUnit testing. It has special
* conditions built into the framework at various places to assist with that.
* You cant use it for your development.
*/
/*
|--------------------------------------------------------------------------
| ERROR DISPLAY
@ -8,7 +14,7 @@
| make sure they don't make it to production. And save us hours of
| painful debugging.
*/
error_reporting(-1);
error_reporting(E_ALL);
ini_set('display_errors', '1');
/*

20
ci4/app/Config/CURLRequest.php Normal file
View File

@ -0,0 +1,20 @@
<?php
namespace Config;
use CodeIgniter\Config\BaseConfig;
class CURLRequest extends BaseConfig
{
/**
* --------------------------------------------------------------------------
* CURLRequest Share Options
* --------------------------------------------------------------------------
*
* Whether share options between requests or not.
*
* If true, all the options won't be reset between requests.
* It may cause an error request with unnecessary headers.
*/
public bool $shareOptions = false;
}

58
ci4/app/Config/Cache.php
View File

@ -2,6 +2,7 @@
namespace Config;
use CodeIgniter\Cache\CacheInterface;
use CodeIgniter\Cache\Handlers\DummyHandler;
use CodeIgniter\Cache\Handlers\FileHandler;
use CodeIgniter\Cache\Handlers\MemcachedHandler;
@ -19,10 +20,8 @@ class Cache extends BaseConfig
*
* The name of the preferred handler that should be used. If for some reason
* it is not available, the $backupHandler will be used in its place.
*
* @var string
*/
public $handler = 'file';
public string $handler = 'file';
/**
* --------------------------------------------------------------------------
@ -32,10 +31,8 @@ class Cache extends BaseConfig
* The name of the handler that will be used in case the first one is
* unreachable. Often, 'file' is used here since the filesystem is
* always available, though that's not always practical for the app.
*
* @var string
*/
public $backupHandler = 'dummy';
public string $backupHandler = 'dummy';
/**
* --------------------------------------------------------------------------
@ -45,11 +42,9 @@ class Cache extends BaseConfig
* The path to where cache files should be stored, if using a file-based
* system.
*
* @var string
*
* @deprecated Use the driver-specific variant under $file
*/
public $storePath = WRITEPATH . 'cache/';
public string $storePath = WRITEPATH . 'cache/';
/**
* --------------------------------------------------------------------------
@ -59,12 +54,12 @@ class Cache extends BaseConfig
* Whether to take the URL query string into consideration when generating
* output cache files. Valid options are:
*
* false = Disabled
* true = Enabled, take all query parameters into account.
* Please be aware that this may result in numerous cache
* files generated for the same page over and over again.
* array('q') = Enabled, but only take into account the specified list
* of query parameters.
* false = Disabled
* true = Enabled, take all query parameters into account.
* Please be aware that this may result in numerous cache
* files generated for the same page over and over again.
* ['q'] = Enabled, but only take into account the specified list
* of query parameters.
*
* @var bool|string[]
*/
@ -77,10 +72,8 @@ class Cache extends BaseConfig
*
* This string is added to all cache item names to help avoid collisions
* if you run multiple applications with the same cache engine.
*
* @var string
*/
public $prefix = '';
public string $prefix = '';
/**
* --------------------------------------------------------------------------
@ -92,10 +85,21 @@ class Cache extends BaseConfig
* WARNING: This is not used by framework handlers where 60 seconds is
* hard-coded, but may be useful to projects and modules. This will replace
* the hard-coded value in a future release.
*
* @var int
*/
public $ttl = 60;
public int $ttl = 60;
/**
* --------------------------------------------------------------------------
* Reserved Characters
* --------------------------------------------------------------------------
*
* A string of reserved characters that will not be allowed in keys or tags.
* Strings that violate this restriction will cause handlers to throw.
* Default: {}()/\@:
*
* NOTE: The default set is required for PSR-6 compliance.
*/
public string $reservedCharacters = '{}()/\@:';
/**
* --------------------------------------------------------------------------
@ -106,7 +110,7 @@ class Cache extends BaseConfig
*
* @var array<string, int|string|null>
*/
public $file = [
public array $file = [
'storePath' => WRITEPATH . 'cache/',
'mode' => 0640,
];
@ -120,9 +124,9 @@ class Cache extends BaseConfig
*
* @see https://codeigniter.com/user_guide/libraries/caching.html#memcached
*
* @var array<string, boolean|int|string>
* @var array<string, bool|int|string>
*/
public $memcached = [
public array $memcached = [
'host' => '127.0.0.1',
'port' => 11211,
'weight' => 1,
@ -138,7 +142,7 @@ class Cache extends BaseConfig
*
* @var array<string, int|string|null>
*/
public $redis = [
public array $redis = [
'host' => '127.0.0.1',
'password' => null,
'port' => 6379,
@ -154,9 +158,9 @@ class Cache extends BaseConfig
* This is an array of cache engine alias' and class names. Only engines
* that are listed here are allowed to be used.
*
* @var array<string, string>
* @var array<string, class-string<CacheInterface>>
*/
public $validHandlers = [
public array $validHandlers = [
'dummy' => DummyHandler::class,
'file' => FileHandler::class,
'memcached' => MemcachedHandler::class,

39
ci4/app/Config/Constants.php
View File

@ -38,9 +38,9 @@ defined('MINUTE') || define('MINUTE', 60);
defined('HOUR') || define('HOUR', 3600);
defined('DAY') || define('DAY', 86400);
defined('WEEK') || define('WEEK', 604800);
defined('MONTH') || define('MONTH', 2592000);
defined('YEAR') || define('YEAR', 31536000);
defined('DECADE') || define('DECADE', 315360000);
defined('MONTH') || define('MONTH', 2_592_000);
defined('YEAR') || define('YEAR', 31_536_000);
defined('DECADE') || define('DECADE', 315_360_000);
/*
| --------------------------------------------------------------------------
@ -67,13 +67,28 @@ defined('DECADE') || define('DECADE', 315360000);
| http://tldp.org/LDP/abs/html/exitcodes.html
|
*/
defined('EXIT_SUCCESS') || define('EXIT_SUCCESS', 0); // no errors
defined('EXIT_ERROR') || define('EXIT_ERROR', 1); // generic error
defined('EXIT_CONFIG') || define('EXIT_CONFIG', 3); // configuration error
defined('EXIT_UNKNOWN_FILE') || define('EXIT_UNKNOWN_FILE', 4); // file not found
defined('EXIT_UNKNOWN_CLASS') || define('EXIT_UNKNOWN_CLASS', 5); // unknown class
defined('EXIT_SUCCESS') || define('EXIT_SUCCESS', 0); // no errors
defined('EXIT_ERROR') || define('EXIT_ERROR', 1); // generic error
defined('EXIT_CONFIG') || define('EXIT_CONFIG', 3); // configuration error
defined('EXIT_UNKNOWN_FILE') || define('EXIT_UNKNOWN_FILE', 4); // file not found
defined('EXIT_UNKNOWN_CLASS') || define('EXIT_UNKNOWN_CLASS', 5); // unknown class
defined('EXIT_UNKNOWN_METHOD') || define('EXIT_UNKNOWN_METHOD', 6); // unknown class member
defined('EXIT_USER_INPUT') || define('EXIT_USER_INPUT', 7); // invalid user input
defined('EXIT_DATABASE') || define('EXIT_DATABASE', 8); // database error
defined('EXIT__AUTO_MIN') || define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code
defined('EXIT__AUTO_MAX') || define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code
defined('EXIT_USER_INPUT') || define('EXIT_USER_INPUT', 7); // invalid user input
defined('EXIT_DATABASE') || define('EXIT_DATABASE', 8); // database error
defined('EXIT__AUTO_MIN') || define('EXIT__AUTO_MIN', 9); // lowest automatically-assigned error code
defined('EXIT__AUTO_MAX') || define('EXIT__AUTO_MAX', 125); // highest automatically-assigned error code
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_LOW instead.
*/
define('EVENT_PRIORITY_LOW', 200);
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_NORMAL instead.
*/
define('EVENT_PRIORITY_NORMAL', 100);
/**
* @deprecated Use \CodeIgniter\Events\Events::PRIORITY_HIGH instead.
*/
define('EVENT_PRIORITY_HIGH', 10);

