CodeIgniter v4.5.0 Released! |
Why the env file has been changed after CI V4.5?
In before CI version ( < v4.5) env file contains
Can i use the previuos env file to the CI v4.5 ?
> Can i use the previuos env file to the CI v4.5 ?
Don't worry. There is no change. Yes, you can. First of all, we should use .env only to values that are changed in development environment. If the values are the same in both production and development environment, we should set the values in Config classes. Therefore, we don't need many config items in .env file. Also parsing .env file by PHP takes time. So it is better to have small .env file.
@Showti11 When it is ready.
You can use develop branch while wait for new release https://codeigniter.com/user_guide/insta...latest-dev and help us give more feedback in case of any regression.
04-13-2024, 02:38 AM
(This post was last modified: 04-13-2024, 02:40 AM by LP_bnss. Edit Reason: Thank )
In HTML, the csrf takes token name from Config\Security.php
PHP Code: <form action="http://localhost:8080/search" id="search-form" method="post" accept-charset="utf-8"> But in Cookie section (browser), the csrf takes cookie name from Config\Security.php => csrf_cookie_name => 15910e74e94cb29c0fbefec3f5c0c7d2 Is it ok to use? Thank you in advance @kenjis for the past replies
@LP_bnss I don't get what you want to know.
$tokenName is CSRF Token Name. That is, the POST field name. $cookieName is CSRF Cookie Name. The name for the cookie. But if you are using Session, you should use Session based CSRF protection. https://codeigniter4.github.io/CodeIgnit...on-methods Because Session based CSRF protection is more secure than Cookie based CSRF protection. (04-13-2024, 06:07 AM)kenjis Wrote: @LP_bnss I don't get what you want to know. My point is, when i run the app the csrf_field in html form takes the $tokenName from Security class. And the csrf_field in browser cookie section takes the $cookieName from Security class. Both names are different and the values are same, so my question is, if i use this way (different names) it makes any problem or not. Now I can understand. I am using session based csrf onwards... Thank you brother?
I'm using CI 4.4.4 and was about to update to 4.5.1
i'm use to duckduckGo -> codeigniter 4 and in results use https://codeigniter.com/user_guide/insta...ading.html but did not found 4.5.1 in the list. The codeigniter.com site is not in sync with https://codeigniter4.github.io/userguide...ading.html ? if this is a known probleme please forgive me
@eelisland It is a known problem.
Note: Unfortunately now the User Guide on the official site is not yet updated due to the deployment trouble. https://github.com/codeigniter4/CodeIgni...ssues/8757 |
Welcome Guest, Not a member yet? Register Sign In |