Module Security
So, you created your module and works fine, but is it secure? You must ensure that your module is secure and is not vulnerable to any SQL Injections are directory traversing.
You can find below best practices to ensure that your module will be secure. Feel free to apply your own best practices for your module security.
Gather user data from requests
When a user is filling forms, the data is sent e.q. via a POST request to the controller after that you gather this data and insert into the database.
To ensure that this data is escaped, you should gather the data with the built-in CodeIgniter framework input class.
// Get data from POST request
$data = $this->input->post();
$client_id = $this->input->post('client_id');
// Get data from GET request
$data = $this->input->get();
$client_id = $this->input->get('client_id');
Do Not Allow Direct Access the Module Files
For each .php file you created for your module, you must add the code below at the top of the file to prevent the file to be accessed directly.
defined('BASEPATH') or exit('No direct script access allowed');
Include empty index.html files
Always add empty index.html file in each folder you will create in your module directory including your module root directory.
E.q. in modules/[your-module]/
E.q. in modules[your-module]/views
Related Articles
Module Basics
Modules location & Name All modules should be added in the modules folder in your root directory where Our CRM is installed and each module must have unique folder name and init file with the same name as your module folder name. Creating your first ...Common Module Functions
register_activation_hook /** * Register module activation hook * @param string $module module system name * @param mixed $function function for the hook * @return mixed */ register_activation_hook($module, $function) register_deactivation_hook ...Module File Headers
Each module in Our CRM consist of init file which contains the general module configuration and includes headers containing meta-information regarding the module. Module init file headers example The follow example is taken from the default Our CRM ...13: Memories
Relive your moments with the "Memories" module on BIMeta using this simple guide: 1. Locate 'Memories': On the left side of the site, find and click on the 'Memories' module. 2. Explore Memories Page: · Clicking opens the 'Memories' page, revealing: ...14: Blog
Share your thoughts and explore articles with the "Blog" module on BIMeta using this simple guide: 1. Locate 'Blog': On the left side of the site, find and click on the 'Blog' module. 2. Explore Blog Page: · Clicking opens the 'Blog' page, ...