Login

Mrtemp · 04-08-2025, 06:27 AM

Hi,
i got this porject from a collegue who quit and did not leave and documentaiton on the project i tried using the debugbar to understand the code better but its not showing up at all even when doing all the configuraiton required this is the configuration and some reponse in the network tab from the browser
.htaccess

Code:
# Disable directory browsing

Options -Indexes

# ----------------------------------------------------------------------

# Rewrite engine

# ----------------------------------------------------------------------

# Turning on the rewrite engine is necessary for the following rules and features.

# FollowSymLinks must be enabled for this to work.

<IfModule mod_rewrite.c>

 Options +FollowSymlinks

 RewriteEngine On

 # If you installed CodeIgniter in a subfolder, you will need to

 # change the following line to match the subfolder you need.

 # http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase

 # RewriteBase /

 # Redirect Trailing Slashes...

 RewriteCond %{REQUEST_FILENAME} !-d

 RewriteCond %{REQUEST_URI} (.+)/$

 RewriteRule ^ %1 [L,R=301]

 #Add New Redirects Here

 # Checks to see if the user is attempting to access a valid file,

 # such as an image or css document, if this isn't true it sends the

 # request to the front controller, index.php

    RewriteCond %{REQUEST_FILENAME} !-f

    RewriteCond %{REQUEST_FILENAME} !-d

    RewriteRule ^(.*)$ index.php?/$1 [L]

 # Ensure Authorization header is passed along

 RewriteCond %{HTTP:Authorization} .

 RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

</IfModule>

<IfModule !mod_rewrite.c>

 # If we don't have mod_rewrite installed, all 404's

 # can be sent to index.php, and everything works as normal.

 ErrorDocument 404 index.php

</IfModule>

# Disable server signature start

 ServerSignature Off

# Disable server signature end

<Files .env>

    Require all denied

</Files>

<IfModule mod_deflate.c>

    AddOutputFilterByType DEFLATE image/svg+xml

    AddOutputFilterByType DEFLATE application/x-font

    AddOutputFilterByType DEFLATE application/x-font-truetype

    AddOutputFilterByType DEFLATE application/x-font-ttf

    AddOutputFilterByType DEFLATE application/x-font-otf

    AddOutputFilterByType DEFLATE application/x-font-woff

    AddOutputFilterByType DEFLATE application/x-font-woff2

    AddOutputFilterByType DEFLATE application/x-font-opentype

    AddOutputFilterByType DEFLATE application/vnd.ms-fontobject

    AddOutputFilterByType DEFLATE application/font-woff

    AddOutputFilterByType DEFLATE application/font-woff2

    AddOutputFilterByType DEFLATE font/ttf

    AddOutputFilterByType DEFLATE font/otf

    AddOutputFilterByType DEFLATE font/eot

    AddOutputFilterByType DEFLATE font/woff

    AddOutputFilterByType DEFLATE font/woff2

    AddOutputFilterByType DEFLATE font/opentype

</IfModule>

<IfModule mod_expires.c>

  ExpiresActive On

 # Images

  ExpiresByType image/jpeg "access plus 1 year"

  ExpiresByType image/gif "access plus 1 year"

  ExpiresByType image/png "access plus 1 year"

  ExpiresByType image/webp "access plus 1 year"

  ExpiresByType image/svg+xml "access plus 1 year"

  ExpiresByType image/x-icon "access plus 1 year"

  # Video

  ExpiresByType video/webm "access plus 1 year"

  ExpiresByType video/mp4 "access plus 1 year"

  ExpiresByType video/mpeg "access plus 1 year"

  # Fonts

  ExpiresByType font/ttf "access plus 1 year"

  ExpiresByType font/otf "access plus 1 year"

  ExpiresByType font/woff "access plus 1 year"

  ExpiresByType font/woff2 "access plus 1 year"

  ExpiresByType application/font-woff "access plus 1 year"

  # CSS, JavaScript

  ExpiresByType text/css "access plus 1 year"

  ExpiresByType text/javascript "access plus 1 year"

  ExpiresByType application/javascript "access plus 1 year"

  # Others

  ExpiresByType application/pdf "access plus 1 year"

  ExpiresByType image/vnd.microsoft.icon "access plus 1 year"

</IfModule>

PHP Code:
app/config/Filters.php

public array $aliases = [
        'csrf'          => CSRF::class,
        'toolbar'      => DebugToolbar::class,
        'honeypot'      => Honeypot::class,
        'invalidchars'  => InvalidChars::class,
        'secureheaders' => SecureHeaders::class,
        'cors'          => Cors::class,
        'forcehttps'    => ForceHTTPS::class,
        'pagecache'    => PageCache::class,
        'performance'  => PerformanceMetrics::class,
        'auth'          => \App\Filters\Auth::class,
    ];

