Skip to content

Commit f83c211

Browse files
actions-useractions-user
committed
Release v4.3.0
1 parent bc3f312 commit f83c211

File tree

310 files changed

+9802
-4547
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

310 files changed

+9802
-4547
lines changed

app/Config/App.php

Lines changed: 62 additions & 81 deletions
Original file line numberDiff line numberDiff line change
@@ -21,10 +21,22 @@ class App extends BaseConfig
2121
* and path to your installation. However, you should always configure this
2222
* explicitly and never rely on auto-guessing, especially in production
2323
* environments.
24+
*/
25+
public string $baseURL = 'http://localhost:8080/';
26+
27+
/**
28+
* Allowed Hostnames in the Site URL other than the hostname in the baseURL.
29+
* If you want to accept multiple Hostnames, set this.
2430
*
25-
* @var string
31+
* E.g. When your site URL ($baseURL) is 'http://example.com/', and your site
32+
* also accepts 'http://media.example.com/' and
33+
* 'http://accounts.example.com/':
34+
* ['media.example.com', 'accounts.example.com']
35+
*
36+
* @var string[]
37+
* @phpstan-var list<string>
2638
*/
27-
public $baseURL = 'http://localhost:8080/';
39+
public array $allowedHostnames = [];
2840

2941
/**
3042
* --------------------------------------------------------------------------
@@ -34,10 +46,8 @@ class App extends BaseConfig
3446
* Typically this will be your index.php file, unless you've renamed it to
3547
* something else. If you are using mod_rewrite to remove the page set this
3648
* variable so that it is blank.
37-
*
38-
* @var string
3949
*/
40-
public $indexPage = 'index.php';
50+
public string $indexPage = 'index.php';
4151

4252
/**
4353
* --------------------------------------------------------------------------
@@ -53,10 +63,8 @@ class App extends BaseConfig
5363
* 'PATH_INFO' Uses $_SERVER['PATH_INFO']
5464
*
5565
* WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded!
56-
*
57-
* @var string
5866
*/
59-
public $uriProtocol = 'REQUEST_URI';
67+
public string $uriProtocol = 'REQUEST_URI';
6068

6169
/**
6270
* --------------------------------------------------------------------------
@@ -67,10 +75,8 @@ class App extends BaseConfig
6775
* is viewing the site from. It affects the language strings and other
6876
* strings (like currency markers, numbers, etc), that your program
6977
* should run under for this request.
70-
*
71-
* @var string
7278
*/
73-
public $defaultLocale = 'en';
79+
public string $defaultLocale = 'en';
7480

7581
/**
7682
* --------------------------------------------------------------------------
@@ -81,10 +87,8 @@ class App extends BaseConfig
8187
* language to use based on the value of the Accept-Language header.
8288
*
8389
* If false, no automatic detection will be performed.
84-
*
85-
* @var bool
8690
*/
87-
public $negotiateLocale = false;
91+
public bool $negotiateLocale = false;
8892

8993
/**
9094
* --------------------------------------------------------------------------
@@ -97,7 +101,7 @@ class App extends BaseConfig
97101
*
98102
* @var string[]
99103
*/
100-
public $supportedLocales = ['en'];
104+
public array $supportedLocales = ['en'];
101105

102106
/**
103107
* --------------------------------------------------------------------------
@@ -106,10 +110,8 @@ class App extends BaseConfig
106110
*
107111
* The default timezone that will be used in your application to display
108112
* dates with the date helper, and can be retrieved through app_timezone()
109-
*
110-
* @var string
111113
*/
112-
public $appTimezone = 'America/Chicago';
114+
public string $appTimezone = 'UTC';
113115

114116
/**
115117
* --------------------------------------------------------------------------
@@ -120,10 +122,8 @@ class App extends BaseConfig
120122
* that require a character set to be provided.
121123
*
122124
* @see http://php.net/htmlspecialchars for a list of supported charsets.
123-
*
124-
* @var string
125125
*/
126-
public $charset = 'UTF-8';
126+
public string $charset = 'UTF-8';
127127

128128
/**
129129
* --------------------------------------------------------------------------
@@ -134,10 +134,8 @@ class App extends BaseConfig
134134
* made via a secure connection (HTTPS). If the incoming request is not
135135
* secure, the user will be redirected to a secure version of the page
136136
* and the HTTP Strict Transport Security header will be set.
137-
*
138-
* @var bool
139137
*/
140-
public $forceGlobalSecureRequests = false;
138+
public bool $forceGlobalSecureRequests = false;
141139

142140
/**
143141
* --------------------------------------------------------------------------
@@ -150,9 +148,9 @@ class App extends BaseConfig
150148
* - `CodeIgniter\Session\Handlers\MemcachedHandler`
151149
* - `CodeIgniter\Session\Handlers\RedisHandler`
152150
*
153-
* @var string
151+
* @deprecated use Config\Session::$driver instead.
154152
*/
155-
public $sessionDriver = FileHandler::class;
153+
public string $sessionDriver = FileHandler::class;
156154

