Difference between revisions for Users / Eo Ny / dev




← Previous edit
Revision 8 as of 05/05/2026 19:24
16 05/18/2026 05:05 WikiAdmin 15 05/18/2026 05:04 WikiAdmin 14 05/17/2026 21:10 WikiAdmin 13 05/05/2026 19:29 EoNy 12 05/05/2026 19:28 WikiAdmin 11 05/05/2026 19:28 WikiAdmin 10 05/05/2026 19:27 WikiAdmin 9 05/05/2026 19:25 WikiAdmin 8 05/05/2026 19:24 WikiAdmin 7 05/05/2026 19:23 WikiAdmin 6 05/05/2026 19:21 EoNy 5 05/05/2026 19:11 EoNy 4 05/05/2026 19:10 EoNy 3 05/05/2026 19:10 EoNy 2 05/05/2026 19:08 EoNy 1 05/05/2026 19:06 EoNy

(15.2 KiB)
WikiAdmin
 Next edit →
Revision 17 as of 05/18/2026 15:15
18 05/21/2026 16:12 WikiAdmin 17 05/18/2026 15:15 WikiAdmin 16 05/18/2026 05:05 WikiAdmin 15 05/18/2026 05:04 WikiAdmin 14 05/17/2026 21:10 WikiAdmin 13 05/05/2026 19:29 EoNy 12 05/05/2026 19:28 WikiAdmin 11 05/05/2026 19:28 WikiAdmin 10 05/05/2026 19:27 WikiAdmin 9 05/05/2026 19:25 WikiAdmin

(18.4 KiB) +3,248
WikiAdmin

Version1 Version2
1 == HTTP Class Technical Documentation == 1 {{toc numerate=1}}
2 2
3 === Overview === 3 === Overview ===
4 4
23 || ##$method## | string | Current HTTP method/request type || 23 || ##$method## | string | Current HTTP method/request type ||
24 |# 24 |#
25 25
26 ==== Private Properties ==== 26 ====Private Properties====
27 27
28 28 #|
    29 *| Property | Type | Description |*
    30 || ##$db## | object | Database connection reference ||
    31 || ##$tls_mark## | string | Cookie name for TLS session marking ||
    32 || ##$page## | string | Current page name being processed ||
    33 || ##$hash## | string | SHA1 hash of the page name ||
    34 || ##$query## | string | Encoded query string ||
    35 || ##$lang## | string | Current language code ||
    36 || ##$file## | string | Cache file path ||
    37 || ##$caching## | int | Flag indicating if page should be cached (0 or 1) ||
    38 |#
    39
    40 ----
29 === Constructor === 41 === Constructor ===
30 42
31 %%php 43 %%(hl php)
32 public function __construct(&$db) 44 public function __construct(&$db)
33 %% 45 %%
34 46
46   6. Enforces TLS session upgrade if needed 58   6. Enforces TLS session upgrade if needed
47 59
48 **Example:** 60 **Example:**
49 %%php 61 %%(hl php)
50 $http = new Http($db); 62 $http = new Http($db);
51 %% 63 %%
52 64
70   - Recovers diagnostic logs from previous session 82   - Recovers diagnostic logs from previous session
71 83
72 **Example:** 84 **Example:**
73 %%php 85 %%(hl php)
74 $http->session(0); // Normal session 86 $http->session(0); // Normal session
75 $http->session(2); // Static file serving mode 87 $http->session(2); // Static file serving mode
76 %% 88 %%
93   - ✅ Only cached for anonymous users (no logged-in users) 105   - ✅ Only cached for anonymous users (no logged-in users)
94 106
95 **Example:** 107 **Example:**
96 %%php 108 %%(hl php)
97 $http->check_cache('HomePage', 'show'); 109 $http->check_cache('HomePage', 'show');
