Difference between revisions for Users / Eo Ny / dev




← Previous edit
Revision 7 as of 05/05/2026 19:23
16 05/18/2026 05:05 WikiAdmin 15 05/18/2026 05:04 WikiAdmin 14 05/17/2026 21:10 WikiAdmin 13 05/05/2026 19:29 EoNy 12 05/05/2026 19:28 WikiAdmin 11 05/05/2026 19:28 WikiAdmin 10 05/05/2026 19:27 WikiAdmin 9 05/05/2026 19:25 WikiAdmin 8 05/05/2026 19:24 WikiAdmin 7 05/05/2026 19:23 WikiAdmin 6 05/05/2026 19:21 EoNy 5 05/05/2026 19:11 EoNy 4 05/05/2026 19:10 EoNy 3 05/05/2026 19:10 EoNy 2 05/05/2026 19:08 EoNy 1 05/05/2026 19:06 EoNy

(14.8 KiB)
WikiAdmin
 Next edit →
Revision 17 as of 05/18/2026 15:15
18 05/21/2026 16:12 WikiAdmin 17 05/18/2026 15:15 WikiAdmin 16 05/18/2026 05:05 WikiAdmin 15 05/18/2026 05:04 WikiAdmin 14 05/17/2026 21:10 WikiAdmin 13 05/05/2026 19:29 EoNy 12 05/05/2026 19:28 WikiAdmin 11 05/05/2026 19:28 WikiAdmin 10 05/05/2026 19:27 WikiAdmin 9 05/05/2026 19:25 WikiAdmin 8 05/05/2026 19:24 WikiAdmin

(18.4 KiB) +3,664
WikiAdmin

Version1 Version2 Differences
1   == HTTP Class Technical Documentation ==
  1 {{toc numerate=1}}
2 2
3 3 === Overview ===
4 4
12 12
13 13 === Class Properties ===
14 14
15   ==== Public Properties ====
16  
17  
18  
19   ==== Private Properties ====
20  
21  
  15 ====Public Properties====
  16
  17 #|
  18 *| Property | Type | Description |*
  19 || ##$tls_session## | bool | Indicates if the current session uses HTTPS/TLS encryption ||
  20 || ##$request_uri## | string | Normalized REQUEST_URI (e.g., 'PageOfNoReturn/show?a=1') ||
  21 || ##$ip## | string | Client's real IP address (accounts for proxies) ||
  22 || ##$sess## | Session | Reference to the Session object ||
  23 || ##$method## | string | Current HTTP method/request type ||
  24 |#
  25
  26 ====Private Properties====
  27
  28 #|
  29 *| Property | Type | Description |*
  30 || ##$db## | object | Database connection reference ||
  31 || ##$tls_mark## | string | Cookie name for TLS session marking ||
  32 || ##$page## | string | Current page name being processed ||
  33 || ##$hash## | string | SHA1 hash of the page name ||
  34 || ##$query## | string | Encoded query string ||
  35 || ##$lang## | string | Current language code ||
  36 || ##$file## | string | Cache file path ||
  37 || ##$caching## | int | Flag indicating if page should be cached (0 or 1) ||
  38 |#
  39
  40 ----
22 41 === Constructor ===
23 42
24   %%php
  43 %%(hl php)
25 44 public function __construct(&$db)
26 45 %%
27 46
39 58   6. Enforces TLS session upgrade if needed
40 59
41 60 **Example:**
42   %%php
  61 %%(hl php)
43 62 $http = new Http($db);
44 63 %%
45 64
63 82   - Recovers diagnostic logs from previous session
64 83
65 84 **Example:**
66   %%php
  85 %%(hl php)
67 86 $http->session(0); // Normal session
68 87 $http->session(2); // Static file serving mode
69 88 %%
86 105   - ✅ Only cached for anonymous users (no logged-in users)
87 106
88 107 **Example:**
89   %%php
  108 %%(hl php)
90 109 $http->check_cache('HomePage', 'show');
91 110 %%
92 111
93 112 ----
94 113
95   ===== ##store_cache(): void## =====
  114 =====##store_cache(): void##=====
96 115 Saves the generated page content to cache file.