37
ci4/app/Config/ContentSecurityPolicy.php
View File

@ -15,38 +15,32 @@ use CodeIgniter\Config\BaseConfig;
*/
class ContentSecurityPolicy extends BaseConfig
{
//-------------------------------------------------------------------------
// -------------------------------------------------------------------------
// Broadbrush CSP management
//-------------------------------------------------------------------------
// -------------------------------------------------------------------------
/**
* Default CSP report context
*
* @var bool
*/
public $reportOnly = false;
public bool $reportOnly = false;
/**
* Specifies a URL where a browser will send reports
* when a content security policy is violated.
*
* @var string|null
*/
public $reportURI;
public ?string $reportURI = null;
/**
* Instructs user agents to rewrite URL schemes, changing
* HTTP to HTTPS. This directive is for websites with
* large numbers of old URLs that need to be rewritten.
*
* @var bool
*/
public $upgradeInsecureRequests = false;
public bool $upgradeInsecureRequests = false;
//-------------------------------------------------------------------------
// -------------------------------------------------------------------------
// Sources allowed
// Note: once you set a policy to 'none', it cannot be further restricted
//-------------------------------------------------------------------------
// NOTE: once you set a policy to 'none', it cannot be further restricted
// -------------------------------------------------------------------------
/**
* Will default to self if not overridden
@ -164,4 +158,19 @@ class ContentSecurityPolicy extends BaseConfig
* @var string|string[]|null
*/
public $sandbox;
/**
* Nonce tag for style
*/
public string $styleNonceTag = '{csp-style-nonce}';
/**
* Nonce tag for script
*/
public string $scriptNonceTag = '{csp-script-nonce}';
/**
* Replace nonce tag automatically
*/
public bool $autoNonce = true;
}

28
ci4/app/Config/Cookie.php
View File

@ -13,10 +13,8 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Set a cookie name prefix if you need to avoid collisions.
*
* @var string
*/
public $prefix = '';
public string $prefix = '';
/**
* --------------------------------------------------------------------------
@ -37,10 +35,8 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Typically will be a forward slash.
*
* @var string
*/
public $path = '/';
public string $path = '/';
/**
* --------------------------------------------------------------------------
@ -48,10 +44,8 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Set to `.your-domain.com` for site-wide cookies.
*
* @var string
*/
public $domain = '';
public string $domain = '';
/**
* --------------------------------------------------------------------------
@ -59,10 +53,8 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Cookie will only be set if a secure HTTPS connection exists.
*
* @var bool
*/
public $secure = false;
public bool $secure = false;
/**
* --------------------------------------------------------------------------
@ -70,10 +62,8 @@ class Cookie extends BaseConfig
* --------------------------------------------------------------------------
*
* Cookie will only be accessible via HTTP(S) (no JavaScript).
*
* @var bool
*/
public $httponly = true;
public bool $httponly = true;
/**
* --------------------------------------------------------------------------
@ -95,9 +85,9 @@ class Cookie extends BaseConfig
* (empty string) means default SameSite attribute set by browsers (`Lax`)
* will be set on cookies. If set to `None`, `$secure` must also be set.
*
* @var string
* @phpstan-var 'None'|'Lax'|'Strict'|''
*/
public $samesite = 'Lax';
public string $samesite = 'Lax';
/**
* --------------------------------------------------------------------------
@ -110,10 +100,8 @@ class Cookie extends BaseConfig
* If this is set to `true`, cookie names should be compliant of RFC 2616's
* list of allowed characters.
*
* @var bool
*
* @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#attributes
* @see https://tools.ietf.org/html/rfc2616#section-2.2
*/
public $raw = false;
public bool $raw = false;
}

87
ci4/app/Config/Database.php
View File

@ -12,68 +12,63 @@ class Database extends Config
/**
* The directory that holds the Migrations
* and Seeds directories.
*
* @var string
*/
public $filesPath = APPPATH . 'Database' . DIRECTORY_SEPARATOR;
public string $filesPath = APPPATH . 'Database' . DIRECTORY_SEPARATOR;
/**
* Lets you choose which connection group to
* use if no other is specified.
*
* @var string
*/
public $defaultGroup = 'default';
public string $defaultGroup = 'default';
/**
* The default database connection.
*
* @var array
*/
public $default = [
'DSN' => '',
'hostname' => 'localhost',
'username' => '',
'password' => '',
'database' => '',
'DBDriver' => 'MySQLi',
'DBPrefix' => '',
'pConnect' => false,
'DBDebug' => (ENVIRONMENT !== 'production'),
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => 3306,
public array $default = [
'DSN' => '',
'hostname' => 'localhost',
'username' => '',
'password' => '',
'database' => '',
'DBDriver' => 'MySQLi',
'DBPrefix' => '',
'pConnect' => false,
'DBDebug' => true,
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => 3306,
'numberNative' => false,
];
/**
* This database connection is used when
* running PHPUnit database tests.
*
* @var array
*/
public $tests = [
'DSN' => '',
'hostname' => '127.0.0.1',
'username' => '',
'password' => '',
'database' => ':memory:',
'DBDriver' => 'SQLite3',
'DBPrefix' => 'db_', // Needed to ensure we're working correctly with prefixes live. DO NOT REMOVE FOR CI DEVS
'pConnect' => false,
'DBDebug' => (ENVIRONMENT !== 'production'),
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => 3306,
public array $tests = [
'DSN' => '',
'hostname' => '127.0.0.1',
'username' => '',
'password' => '',
'database' => ':memory:',
'DBDriver' => 'SQLite3',
'DBPrefix' => 'db_', // Needed to ensure we're working correctly with prefixes live. DO NOT REMOVE FOR CI DEVS
'pConnect' => false,
'DBDebug' => true,
'charset' => 'utf8',
'DBCollat' => 'utf8_general_ci',
'swapPre' => '',
'encrypt' => false,
'compress' => false,
'strictOn' => false,
'failover' => [],
'port' => 3306,
'foreignKeys' => true,
'busyTimeout' => 1000,
];
public function __construct()

15
ci4/app/Config/DocTypes.php
View File

@ -2,6 +2,9 @@
namespace Config;
/**
* @immutable
*/
class DocTypes
{
/**
@ -9,7 +12,7 @@ class DocTypes
*
* @var array<string, string>
*/
public $list = [
public array $list = [
'xhtml11' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">',
'xhtml1-strict' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">',
'xhtml1-trans' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">',
@ -30,4 +33,14 @@ class DocTypes
'xhtml-rdfa-1' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd">',
'xhtml-rdfa-2' => '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.1//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-2.dtd">',
];
/**
* Whether to remove the solidus (`/`) character for void HTML elements (e.g. `<input>`)
* for HTML5 compatibility.
*
* Set to:
* `true` - to be HTML5 compatible
* `false` - to be XHTML compatible
*/
public bool $html5 = true;
}

107
ci4/app/Config/Email.php
View File

@ -6,165 +6,116 @@ use CodeIgniter\Config\BaseConfig;
class Email extends BaseConfig
{
/**
* @var string
*/
public $fromEmail;
/**
* @var string
*/
public $fromName;
/**
* @var string
*/
public $recipients;
public string $fromEmail = 'safekat@imnavajas.es';
public string $fromName = 'Safekat ERP';
public string $recipients = '';
/**
* The "user agent"
*
* @var string
*/
public $userAgent = 'Safekat ERP';
public string $userAgent = 'Safekat SL';
/**
* The mail sending protocol: mail, sendmail, smtp
*
* @var string
*/
public $protocol = 'smtp';
public string $protocol = 'smtp';
/**
* The server path to Sendmail.
*
* @var string
*/
public $mailPath = '/usr/sbin/sendmail';
public string $mailPath = '/usr/sbin/sendmail';
/**
* SMTP Server Address
*
* @var string
* SMTP Server Hostname
*/
public $SMTPHost = "imnavajas.es";
public string $SMTPHost = 'imnavajas.es';
/**
* SMTP Username
*
* @var string
*/
public $SMTPUser = "safekat@imnavajas.es";
public string $SMTPUser = 'safekat@imnavajas.es';
/**
* SMTP Password
*
* @var string
*/
public $SMTPPass = "Etkd9~448";
public string $SMTPPass = 'Etkd9~448';
/**
* SMTP Port
*
* @var int
*/
public $SMTPPort = 25;
public int $SMTPPort = 25;
/**
* SMTP Timeout (in seconds)
*
* @var int
*/
public $SMTPTimeout = 5;
public int $SMTPTimeout = 5;
/**
* Enable persistent SMTP connections
*
* @var bool
*/
public $SMTPKeepAlive = false;
public bool $SMTPKeepAlive = false;
/**
* SMTP Encryption. Either tls or ssl
* SMTP Encryption.
*
* @var string
* @var string '', 'tls' or 'ssl'. 'tls' will issue a STARTTLS command
* to the server. 'ssl' means implicit SSL. Connection on port
* 465 should set this to ''.
*/
public $SMTPCrypto = 'tls';
public string $SMTPCrypto = 'tls';
/**
* Enable word-wrap
*
* @var bool
*/
public $wordWrap = true;
public bool $wordWrap = true;
/**
* Character count to wrap at
*
* @var int
*/
public $wrapChars = 76;
public int $wrapChars = 76;
/**
* Type of mail, either 'text' or 'html'
*
* @var string
*/
public $mailType = 'html';
public string $mailType = 'html';
/**
* Character set (utf-8, iso-8859-1, etc.)
*
* @var string
*/
public $charset = 'UTF-8';
public string $charset = 'UTF-8';
/**
* Whether to validate the email address
*
* @var bool
*/
public $validate = false;
public bool $validate = false;
/**
* Email Priority. 1 = highest. 5 = lowest. 3 = normal
*
* @var int
*/
public $priority = 3;
public int $priority = 3;
/**
* Newline character. (Use “\r\n” to comply with RFC 822)
*
* @var string
*/
public $CRLF = "\r\n";
public string $CRLF = "\r\n";
/**
* Newline character. (Use “\r\n” to comply with RFC 822)
*
* @var string
*/
public $newline = "\r\n";
public string $newline = "\r\n";
/**
* Enable BCC Batch Mode.
*
* @var bool
*/
public $BCCBatchMode = false;
public bool $BCCBatchMode = false;
/**
* Number of emails in each BCC batch
*
* @var int
*/
public $BCCBatchSize = 200;
public int $BCCBatchSize = 200;
/**
* Enable notify message from server
*
* @var bool
*/
public $DSN = false;
public bool $DSN = false;
}