157155
/**
158156
* --------------------------------------------------------------------------
@@ -161,9 +159,9 @@ class App extends BaseConfig
161159
*
162160
* The session cookie name, must contain only [0-9a-z_-] characters
163161
*
164-
* @var string
162+
* @deprecated use Config\Session::$cookieName instead.
165163
*/
166-
public $sessionCookieName = 'ci_session';
164+
public string $sessionCookieName = 'ci_session';
167165

168166
/**
169167
* --------------------------------------------------------------------------
@@ -173,9 +171,9 @@ class App extends BaseConfig
173171
* The number of SECONDS you want the session to last.
174172
* Setting to 0 (zero) means expire when the browser is closed.
175173
*
176-
* @var int
174+
* @deprecated use Config\Session::$expiration instead.
177175
*/
178-
public $sessionExpiration = 7200;
176+
public int $sessionExpiration = 7200;
179177

180178
/**
181179
* --------------------------------------------------------------------------
@@ -192,9 +190,9 @@ class App extends BaseConfig
192190
*
193191
* IMPORTANT: You are REQUIRED to set a valid save path!
194192
*
195-
* @var string
193+
* @deprecated use Config\Session::$savePath instead.
196194
*/
197-
public $sessionSavePath = WRITEPATH . 'session';
195+
public string $sessionSavePath = WRITEPATH . 'session';
198196

199197
/**
200198
* --------------------------------------------------------------------------
@@ -206,9 +204,9 @@ class App extends BaseConfig
206204
* WARNING: If you're using the database driver, don't forget to update
207205
* your session table's PRIMARY KEY when changing this setting.
208206
*
209-
* @var bool
207+
* @deprecated use Config\Session::$matchIP instead.
210208
*/
211-
public $sessionMatchIP = false;
209+
public bool $sessionMatchIP = false;
212210

213211
/**
214212
* --------------------------------------------------------------------------
@@ -217,9 +215,9 @@ class App extends BaseConfig
217215
*
218216
* How many seconds between CI regenerating the session ID.
219217
*
220-
* @var int
218+
* @deprecated use Config\Session::$timeToUpdate instead.
221219
*/
222-
public $sessionTimeToUpdate = 300;
220+
public int $sessionTimeToUpdate = 300;
223221

224222
/**
225223
* --------------------------------------------------------------------------
@@ -230,9 +228,20 @@ class App extends BaseConfig
230228
* when auto-regenerating the session ID. When set to FALSE, the data
231229
* will be later deleted by the garbage collector.
232230
*
233-
* @var bool
231+
* @deprecated use Config\Session::$regenerateDestroy instead.
234232
*/
235-
public $sessionRegenerateDestroy = false;
233+
public bool $sessionRegenerateDestroy = false;
234+
235+
/**
236+
* --------------------------------------------------------------------------
237+
* Session Database Group
238+
* --------------------------------------------------------------------------
239+
*
240+
* DB Group for the database session.
241+
*
242+
* @deprecated use Config\Session::$DBGroup instead.
243+
*/
244+
public ?string $sessionDBGroup = null;
236245

237246
/**
238247
* --------------------------------------------------------------------------
@@ -241,11 +250,9 @@ class App extends BaseConfig
241250
*
242251
* Set a cookie name prefix if you need to avoid collisions.
243252
*
244-
* @var string
245-
*
246253
* @deprecated use Config\Cookie::$prefix property instead.
247254
*/
248-
public $cookiePrefix = '';
255+
public string $cookiePrefix = '';
249256

250257
/**
251258
* --------------------------------------------------------------------------
@@ -254,11 +261,9 @@ class App extends BaseConfig
254261
*
255262
* Set to `.your-domain.com` for site-wide cookies.
256263
*
257-
* @var string
258-
*
259264
* @deprecated use Config\Cookie::$domain property instead.
260265
*/
261-
public $cookieDomain = '';
266+
public string $cookieDomain = '';
262267

263268
/**
264269
* --------------------------------------------------------------------------
@@ -267,11 +272,9 @@ class App extends BaseConfig
267272
*
268273
* Typically will be a forward slash.
269274
*
270-
* @var string
271-
*
272275
* @deprecated use Config\Cookie::$path property instead.
273276
*/
274-
public $cookiePath = '/';
277+
public string $cookiePath = '/';
275278

276279
/**
277280
* --------------------------------------------------------------------------
@@ -280,11 +283,9 @@ class App extends BaseConfig
280283
*
281284
* Cookie will only be set if a secure HTTPS connection exists.
282285
*
283-
* @var bool
284-
*
285286
* @deprecated use Config\Cookie::$secure property instead.
286287
*/
287-
public $cookieSecure = false;
288+
public bool $cookieSecure = false;
288289