97 116
98 117 **Features:**
102 121   - Only executes if caching flag is set and user is anonymous
103 122
104 123 **Example:**
105   %%php
  124 %%(hl php)
106 125 // Called at end of page rendering
107 126 $http->store_cache();
108 127 %%
125 144   4. Returns count of invalidated caches
126 145
127 146 **Example:**
128   %%php
  147 %%(hl php)
129 148 $count = $http->invalidate_page('HomePage');
130 149 echo "Invalidated $count cache entries";
131 150 %%
143 162   - Called when TLS session is detected
144 163
145 164 **Example:**
146   %%php
  165 %%(hl php)
147 166 $http->secure_base_url();
148 167 // $db->base_url now uses https://
149 168 %%
162 181   - Converts relative URLs using current server name
163 182
164 183 **Example:**
165   %%php
  184 %%(hl php)
166 185 $http->ensure_tls('/secure/payment');
167 186 %%
168 187
190 209   - ##reverse_proxy_header## - Custom header name (default: ##X-Forwarded-For##)
191 210
192 211 **Example:**
193   %%php
  212 %%(hl php)
194 213 $client_ip = $http->ip; // e.g., "203.0.113.42"
195 214 %%
196 215
212 231
213 232 ==== Security Headers ====
214 233
215   ===== ##http_security_headers(): void## =====
216  
217  
  234 =====##http_security_headers(): void##=====
  235
  236 Sets security-related HTTP headers.
  237
  238 **Headers Set:**
  239
  240 #|
  241 *| Header | Purpose | Config Key |*
  242 || Content-Security-Policy | XSS/injection protection | ##csp## ||
  243 || Permissions-Policy | Control browser features | ##permissions_policy## ||
  244 || Referrer-Policy | Control referrer information | ##referrer_policy## ||
  245 || Strict-Transport-Security | Force HTTPS | Auto (TLS only) ||
  246 || X-Frame-Options | Clickjacking protection | Hardcoded: ##SAMEORIGIN## ||
  247 || X-Content-Type-Options | MIME sniffing prevention | Hardcoded: ##nosniff## ||
  248 |#
  249
  250 **CSP Configuration Options:**
  251   - ##0## - Disabled
  252   - ##1## - Default policy (from ##csp.conf##)
  253   - ##2## - Custom policy (from ##csp_custom.conf##)
  254
  255 **Example:**
  256 %%(hl php)
  257 $http->http_security_headers();
  258 %%
  259
  260 ----
218 261 ==== HTTP Methods ====
219 262
220 263 ===== ##redirect($url, $permanent = false): void## =====
230 273   - Uses output buffering to work anywhere in page processing
231 274
232 275 **Example:**
233   %%php
  276 %%(hl php)
234 277 $http->redirect('http://example.com/new-page', true); // 301
235 278 $http->redirect('/wiki/HomePage'); // 302
236 279 %%
245 288   - Ends script execution
246 289
247 290 **Example:**
248   %%php
  291 %%(hl php)
249 292 $http->terminate();
250 293 %%
251 294
255 298 Sets HTTP response status code.
256 299
257 300 **Supported Status Codes:**
258   %%php
  301 %%(hl php)
259 302 200 => 'OK'
260 303 206 => 'Partial Content'
261 304 301 => 'Moved Permanently'
275 318 %%
276 319
277 320 **Example:**
278   %%php
  321 %%(hl php)
279 322 $http->status(404); // Send 404 Not Found
280 323 %%
281 324
296 339   - ##Cache-Control: no-store##
297 340
298 341 **Example:**
299   %%php
  342 %%(hl php)
300 343 $http->no_cache(); // Client-side only
301 344 $http->no_cache(false); // Both client & server
302 345 %%
310 353   - ##Cache-Control: public##
311 354
312 355 **Example:**
313   %%php
  356 %%(hl php)
314 357 $http->cache_promisc();
315 358 %%
316 359
355 398   - Associative array: ##['en' => 'en', 'de' => 'de', ...]##
356 399
357 400 **Example:**
358   %%php
  401 %%(hl php)
359 402 $all_langs = $http->available_languages(false);
360 403 $allowed = $http->available_languages(true);
361 404 %%
381 424   - GZip compression for text files
382 425
383 426 **Special Paths:**
384   %%php
  427 %%(hl php)
385 428 $http->sendfile(404); // Serves file defined by HTTP_404 constant
386 429 $http->sendfile(403); // Serves file defined by HTTP_403 constant
387 430 %%
388 431
389 432 **Example:**
390   %%php
  433 %%(hl php)
391 434 $http->sendfile('uploads/document.pdf', 'my-document.pdf', 30);
392 435 %%
393 436
401 444   - Default: ##'application/octet-stream'##