98 %% 110 %%
99 111
100 ---- 112 ----
101 113
102 ===== ##store_cache(): void## ===== 114 =====##store_cache(): void##=====
103 Saves the generated page content to cache file. 115 Saves the generated page content to cache file.
104 116
105 **Features:** 117 **Features:**
109   - Only executes if caching flag is set and user is anonymous 121   - Only executes if caching flag is set and user is anonymous
110 122
111 **Example:** 123 **Example:**
112 %%php 124 %%(hl php)
113 // Called at end of page rendering 125 // Called at end of page rendering
114 $http->store_cache(); 126 $http->store_cache();
115 %% 127 %%
132   4. Returns count of invalidated caches 144   4. Returns count of invalidated caches
133 145
134 **Example:** 146 **Example:**
135 %%php 147 %%(hl php)
136 $count = $http->invalidate_page('HomePage'); 148 $count = $http->invalidate_page('HomePage');
137 echo "Invalidated $count cache entries"; 149 echo "Invalidated $count cache entries";
138 %% 150 %%
150   - Called when TLS session is detected 162   - Called when TLS session is detected
151 163
152 **Example:** 164 **Example:**
153 %%php 165 %%(hl php)
154 $http->secure_base_url(); 166 $http->secure_base_url();
155 // $db->base_url now uses https:// 167 // $db->base_url now uses https://
156 %% 168 %%
169   - Converts relative URLs using current server name 181   - Converts relative URLs using current server name
170 182
171 **Example:** 183 **Example:**
172 %%php 184 %%(hl php)
173 $http->ensure_tls('/secure/payment'); 185 $http->ensure_tls('/secure/payment');
174 %% 186 %%
175 187
197   - ##reverse_proxy_header## - Custom header name (default: ##X-Forwarded-For##) 209   - ##reverse_proxy_header## - Custom header name (default: ##X-Forwarded-For##)
198 210
199 **Example:** 211 **Example:**
200 %%php 212 %%(hl php)
201 $client_ip = $http->ip; // e.g., "203.0.113.42" 213 $client_ip = $http->ip; // e.g., "203.0.113.42"
202 %% 214 %%
203 215
219 231
220 ==== Security Headers ==== 232 ==== Security Headers ====
221 233
222 ===== ##http_security_headers(): void## ===== 234 =====##http_security_headers(): void##=====
223 235
224 236 Sets security-related HTTP headers.
    237
    238 **Headers Set:**
    239
    240 #|
    241 *| Header | Purpose | Config Key |*
    242 || Content-Security-Policy | XSS/injection protection | ##csp## ||
    243 || Permissions-Policy | Control browser features | ##permissions_policy## ||
    244 || Referrer-Policy | Control referrer information | ##referrer_policy## ||
    245 || Strict-Transport-Security | Force HTTPS | Auto (TLS only) ||
    246 || X-Frame-Options | Clickjacking protection | Hardcoded: ##SAMEORIGIN## ||
    247 || X-Content-Type-Options | MIME sniffing prevention | Hardcoded: ##nosniff## ||
    248 |#
    249
    250 **CSP Configuration Options:**
    251   - ##0## - Disabled
    252   - ##1## - Default policy (from ##csp.conf##)
    253   - ##2## - Custom policy (from ##csp_custom.conf##)
    254
    255 **Example:**
    256 %%(hl php)
    257 $http->http_security_headers();
    258 %%
    259
    260 ----
225 ==== HTTP Methods ==== 261 ==== HTTP Methods ====
226 262
227 ===== ##redirect($url, $permanent = false): void## ===== 263 ===== ##redirect($url, $permanent = false): void## =====
237   - Uses output buffering to work anywhere in page processing 273   - Uses output buffering to work anywhere in page processing
238 274
239 **Example:** 275 **Example:**
240 %%php 276 %%(hl php)
241 $http->redirect('http://example.com/new-page', true); // 301 277 $http->redirect('http://example.com/new-page', true); // 301
242 $http->redirect('/wiki/HomePage'); // 302 278 $http->redirect('/wiki/HomePage'); // 302
243 %% 279 %%
252   - Ends script execution 288   - Ends script execution
253 289
254 **Example:** 290 **Example:**
255 %%php 291 %%(hl php)
256 $http->terminate(); 292 $http->terminate();