289290
/**
290291
* --------------------------------------------------------------------------
@@ -293,11 +294,9 @@ class App extends BaseConfig
293294
*
294295
* Cookie will only be accessible via HTTP(S) (no JavaScript).
295296
*
296-
* @var bool
297-
*
298297
* @deprecated use Config\Cookie::$httponly property instead.
299298
*/
300-
public $cookieHTTPOnly = true;
299+
public bool $cookieHTTPOnly = true;
301300

302301
/**
303302
* --------------------------------------------------------------------------
@@ -319,11 +318,9 @@ class App extends BaseConfig
319318
* (empty string) means default SameSite attribute set by browsers (`Lax`)
320319
* will be set on cookies. If set to `None`, `$cookieSecure` must also be set.
321320
*
322-
* @var string|null
323-
*
324321
* @deprecated use Config\Cookie::$samesite property instead.
325322
*/
326-
public $cookieSameSite = 'Lax';
323+
public ?string $cookieSameSite = 'Lax';
327324

328325
/**
329326
* --------------------------------------------------------------------------
@@ -346,7 +343,7 @@ class App extends BaseConfig
346343
*
347344
* @var array<string, string>
348345
*/
349-
public $proxyIPs = [];
346+
public array $proxyIPs = [];
350347

351348
/**
352349
* --------------------------------------------------------------------------
@@ -356,10 +353,8 @@ class App extends BaseConfig
356353
* The token name.
357354
*
358355
* @deprecated Use `Config\Security` $tokenName property instead of using this property.
359-
*
360-
* @var string
361356
*/
362-
public $CSRFTokenName = 'csrf_test_name';
357+
public string $CSRFTokenName = 'csrf_test_name';
363358

364359
/**
365360
* --------------------------------------------------------------------------
@@ -369,10 +364,8 @@ class App extends BaseConfig
369364
* The header name.
370365
*
371366
* @deprecated Use `Config\Security` $headerName property instead of using this property.
372-
*
373-
* @var string
374367
*/
375-
public $CSRFHeaderName = 'X-CSRF-TOKEN';
368+
public string $CSRFHeaderName = 'X-CSRF-TOKEN';
376369

377370
/**
378371
* --------------------------------------------------------------------------
@@ -382,10 +375,8 @@ class App extends BaseConfig
382375
* The cookie name.
383376
*
384377
* @deprecated Use `Config\Security` $cookieName property instead of using this property.
385-
*
386-
* @var string
387378
*/
388-
public $CSRFCookieName = 'csrf_cookie_name';
379+
public string $CSRFCookieName = 'csrf_cookie_name';
389380

390381
/**
391382
* --------------------------------------------------------------------------
@@ -395,10 +386,8 @@ class App extends BaseConfig
395386
* The number in seconds the token should expire.
396387
*
397388
* @deprecated Use `Config\Security` $expire property instead of using this property.
398-
*
399-
* @var int
400389
*/
401-
public $CSRFExpire = 7200;
390+
public int $CSRFExpire = 7200;
402391

403392
/**
404393
* --------------------------------------------------------------------------
@@ -408,10 +397,8 @@ class App extends BaseConfig
408397
* Regenerate token on every submission?
409398
*
410399
* @deprecated Use `Config\Security` $regenerate property instead of using this property.
411-
*
412-
* @var bool
413400
*/
414-
public $CSRFRegenerate = true;
401+
public bool $CSRFRegenerate = true;
415402

416403
/**
417404
* --------------------------------------------------------------------------
@@ -421,10 +408,8 @@ class App extends BaseConfig
421408
* Redirect to previous page with error on failure?
422409
*
423410
* @deprecated Use `Config\Security` $redirect property instead of using this property.
424-
*
425-
* @var bool
426411
*/
427-
public $CSRFRedirect = true;
412+
public bool $CSRFRedirect = false;
428413

429414
/**
430415
* --------------------------------------------------------------------------
@@ -442,10 +427,8 @@ class App extends BaseConfig
442427
* @see https://portswigger.net/web-security/csrf/samesite-cookies
443428
*
444429
* @deprecated `Config\Cookie` $samesite property is used.
445-
*
446-
* @var string
447430
*/
448-
public $CSRFSameSite = 'Lax';
431+
public string $CSRFSameSite = 'Lax';
449432

450433
/**
451434
* --------------------------------------------------------------------------
@@ -462,8 +445,6 @@ class App extends BaseConfig
462445
*
463446
* @see http://www.html5rocks.com/en/tutorials/security/content-security-policy/
464447
* @see http://www.w3.org/TR/CSP/
465-
*
466-
* @var bool
467448
*/
468-
public $CSPEnabled = false;
449+
public bool $CSPEnabled = false;
469450
}

0 commit comments

Comments
 (0)