HTTP Class Technical Documentation (diff)

Difference between revisions for Users / Eo Ny / dev

Version1	Version2	Differences
1		~~== HTTP Class Technical Documentation ==~~
	1	{{toc numerate=1}}
2	2
3	3	=== Overview ===
4	4
…	…	…
23	23	\|\| ##$method## \| string \| Current HTTP method/request type \|\|
24	24	\|#
25	25
26		==== Private Properties ====
27
28
	26	====Private Properties====
	27
	28	#\|
	29	\| Property \| Type \| Description \|
	30	\|\| ##$db## \| object \| Database connection reference \|\|
	31	\|\| ##$tls_mark## \| string \| Cookie name for TLS session marking \|\|
	32	\|\| ##$page## \| string \| Current page name being processed \|\|
	33	\|\| ##$hash## \| string \| SHA1 hash of the page name \|\|
	34	\|\| ##$query## \| string \| Encoded query string \|\|
	35	\|\| ##$lang## \| string \| Current language code \|\|
	36	\|\| ##$file## \| string \| Cache file path \|\|
	37	\|\| ##$caching## \| int \| Flag indicating if page should be cached (0 or 1) \|\|
	38	\|#
	39
	40	----
29	41	=== Constructor ===
30	42
31		%%~~php~~
	43	%%(hl php)
32	44	public function __construct(&$db)
33	45	%%
34	46
…	…	…
46	58	6. Enforces TLS session upgrade if needed
47	59
48	60	Example:
49		%%~~php~~
	61	%%(hl php)
50	62	$http = new Http($db);
51	63	%%
52	64
…	…	…
70	82	- Recovers diagnostic logs from previous session
71	83
72	84	Example:
73		%%~~php~~
	85	%%(hl php)
74	86	$http->session(0); // Normal session
75	87	$http->session(2); // Static file serving mode
76	88	%%
…	…	…
93	105	- ✅ Only cached for anonymous users (no logged-in users)
94	106
95	107	Example:
96		%%~~php~~
	108	%%(hl php)
97	109	$http->check_cache('HomePage', 'show');
98	110	%%
99	111
100	112	----
101	113
102		===== ~~##store_cache(): void##~~ =====
	114	=====##store_cache(): void##=====
103	115	Saves the generated page content to cache file.
104	116
105	117	Features:
…	…	…
109	121	- Only executes if caching flag is set and user is anonymous
110	122
111	123	Example:
112		%%~~php~~
	124	%%(hl php)
113	125	// Called at end of page rendering
114	126	$http->store_cache();
115	127	%%
…	…	…
132	144	4. Returns count of invalidated caches
133	145
134	146	Example:
135		%%~~php~~
	147	%%(hl php)
136	148	$count = $http->invalidate_page('HomePage');
137	149	echo "Invalidated $count cache entries";
138	150	%%
…	…	…
150	162	- Called when TLS session is detected
151	163
152	164	Example:
153		%%~~php~~
	165	%%(hl php)
154	166	$http->secure_base_url();
155	167	// $db->base_url now uses https://
156	168	%%
…	…	…
169	181	- Converts relative URLs using current server name
170	182
171	183	Example:
172		%%~~php~~
	184	%%(hl php)
173	185	$http->ensure_tls('/secure/payment');
174	186	%%
175	187
…	…	…
197	209	- ##reverse_proxy_header## - Custom header name (default: ##X-Forwarded-For##)
198	210
199	211	Example:
200		%%~~php~~
	212	%%(hl php)
201	213	$client_ip = $http->ip; // e.g., "203.0.113.42"
