Comments (3)
Hi @DigiLive
Please note: Your example code contains a security issue, because somebody could change the environment from outside with a query string like https://www.example.com/?APP_ENV=development
.
$settings['environment'] = $_GET['APP_ENV'] ?? getenv('APP_ENV');
My objective is to use a thread safe method to get my env vars. getenv is not thread-safe and thus I try not to use it anymore.
The discussion about that feature seems to be summarized in this statement: vlucas/phpdotenv#446 (comment).
Indeed, the population of superglobals like $_SERVER and $_ENV can depend on the server's configuration (variables_order in php.ini). To make it "really" work a code like this should work. This example uses getenv
only as "fallback" when nothing works.
So simplified to our use case it should work like this:
$environment = $_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? getenv('APP_ENV');
from slim4-skeleton.
Of course it was supposed to be $_ENV
.
I have absolutely no idea why I placed $_GET
in there. 😳
I guess I was too busy with my mind mastering Slim 4 a bit. Anyway... My bad!
For now I'll be using:
$environment = $_SERVER['APP_ENV'] ?? $_ENV['APP_ENV'] ?? getenv('APP_ENV');
until I safe way presents itself.
Thank you very much.
While I don't have the intention to spam issues, I hope you don't mind my posting many comments and questions while I go trough the code of this skeleton.
I'm determined to understand how it operates.
from slim4-skeleton.
No problem. I like good questions :-)
from slim4-skeleton.
Related Issues (20)
- Install troubleshooting HOT 2
- Wrong statement in the configuration doc page HOT 4
- Database migrations with phinx and schema.sql generation HOT 5
- Which session package should I use? HOT 4
- Missing TemplateRenderer/HtmlRenderer HOT 2
- Question: MVC vs ADR Pattern HOT 2
- Link in docs is wrong HOT 1
- logger test's settings are useless HOT 4
- How to use loggerFactory in Routing/JwtAuth
- Using skeleton in a subdirectory HOT 2
- Handling relationships within the skeleton structure HOT 4
- create-project is not downloading some files HOT 3
- Problem getting JWT to work as per your eBook HOT 6
- Undefined function 'uuid_create' in LoggerFactory HOT 2
- 404 in /docs/configuration.md HOT 2
- How to handle query error ? HOT 5
- How to handle data from repository to presentation as JSON for REST API HOT 4
- Add demonstration URL HOT 5
- Letting the bin/console.php setup command have non-interactive mode HOT 5
- Any auth in your sceleton? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from slim4-skeleton.