49
ci4/app/Config/Encryption.php
View File

@ -20,10 +20,8 @@ class Encryption extends BaseConfig
* If you use the Encryption class you must set an encryption key (seed).
* You need to ensure it is long enough for the cipher and mode you plan to use.
* See the user guide for more info.
*
* @var string
*/
public $key = '';
public string $key = '';
/**
* --------------------------------------------------------------------------
@ -35,10 +33,8 @@ class Encryption extends BaseConfig
* Available drivers:
* - OpenSSL
* - Sodium
*
* @var string
*/
public $driver = 'OpenSSL';
public string $driver = 'OpenSSL';
/**
* --------------------------------------------------------------------------
@ -49,10 +45,8 @@ class Encryption extends BaseConfig
* before it is encrypted. This value should be greater than zero.
*
* See the user guide for more information on padding.
*
* @var int
*/
public $blockSize = 16;
public int $blockSize = 16;
/**
* --------------------------------------------------------------------------
@ -60,8 +54,39 @@ class Encryption extends BaseConfig
* --------------------------------------------------------------------------
*
* HMAC digest to use, e.g. 'SHA512' or 'SHA256'. Default value is 'SHA512'.
*
* @var string
*/
public $digest = 'SHA512';
public string $digest = 'SHA512';
/**
* Whether the cipher-text should be raw. If set to false, then it will be base64 encoded.
* This setting is only used by OpenSSLHandler.
*
* Set to false for CI3 Encryption compatibility.
*/
public bool $rawData = true;
/**
* Encryption key info.
* This setting is only used by OpenSSLHandler.
*
* Set to 'encryption' for CI3 Encryption compatibility.
*/
public string $encryptKeyInfo = '';
/**
* Authentication key info.
* This setting is only used by OpenSSLHandler.
*
* Set to 'authentication' for CI3 Encryption compatibility.
*/
public string $authKeyInfo = '';
/**
* Cipher to use.
* This setting is only used by OpenSSLHandler.
*
* Set to 'AES-128-CBC' to decrypt encrypted data that encrypted
* by CI3 Encryption default configuration.
*/
public string $cipher = 'AES-256-CTR';
}

22
ci4/app/Config/Events.php
View File

@ -4,6 +4,7 @@ namespace Config;
use CodeIgniter\Events\Events;
use CodeIgniter\Exceptions\FrameworkException;
use CodeIgniter\HotReloader\HotReloader;
/*
* --------------------------------------------------------------------
@ -32,9 +33,7 @@ Events::on('pre_system', static function () {
ob_end_flush();
}
ob_start(static function ($buffer) {
return $buffer;
});
ob_start(static fn ($buffer) => $buffer);
}
/*
@ -46,5 +45,22 @@ Events::on('pre_system', static function () {
if (CI_DEBUG && ! is_cli()) {
Events::on('DBQuery', 'CodeIgniter\Debug\Toolbar\Collectors\Database::collect');
Services::toolbar()->respond();
// Hot Reload route - for framework use on the hot reloader.
if (ENVIRONMENT === 'development') {
Services::routes()->get('__hot-reload', static function () {
(new HotReloader())->run();
});
}
}
});
Events::on('login', static function ($user) {
helper('logger');
getSystemSettings();
setLog('information','user-login', $user->id);
});
Events::on('logout', static function ($user) {
helper('logger');
setLog('information','user-logout', $user->id);
});

68
ci4/app/Config/Exceptions.php
View File

@ -3,6 +3,10 @@
namespace Config;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Debug\ExceptionHandler;
use CodeIgniter\Debug\ExceptionHandlerInterface;
use Psr\Log\LogLevel;
use Throwable;
/**
* Setup how the exception handler works.
@ -17,10 +21,8 @@ class Exceptions extends BaseConfig
* through Services::Log.
*
* Default: true
*
* @var bool
*/
public $log = true;
public bool $log = true;
/**
* --------------------------------------------------------------------------
@ -28,10 +30,8 @@ class Exceptions extends BaseConfig
* --------------------------------------------------------------------------
* Any status codes here will NOT be logged if logging is turned on.
* By default, only 404 (Page Not Found) exceptions are ignored.
*
* @var array
*/
public $ignoreCodes = [404];
public array $ignoreCodes = [404];
/**
* --------------------------------------------------------------------------
@ -41,10 +41,8 @@ class Exceptions extends BaseConfig
* directories that hold the views used to generate errors.
*
* Default: APPPATH.'Views/errors'
*
* @var string
*/
public $errorViewPath = APPPATH . 'Views/errors';
public string $errorViewPath = APPPATH . 'Views/errors';
/**
* --------------------------------------------------------------------------
@ -53,8 +51,54 @@ class Exceptions extends BaseConfig
* Any data that you would like to hide from the debug trace.
* In order to specify 2 levels, use "/" to separate.
* ex. ['server', 'setup/password', 'secret_token']
*
* @var array
*/
public $sensitiveDataInTrace = [];
public array $sensitiveDataInTrace = [];
/**
* --------------------------------------------------------------------------
* LOG DEPRECATIONS INSTEAD OF THROWING?
* --------------------------------------------------------------------------
* By default, CodeIgniter converts deprecations into exceptions. Also,
* starting in PHP 8.1 will cause a lot of deprecated usage warnings.
* Use this option to temporarily cease the warnings and instead log those.
* This option also works for user deprecations.
*/
public bool $logDeprecations = true;
/**
* --------------------------------------------------------------------------
* LOG LEVEL THRESHOLD FOR DEPRECATIONS
* --------------------------------------------------------------------------
* If `$logDeprecations` is set to `true`, this sets the log level
* to which the deprecation will be logged. This should be one of the log
* levels recognized by PSR-3.
*
* The related `Config\Logger::$threshold` should be adjusted, if needed,
* to capture logging the deprecations.
*/
public string $deprecationLogLevel = LogLevel::WARNING;
/*
* DEFINE THE HANDLERS USED
* --------------------------------------------------------------------------
* Given the HTTP status code, returns exception handler that
* should be used to deal with this error. By default, it will run CodeIgniter's
* default handler and display the error information in the expected format
* for CLI, HTTP, or AJAX requests, as determined by is_cli() and the expected
* response format.
*
* Custom handlers can be returned if you want to handle one or more specific
* error codes yourself like:
*
* if (in_array($statusCode, [400, 404, 500])) {
* return new \App\Libraries\MyExceptionHandler();
* }
* if ($exception instanceOf PageNotFoundException) {
* return new \App\Libraries\MyExceptionHandler();
* }
*/
public function handler(int $statusCode, Throwable $exception): ExceptionHandlerInterface
{
return new ExceptionHandler($this);
}
}

30
ci4/app/Config/Feature.php Normal file
View File

@ -0,0 +1,30 @@
<?php
namespace Config;
use CodeIgniter\Config\BaseConfig;
/**
* Enable/disable backward compatibility breaking features.
*/
class Feature extends BaseConfig
{
/**
* Enable multiple filters for a route or not.
*
* If you enable this:
* - CodeIgniter\CodeIgniter::handleRequest() uses:
* - CodeIgniter\Filters\Filters::enableFilters(), instead of enableFilter()
* - CodeIgniter\CodeIgniter::tryToRouteIt() uses:
* - CodeIgniter\Router\Router::getFilters(), instead of getFilter()
* - CodeIgniter\Router\Router::handle() uses:
* - property $filtersInfo, instead of $filterInfo
* - CodeIgniter\Router\RouteCollection::getFiltersForRoute(), instead of getFilterForRoute()
*/
public bool $multipleFilters = false;
/**
* Use improved new auto routing instead of the default legacy version.
*/
public bool $autoRoutesImproved = false;
}