202	214	%%
203	215
…	…	…
219	231
220	232	==== Security Headers ====
221	233
222		===== ##http_security_headers(): void## =====
223
224
	234	=====##http_security_headers(): void##=====
	235
	236	Sets security-related HTTP headers.
	237
	238	Headers Set:
	239
	240	#\|
	241	\| Header \| Purpose \| Config Key \|
	242	\|\| Content-Security-Policy \| XSS/injection protection \| ##csp## \|\|
	243	\|\| Permissions-Policy \| Control browser features \| ##permissions_policy## \|\|
	244	\|\| Referrer-Policy \| Control referrer information \| ##referrer_policy## \|\|
	245	\|\| Strict-Transport-Security \| Force HTTPS \| Auto (TLS only) \|\|
	246	\|\| X-Frame-Options \| Clickjacking protection \| Hardcoded: ##SAMEORIGIN## \|\|
	247	\|\| X-Content-Type-Options \| MIME sniffing prevention \| Hardcoded: ##nosniff## \|\|
	248	\|#
	249
	250	CSP Configuration Options:
	251	- ##0## - Disabled
	252	- ##1## - Default policy (from ##csp.conf##)
	253	- ##2## - Custom policy (from ##csp_custom.conf##)
	254
	255	Example:
	256	%%(hl php)
	257	$http->http_security_headers();
	258	%%
	259
	260	----
225	261	==== HTTP Methods ====
226	262
227	263	===== ##redirect($url, $permanent = false): void## =====
…	…	…
237	273	- Uses output buffering to work anywhere in page processing
238	274
239	275	Example:
240		%%~~php~~
	276	%%(hl php)
241	277	$http->redirect('http://example.com/new-page', true); // 301
242	278	$http->redirect('/wiki/HomePage'); // 302
243	279	%%
…	…	…
252	288	- Ends script execution
253	289
254	290	Example:
255		%%~~php~~
	291	%%(hl php)
256	292	$http->terminate();
257	293	%%
258	294
…	…	…
262	298	Sets HTTP response status code.
263	299
264	300	Supported Status Codes:
265		%%~~php~~
	301	%%(hl php)
266	302	200 => 'OK'
267	303	206 => 'Partial Content'
268	304	301 => 'Moved Permanently'
…	…	…
282	318	%%
283	319
284	320	Example:
285		%%~~php~~
	321	%%(hl php)
286	322	$http->status(404); // Send 404 Not Found
287	323	%%
288	324
…	…	…
303	339	- ##Cache-Control: no-store##
304	340
305	341	Example:
306		%%~~php~~
	342	%%(hl php)
307	343	$http->no_cache(); // Client-side only
308	344	$http->no_cache(false); // Both client & server
309	345	%%
…	…	…
317	353	- ##Cache-Control: public##
318	354
319	355	Example:
320		%%~~php~~
	356	%%(hl php)
321	357	$http->cache_promisc();
322	358	%%
323	359
…	…	…
362	398	- Associative array: ##['en' => 'en', 'de' => 'de', ...]##
363	399
364	400	Example:
365		%%~~php~~
	401	%%(hl php)
366	402	$all_langs = $http->available_languages(false);
367	403	$allowed = $http->available_languages(true);
368	404	%%
…	…	…
388	424	- GZip compression for text files
389	425
390	426	Special Paths:
391		%%~~php~~
	427	%%(hl php)
392	428	$http->sendfile(404); // Serves file defined by HTTP_404 constant
393	429	$http->sendfile(403); // Serves file defined by HTTP_403 constant
394	430	%%
395	431
396	432	Example:
397		%%~~php~~
	433	%%(hl php)
398	434	$http->sendfile('uploads/document.pdf', 'my-document.pdf', 30);
399	435	%%
400	436
…	…	…
408	444	- Default: ##'application/octet-stream'##
409	445
410	446	Example:
411		%%~~php~~
	447	%%(hl php)
412	448	$mime = $http->mime_type('file.pdf'); // 'application/pdf'
413	449	%%
414	450
…	…	…
438	474	- Headers not already sent
439	475
440	476	Example:
441		%%~~php~~
	477	%%(hl php)
442	478	$http->gzip();
443	479	%%
444	480
…	…	…
454	490	- Converts encoding properly
455	491
456	492	Example:
457		%%~~php~~
	493	%%(hl php)
458	494	$data = $http->parse_str('name=John&age=30');
459	495	%%
460	496
…	…	…
486	522
487	523	----
488	524
489		=== Configuration Dependencies ===
490
491
492
493		=== Constants Used ===
494
495
