Understand the moving parts behind CI4MS—filters, routes, modules, caches, and tooling. Use this guide alongside the developer handbook when designing new features or debugging runtime behaviour.
app/Filters/Ci4ms.php enforces install checks, maintenance redirects, and menu cache hydration in after().app/Config/Filters.php scans module and theme filter directories, then merges CSRF exceptions from Modules\Backend\Config\BackendConfig.app/Config/Routes.php preloads settings, attaches template routes, then imports every module’s Config/Routes.php before declaring front-end routes.bertugfahriozer/ci4commonmodel powers the generic CRUD layer. Modules lean on helpers such as lists, selectOne, create, createMany, edit, remove, and isHave.
The backend BaseController instantiates CommonModel once, exposing it via $this->commonModel to child controllers.
logged_in, redirect_url) and caches user permissions.Modules\Backend\Filters\BackendAfterLoginFilter enforces authentication, verifies permissions, checks theme assets, and warms cached settings.Modules\Users\Models\UserscrudModel::loggedUser()), navigation (AuthLibrary::sidebarNavigation()), mail config, and $this->defData.auth_permissions_pages (module/page CRUD flags) and auth_users_permissions (user overrides). Modules\Methods provides scanning utilities to sync routes.Each module under modules/<Name> typically includes:
Config/Routes.php – routes plus metadata (role options).Config/*.php – module-specific settings.Controllers/ – usually extend the backend base controller.Models/, Views/, optional Libraries/, Helpers/, Language/, Filters/, Database/.Scaffold new modules with php spark make:module Foo (from ci4-cms-erp/ext_module_generator) and follow up with routes, implementation, and permissions.
Modules\Install.env to .env, sets base configuration, runs migrations, and seeds defaults via InstallService.app/Config/Routes.php from the command template.Ci4msDefaultsSeeder prompts for admin credentials.InstallService::createDefaultData() to seed modules, permissions, admin account, sample content, and settings.settings; cached for 24h.{userId}_permissions); clear when updating roles.settings.mail; decrypt through CommonLibrary::phpMailer() or backend base controller.public/templates/<theme> with optional overrides in app/Config, app/Controllers, etc.Modules\Theme handles ZIP uploads, temporary extraction (writable/tmp), duplicate detection, and final installation.BackendAfterLoginFilter warns administrators if info.xml or screenshot.png is missing.App\Controllers\Home renders front pages and blogs, parses inline shortcodes (CommonLibrary::parseInTextFunctions()), assembles meta tags (Ci4msseoLibrary), and loads categories, tags, authors, breadcrumbs, and comments.coverImage, description, keywords).Modules\Media integrates elFinder with MIME allowlists, trash handling, and optional WebP conversion via claviska/simpleimage.Modules\Fileeditor offers in-project file browsing/editing secured by realpath checks.Modules\Logs wraps seunmatt/codeigniter-log-viewer so admins can inspect writable/logs/ from /backend/logs without shell access.app/Commands/* contains admin generators (make:acontroller, make:amodel, make:abview) and route regeneration (create:route).ci4-cms-erp/ext_module_generator via php spark make:module.Modules\Methods::moduleScan() inspects the router and aligns permissions with available routes.Modules\Methods whenever new secured routes are introduced.php spark cache:clear) after modifying settings, menus, or permissions.info.xml, screenshot.png).Frequent tables include users, auth_groups, auth_permissions_pages, auth_users_permissions, modules, pages, blog, blog_categories_pivot, tags, tags_pivot, menu, settings, login_rules, and others introduced by modules.
Consult module migrations for schema details.
Use this architecture map to reason about dependencies and extension points. Pair it with the developer handbook and user guide for the full CI4MS story.