Issues in index.php (develop) - Issues in develop - ci-bonfire/Sprint - Measure and Improve Code Quality continuously with Scrutinizer

Issues (423)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

index.php (5 issues)

Labels

Severity

Minor 5

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/**
 * CodeIgniter
 *
 * An open source application development framework for PHP
 *
 * This content is released under the MIT License (MIT)
 *
 * Copyright (c) 2014 - 2015, British Columbia Institute of Technology
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 * @package	CodeIgniter
 * @author	EllisLab Dev Team
 * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
 * @copyright	Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
 * @license	http://opensource.org/licenses/MIT	MIT License
 * @link	http://codeigniter.com
 * @since	Version 1.0.0
 * @filesource
 */

include "vendor/autoload.php";

/*
 *---------------------------------------------------------------
 * APPLICATION ENVIRONMENT
 *---------------------------------------------------------------
 *
 * You can load different configurations depending on your
 * current environment. Setting the environment also influences
 * things like logging and error reporting.
 *
 * This can be set to anything, but default usage is:
 *
 *     development
 *     testing
 *     production
 *
 * NOTE: If you change these, also change the error_reporting() code below
 */
	$domain = ! empty($_SERVER['HTTP_HOST']) ? strtolower($_SERVER['HTTP_HOST']) : 'cli';

    /**
     * A simple method to automatically determine the environment that
     * the script is running on. Modify to support your needs.
     *
     * To handle Travis-ci testing, we check for an environment
     * variable called TRAVIS which is set in the .travis.yml file.
     * This allows a database-specific setup for Travis testing.
     */
    if (isset($_ENV['TRAVIS']))
    {
        define('ENVIRONMENT', 'travis');
    }
    else if (isset($_ENV['TESTING']))
    {
	    define('ENVIRONMENT', 'testing');
    }
    else if (strpos($domain, '.dev') !== false || $domain == 'cli')
    {
        define('ENVIRONMENT', 'development');
    }
    else {
        define('ENVIRONMENT', 'production');
    }

/*
 *---------------------------------------------------------------
 * ERROR REPORTING
 *---------------------------------------------------------------
 *
 * Different environments will require different levels of error reporting.
 * By default development will show errors but testing and live will hide them.
 */
switch (ENVIRONMENT)
{
	case 'development':
    case 'travis':
	case 'testing':
		error_reporting(-1);
		ini_set('display_errors', 1);
	break;

	case 'production':
		ini_set('display_errors', 0);
		if (version_compare(PHP_VERSION, '5.3', '>='))
		{
			error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED);
		}
		else
		{
			error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_USER_NOTICE);
		}
	break;

	default:
		header('HTTP/1.1 503 Service Unavailable.', TRUE, 503);
		echo 'The application environment is not set correctly.';
		exit(1); // EXIT_ERROR
}

/*
 *---------------------------------------------------------------
 * SYSTEM FOLDER NAME
 *---------------------------------------------------------------
 *
 * This variable must contain the name of your "system" folder.
 * Include the path if the folder is not in the same directory
 * as this file.
 */
	$system_path = 'system';

/*
 *---------------------------------------------------------------
 * APPLICATION FOLDER NAME
 *---------------------------------------------------------------
 *
 * If you want this front controller to use a different "application"
 * folder than the default one you can set its name here. The folder
 * can also be renamed or relocated anywhere on your server. If
 * you do, use a full server path. For more info please see the user guide:
 * http://codeigniter.com/user_guide/general/managing_apps.html
 *
 * NO TRAILING SLASH!
 */
	$application_folder = 'application';

/*---------------------------------------------------------------
 * MYTH FOLDER NAME
 *---------------------------------------------------------------
 *
 * This variable must contain the name of your "myth" folder.
 * Include the path if the folder is not in the same directory
 * as this file.
 */
    $myth_folder = 'myth';

/*
 *---------------------------------------------------------------
 * VIEW FOLDER NAME
 *---------------------------------------------------------------
 *
 * If you want to move the view folder out of the application
 * folder set the path to the folder here. The folder can be renamed
 * and relocated anywhere on your server. If blank, it will default
 * to the standard location inside your application folder. If you
 * do move this, use the full server path to this folder.
 *
 * NO TRAILING SLASH!
 */
	$view_folder = '';