	525	===Configuration Dependencies===
	526
	527	The class relies on these database configuration settings:
	528
	529	#\|
	530	\| Setting \| Type \| Purpose \|
	531	\|\| ##base_url## \| string \| Wiki's base URL \|\|
	532	\|\| ##tls## \| bool \| Enable HTTPS enforcement \|\|
	533	\|\| ##cache## \| bool \| Enable page caching \|\|
	534	\|\| ##cache_ttl## \| int \| Cache lifetime in seconds \|\|
	535	\|\| ##session_store## \| int \| 1=File, 0=Database \|\|
	536	\|\| ##system_seed_hash## \| string \| Session encryption seed \|\|
	537	\|\| ##cookie_prefix## \| string \| Session cookie prefix \|\|
	538	\|\| ##cookie_path## \| string \| Cookie path \|\|
	539	\|\| ##allow_persistent_cookie## \| bool \| Allow persistent login \|\|
	540	\|\| ##session_length## \| int \| Session lifetime in seconds \|\|
	541	\|\| ##reverse_proxy_addresses## \| string \| Comma/space-separated proxy IPs \|\|
	542	\|\| ##reverse_proxy_header## \| string \| Custom X-Forwarded header \|\|
	543	\|\| ##language## \| string \| Default language code \|\|
	544	\|\| ##multilanguage## \| bool \| Enable language negotiation \|\|
	545	\|\| ##allowed_languages## \| string \| Comma/space-separated allowed langs \|\|
	546	\|\| ##enable_security_headers## \| bool \| Send security headers \|\|
	547	\|\| ##csp## \| int \| CSP setting (0/1/2) \|\|
	548	\|\| ##permissions_policy## \| int \| Permissions-Policy setting (0/1/2) \|\|
	549	\|\| ##referrer_policy## \| int \| Referrer-Policy setting (0-8) \|\|
	550	\|#
	551
	552	----
	553
	554	===Constants Used===
	555
	556	#\|
	557	\| Constant \| Type \| Purpose \|
	558	\|\| ##IN_WACKO## \| bool \| Security check (exit if not defined) \|\|
	559	\|\| ##CHMOD_SAFE## \| int \| File permissions for cache files \|\|
	560	\|\| ##CHMOD_FILE## \| int \| File permissions for config cache \|\|
	561	\|\| ##CACHE_PAGE_DIR## \| string \| Page cache directory \|\|
	562	\|\| ##CACHE_SESSION_DIR## \| string \| Session cache directory \|\|
	563	\|\| ##CACHE_CONFIG_DIR## \| string \| Config cache directory \|\|
	564	\|\| ##CONFIG_DIR## \| string \| Configuration directory \|\|
	565	\|\| ##LANG_DIR## \| string \| Language files directory \|\|
	566	\|\| ##DAYSECS## \| int \| Seconds in a day (86400) \|\|
	567	\|\| ##HTTP_404## \| string \| Path to 404 error page \|\|
	568	\|\| ##HTTP_403## \| string \| Path to 403 error page \|\|
	569	\|#
	570
	571	----
496	572
497	573	=== Workflow Examples ===
498	574
499		==== ~~Example 1: Handling a GET Request~~ ====
500
501		%%~~php~~
	575	====Example 1: Handling a GET Request====
	576
	577	%%(hl php)
502	578	// In main wiki entry point
503	579	$http = new Http($db);
504	580	$http->session(0); // Start session
…	…	…
520	596
521	597	==== Example 2: Handling TLS/HTTPS Upgrade ====
522	598
523		%%~~php~~
	599	%%(hl php)
524	600	$http = new Http($db); // Constructor detects TLS requirement
525	601	// If TLS is enabled and user wasn't in TLS before:
526	602	// - Sets TLS session flag
…	…	…
530	606
531	607	==== Example 3: Invalidating Cache After Page Edit ====
532	608
533		%%~~php~~
	609	%%(hl php)
534	610	// User edits a page
535	611	$http = new Http($db);
536	612	$count = $http->invalidate_page('HomePage');
…	…	…
539	615
540	616	==== Example 4: Serving a File ====
541	617
542		%%~~php~~
	618	%%(hl php)
543	619	$http = new Http($db);
544	620	$http->session(2); // Static file mode - no session replay prevention
545	621
…	…	…
614	690
615	691	The class integrates with WackoWiki's diagnostic system:
616	692
617		%%~~php~~
	693	%%(hl php)
618	694	// Diagnostic messages are preserved across redirects
619	695	// via session flash data
620	696