82
ci4/app/Config/Filters.php
View File

@ -2,13 +2,13 @@
namespace Config;
use App\Filters\JWTAuthFilter;
use App\Filters\LoginAuthFilter;
use App\Filters\ThrottlerFilter;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Filters\CSRF;
use CodeIgniter\Filters\DebugToolbar;
use CodeIgniter\Filters\Honeypot;
use CodeIgniter\Filters\InvalidChars;
use CodeIgniter\Filters\SecureHeaders;
class Filters extends BaseConfig
{
@ -16,54 +16,40 @@ class Filters extends BaseConfig
* Configures aliases for Filter classes to
* make reading things nicer and simpler.
*
* @var array
* @var array<string, class-string|list<class-string>> [filter_name => classname]
* or [filter_name => [classname1, classname2, ...]]
*/
public $aliases = [
'csrf' => CSRF::class,
'toolbar' => DebugToolbar::class,
public array $aliases = [
'csrf' => CSRF::class,
'toolbar' => DebugToolbar::class,
'honeypot' => Honeypot::class,
'auth' => JWTAuthFilter::class,
'throttler' => ThrottlerFilter::class,
'login' => LoginAuthFilter::class,
'invalidchars' => InvalidChars::class,
'secureheaders' => SecureHeaders::class,
];
/**
* List of filter aliases that are always
* applied before and after every request.
*
* @var array
* @var array<string, array<string, array<string, string>>>|array<string, list<string>>
*/
public $globals = [
public array $globals = [
'before' => [
'login' => [
'except' => [
'login',
'login/*',
'oauth',
'oauth/*',
'api',
'api/*',
'cron',
'cron/*',
'lang',
'lang/*',
'language',
'language/*',
'integration',
'integration/*'
]
],
// 'honeypot',
'csrf' => [
// 'csrf',
// 'invalidchars',
'session' => [
'except' => [
'api',
'api/*'
]
'login*',
'register',
'auth/a/*',
'logout']
],
],
'after' => [
'toolbar',
// 'honeypot',
// 'secureheaders',
],
];
@ -72,14 +58,13 @@ class Filters extends BaseConfig
* particular HTTP method (GET, POST, etc.).
*
* Example:
* 'post' => ['csrf', 'throttle']
* 'post' => ['foo', 'bar']
*
* @var array
* If you use this, you should disable auto-routing because auto-routing
* permits any HTTP method to access a controller. Accessing the controller
* with a method you don't expect could bypass the filter.
*/
public $methods = [
// 'get' => ['throttler'],
// 'post' => ['throttler']
];
public array $methods = [];
/**
* List of filter aliases that should run on any
@ -87,21 +72,6 @@ class Filters extends BaseConfig
*
* Example:
* 'isLoggedIn' => ['before' => ['account/*', 'profiles/*']]
*
* @var array
*/
public $filters = [
'auth' => [
'before' => [
'api/user/*',
'api/user/'
],
],
'throttler' => [
'before' => [
'api/*',
'api/'
]
]
];
public array $filters = [];
}

3
ci4/app/Config/ForeignCharacters.php
View File

@ -4,6 +4,9 @@ namespace Config;
use CodeIgniter\Config\ForeignCharacters as BaseForeignCharacters;
/**
* @immutable
*/
class ForeignCharacters extends BaseForeignCharacters
{
}

14
ci4/app/Config/Format.php
View File

@ -4,6 +4,8 @@ namespace Config;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Format\FormatterInterface;
use CodeIgniter\Format\JSONFormatter;
use CodeIgniter\Format\XMLFormatter;
class Format extends BaseConfig
{
@ -22,7 +24,7 @@ class Format extends BaseConfig
*
* @var string[]
*/
public $supportedResponseFormats = [
public array $supportedResponseFormats = [
'application/json',
'application/xml', // machine-readable XML
'text/xml', // human-readable XML
@ -39,10 +41,10 @@ class Format extends BaseConfig
*
* @var array<string, string>
*/
public $formatters = [
'application/json' => 'CodeIgniter\Format\JSONFormatter',
'application/xml' => 'CodeIgniter\Format\XMLFormatter',
'text/xml' => 'CodeIgniter\Format\XMLFormatter',
public array $formatters = [
'application/json' => JSONFormatter::class,
'application/xml' => XMLFormatter::class,
'text/xml' => XMLFormatter::class,
];
/**
@ -55,7 +57,7 @@ class Format extends BaseConfig
*
* @var array<string, int>
*/
public $formatterOptions = [
public array $formatterOptions = [
'application/json' => JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES,
'application/xml' => 0,
'text/xml' => 0,

5
ci4/app/Config/Generators.php
View File

@ -25,8 +25,11 @@ class Generators extends BaseConfig
*
* @var array<string, string>
*/
public $views = [
public array $views = [
'make:cell' => 'CodeIgniter\Commands\Generators\Views\cell.tpl.php',
'make:cell_view' => 'CodeIgniter\Commands\Generators\Views\cell_view.tpl.php',
'make:command' => 'CodeIgniter\Commands\Generators\Views\command.tpl.php',
'make:config' => 'CodeIgniter\Commands\Generators\Views\config.tpl.php',
'make:controller' => 'CodeIgniter\Commands\Generators\Views\controller.tpl.php',
'make:entity' => 'CodeIgniter\Commands\Generators\Views\entity.tpl.php',
'make:filter' => 'CodeIgniter\Commands\Generators\Views\filter.tpl.php',

27
ci4/app/Config/Honeypot.php
View File

@ -8,36 +8,35 @@ class Honeypot extends BaseConfig
{
/**
* Makes Honeypot visible or not to human
*
* @var bool
*/
public $hidden = true;
public bool $hidden = true;
/**
* Honeypot Label Content
*
* @var string
*/
public $label = 'Fill This Field';
public string $label = 'Fill This Field';
/**
* Honeypot Field Name
*
* @var string
*/
public $name = 'honeypot';
public string $name = 'honeypot';
/**
* Honeypot HTML Template
*
* @var string
*/
public $template = '<label>{label}</label><input type="text" name="{name}" value=""/>';
public string $template = '<label>{label}</label><input type="text" name="{name}" value="">';
/**
* Honeypot container
*
* @var string
* If you enabled CSP, you can remove `style="display:none"`.
*/
public $container = '<div style="display:none">{template}</div>';
public string $container = '<div style="display:none">{template}</div>';
/**
* The id attribute for Honeypot container tag
*
* Used when CSP is enabled.
*/
public string $containerId = 'hpc';
}

10
ci4/app/Config/Images.php
View File

@ -10,25 +10,21 @@ class Images extends BaseConfig
{
/**
* Default handler used if no other handler is specified.
*
* @var string
*/
public $defaultHandler = 'gd';
public string $defaultHandler = 'gd';
/**
* The path to the image library.
* Required for ImageMagick, GraphicsMagick, or NetPBM.
*
* @var string
*/
public $libraryPath = '/usr/local/bin/convert';
public string $libraryPath = '/usr/local/bin/convert';
/**
* The available handler classes.
*
* @var array<string, string>
*/
public $handlers = [
public array $handlers = [
'gd' => GDHandler::class,
'imagick' => ImageMagickHandler::class,
];

39
ci4/app/Config/Kint.php Executable file → Normal file
View File

@ -3,7 +3,10 @@
namespace Config;
use CodeIgniter\Config\BaseConfig;
use Kint\Parser\ConstructablePluginInterface;
use Kint\Renderer\AbstractRenderer;
use Kint\Renderer\Rich\TabPluginInterface;
use Kint\Renderer\Rich\ValuePluginInterface;
/**
* --------------------------------------------------------------------------
@ -23,27 +26,32 @@ class Kint extends BaseConfig
|--------------------------------------------------------------------------
*/
/**
* @var list<class-string<ConstructablePluginInterface>|ConstructablePluginInterface>|null
*/
public $plugins;
public $maxDepth = 6;
public $displayCalledFrom = true;
public $expanded = false;
public int $maxDepth = 6;
public bool $displayCalledFrom = true;
public bool $expanded = false;
/*
|--------------------------------------------------------------------------
| RichRenderer Settings
|--------------------------------------------------------------------------
*/
public $richTheme = 'aante-light.css';
public $richFolder = false;
public $richSort = AbstractRenderer::SORT_FULL;
public string $richTheme = 'aante-light.css';
public bool $richFolder = false;
public int $richSort = AbstractRenderer::SORT_FULL;
/**
* @var array<string, class-string<ValuePluginInterface>>|null
*/
public $richObjectPlugins;
/**
* @var array<string, class-string<TabPluginInterface>>|null
*/
public $richTabPlugins;
/*
@ -51,11 +59,8 @@ class Kint extends BaseConfig
| CLI Settings
|--------------------------------------------------------------------------
*/
public $cliColors = true;
public $cliForceUTF8 = false;
public $cliDetectWidth = true;
public $cliMinWidth = 40;
public bool $cliColors = true;
public bool $cliForceUTF8 = false;
public bool $cliDetectWidth = true;
public int $cliMinWidth = 40;
}

