CI4 + defined('BASEPATH')

Hi, I am trying to build a helper class in CI4 and I have this line in it.

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

Is this still something thats required in CI4? If it is where abouts should basepath be defined and how should it look?

Sorry if this is a noob question, I have googled about and keep getting what I beleive are CI3 answers.

That bit of code is not used in CI v4. Its real purpose in previous versions was as a sanity check. There was a lot of code in the Framework that only made sense in the context of the framework. If BASEPATH wasn't defined then most likely the code execution attempt is not in the CI framework and should not be allowed.

You may have seen it described as a "security feature" which it is not.

CI v4, due to the use of namespace and PSR-4 autoloading, isn't as tightly coupled as it was, so the execution context for various classes isn't as stringent.

Ah thanks dave.

Does that mean that I dont need to worry about the security of these files? Im running everything out of the public folder.

Also Do you know if it is okay to put the assets folder inside the public folder?

You don't need to worry about files outside of 'public' being accessed using HTTP. This assumes that your server is set appropriately and that 'public' is the webroot of your site.

Because none of the other folders and their contents should be accessible using HTTP your assets MUST be in the 'public' folder or a subfolder of 'public'.

Perfect! thanks alot.

If you look in the folders of CI 4 you should see a .htaccess file which protects them
from being viewed etc;

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )

Yeah I noticed

<IfModule authz_core_module>
Require all denied
</IfModule>
<IfModule !authz_core_module>
Deny from all
</IfModule>

Inside the .htaccess inside each folder with the exception of public. Thats why I was curious as to where the assets folder should sit.