/*
 * --------------------------------------------------------------------
 * DEFAULT CONTROLLER
 * --------------------------------------------------------------------
 *
 * Normally you will set your default controller in the routes.php file.
 * You can, however, force a custom routing by hard-coding a
 * specific controller class/function here. For most applications, you
 * WILL NOT set your routing here, but it's an option for those
 * special instances where you might want to override the standard
 * routing in a specific front controller that shares a common CI installation.
 *
 * IMPORTANT: If you set the routing here, NO OTHER controller will be
 * callable. In essence, this preference limits your application to ONE
 * specific controller. Leave the function name blank if you need
 * to call functions dynamically via the URI.
 *
 * Un-comment the $routing array below to use this feature
 */
	// The directory name, relative to the "controllers" folder.  Leave blank
	// if your controller is not in a sub-folder within the "controllers" folder
	// $routing['directory'] = '';


	// The controller class file name.  Example:  mycontroller
	// $routing['controller'] = '';


	// The controller function you wish to be called.
	// $routing['function']	= '';



/*
 * -------------------------------------------------------------------
 *  CUSTOM CONFIG VALUES
 * -------------------------------------------------------------------
 *
 * The $assign_to_config array below will be passed dynamically to the
 * config class when initialized. This allows you to set custom config
 * items or override any default config values found in the config.php file.
 * This can be handy as it permits you to share one application between
 * multiple front controller files, with each file containing different
 * config values.
 *
 * Un-comment the $assign_to_config array below to use this feature
 */
	// $assign_to_config['name_of_config_item'] = 'value of config item';




// --------------------------------------------------------------------
// END OF USER CONFIGURABLE SETTINGS.  DO NOT EDIT BELOW THIS LINE
// --------------------------------------------------------------------

/*
 * ---------------------------------------------------------------
 *  Resolve the system path for increased reliability
 * ---------------------------------------------------------------
 */

	// Set the current directory correctly for CLI requests
	if (defined('STDIN'))
	{
		chdir(dirname(__FILE__));
	}

	if (($_temp = realpath($system_path)) !== FALSE)
	{
		$system_path = $_temp.'/';
	}
	else
	{
		// Ensure there's a trailing slash
		$system_path = rtrim($system_path, '/').'/';
	}

	// Is the system path correct?
	if ( ! is_dir($system_path))
	{
		header('HTTP/1.1 503 Service Unavailable.', TRUE, 503);
		echo 'Your system folder path does not appear to be set correctly. Please open the following file and correct this: '.pathinfo(__FILE__, PATHINFO_BASENAME);
		exit(3); // EXIT_CONFIG
	}

/*
 * -------------------------------------------------------------------
 *  Now that we know the path, set the main path constants
 * -------------------------------------------------------------------
 */
	// The name of THIS file
	define('SELF', pathinfo(__FILE__, PATHINFO_BASENAME));

	// Path to the system folder
	define('BASEPATH', str_replace('\\', '/', $system_path));

	// Path to the front controller (this file)
	define('FCPATH', dirname(__FILE__).'/');

	// Name of the "system folder"
	define('SYSDIR', trim(strrchr(trim(BASEPATH, '/'), '/'), '/'));

    // Path to the myth folder
    define('MYTHPATH', rtrim( str_replace('\\', '/', $myth_folder), '/ ') .'/' );

	// The path to the "application" folder
	if (is_dir($application_folder))
	{
		if (($_temp = realpath($application_folder)) !== FALSE)
		{
			$application_folder = $_temp;
		}

		define('APPPATH', $application_folder.DIRECTORY_SEPARATOR);
	}
	else
	{
		if ( ! is_dir(BASEPATH.$application_folder.DIRECTORY_SEPARATOR))
		{
			header('HTTP/1.1 503 Service Unavailable.', TRUE, 503);
			echo 'Your application folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF;
			exit(3); // EXIT_CONFIG
		}