31
ci4/app/Config/Logger.php
View File

@ -3,6 +3,7 @@
namespace Config;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Log\Handlers\FileHandler;
class Logger extends BaseConfig
{
@ -37,7 +38,7 @@ class Logger extends BaseConfig
*
* @var array|int
*/
public $threshold = 4;
public $threshold = (ENVIRONMENT === 'production') ? 4 : 9;
/**
* --------------------------------------------------------------------------
@ -46,10 +47,8 @@ class Logger extends BaseConfig
*
* Each item that is logged has an associated date. You can use PHP date
* codes to set your own date formatting
*
* @var string
*/
public $dateFormat = 'Y-m-d H:i:s';
public string $dateFormat = 'Y-m-d H:i:s';
/**
* --------------------------------------------------------------------------
@ -73,18 +72,14 @@ class Logger extends BaseConfig
*
* Handlers are executed in the order defined in this array, starting with
* the handler on top and continuing down.
*
* @var array
*/
public $handlers = [
public array $handlers = [
/*
* --------------------------------------------------------------------
* File Handler
* --------------------------------------------------------------------
*/
'CodeIgniter\Log\Handlers\FileHandler' => [
FileHandler::class => [
// The log levels that this handler will handle.
'handles' => [
'critical',
@ -102,7 +97,7 @@ class Logger extends BaseConfig
* An extension of 'php' allows for protecting the log files via basic
* scripting, when they are to be stored under a publicly accessible directory.
*
* Note: Leaving it blank will default to 'log'.
* NOTE: Leaving it blank will default to 'log'.
*/
'fileExtension' => '',
@ -140,14 +135,14 @@ class Logger extends BaseConfig
* Uncomment this block to use it.
*/
// 'CodeIgniter\Log\Handlers\ErrorlogHandler' => [
// /* The log levels this handler can handle. */
// 'handles' => ['critical', 'alert', 'emergency', 'debug', 'error', 'info', 'notice', 'warning'],
// /* The log levels this handler can handle. */
// 'handles' => ['critical', 'alert', 'emergency', 'debug', 'error', 'info', 'notice', 'warning'],
//
// /*
// * The message type where the error should go. Can be 0 or 4, or use the
// * class constants: `ErrorlogHandler::TYPE_OS` (0) or `ErrorlogHandler::TYPE_SAPI` (4)
// */
// 'messageType' => 0,
// /*
// * The message type where the error should go. Can be 0 or 4, or use the
// * class constants: `ErrorlogHandler::TYPE_OS` (0) or `ErrorlogHandler::TYPE_SAPI` (4)
// */
// 'messageType' => 0,
// ],
];
}

23
ci4/app/Config/Migrations.php
View File

@ -15,10 +15,8 @@ class Migrations extends BaseConfig
*
* You should enable migrations whenever you intend to do a schema migration
* and disable it back when you're done.
*
* @var bool
*/
public $enabled = true;
public bool $enabled = true;
/**
* --------------------------------------------------------------------------
@ -27,13 +25,9 @@ class Migrations extends BaseConfig
*
* This is the name of the table that will store the current migrations state.
* When migrations runs it will store in a database table which migration
* level the system is at. It then compares the migration level in this
* table to the $config['migration_version'] if they are not the same it
* will migrate up. This must be set.
*
* @var string
* files have already been run.
*/
public $table = 'migrations';
public string $table = 'migrations';
/**
* --------------------------------------------------------------------------
@ -42,14 +36,15 @@ class Migrations extends BaseConfig
*
* This is the format that will be used when creating new migrations
* using the CLI command:
* > php spark migrate:create
* > php spark make:migration
*
* Typical formats:
* NOTE: if you set an unsupported format, migration runner will not find
* your migration files.
*
* Supported formats:
* - YmdHis_
* - Y-m-d-His_
* - Y_m_d_His_
*
* @var string
*/
public $timestampFormat = 'Y-m-d-His_';
public string $timestampFormat = 'Y-m-d-His_';
}

30
ci4/app/Config/Mimes.php
View File

@ -15,15 +15,15 @@ namespace Config;
*
* When working with mime types, please make sure you have the ´fileinfo´
* extension enabled to reliably detect the media types.
*
* @immutable
*/
class Mimes
{
/**
* Map of extensions to mime types.
*
* @var array
*/
public static $mimes = [
public static array $mimes = [
'hqx' => [
'application/mac-binhex40',
'application/mac-binhex',
@ -55,6 +55,8 @@ class Mimes
'lzh' => 'application/octet-stream',
'exe' => [
'application/octet-stream',
'application/vnd.microsoft.portable-executable',
'application/x-dosexec',
'application/x-msdownload',
],
'class' => 'application/octet-stream',
@ -102,8 +104,6 @@ class Mimes
],
'pptx' => [
'application/vnd.openxmlformats-officedocument.presentationml.presentation',
'application/x-zip',
'application/zip',
],
'wbxml' => 'application/wbxml',
'wmlc' => 'application/wmlc',
@ -260,6 +260,7 @@ class Mimes
'image/png',
'image/x-png',
],
'webp' => 'image/webp',
'tif' => 'image/tiff',
'tiff' => 'image/tiff',
'css' => [
@ -509,22 +510,21 @@ class Mimes
{
$type = trim(strtolower($type), '. ');
$proposedExtension = trim(strtolower($proposedExtension));
$proposedExtension = trim(strtolower($proposedExtension ?? ''));
if ($proposedExtension !== '') {
if (array_key_exists($proposedExtension, static::$mimes) && in_array($type, is_string(static::$mimes[$proposedExtension]) ? [static::$mimes[$proposedExtension]] : static::$mimes[$proposedExtension], true)) {
// The detected mime type matches with the proposed extension.
return $proposedExtension;
}
// An extension was proposed, but the media type does not match the mime type list.
return null;
if (
$proposedExtension !== ''
&& array_key_exists($proposedExtension, static::$mimes)
&& in_array($type, (array) static::$mimes[$proposedExtension], true)
) {
// The detected mime type matches with the proposed extension.
return $proposedExtension;
}
// Reverse check the mime type list if no extension was proposed.
// This search is order sensitive!
foreach (static::$mimes as $ext => $types) {
if ((is_string($types) && $types === $type) || (is_array($types) && in_array($type, $types, true))) {
if (in_array($type, (array) $types, true)) {
return $ext;
}
}

33
ci4/app/Config/Modules.php
View File

@ -4,6 +4,14 @@ namespace Config;
use CodeIgniter\Modules\Modules as BaseModules;
/**
* Modules Configuration.
*
* NOTE: This class is required prior to Autoloader instantiation,
* and does not extend BaseConfig.
*
* @immutable
*/
class Modules extends BaseModules
{
/**
@ -31,6 +39,29 @@ class Modules extends BaseModules
*/
public $discoverInComposer = true;
/**
* The Composer package list for Auto-Discovery
* This setting is optional.
*
* E.g.:
* [
* 'only' => [
* // List up all packages to auto-discover
* 'codeigniter4/shield',
* ],
* ]
* or
* [
* 'exclude' => [
* // List up packages to exclude.
* 'pestphp/pest',
* ],
* ]
*
* @var array{only?: list<string>, exclude?: list<string>}
*/
public $composerPackages = [];
/**
* --------------------------------------------------------------------------
* Auto-Discovery Rules
@ -41,7 +72,7 @@ class Modules extends BaseModules
*
* If it is not listed, only the base application elements will be used.
*
* @var string[]
* @var list<string>
*/
public $aliases = [
'events',

6
ci4/app/Config/Pager.php
View File

@ -20,7 +20,7 @@ class Pager extends BaseConfig
*
* @var array<string, string>
*/
public $templates = [
public array $templates = [
'default_full' => 'CodeIgniter\Pager\Views\default_full',
'default_simple' => 'CodeIgniter\Pager\Views\default_simple',
'default_head' => 'CodeIgniter\Pager\Views\default_head',
@ -32,8 +32,6 @@ class Pager extends BaseConfig
* --------------------------------------------------------------------------
*
* The default number of results shown in a single page.
*
* @var int
*/
public $perPage = 20;
public int $perPage = 20;
}