257 %% 293 %%
258 294
262 Sets HTTP response status code. 298 Sets HTTP response status code.
263 299
264 **Supported Status Codes:** 300 **Supported Status Codes:**
265 %%php 301 %%(hl php)
266 200 => 'OK' 302 200 => 'OK'
267 206 => 'Partial Content' 303 206 => 'Partial Content'
268 301 => 'Moved Permanently' 304 301 => 'Moved Permanently'
282 %% 318 %%
283 319
284 **Example:** 320 **Example:**
285 %%php 321 %%(hl php)
286 $http->status(404); // Send 404 Not Found 322 $http->status(404); // Send 404 Not Found
287 %% 323 %%
288 324
303   - ##Cache-Control: no-store## 339   - ##Cache-Control: no-store##
304 340
305 **Example:** 341 **Example:**
306 %%php 342 %%(hl php)
307 $http->no_cache(); // Client-side only 343 $http->no_cache(); // Client-side only
308 $http->no_cache(false); // Both client & server 344 $http->no_cache(false); // Both client & server
309 %% 345 %%
317   - ##Cache-Control: public## 353   - ##Cache-Control: public##
318 354
319 **Example:** 355 **Example:**
320 %%php 356 %%(hl php)
321 $http->cache_promisc(); 357 $http->cache_promisc();
322 %% 358 %%
323 359
362   - Associative array: ##['en' => 'en', 'de' => 'de', ...]## 398   - Associative array: ##['en' => 'en', 'de' => 'de', ...]##
363 399
364 **Example:** 400 **Example:**
365 %%php 401 %%(hl php)
366 $all_langs = $http->available_languages(false); 402 $all_langs = $http->available_languages(false);
367 $allowed = $http->available_languages(true); 403 $allowed = $http->available_languages(true);
368 %% 404 %%
388   - GZip compression for text files 424   - GZip compression for text files
389 425
390 **Special Paths:** 426 **Special Paths:**
391 %%php 427 %%(hl php)
392 $http->sendfile(404); // Serves file defined by HTTP_404 constant 428 $http->sendfile(404); // Serves file defined by HTTP_404 constant
393 $http->sendfile(403); // Serves file defined by HTTP_403 constant 429 $http->sendfile(403); // Serves file defined by HTTP_403 constant
394 %% 430 %%
395 431
396 **Example:** 432 **Example:**
397 %%php 433 %%(hl php)
398 $http->sendfile('uploads/document.pdf', 'my-document.pdf', 30); 434 $http->sendfile('uploads/document.pdf', 'my-document.pdf', 30);
399 %% 435 %%
400 436
408   - Default: ##'application/octet-stream'## 444   - Default: ##'application/octet-stream'##
409 445
410 **Example:** 446 **Example:**
411 %%php 447 %%(hl php)
412 $mime = $http->mime_type('file.pdf'); // 'application/pdf' 448 $mime = $http->mime_type('file.pdf'); // 'application/pdf'
413 %% 449 %%
414 450
438   - Headers not already sent 474   - Headers not already sent
439 475
440 **Example:** 476 **Example:**
441 %%php 477 %%(hl php)
442 $http->gzip(); 478 $http->gzip();
443 %% 479 %%
444 480
454   - Converts encoding properly 490   - Converts encoding properly
455 491
456 **Example:** 492 **Example:**
457 %%php 493 %%(hl php)
458 $data = $http->parse_str('name=John&age=30'); 494 $data = $http->parse_str('name=John&age=30');
459 %% 495 %%
460 496
486 522
487 ---- 523 ----
488 524
489 === Configuration Dependencies === 525 ===Configuration Dependencies===
490 526
491 527 The class relies on these database configuration settings:
492 528
493 === Constants Used === 529 #|
494 530 *| Setting | Type | Purpose |*
495 531 || ##base_url## | string | Wiki's base URL ||
    532 || ##tls## | bool | Enable HTTPS enforcement ||
    533 || ##cache## | bool | Enable page caching ||
    534 || ##cache_ttl## | int | Cache lifetime in seconds ||
    535 || ##session_store## | int | 1=File, 0=Database ||
    536 || ##system_seed_hash## | string | Session encryption seed ||
    537 || ##cookie_prefix## | string | Session cookie prefix ||
