{"id":14987448,"url":"https://github.com/ci4-cms-erp/ci4ms","last_synced_at":"2026-02-02T20:13:14.355Z","repository":{"id":99117146,"uuid":"576809623","full_name":"ci4-cms-erp/ci4ms","owner":"ci4-cms-erp","description":"mysql veriyon for ci4ms","archived":false,"fork":false,"pushed_at":"2025-03-13T22:20:29.000Z","size":33039,"stargazers_count":7,"open_issues_count":6,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-12T00:15:05.706Z","etag":null,"topics":["authentication","authorization","codeigniter-cms","codeigniter-template","codeigniter4","codeigniter4-cms","php","rbac","roles"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ci4-cms-erp.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-12-11T03:31:34.000Z","updated_at":"2025-03-13T22:20:35.000Z","dependencies_parsed_at":"2023-03-24T04:03:49.985Z","dependency_job_id":"e1af2c38-5cd4-42c8-8a2e-d333f35395f4","html_url":"https://github.com/ci4-cms-erp/ci4ms","commit_stats":{"total_commits":52,"total_committers":2,"mean_commits":26.0,"dds":"0.34615384615384615","last_synced_commit":"018332d1afd4b34925e77cc066ee686d69a84a47"},"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ci4-cms-erp%2Fci4ms","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ci4-cms-erp%2Fci4ms/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ci4-cms-erp%2Fci4ms/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ci4-cms-erp%2Fci4ms/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ci4-cms-erp","download_url":"https://codeload.github.com/ci4-cms-erp/ci4ms/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248497818,"owners_count":21113984,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","authorization","codeigniter-cms","codeigniter-template","codeigniter4","codeigniter4-cms","php","rbac","roles"],"created_at":"2024-09-24T14:14:37.825Z","updated_at":"2026-02-02T20:13:14.347Z","avatar_url":"https://github.com/ci4-cms-erp.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CI4MS\n\nCI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. It combines CMS workflows, developer-focused CLI commands, an extensible module system, and customizable front-end themes in a single package.\n\n## Key Features\n\n- Authentication \u0026 RBAC: `Modules\\Auth` handles user login, lockouts, and password resets, while permissions map to `auth_permissions_pages` records.\n- Modular backend: Each feature ships as an independent module (Blog, Pages, Menu, Media, Users, Settings, Theme, etc.) under `modules/*`.\n- Flexible content management: Page and blog entries include SEO metadata, categories, tags, and full comment workflows.\n- Media \u0026 files: Includes elFinder-powered media management, a built-in file editor, and an in-panel log viewer.\n- Theme system: The `public/templates/*` structure and the `Modules\\Theme` module enable installing or upgrading themes from ZIP packages.\n- Setup \u0026 automation: Offers a web-based installer (`/install`) plus CLI commands for default data seeding, automatic route generation, and module scaffolding via `php spark make:module`.\n- SEO helpers: `ci4seopro` builds meta tags and JSON-LD, while `CommonLibrary` centralizes email, breadcrumbs, and inline shortcode utilities.\n\n## Requirements\n\n- PHP 8.1 or newer (intl, json, mbstring, gd, curl, openssl recommended)\n- Composer\n- MySQL/MariaDB (or any CodeIgniter 4-supported driver)\n- Writable directories: `writable/`, `public/uploads/`, optionally `public/templates/`\n\nSee `composer.json` for the full dependency list (e.g. `bertugfahriozer/ci4commonmodel`, `bertugfahriozer/sql2migration`, `ci4-cms-erp/ext_module_generator`, `claviska/simpleimage`, `seunmatt/codeigniter-log-viewer`, `gregwar/captcha`, `jasongrimes/paginator`, `studio-42/elfinder`, `phpmailer/phpmailer`).\n\n# ðŸŠī Project Activity\n\n![Alt](https://repobeats.axiom.co/api/embed/9f2631ce1dcfae3db84f5113fea08ac0c7ae8d29.svg \"Repobeats analytics image\")\n\n## Installation\n\n### Fresh Project (recommended)\n\n```bash\ncomposer create-project ci4-cms-erp/ci4ms myproject\ncd myproject\n```\n\n### Clone Existing Repository\n\n```bash\ngit clone \u003crepo-url\u003e ci4ms\ncd ci4ms\ncomposer install\n```\n\n### Environment \u0026 Configuration\n\n1. Create your `.env` and enable the development environment:\n ```bash\n cp env .env\n php spark env development\n ```\n2. Update these core settings in `.env`:\n - `app.baseURL`\n - `database.default.*`\n - Optional: `cookie.*`, `honeypot.*`, `security.*`\n3. If you prefer the web installer, open `/install` in the browser and follow the wizard. Use the CLI steps below if you want to skip the wizard.\n\n### Database \u0026 Seed Data\n\n```bash\nphp spark migrate\nphp spark db:seed Ci4msDefaultsSeeder # You will be prompted for your name, email, and password\nphp spark create:route # Generates the default routes file\nphp spark key:generate # Creates an encryption key\n```\n\nThe seeder provisions an active administrator account (group_id=1) and populates the initial module records.