24
ci4/app/Config/Paths.php
View File

@ -22,10 +22,8 @@ class Paths
*
* This must contain the name of your "system" folder. Include
* the path if the folder is not in the same directory as this file.
*
* @var string
*/
public $systemDirectory = __DIR__ . '/../../vendor/codeigniter4/framework/system';
public string $systemDirectory = __DIR__ . '/../../vendor/codeigniter4/framework/system';
/**
* ---------------------------------------------------------------
@ -34,14 +32,12 @@ class Paths
*
* If you want this front controller to use a different "app"
* folder than the default one you can set its name here. The folder
* can also be renamed or relocated anywhere on your getServer. If
* you do, use a full getServer path.
* can also be renamed or relocated anywhere on your server. If
* you do, use a full server path.
*
* @see http://codeigniter.com/user_guide/general/managing_apps.html
*
* @var string
*/
public $appDirectory = __DIR__ . '/..';
public string $appDirectory = __DIR__ . '/..';
/**
* ---------------------------------------------------------------
@ -53,10 +49,8 @@ class Paths
* need write permission to a single place that can be tucked away
* for maximum security, keeping it out of the app and/or
* system directories.
*
* @var string
*/
public $writableDirectory = __DIR__ . '/../../writable';
public string $writableDirectory = __DIR__ . '/../../writable';
/**
* ---------------------------------------------------------------
@ -64,10 +58,8 @@ class Paths
* ---------------------------------------------------------------
*
* This variable must contain the name of your "tests" directory.
*
* @var string
*/
public $testsDirectory = __DIR__ . '/../../tests';
public string $testsDirectory = __DIR__ . '/../../tests';
/**
* ---------------------------------------------------------------
@ -78,8 +70,6 @@ class Paths
* contains the view files used by your application. By
* default this is in `app/Views`. This value
* is used when no value is provided to `Services::renderer()`.
*
* @var string
*/
public $viewDirectory = __DIR__ . '/../Views';
public string $viewDirectory = __DIR__ . '/../Views';
}

28
ci4/app/Config/Publisher.php Normal file
View File

@ -0,0 +1,28 @@
<?php
namespace Config;
use CodeIgniter\Config\Publisher as BasePublisher;
/**
* Publisher Configuration
*
* Defines basic security restrictions for the Publisher class
* to prevent abuse by injecting malicious files into a project.
*/
class Publisher extends BasePublisher
{
/**
* A list of allowed destinations with a (pseudo-)regex
* of allowed files for each destination.
* Attempts to publish to directories not in this list will
* result in a PublisherException. Files that do no fit the
* pattern will cause copy/merge to fail.
*
* @var array<string, string>
*/
public $restrictions = [
ROOTPATH => '*',
FCPATH => '#\.(s?css|js|map|html?|xml|json|webmanifest|ttf|eot|woff2?|gif|jpe?g|tiff?|png|webp|bmp|ico|svg)$#i',
];
}

90
ci4/app/Config/RBAC/permissionMatrix.php Normal file
View File

@ -0,0 +1,90 @@
<?php
const SK_PERMISSION_MATRIX = [
"admin" => [
"clientes.create",
"clientes.edit",
"clientes.delete",
"clientes.menu",
"plantillaTarifa.create",
"plantillaTarifa.edit",
"plantillaTarifa.delete",
"plantillaTarifa.menu",
"presupuesto.create",
"presupuesto.edit",
"presupuesto.delete",
"presupuesto.menu",
"tarifaPreimpresion.create",
"tarifaPreimpresion.edit",
"tarifaPreimpresion.delete",
"tarifaPreimpresion.menu",
"tarifaManipulado.create",
"tarifaManipulado.edit",
"tarifaManipulado.delete",
"tarifaManipulado.menu",
"tarifaAcabado.create",
"tarifaAcabado.edit",
"tarifaAcabado.delete",
"tarifaAcabado.menu",
"tarifaEncuadernacion.create",
"tarifaEncuadernacion.edit",
"tarifaEncuadernacion.delete",
"tarifaEncuadernacion.menu",
"tarifaEnvio.create",
"tarifaEnvio.edit",
"tarifaEnvio.delete",
"tarifaEnvio.menu",
"proveedores.create",
"proveedores.edit",
"proveedores.delete",
"proveedores.menu",
"ajustes.create",
"ajustes.edit",
"ajustes.delete",
"ajustes.menu",
"actividad.create",
"actividad.edit",
"actividad.delete",
"actividad.menu",
],
"cliente" => [
"token.token",
"token.menu",
"Profile.index",
"Profile.store",
"Profile.menu",
"Activity.index",
"Activity.menu",
"save.save",
"save.menu",
],
"comercial" => [
"token.token",
"token.menu",
],
"produccion" => [
"token.token",
"token.menu",
],
"maquina" => [
"token.token",
"token.menu",
],
"maquetador" => [
"token.token",
"token.menu",
],
"director" => [
"token.token",
"token.menu",
],
"contabilidad" => [
"token.token",
"token.menu",
],
"editor" => [
"token.token",
"token.menu",
"Profile.index",
"Profile.menu",
],
];

48
ci4/app/Config/RBAC/permissions.php Normal file
View File

@ -0,0 +1,48 @@
<?php
const SK_PERMISSIONS = [
'clientes.create' => 'Can create',
'clientes.edit' => 'Can edit',
'clientes.delete' => 'Can delete',
'clientes.menu' => 'Menu shall be visualize',
'plantillaTarifa.create' => 'Can create',
'plantillaTarifa.edit' => 'Can edit',
'plantillaTarifa.delete' => 'Can delete',
'plantillaTarifa.menu' => 'Menu shall be visualize',
'presupuesto.create' => 'Can create',
'presupuesto.edit' => 'Can edit',
'presupuesto.delete' => 'Can delete',
'presupuesto.menu' => 'Menu shall be visualize',
'tarifaPreimpresion.create' => 'Can create',
'tarifaPreimpresion.edit' => 'Can edit',
'tarifaPreimpresion.delete' => 'Can delete',
'tarifaPreimpresion.menu' => 'Menu shall be visualize',
'tarifaManipulado.create' => 'Can create',
'tarifaManipulado.edit' => 'Can edit',
'tarifaManipulado.delete' => 'Can delete',
'tarifaManipulado.menu' => 'Menu shall be visualize',
'tarifaAcabado.create' => 'Can create',
'tarifaAcabado.edit' => 'Can edit',
'tarifaAcabado.delete' => 'Can delete',
'tarifaAcabado.menu' => 'Menu shall be visualize',
'tarifaEncuadernacion.create' => 'Can create',
'tarifaEncuadernacion.edit' => 'Can edit',
'tarifaEncuadernacion.delete' => 'Can delete',
'tarifaEncuadernacion.menu' => 'Menu shall be visualize',
'tarifaEnvio.create' => 'Can create',
'tarifaEnvio.edit' => 'Can edit',
'tarifaEnvio.delete' => 'Can delete',
'tarifaEnvio.menu' => 'Menu shall be visualize',
'proveedores.create' => 'Can create',
'proveedores.edit' => 'Can edit',
'proveedores.delete' => 'Can delete',
'proveedores.menu' => 'Menu shall be visualize',
'ajustes.create' => 'Can create',
'ajustes.edit' => 'Can edit',
'ajustes.delete' => 'Can delete',
'ajustes.menu' => 'Menu shall be visualize',
'actividad.create' => 'Can create',
'actividad.edit' => 'Can edit',
'actividad.delete' => 'Can delete',
'actividad.menu' => 'Menu shall be visualize',
];

40
ci4/app/Config/RBAC/roles.php Normal file
View File

@ -0,0 +1,40 @@
<?php
const SK_ROLES = [
'admin' => [
'title' => 'Administrador',
'description' => 'Describeme',
],
'cliente' => [
'title' => 'Cliente',
'description' => '',
],
'comercial' => [
'title' => 'Comercial',
'description' => '',
],
'produccion' => [
'title' => 'Producción',
'description' => '',
],
'maquina' => [
'title' => 'Máquina',
'description' => '',
],
'maquetador' => [
'title' => 'Maquetador',
'description' => '',
],
'director' => [
'title' => 'Director',
'description' => '',
],
'contabilidad' => [
'title' => 'Contabilidad',
'description' => '',
],
'editor' => [
'title' => 'Editor',
'description' => '',
],
];