    538 || ##cookie_path## | string | Cookie path ||
    539 || ##allow_persistent_cookie## | bool | Allow persistent login ||
    540 || ##session_length## | int | Session lifetime in seconds ||
    541 || ##reverse_proxy_addresses## | string | Comma/space-separated proxy IPs ||
    542 || ##reverse_proxy_header## | string | Custom X-Forwarded header ||
    543 || ##language## | string | Default language code ||
    544 || ##multilanguage## | bool | Enable language negotiation ||
    545 || ##allowed_languages## | string | Comma/space-separated allowed langs ||
    546 || ##enable_security_headers## | bool | Send security headers ||
    547 || ##csp## | int | CSP setting (0/1/2) ||
    548 || ##permissions_policy## | int | Permissions-Policy setting (0/1/2) ||
    549 || ##referrer_policy## | int | Referrer-Policy setting (0-8) ||
    550 |#
    551
    552 ----
    553
    554 ===Constants Used===
    555
    556 #|
    557 *| Constant | Type | Purpose |*
    558 || ##IN_WACKO## | bool | Security check (exit if not defined) ||
    559 || ##CHMOD_SAFE## | int | File permissions for cache files ||
    560 || ##CHMOD_FILE## | int | File permissions for config cache ||
    561 || ##CACHE_PAGE_DIR## | string | Page cache directory ||
    562 || ##CACHE_SESSION_DIR## | string | Session cache directory ||
    563 || ##CACHE_CONFIG_DIR## | string | Config cache directory ||
    564 || ##CONFIG_DIR## | string | Configuration directory ||
    565 || ##LANG_DIR## | string | Language files directory ||
    566 || ##DAYSECS## | int | Seconds in a day (86400) ||
    567 || ##HTTP_404## | string | Path to 404 error page ||
    568 || ##HTTP_403## | string | Path to 403 error page ||
    569 |#
    570
    571 ----
496 572
497 === Workflow Examples === 573 === Workflow Examples ===
498 574
499 ==== Example 1: Handling a GET Request ==== 575 ====Example 1: Handling a GET Request====
500 576
501 %%php 577 %%(hl php)
502 // In main wiki entry point 578 // In main wiki entry point
503 $http = new Http($db); 579 $http = new Http($db);
504 $http->session(0); // Start session 580 $http->session(0); // Start session
520 596
521 ==== Example 2: Handling TLS/HTTPS Upgrade ==== 597 ==== Example 2: Handling TLS/HTTPS Upgrade ====
522 598
523 %%php 599 %%(hl php)
524 $http = new Http($db); // Constructor detects TLS requirement 600 $http = new Http($db); // Constructor detects TLS requirement
525 // If TLS is enabled and user wasn't in TLS before: 601 // If TLS is enabled and user wasn't in TLS before:
526 // - Sets TLS session flag 602 // - Sets TLS session flag
530 606
531 ==== Example 3: Invalidating Cache After Page Edit ==== 607 ==== Example 3: Invalidating Cache After Page Edit ====
532 608
533 %%php 609 %%(hl php)
534 // User edits a page 610 // User edits a page
535 $http = new Http($db); 611 $http = new Http($db);
536 $count = $http->invalidate_page('HomePage'); 612 $count = $http->invalidate_page('HomePage');
539 615
540 ==== Example 4: Serving a File ==== 616 ==== Example 4: Serving a File ====
541 617
542 %%php 618 %%(hl php)
543 $http = new Http($db); 619 $http = new Http($db);
544 $http->session(2); // Static file mode - no session replay prevention 620 $http->session(2); // Static file mode - no session replay prevention
545 621
614 690
615 The class integrates with WackoWiki's diagnostic system: 691 The class integrates with WackoWiki's diagnostic system:
616 692
617 %%php 693 %%(hl php)
618 // Diagnostic messages are preserved across redirects 694 // Diagnostic messages are preserved across redirects
619 // via session flash data 695 // via session flash data
620 696