    /**
    * List of special required filters.
    *
    * The filters listed here are special. They are applied before and after
    * other kinds of filters, and always applied even if a route does not exist.
    *
    * Filters set by default provide framework functionality. If removed,
    * those functions will no longer work.
    *
    * @see https://codeigniter.com/user_guide/incoming/filters.html#provided-filters
    *
    * @var array{before: list<string>, after: list<string>}
    */
    public array $required = [
        'before' => [
            'forcehttps', // Force Global Secure Requests
            //'pagecache',  // Web Page Caching
        ],
        'after' => [
            //'pagecache',  // Web Page Caching
            //'performance', // Performance Metrics
            'toolbar',    // Debug Toolbar
        ],
    ];

    /**
    * List of filter aliases that are always
    * applied before and after every request.
    *
    * @var array<string, array<string, array<string, string>>>|array<string, list<string>>
    */
    public array $globals = [
        'before' => [
            // 'honeypot',
            'csrf',
            // 'invalidchars',
        ],
        'after' => [
            // 'honeypot',
            // 'secureheaders',
        ],
    ]; 

.env

Code:
CI_ENVIRONMENT = development

#--------------------------------------------------------------------

# APP

#--------------------------------------------------------------------

app.baseURL = http://127.0.0.1/MDN3/

browser network tab

1/bootstrap.min.css 200 127.0.0.1 stylesheet

2/MDN3?debugbar_time=1744112539.451802 301 127.0.0.1 xhr / Redirect

**InsiteFX** · 04-08-2025, 10:38 PM

Did you edit the env file to add the below and save it like env to .env ?

Ok, I just found out that the DebugBar will not show up on Windows 11 unless
the baseURL is also set in the .env file.

Code:
#--------------------------------------------------------------------

# ENVIRONMENT

#--------------------------------------------------------------------

# CI_ENVIRONMENT = production

CI_ENVIRONMENT = development

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009. ( Skype: insitfx )

Mrtemp · 04-09-2025, 11:57 PM

(04-08-2025, 10:38 PM)InsiteFX Wrote: Did you edit the env file to add the below and save it like env to .env ?

Ok, I just found out that the DebugBar will not show up on Windows 11 unless
the baseURL is also set in the .env file.

Code:
#-------------------------------------------------------------------- # ENVIRONMENT #-------------------------------------------------------------------- # CI_ENVIRONMENT = production CI_ENVIRONMENT = development

yes i did that as you can see this is my .env file configuration

Code:
CI_ENVIRONMENT = development

#--------------------------------------------------------------------

# APP

#--------------------------------------------------------------------

app.baseURL = http://127.0.0.1/MDN3/

**InsiteFX** · 04-10-2025, 09:49 PM

Did you try changing 27.0.0.1 to localhost ?

Also the main GitHub CodeIgniter ToolBar was updated yesterday, try downloading that and
see if it fixes your problem.

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009. ( Skype: insitfx )

**paulbalandan** · 04-11-2025, 10:49 AM

Hey, can you confirm this is the value of app.baseURL

app.baseURL = http://127.0.0.1/MDN3/
browser network tab
1/bootstrap.min.css 200 127.0.0.1 stylesheet
2/MDN3?debugbar_time=1744112539.451802 301 127.0.0.1 xhr / Redirect

This looks wrong.

captain-sensible · 04-11-2025, 12:25 PM

Code:
<Files .env>

    Require all denied

</Files>

does the above in the code of .htaccess actually prevent .env being referenced ?

CMS CI4 A CMS system, runs out of the box written on top of CI4

Arch Book CodeIgniter4 on Apache(pages 92-114)

CI4-CMS Github

**InsiteFX** · 04-11-2025, 10:10 PM

There should be quotes around your base_url

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009. ( Skype: insitfx )

captain-sensible · 04-12-2025, 12:43 AM

Also check in the head of views that there is nothing like :

Code:
<meta http-equiv="Content-Security-Policy" content=" default-src 'none';  form-action 'self'; frame-src 'self' ;          ; font-src 'self'  maxcdn.bootstrapcdn.com ;  img-src 'self'; script-src 'self'  http  "        />

Content Security Policy via meta in head can restrict images , js , style sheets from both local and remote sources if not tweked finely

CMS CI4 A CMS system, runs out of the box written on top of CI4

Arch Book CodeIgniter4 on Apache(pages 92-114)

CI4-CMS Github