48
ci4/app/Config/Routes.php
View File

@ -1,28 +1,13 @@
<?php
namespace Config;
use CodeIgniter\Router\RouteCollection;
// Create a new instance of our RouteCollection class.
$routes = Services::routes();
// Load the system's routing file first, so that the app and ENVIRONMENT
// can override as needed.
if (file_exists(SYSTEMPATH . 'Config/Routes.php')) {
require SYSTEMPATH . 'Config/Routes.php';
}
/*
* --------------------------------------------------------------------
* Router Setup
* --------------------------------------------------------------------
/**
* @var RouteCollection $routes
*/
$routes->setDefaultNamespace('App\Controllers');
$routes->setDefaultController('Home');
$routes->setDefaultMethod('index');
$routes->setTranslateURIDashes(false);
$routes->set404Override();
$routes->setAutoRoute(true);
//service('auth')->routes($routes, ['except' => ['login', 'register']]);
service('auth')->routes($routes);
//WEB ROUTER ------------------------------------------------------
//------------------------------------------------------------------
@ -30,19 +15,16 @@ $routes->get('/', 'Home::index');
$routes->get('lang/{locale}', 'Language::index');
$routes->get('viewmode/(:alpha)', 'Viewmode::index/$1');
//API ROUTER ------------------------------------------------------
//------------------------------------------------------------------
$routes->get('api/', 'Api::index');
$routes->get('api/status', 'Api::status');
$routes->post('api/signIn', 'Api::signIn');
//API ROUTER USER ------------------------------------------------------
//------------------------------------------------------------------
$routes->get('api/user/', 'Api::user/all');
$routes->get('api/user/(:segment)', 'Api::user/id/$1');
$routes->post('api/user/', 'Api::user/add');
$routes->put('api/user/(:segment)', 'Api::user/edit/$1');
$routes->delete('api/user/(:segment)', 'Api::user/delete/$1');
$routes->group('activity', ['namespace' => 'App\Controllers\Sistema'], function ($routes) {
$routes->get('', 'Actividad::index', ['as' => 'activityList']);
$routes->post('datatable', 'Actividad::datatable', ['as' => 'dataTableOfActividad']);
});
$routes->group('settings', ['namespace' => 'App\Controllers\Sistema'], function ($routes) {
$routes->get('', 'Ajustes::settings', ['as' => 'settingsEdit']);
$routes->post('', 'Ajustes::settings', ['as' => 'settingsPost']);
});
/*

112
ci4/app/Config/Routing.php Normal file
View File

@ -0,0 +1,112 @@
<?php
/**
* This file is part of CodeIgniter 4 framework.
*
* (c) CodeIgniter Foundation <admin@codeigniter.com>
*
* For the full copyright and license information, please view
* the LICENSE file that was distributed with this source code.
*/
namespace Config;
use CodeIgniter\Config\Routing as BaseRouting;
/**
* Routing configuration
*/
class Routing extends BaseRouting
{
/**
* An array of files that contain route definitions.
* Route files are read in order, with the first match
* found taking precedence.
*
* Default: APPPATH . 'Config/Routes.php'
*/
public array $routeFiles = [
APPPATH . 'Config/Routes.php',
];
/**
* The default namespace to use for Controllers when no other
* namespace has been specified.
*
* Default: 'App\Controllers'
*/
public string $defaultNamespace = 'App\Controllers';
/**
* The default controller to use when no other controller has been
* specified.
*
* Default: 'Home'
*/
public string $defaultController = 'Home';
/**
* The default method to call on the controller when no other
* method has been set in the route.
*
* Default: 'index'
*/
public string $defaultMethod = 'index';
/**
* Whether to translate dashes in URIs to underscores.
* Primarily useful when using the auto-routing.
*
* Default: false
*/
public bool $translateURIDashes = false;
/**
* Sets the class/method that should be called if routing doesn't
* find a match. It can be the controller/method name like: Users::index
*
* This setting is passed to the Router class and handled there.
*
* If you want to use a closure, you will have to set it in the
* routes file by calling:
*
* $routes->set404Override(function() {
* // Do something here
* });
*
* Example:
* public $override404 = 'App\Errors::show404';
*/
public ?string $override404 = null;
/**
* If TRUE, the system will attempt to match the URI against
* Controllers by matching each segment against folders/files
* in APPPATH/Controllers, when a match wasn't found against
* defined routes.
*
* If FALSE, will stop searching and do NO automatic routing.
*/
public bool $autoRoute = true;
/**
* If TRUE, will enable the use of the 'prioritize' option
* when defining routes.
*
* Default: false
*/
public bool $prioritize = false;
/**
* Map of URI segments and namespaces. For Auto Routing (Improved).
*
* The key is the first URI segment. The value is the controller namespace.
* E.g.,
* [
* 'blog' => 'Acme\Blog\Controllers',
* ]
*
* @var array [ uri_segment => namespace ]
*/
public array $moduleRoutes = [];
}

74
ci4/app/Config/Safekat.php Normal file
View File

@ -0,0 +1,74 @@
<?php
namespace Config;
use CodeIgniter\Config\BaseConfig;
class Safekat extends BaseConfig
{
public string $appName = 'ERP Safekat 2.0';
public string $i18n = 'es-ES';
public $vista_impresion = 'impresion';
public $vista_maquetacion = 'maquetacion';
public $vista_digitalizacion = 'digitalizacion';
public array $languages = [
'en' => 'English',
'es' => 'Spanish',
];
public array $languageFlags = [
'en' => 'us',
'es' => 'es',
];
public $authImplemented = false;
public $theme = [
'name' => 'vuexy',
'body-sm' => false,
'navbar' => [
'bg' => 'gray',
'type' => 'dark',
'border' => true,
'user' => [
'visible' => true,
'shadow' => 0,
],
],
'sidebar' => [
'type' => 'dark',
'shadow' => 4,
'border' => false,
'compact' => true,
'links' => [
'bg' => 'black', // only works with AdminLTE theme
'shadow' => 1,
],
'brand' => [
'bg' => 'gray-dark',
'logo' => [
'icon' => 'favicon.ico', // path to image | this example icon on public root folder.
'text' => 'sk_test',
'shadow' => 2,
],
],
'user' => [
'visible' => true,
'shadow' => 2,
],
],
'footer' => [
'fixed' => false,
'organization' => 'Safekat',
'orglink' => '#',
],
];
}

58
ci4/app/Config/Security.php
View File

@ -6,38 +6,52 @@ use CodeIgniter\Config\BaseConfig;
class Security extends BaseConfig
{
/**
* --------------------------------------------------------------------------
* CSRF Protection Method
* --------------------------------------------------------------------------
*
* Protection Method for Cross Site Request Forgery protection.
*
* @var string 'cookie' or 'session'
*/
public string $csrfProtection = 'session';
/**
* --------------------------------------------------------------------------
* CSRF Token Randomization
* --------------------------------------------------------------------------
*
* Randomize the CSRF Token for added security.
*/
public bool $tokenRandomize = false;
/**
* --------------------------------------------------------------------------
* CSRF Token Name
* --------------------------------------------------------------------------
*
* Token name for Cross Site Request Forgery protection cookie.
*
* @var string
* Token name for Cross Site Request Forgery protection.
*/
public $tokenName = 'csrf_test_name';
public string $tokenName = 'csrf_test_name';
/**
* --------------------------------------------------------------------------
* CSRF Header Name
* --------------------------------------------------------------------------
*
* Token name for Cross Site Request Forgery protection cookie.
*
* @var string
* Header name for Cross Site Request Forgery protection.
*/
public $headerName = 'X-CSRF-TOKEN';
public string $headerName = 'X-CSRF-TOKEN';
/**
* --------------------------------------------------------------------------
* CSRF Cookie Name
* --------------------------------------------------------------------------
*
* Cookie name for Cross Site Request Forgery protection cookie.
*
* @var string
* Cookie name for Cross Site Request Forgery protection.
*/
public $cookieName = 'csrf_cookie_name';
public string $cookieName = 'csrf_cookie_name';
/**
* --------------------------------------------------------------------------
@ -47,21 +61,17 @@ class Security extends BaseConfig
* Expiration time for Cross Site Request Forgery protection cookie.
*
* Defaults to two hours (in seconds).
*
* @var int
*/
public $expires = 7200;
public int $expires = 7200;
/**
* --------------------------------------------------------------------------
* CSRF Regenerate
* --------------------------------------------------------------------------
*
* Regenerate CSRF Token on every request.
*
* @var bool
* Regenerate CSRF Token on every submission.
*/
public $regenerate = true;
public bool $regenerate = true;
/**
* --------------------------------------------------------------------------
@ -69,10 +79,8 @@ class Security extends BaseConfig
* --------------------------------------------------------------------------
*
* Redirect to previous page with error on failure.
*
* @var bool
*/
public $redirect = true;
public bool $redirect = false;
/**
* --------------------------------------------------------------------------
@ -87,9 +95,7 @@ class Security extends BaseConfig
*
* @see https://portswigger.net/web-security/csrf/samesite-cookies
*
* @var string
*
* @deprecated
* @deprecated `Config\Cookie` $samesite property is used.
*/
public $samesite = 'Lax';
public string $samesite = 'Lax';
}

