I noticed this small bit of code above a controller on a demo codeigniter project and wondered what it did and whether I should be using it.
defined('BASEPATH') OR exit('No direct script access allowed');
Also if I should use it where should it be used? controllers? models? both? etc..
in order to activate the codeigniter framework the site must accessed with www.blahblah.com/index.php/params . By going through index.php first the framework is activated and various classes and whatnot are ran through PHP. The framework then looks at the parameters of the url and activates a specific controller. This line of code makes sure that the framework has been properly "booted up" and the user merely isn't trying to run the single php file on the web server. Because that php file assumes that classes within the framework have already been declared, running a controller file on its own would fail miserably and has the potential for a security breach. No direct access allowed.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With