Merged CodeIgniter Core changes and integrated rob1's secure cookie change into my secure cookie change.
diff --git a/application/config/config.php b/application/config/config.php
index 26b31e3..1ec6543 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -10,8 +10,11 @@
|
| http://example.com/
|
+| If this is not set then CodeIgniter will guess the protocol, domain and
+| path to your installation.
+|
*/
-$config['base_url'] = "http://example.com/";
+$config['base_url'] = '';
/*
|--------------------------------------------------------------------------
@@ -23,7 +26,7 @@
| variable so that it is blank.
|
*/
-$config['index_page'] = "index.php";
+$config['index_page'] = 'index.php';
/*
|--------------------------------------------------------------------------
@@ -31,7 +34,7 @@
|--------------------------------------------------------------------------
|
| This item determines which server global should be used to retrieve the
-| URI string. The default setting of "AUTO" works for most servers.
+| URI string. The default setting of 'AUTO' works for most servers.
| If your links do not seem to work, try one of the other delicious flavors:
|
| 'AUTO' Default - auto detects
@@ -41,7 +44,7 @@
| 'ORIG_PATH_INFO' Uses the ORIG_PATH_INFO
|
*/
-$config['uri_protocol'] = "AUTO";
+$config['uri_protocol'] = 'AUTO';
/*
|--------------------------------------------------------------------------
@@ -54,7 +57,7 @@
| http://codeigniter.com/user_guide/general/urls.html
*/
-$config['url_suffix'] = "";
+$config['url_suffix'] = '';
/*
|--------------------------------------------------------------------------
@@ -66,7 +69,7 @@
| than english.
|
*/
-$config['language'] = "english";
+$config['language'] = 'english';
/*
|--------------------------------------------------------------------------
@@ -77,14 +80,14 @@
| that require a character set to be provided.
|
*/
-$config['charset'] = "UTF-8";
+$config['charset'] = 'UTF-8';
/*
|--------------------------------------------------------------------------
| Enable/Disable System Hooks
|--------------------------------------------------------------------------
|
-| If you would like to use the "hooks" feature you must enable it by
+| If you would like to use the 'hooks' feature you must enable it by
| setting this variable to TRUE (boolean). See the user guide for details.
|
*/
@@ -134,12 +137,15 @@
| By default CodeIgniter uses search-engine friendly segment based URLs:
| example.com/who/what/where/
|
+| By default CodeIgniter enables access to the $_GET array. If for some
+| reason you would like to disable it, set 'allow_get_array' to FALSE.
+|
| You can optionally enable standard query string based URLs:
| example.com?who=me&what=something&where=here
|
| Options are: TRUE or FALSE (boolean)
|
-| The other items let you set the query string "words" that will
+| The other items let you set the query string 'words' that will
| invoke your controllers and its functions:
| example.com/index.php?c=controller&m=function
|
@@ -148,6 +154,7 @@
| use segment based URLs.
|
*/
+$config['allow_get_array'] = TRUE;
$config['enable_query_strings'] = FALSE;
$config['controller_trigger'] = 'c';
$config['function_trigger'] = 'm';
@@ -181,7 +188,7 @@
|--------------------------------------------------------------------------
|
| Leave this BLANK unless you would like to set something other than the default
-| system/logs/ folder. Use a full server path with trailing slash.
+| application/logs/ folder. Use a full server path with trailing slash.
|
*/
$config['log_path'] = '';
@@ -217,7 +224,7 @@
| MUST set an encryption key. See the user guide for info.
|
*/
-$config['encryption_key'] = "";
+$config['encryption_key'] = '';
/*
|--------------------------------------------------------------------------
@@ -281,9 +288,15 @@
| Enables a CSRF cookie token to be set. When set to TRUE, token will be
| checked on a submitted form. If you are accepting user data, it is strongly
| recommended CSRF protection be enabled.
+|
+| 'csrf_token_name' = The token name
+| 'csrf_cookie_name' = The cookie name
+| 'csrf_expire' = The number in seconds the token should expire.
*/
$config['csrf_protection'] = FALSE;
-
+$config['csrf_token_name'] = 'csrf_test_name';
+$config['csrf_cookie_name'] = 'csrf_cookie_name';
+$config['csrf_expire'] = 7200;
/*
|--------------------------------------------------------------------------
@@ -299,7 +312,7 @@
| means you are prematurely outputting something to your browser. It could
| even be a line of whitespace at the end of one of your scripts. For
| compression to work, nothing can be sent before the output buffer is called
-| by the output class. Do not "echo" any values with compression enabled.
+| by the output class. Do not 'echo' any values with compression enabled.
|
*/
$config['compress_output'] = FALSE;
@@ -309,9 +322,9 @@
| Master Time Reference
|--------------------------------------------------------------------------
|
-| Options are "local" or "gmt". This pref tells the system whether to use
-| your server's local time as the master "now" reference, or convert it to
-| GMT. See the "date helper" page of the user guide for information
+| Options are 'local' or 'gmt'. This pref tells the system whether to use
+| your server's local time as the master 'now' reference, or convert it to
+| GMT. See the 'date helper' page of the user guide for information
| regarding date handling.
|
*/
@@ -346,4 +359,4 @@
/* End of file config.php */
-/* Location: ./application/config/config.php */
\ No newline at end of file
+/* Location: ./application/config/config.php */