402 445
403 446 **Example:**
404   %%php
  447 %%(hl php)
405 448 $mime = $http->mime_type('file.pdf'); // 'application/pdf'
406 449 %%
407 450
431 474   - Headers not already sent
432 475
433 476 **Example:**
434   %%php
  477 %%(hl php)
435 478 $http->gzip();
436 479 %%
437 480
447 490   - Converts encoding properly
448 491
449 492 **Example:**
450   %%php
  493 %%(hl php)
451 494 $data = $http->parse_str('name=John&age=30');
452 495 %%
453 496
479 522
480 523 ----
481 524
482   === Configuration Dependencies ===
483  
484  
485  
486   === Constants Used ===
487  
488  
  525 ===Configuration Dependencies===
  526
  527 The class relies on these database configuration settings:
  528
  529 #|
  530 *| Setting | Type | Purpose |*
  531 || ##base_url## | string | Wiki's base URL ||
  532 || ##tls## | bool | Enable HTTPS enforcement ||
  533 || ##cache## | bool | Enable page caching ||
  534 || ##cache_ttl## | int | Cache lifetime in seconds ||
  535 || ##session_store## | int | 1=File, 0=Database ||
  536 || ##system_seed_hash## | string | Session encryption seed ||
  537 || ##cookie_prefix## | string | Session cookie prefix ||
  538 || ##cookie_path## | string | Cookie path ||
  539 || ##allow_persistent_cookie## | bool | Allow persistent login ||
  540 || ##session_length## | int | Session lifetime in seconds ||
  541 || ##reverse_proxy_addresses## | string | Comma/space-separated proxy IPs ||
  542 || ##reverse_proxy_header## | string | Custom X-Forwarded header ||
  543 || ##language## | string | Default language code ||
  544 || ##multilanguage## | bool | Enable language negotiation ||
  545 || ##allowed_languages## | string | Comma/space-separated allowed langs ||
  546 || ##enable_security_headers## | bool | Send security headers ||
  547 || ##csp## | int | CSP setting (0/1/2) ||
  548 || ##permissions_policy## | int | Permissions-Policy setting (0/1/2) ||
  549 || ##referrer_policy## | int | Referrer-Policy setting (0-8) ||
  550 |#
  551
  552 ----
  553
  554 ===Constants Used===
  555
  556 #|
  557 *| Constant | Type | Purpose |*
  558 || ##IN_WACKO## | bool | Security check (exit if not defined) ||
  559 || ##CHMOD_SAFE## | int | File permissions for cache files ||
  560 || ##CHMOD_FILE## | int | File permissions for config cache ||
  561 || ##CACHE_PAGE_DIR## | string | Page cache directory ||
  562 || ##CACHE_SESSION_DIR## | string | Session cache directory ||
  563 || ##CACHE_CONFIG_DIR## | string | Config cache directory ||
  564 || ##CONFIG_DIR## | string | Configuration directory ||
  565 || ##LANG_DIR## | string | Language files directory ||
  566 || ##DAYSECS## | int | Seconds in a day (86400) ||
  567 || ##HTTP_404## | string | Path to 404 error page ||
  568 || ##HTTP_403## | string | Path to 403 error page ||
  569 |#
  570
  571 ----
489 572
490 573 === Workflow Examples ===
491 574
492   ==== Example 1: Handling a GET Request ====
493  
494   %%php
  575 ====Example 1: Handling a GET Request====
  576
  577 %%(hl php)
495 578 // In main wiki entry point
496 579 $http = new Http($db);
497 580 $http->session(0); // Start session
513 596
514 597 ==== Example 2: Handling TLS/HTTPS Upgrade ====
515 598
516   %%php
  599 %%(hl php)
517 600 $http = new Http($db); // Constructor detects TLS requirement
518 601 // If TLS is enabled and user wasn't in TLS before:
519 602 // - Sets TLS session flag
523 606
524 607 ==== Example 3: Invalidating Cache After Page Edit ====
525 608
526   %%php
  609 %%(hl php)
527 610 // User edits a page
528 611 $http = new Http($db);
529 612 $count = $http->invalidate_page('HomePage');
532 615
533 616 ==== Example 4: Serving a File ====
534 617
535   %%php
  618 %%(hl php)
536 619 $http = new Http($db);
537 620 $http->session(2); // Static file mode - no session replay prevention
538 621
607 690
608 691 The class integrates with WackoWiki's diagnostic system:
609 692
610   %%php
  693 %%(hl php)
611 694 // Diagnostic messages are preserved across redirects
612 695 // via session flash data
613 696