		define('APPPATH', BASEPATH.$application_folder.DIRECTORY_SEPARATOR);
	}

	// The path to the "views" folder
	if ( ! is_dir($view_folder))
	{
		if ( ! empty($view_folder) && is_dir(APPPATH.$view_folder.DIRECTORY_SEPARATOR))
		{
			$view_folder = APPPATH.$view_folder;
		}
		elseif ( ! is_dir(APPPATH.'views'.DIRECTORY_SEPARATOR))
		{
			header('HTTP/1.1 503 Service Unavailable.', TRUE, 503);
			echo 'Your view folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF;
			exit(3); // EXIT_CONFIG
		}
		else
		{
			$view_folder = APPPATH.'views';
		}
	}

	if (($_temp = realpath($view_folder)) !== FALSE)
	{
		$view_folder = $_temp.DIRECTORY_SEPARATOR;
	}
	else
	{
		$view_folder = rtrim($view_folder, '/\\').DIRECTORY_SEPARATOR;
	}

	define('VIEWPATH', $view_folder);

/*
 * --------------------------------------------------------------------
 * LOAD THE BOOTSTRAP FILE
 * --------------------------------------------------------------------
 *
 * And away we go...
 */
require_once BASEPATH.'core/CodeIgniter.php';


GitHub Access Token became invalid

Issues (423)

