Web applications with Code Igniter


Code Igniter is one of the MVC-based frameworks to write web applications in PHP. I'll assume that you run the Apache web server, and you uploaded Code Igniter at the root of your web server, ie. index.php and license.txt live at the root, and not in some sub-directory.


  1. Unzip the package, and follow the online documentation to modify the following files:

  2. To remove index.php from the URL, create an .htaccess at the root of the directory tree (ie. above /system) with the following:

    RewriteEngine on

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)$ index.php/$1 [L]

    More information in http://www.codeigniter.com/wiki/mod_rewrite/

  3. For added security, rename /system/ to something less obvious, and edit /index.php to change $system_folder accordingly
  4. Upload the whole thing, and hit http://www.acme.com . You should see a welcome message.

Getting Started

Create /security/application/controllers/hello.php with the following code:

class Hello extends Controller {
        function index()
                echo 'Hello World!';

and hit http://www.acme.com/hello .

To make a controller the default controller and not having to show it in the URL, edit /system/application/config/routes.php to change $route['default_controller'] = 'MyCtrl';


Besides CI's own session class, there are other, enhanced alternatives: native session, PHPsession, and DB session.

If you want a whole solution to check that the user is legit when calling any controller, CI doesn't come with a built-in user authentication system, but there are some solutions:

Here's some code from Trini to create a session:

function sess_create()
= '';
        while (
strlen($sessid) < 32)
.= mt_rand(0, mt_getrandmax());
->userdata = array(
'session_id'     => md5(uniqid($sessid, TRUE)),
'ip_address'     => $this->object->input->ip_address(),
'user_agent'     => substr($this->object->input->user_agent(), 0, 50),
'last_activity'    => $this->now
$this->object->db->query($this->object->db->insert_string($this->session_table, $this->userdata));
// Write the cookie
// END sess_create()


Helpers, Plugins, Libraries, Classes?

"Plugins work almost identically to Helpers. The main difference is that a plugin usually provides a single function, whereas a Helper is usually a collection of functions. Helpers are also considered a part of the core system; plugins are intended to be created and shared by our community."

How should I use CSS?

It's safer to keep non-code stuff outside the CI directory. You could create /CSS at the same level as CI's /system directory, and use the URL helper to create a link to the stylesheet dynamically in your views:

<link rel="stylesheet" type="text/css" href="<?php echo base_url(); ?>css/style.css" />

or if the server allows the short-hand version of PHP:

<link rel="stylesheet" type="text/css" href="<?=base_url();?>css/style.css" />

base_url() returns the variable of the same name in config.php, making your site location-independent; base_url() must be loaded prior to loading a view through $this->load->helper('url'); . Make sure the .htaccess file doesn't rewrite the URL when it contains references to the CSS and images directories.

The .htaccess doesn't work on my shared host

Make sure that the shared server you're using actually supports URL rewriting through .htaccess.

I'm using the Abyss X1 free web server for Windows

Here's what to use in the URL Rewriting section of version 2.4, assuming you installed CI under /igniter/ :

REQUEST_FILENAME Is not a file     
Perform an internal redirection
Stop matching

This filter doesn't rewrite the URL when referencing stylesheets and images, ie. /igniter/css/style.css will be ignored, while /igniter/main will be turned into /igniter/index.php?/main .

The view isn't displaying the input data

The online tutorial uses the short PHP tags <?= . If your setup doesn't allow this, you'll have to change this to the usual <?php , and add echo() to actually display data sent by controllers.

To check whether support for short tags is enabled on the web server, check the output of phpinfo() for "short_open_tag".

How to check what variables are passed to a view?

Two solutions:

echo "<pre>";
echo "</pre>";


<?php echo var_export($vars,true) ?>