102
ci4/app/Config/Session.php Normal file
View File

@ -0,0 +1,102 @@
<?php
namespace Config;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Session\Handlers\BaseHandler;
use CodeIgniter\Session\Handlers\FileHandler;
class Session extends BaseConfig
{
/**
* --------------------------------------------------------------------------
* Session Driver
* --------------------------------------------------------------------------
*
* The session storage driver to use:
* - `CodeIgniter\Session\Handlers\FileHandler`
* - `CodeIgniter\Session\Handlers\DatabaseHandler`
* - `CodeIgniter\Session\Handlers\MemcachedHandler`
* - `CodeIgniter\Session\Handlers\RedisHandler`
*
* @var class-string<BaseHandler>
*/
public string $driver = FileHandler::class;
/**
* --------------------------------------------------------------------------
* Session Cookie Name
* --------------------------------------------------------------------------
*
* The session cookie name, must contain only [0-9a-z_-] characters
*/
public string $cookieName = 'ci_session';
/**
* --------------------------------------------------------------------------
* Session Expiration
* --------------------------------------------------------------------------
*
* The number of SECONDS you want the session to last.
* Setting to 0 (zero) means expire when the browser is closed.
*/
public int $expiration = 7200;
/**
* --------------------------------------------------------------------------
* Session Save Path
* --------------------------------------------------------------------------
*
* The location to save sessions to and is driver dependent.
*
* For the 'files' driver, it's a path to a writable directory.
* WARNING: Only absolute paths are supported!
*
* For the 'database' driver, it's a table name.
* Please read up the manual for the format with other session drivers.
*
* IMPORTANT: You are REQUIRED to set a valid save path!
*/
public string $savePath = WRITEPATH . 'session';
/**
* --------------------------------------------------------------------------
* Session Match IP
* --------------------------------------------------------------------------
*
* Whether to match the user's IP address when reading the session data.
*
* WARNING: If you're using the database driver, don't forget to update
* your session table's PRIMARY KEY when changing this setting.
*/
public bool $matchIP = false;
/**
* --------------------------------------------------------------------------
* Session Time to Update
* --------------------------------------------------------------------------
*
* How many seconds between CI regenerating the session ID.
*/
public int $timeToUpdate = 300;
/**
* --------------------------------------------------------------------------
* Session Regenerate Destroy
* --------------------------------------------------------------------------
*
* Whether to destroy session data associated with the old session ID
* when auto-regenerating the session ID. When set to FALSE, the data
* will be later deleted by the garbage collector.
*/
public bool $regenerateDestroy = false;
/**
* --------------------------------------------------------------------------
* Session Database Group
* --------------------------------------------------------------------------
*
* DB Group for the database session.
*/
public ?string $DBGroup = null;
}

51
ci4/app/Config/Toolbar.php Executable file → Normal file
View File

@ -33,7 +33,7 @@ class Toolbar extends BaseConfig
*
* @var string[]
*/
public $collectors = [
public array $collectors = [
Timers::class,
Database::class,
Logs::class,
@ -44,6 +44,16 @@ class Toolbar extends BaseConfig
Events::class,
];
/**
* --------------------------------------------------------------------------
* Collect Var Data
* --------------------------------------------------------------------------
*
* If set to false var data from the views will not be colleted. Useful to
* avoid high memory usage when there are lots of data passed to the view.
*/
public bool $collectVarData = true;
/**
* --------------------------------------------------------------------------
* Max History
@ -52,10 +62,8 @@ class Toolbar extends BaseConfig
* `$maxHistory` sets a limit on the number of past requests that are stored,
* helping to conserve file space used to store them. You can set it to
* 0 (zero) to not have any history stored, or -1 for unlimited history.
*
* @var int
*/
public $maxHistory = 20;
public int $maxHistory = 20;
/**
* --------------------------------------------------------------------------
@ -64,10 +72,8 @@ class Toolbar extends BaseConfig
*
* The full path to the the views that are used by the toolbar.
* This MUST have a trailing slash.
*
* @var string
*/
public $viewsPath = SYSTEMPATH . 'Debug/Toolbar/Views/';
public string $viewsPath = SYSTEMPATH . 'Debug/Toolbar/Views/';
/**
* --------------------------------------------------------------------------
@ -80,8 +86,33 @@ class Toolbar extends BaseConfig
* with hundreds of queries.
*
* `$maxQueries` defines the maximum amount of queries that will be stored.
*
* @var int
*/
public $maxQueries = 100;
public int $maxQueries = 100;
/**
* --------------------------------------------------------------------------
* Watched Directories
* --------------------------------------------------------------------------
*
* Contains an array of directories that will be watched for changes and
* used to determine if the hot-reload feature should reload the page or not.
* We restrict the values to keep performance as high as possible.
*
* NOTE: The ROOTPATH will be prepended to all values.
*/
public array $watchedDirectories = [
'app',
];
/**
* --------------------------------------------------------------------------
* Watched File Extensions
* --------------------------------------------------------------------------
*
* Contains an array of file extensions that will be watched for changes and
* used to determine if the hot-reload feature should reload the page or not.
*/
public array $watchedExtensions = [
'php', 'css', 'js', 'html', 'svg', 'json', 'env',
];
}

8
ci4/app/Config/UserAgents.php
View File

@ -23,7 +23,7 @@ class UserAgents extends BaseConfig
*
* @var array<string, string>
*/
public $platforms = [
public array $platforms = [
'windows nt 10.0' => 'Windows 10',
'windows nt 6.3' => 'Windows 8.1',
'windows nt 6.2' => 'Windows 8',
@ -78,7 +78,7 @@ class UserAgents extends BaseConfig
*
* @var array<string, string>
*/
public $browsers = [
public array $browsers = [
'OPR' => 'Opera',
'Flock' => 'Flock',
'Edge' => 'Spartan',
@ -119,7 +119,7 @@ class UserAgents extends BaseConfig
*
* @var array<string, string>
*/
public $mobiles = [
public array $mobiles = [
// legacy array, old values commented out
'mobileexplorer' => 'Mobile Explorer',
// 'openwave' => 'Open Wave',
@ -228,7 +228,7 @@ class UserAgents extends BaseConfig
*
* @var array<string, string>
*/
public $robots = [
public array $robots = [
'googlebot' => 'Googlebot',
'msnbot' => 'MSNBot',
'baiduspider' => 'Baiduspider',

25
ci4/app/Config/Validation.php
View File

@ -2,16 +2,17 @@
namespace Config;
use CodeIgniter\Validation\CreditCardRules;
use CodeIgniter\Validation\FileRules;
use CodeIgniter\Validation\FormatRules;
use CodeIgniter\Validation\Rules;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Validation\StrictRules\CreditCardRules;
use CodeIgniter\Validation\StrictRules\FileRules;
use CodeIgniter\Validation\StrictRules\FormatRules;
use CodeIgniter\Validation\StrictRules\Rules;
class Validation
class Validation extends BaseConfig
{
//--------------------------------------------------------------------
// --------------------------------------------------------------------
// Setup
//--------------------------------------------------------------------
// --------------------------------------------------------------------
/**
* Stores the classes that contain the
@ -19,12 +20,11 @@ class Validation
*
* @var string[]
*/
public $ruleSets = [
public array $ruleSets = [
Rules::class,
FormatRules::class,
FileRules::class,
CreditCardRules::class,
\App\Validation\ApiAuthRules::class,
];
/**
@ -33,14 +33,13 @@ class Validation
*
* @var array<string, string>
*/
public $templates = [
public array $templates = [
'list' => 'CodeIgniter\Validation\Views\list',
'single' => 'CodeIgniter\Validation\Views\single',
'bootstrap_style' => 'themes/_commonPartialsBs/_form_validation_errors',
];
//--------------------------------------------------------------------
// --------------------------------------------------------------------
// Rules
//--------------------------------------------------------------------
// --------------------------------------------------------------------
}

22
ci4/app/Config/View.php
View File

@ -3,7 +3,12 @@
namespace Config;
use CodeIgniter\Config\View as BaseView;
use CodeIgniter\View\ViewDecoratorInterface;
/**
* @phpstan-type ParserCallable (callable(mixed): mixed)
* @phpstan-type ParserCallableString (callable(mixed): mixed)&string
*/
class View extends BaseView
{
/**
@ -29,7 +34,8 @@ class View extends BaseView
* { title|esc(js) }
* { created_on|date(Y-m-d)|esc(attr) }
*
* @var array
* @var array<string, string>
* @phpstan-var array<string, ParserCallableString>
*/
public $filters = [];
@ -38,7 +44,19 @@ class View extends BaseView
* by the core Parser by creating aliases that will be replaced with
* any callable. Can be single or tag pair.
*
* @var array
* @var array<string, array<string>|callable|string>
* @phpstan-var array<string, array<ParserCallableString>|ParserCallableString|ParserCallable>
*/
public $plugins = [];
/**
* View Decorators are class methods that will be run in sequence to
* have a chance to alter the generated output just prior to caching
* the results.
*
* All classes must implement CodeIgniter\View\ViewDecoratorInterface
*
* @var class-string<ViewDecoratorInterface>[]
*/
public array $decorators = [];
}