\n\n### Run the Dev Server\n\n```bash\nphp spark serve\n```\n\nAccess the backend via: `https://\u003cdomain\u003e/backend`\n\n## Directory Layout\n\n- `app/Controllers/Home.php` — Handles front-end pages, blog listings, details, and comments.\n- `app/Libraries/` — Shared helpers (email, SEO, shortcodes).\n- `app/Commands/` — CLI tooling (`make:a*`, `create:route`).\n- `app/Filters/Ci4ms.php` — Install guard, maintenance mode redirect, menu cache.\n- `modules/*` — Each module includes its own `Config/Routes.php`, `Controllers`, `Models`, `Views`, `Language`, `Libraries`, `Filters`.\n- `public/templates/` — Theme assets; each theme requires `info.xml` and `screenshot.png`.\n- `writable/` — Cache, logs, temporary files.\n\n## Modules\n\n| Module | Purpose | Highlights |\n| ---------------- | -------------------------- | ----------------------------------------------------- |\n| Auth | Authentication lifecycle | CAPTCHA, email activation, reset tokens |\n| Backend | Admin shell | Dashboard stats, shared base controller |\n| Blog | Blog CRUD | Categories, tags, comments, bad-word filters |\n| Pages | Static page management | SEO fields, inline shortcode parsing |\n| Menu | Menu builder | Drag-and-drop ordering, slug helpers |\n| Media | Media manager | elFinder integration, optional WebP conversion |\n| Fileeditor | Project file editor | Safe read/write/rename/move/delete |\n| Settings | System configuration | Company/social/mail settings, encrypted SMTP password |\n| Users | User \u0026 role management | Group-based permissions, reset tracking |\n| Methods | Route → permission mapping | Module toggling, router scan |\n| Logs | Log viewer | Browses CodeIgniter log files inside the backend |\n| ModulesInstaller | Module ZIP installer | Upload + cache invalidation |\n| Theme | Theme manager | ZIP upload, duplicate folder checks |\n| Install | Web installer | Creates `.env`, triggers migrations |\n| Backup | Database backup manager | Create, download, and restore backups |\n\nSee `docs/architecture.md` for deeper architectural notes.\n\n## CLI Commands\n\n- `php spark make:module Blog` — Scaffolds a module (`Config`, `Controllers`, `Views`, language files, etc.).\n- `php spark make:acontroller Example` — Generates a backend controller template.\n- `php spark make:amodel Example` — Generates a backend model (with options for table, return type).\n- `php spark make:abview dashboard` — Generates a backend view from the AdminLTE template.\n- `php spark create:route` — Rebuilds `app/Config/Routes.php` from the template.\n- Standard CodeIgniter commands: `php spark migrate`, `php spark db:seed`, `php spark cache:clear`, etc.\n\n## Developer Notes\n\n- **Cache keys**: `settings` (24h), `menus` (menu tree, 24h), `{userId}_permissions`. Clear with `php spark cache:clear` or `cache()-\u003edelete()`.\n- **Base controller**: Extend `Modules\\Backend\\Controllers\\BaseController` for new backend controllers; it prepares session user, navigation, mail settings, and shared data.\n- **Permissions**: Remember to register new secured routes in `Modules\\Methods` (or via the database) so the permission filter recognizes them. The backend log viewer lives under `/backend/logs` and follows the same permission model.\n- **Slug generation**: `seflink()` handles transliteration (including Turkish characters).\n- **Form security**: Global CSRF is enabled; backend AJAX endpoints opt out via `BackendConfig::$csrfExcept`.\n- **Comment moderation**: `CommonLibrary::commentBadwordFiltering` handles bad word filtering and moderation rules.\n- **Email delivery**: `CommonLibrary::phpMailer()` resolves SMTP settings from encrypted storage in `settings.mail`.\n- **Theme uploads**: Each theme must include `info.xml` and `screenshot.png`; missing files trigger a backend warning.\n\n## Testing \u0026 Maintenance\n\n- `composer test`\n- Add coding standards or static analysis as needed (not included by default).\n- **Maintenance mode**: When `settings.maintenanceMode.scalar == 1`, the `Ci4ms` filter redirects visitors to `maintenance-mode`.\n- **Security**: `Fileeditor` and `Media` enforce `realpath` guards. Limit access in production environments.\n\n## Additional docs\n\n- `docs/architecture.md` — Architecture, flow, permissions, and extension guidance.\n\nQuestions or contributions? Open an issue or pull request.\n\n## 🏆 Security Hall of Fame\n\nA huge thank you to the security researchers who have helped make **ci4ms** more secure by finding and reporting vulnerabilities.\n\n| Contributor | Contribution | Date |\n| :--- | :--- | :--- |\n| **[Lars van Mil](https://github.com/Far-Horizons)** | Identified Critical RCE and Information Disclosure vulnerabilities. | Jan 2026 |\n\n\u003e If you find a security vulnerability, please report it via [Security Policy](SECURITY.md).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fci4-cms-erp%2Fci4ms","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fci4-cms-erp%2Fci4ms","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fci4-cms-erp%2Fci4ms/lists"}