Security Analysis not enabled

index.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1		<?php
		0 ignored issues – show Coding Style Compatibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this For compatibility and reusability of your code, PSR1 recommends that a file should introduce either new symbols (like classes, functions, etc.) or have side-effects (like outputting something, or including other files), but not both at the same time. The first symbol is defined on line 70 and the first side effect is on line 39. The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file. The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place. To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1. Loading history...
2		/**
3		* CodeIgniter
4		*
5		* An open source application development framework for PHP
6		*
7		* This content is released under the MIT License (MIT)
8		*
9		* Copyright (c) 2014 - 2015, British Columbia Institute of Technology
10		*
11		* Permission is hereby granted, free of charge, to any person obtaining a copy
12		* of this software and associated documentation files (the "Software"), to deal
13		* in the Software without restriction, including without limitation the rights
14		* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
15		* copies of the Software, and to permit persons to whom the Software is
16		* furnished to do so, subject to the following conditions:
17		*
18		* The above copyright notice and this permission notice shall be included in
19		* all copies or substantial portions of the Software.
20		*
21		* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22		* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23		* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24		* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25		* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26		* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27		* THE SOFTWARE.
28		*
29		* @package CodeIgniter
30		* @author EllisLab Dev Team
31		* @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (http://ellislab.com/)
32		* @copyright Copyright (c) 2014 - 2015, British Columbia Institute of Technology (http://bcit.ca/)
33		* @license http://opensource.org/licenses/MIT MIT License
34		* @link http://codeigniter.com
35		* @since Version 1.0.0
36		* @filesource
37		*/
38
39		include "vendor/autoload.php";
40
41		/*
42		*---------------------------------------------------------------
43		* APPLICATION ENVIRONMENT
44		*---------------------------------------------------------------
45		*
46		* You can load different configurations depending on your
47		* current environment. Setting the environment also influences
48		* things like logging and error reporting.
49		*
50		* This can be set to anything, but default usage is:
51		*
52		* development
53		* testing
54		* production
55		*
56		* NOTE: If you change these, also change the error_reporting() code below
57		*/
58		$domain = ! empty($_SERVER['HTTP_HOST']) ? strtolower($_SERVER['HTTP_HOST']) : 'cli';
59
60		/**
61		* A simple method to automatically determine the environment that
62		* the script is running on. Modify to support your needs.
63		*
64		* To handle Travis-ci testing, we check for an environment
65		* variable called TRAVIS which is set in the .travis.yml file.
66		* This allows a database-specific setup for Travis testing.
67		*/
68		if (isset($_ENV['TRAVIS']))
69		{
70		define('ENVIRONMENT', 'travis');
71		}
72		else if (isset($_ENV['TESTING']))
73		{
74		define('ENVIRONMENT', 'testing');
75		}
76		else if (strpos($domain, '.dev') !== false \|\| $domain == 'cli')
77		{
78		define('ENVIRONMENT', 'development');
79		}
80		else {
81		define('ENVIRONMENT', 'production');
82		}
83
84		/*
85		*---------------------------------------------------------------
86		* ERROR REPORTING
87		*---------------------------------------------------------------
88		*
89		* Different environments will require different levels of error reporting.
90		* By default development will show errors but testing and live will hide them.
91		*/
92		switch (ENVIRONMENT)
93		{
94		case 'development':
95		case 'travis':
96		case 'testing':
97		error_reporting(-1);
98		ini_set('display_errors', 1);
99		break;
100
101		case 'production':
102		ini_set('display_errors', 0);
103		if (version_compare(PHP_VERSION, '5.3', '>='))
104		{
105		error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT & ~E_USER_NOTICE & ~E_USER_DEPRECATED);
106		}
107		else
108		{
109		error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_USER_NOTICE);
110		}
111		break;
112
113		default:
114		header('HTTP/1.1 503 Service Unavailable.', TRUE, 503);
115		echo 'The application environment is not set correctly.';
116		exit(1); // EXIT_ERROR
117		}
118
119		/*
120		*---------------------------------------------------------------
121		* SYSTEM FOLDER NAME
122		*---------------------------------------------------------------
123		*
124		* This variable must contain the name of your "system" folder.
125		* Include the path if the folder is not in the same directory
126		* as this file.
127		*/
128		$system_path = 'system';
129
130		/*
131		*---------------------------------------------------------------
132		* APPLICATION FOLDER NAME
133		*---------------------------------------------------------------
134		*
135		* If you want this front controller to use a different "application"
136		* folder than the default one you can set its name here. The folder
137		* can also be renamed or relocated anywhere on your server. If
138		* you do, use a full server path. For more info please see the user guide:
139		* http://codeigniter.com/user_guide/general/managing_apps.html
140		*
141		* NO TRAILING SLASH!
142		*/
143		$application_folder = 'application';
144
145		/*---------------------------------------------------------------
146		* MYTH FOLDER NAME
147		*---------------------------------------------------------------
148		*
149		* This variable must contain the name of your "myth" folder.
150		* Include the path if the folder is not in the same directory
151		* as this file.
152		*/
153		$myth_folder = 'myth';
154
155		/*
156		*---------------------------------------------------------------
157		* VIEW FOLDER NAME
158		*---------------------------------------------------------------
159		*
160		* If you want to move the view folder out of the application
161		* folder set the path to the folder here. The folder can be renamed
162		* and relocated anywhere on your server. If blank, it will default
163		* to the standard location inside your application folder. If you
164		* do move this, use the full server path to this folder.
