1

I have been working on a flat PHP code - No MVC.

It has 1 index file with a form containing a radio and a file upload option + calls fuctions from 2 other .php files containing functions, and after submitting - it upload the file, loads PHPExcel library, manipulates the Excel file and outputs a download link to the edited Excel file.

Is there a SAFE way to run this on CodeIgniter without any problems?

(with the functions and not objects - or maybe a comfortable way to change my code without too many syntax problems, with the encoded security the CodeIgniter uses, ect')

Imnotapotato
  • 5,308
  • 13
  • 80
  • 147
  • Make it a codeigniter library. if you are using codeigniter 3 info here: http://www.codeigniter.com/user_guide/general/creating_libraries.html if you are using codeigniter 2: http://www.codeigniter.com/userguide2/general/creating_libraries.html – cartalot Nov 05 '15 at 21:47

1 Answers1

1

You absolutely can use your "flat" php code along side codeigniter. Codeigniter is configured to use an htaccess file to route all calls which are not directories in the root server path, or files in the root server path, to codeigniter's bootstrap file (called index.php by default). Therefore if you were to make a request to a directory in your root path that existed, your http server would follow that path instead of redirecting your traffic to codeigniter.

What you would want to do is include a directory in your webroot (same directory as codeigniter's index.php file) and call it something that does not conflict with any of your existing controllers (if you have a directory with the same name as a controller the controller will be ignored for the directory) and move your "flat" php code into this directory.

Example directory structure:

/application
/system
/.htaccess
/index.php
/flatphp/file1.php
/flatphp/file2.php
/flatphp/file3.php
whitwhoa
  • 2,389
  • 4
  • 30
  • 61
  • and I will still be protected from mysql injections ect'? will everything get passed in a secure and encoded although it's a flat code and not OOP? (for example when saving files, using forms(post) ect) – Imnotapotato Nov 05 '15 at 15:43
  • 1
    No. If you are not using codeigniter then you don't get any of the benefits of codeigniter. You will have to handle everything manually like you would on any other app that didn't use codeigniter. Also, being procedural vs oop doesn't make a difference as to whether or not your code is safe from sql injection. If you take the necessary precautions and sanitize your input your pages will be just as safe as anything else out there. – whitwhoa Nov 05 '15 at 15:50