165		*
166		* NO TRAILING SLASH!
167		*/
168		$view_folder = '';
169
170
171		/*
172		* --------------------------------------------------------------------
173		* DEFAULT CONTROLLER
174		* --------------------------------------------------------------------
175		*
176		* Normally you will set your default controller in the routes.php file.
177		* You can, however, force a custom routing by hard-coding a
178		* specific controller class/function here. For most applications, you
179		* WILL NOT set your routing here, but it's an option for those
180		* special instances where you might want to override the standard
181		* routing in a specific front controller that shares a common CI installation.
182		*
183		* IMPORTANT: If you set the routing here, NO OTHER controller will be
184		* callable. In essence, this preference limits your application to ONE
185		* specific controller. Leave the function name blank if you need
186		* to call functions dynamically via the URI.
187		*
188		* Un-comment the $routing array below to use this feature
189		*/
190		// The directory name, relative to the "controllers" folder. Leave blank
191		// if your controller is not in a sub-folder within the "controllers" folder
192		// $routing['directory'] = '';
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this `60%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
193
194		// The controller class file name. Example: mycontroller
195		// $routing['controller'] = '';
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this `60%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
196
197		// The controller function you wish to be called.
198		// $routing['function'] = '';
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this `60%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
199
200
201		/*
202		* -------------------------------------------------------------------
203		* CUSTOM CONFIG VALUES
204		* -------------------------------------------------------------------
205		*
206		* The $assign_to_config array below will be passed dynamically to the
207		* config class when initialized. This allows you to set custom config
208		* items or override any default config values found in the config.php file.
209		* This can be handy as it permits you to share one application between
210		* multiple front controller files, with each file containing different
211		* config values.
212		*
213		* Un-comment the $assign_to_config array below to use this feature
214		*/
215		// $assign_to_config['name_of_config_item'] = 'value of config item';
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-02-16 16:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this `60%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
216
217
218
219		// --------------------------------------------------------------------
220		// END OF USER CONFIGURABLE SETTINGS. DO NOT EDIT BELOW THIS LINE
221		// --------------------------------------------------------------------
222
223		/*
224		* ---------------------------------------------------------------
225		* Resolve the system path for increased reliability
226		* ---------------------------------------------------------------
227		*/
228
229		// Set the current directory correctly for CLI requests
230		if (defined('STDIN'))
231		{
232		chdir(dirname(__FILE__));
233		}
234
235		if (($_temp = realpath($system_path)) !== FALSE)
236		{
237		$system_path = $_temp.'/';
238		}
239		else
240		{
241		// Ensure there's a trailing slash
242		$system_path = rtrim($system_path, '/').'/';
243		}
244
245		// Is the system path correct?
246		if ( ! is_dir($system_path))
247		{
248		header('HTTP/1.1 503 Service Unavailable.', TRUE, 503);
249		echo 'Your system folder path does not appear to be set correctly. Please open the following file and correct this: '.pathinfo(__FILE__, PATHINFO_BASENAME);
250		exit(3); // EXIT_CONFIG
251		}
252
253		/*
254		* -------------------------------------------------------------------
255		* Now that we know the path, set the main path constants
256		* -------------------------------------------------------------------
257		*/
258		// The name of THIS file
259		define('SELF', pathinfo(__FILE__, PATHINFO_BASENAME));
260
261		// Path to the system folder
262		define('BASEPATH', str_replace('\\', '/', $system_path));
263
264		// Path to the front controller (this file)
265		define('FCPATH', dirname(__FILE__).'/');
266
267		// Name of the "system folder"
268		define('SYSDIR', trim(strrchr(trim(BASEPATH, '/'), '/'), '/'));
269
270		// Path to the myth folder
271		define('MYTHPATH', rtrim( str_replace('\\', '/', $myth_folder), '/ ') .'/' );
272
273		// The path to the "application" folder
274		if (is_dir($application_folder))
275		{
276		if (($_temp = realpath($application_folder)) !== FALSE)
277		{
278		$application_folder = $_temp;
279		}
280
281		define('APPPATH', $application_folder.DIRECTORY_SEPARATOR);
282		}
283		else
284		{
285	View Code Duplication	if ( ! is_dir(BASEPATH.$application_folder.DIRECTORY_SEPARATOR))
286		{
287		header('HTTP/1.1 503 Service Unavailable.', TRUE, 503);
288		echo 'Your application folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF;
289		exit(3); // EXIT_CONFIG
290		}
291
292		define('APPPATH', BASEPATH.$application_folder.DIRECTORY_SEPARATOR);
293		}
294
295		// The path to the "views" folder
296		if ( ! is_dir($view_folder))
297		{
298		if ( ! empty($view_folder) && is_dir(APPPATH.$view_folder.DIRECTORY_SEPARATOR))
299		{
300		$view_folder = APPPATH.$view_folder;
301		}
302	View Code Duplication	elseif ( ! is_dir(APPPATH.'views'.DIRECTORY_SEPARATOR))
303		{
304		header('HTTP/1.1 503 Service Unavailable.', TRUE, 503);
305		echo 'Your view folder path does not appear to be set correctly. Please open the following file and correct this: '.SELF;
306		exit(3); // EXIT_CONFIG
307		}
308		else
309		{
310		$view_folder = APPPATH.'views';
311		}
312		}
313
314		if (($_temp = realpath($view_folder)) !== FALSE)
315		{
316		$view_folder = $_temp.DIRECTORY_SEPARATOR;
317		}
318		else
319		{
320		$view_folder = rtrim($view_folder, '/\\').DIRECTORY_SEPARATOR;
321		}
322
323		define('VIEWPATH', $view_folder);
324
325		/*
326		* --------------------------------------------------------------------
327		* LOAD THE BOOTSTRAP FILE
328		* --------------------------------------------------------------------
329		*
330		* And away we go...
331		*/
332		require_once BASEPATH.'core/CodeIgniter.php';
333

ci-bonfire / Sprint

GitHub Access Token became invalid

Issues (423)

Security Analysis not enabled

index.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like