Difference between revisions for Users / Eo Ny / dev




← Previous edit
Revision 8 as of 05/05/2026 19:24
16 05/18/2026 05:05 WikiAdmin 15 05/18/2026 05:04 WikiAdmin 14 05/17/2026 21:10 WikiAdmin 13 05/05/2026 19:29 EoNy 12 05/05/2026 19:28 WikiAdmin 11 05/05/2026 19:28 WikiAdmin 10 05/05/2026 19:27 WikiAdmin 9 05/05/2026 19:25 WikiAdmin 8 05/05/2026 19:24 WikiAdmin 7 05/05/2026 19:23 WikiAdmin 6 05/05/2026 19:21 EoNy 5 05/05/2026 19:11 EoNy 4 05/05/2026 19:10 EoNy 3 05/05/2026 19:10 EoNy 2 05/05/2026 19:08 EoNy 1 05/05/2026 19:06 EoNy

(15.2 KiB)
WikiAdmin
 Next edit →
Revision 17 as of 05/18/2026 15:15
18 05/21/2026 16:12 WikiAdmin 17 05/18/2026 15:15 WikiAdmin 16 05/18/2026 05:05 WikiAdmin 15 05/18/2026 05:04 WikiAdmin 14 05/17/2026 21:10 WikiAdmin 13 05/05/2026 19:29 EoNy 12 05/05/2026 19:28 WikiAdmin 11 05/05/2026 19:28 WikiAdmin 10 05/05/2026 19:27 WikiAdmin 9 05/05/2026 19:25 WikiAdmin

(18.4 KiB) +3,248
WikiAdmin

Merge of Version1 & Version2
1 == HTTP Class Technical Documentation =={{toc numerate=1}}
2
3 === Overview ===
4
23 || ##$method## | string | Current HTTP method/request type ||
24 |#
25
26 ====Private Properties====
27
28 #|
29 *| Property | Type | Description |*
30 || ##$db## | object | Database connection reference ||
31 || ##$tls_mark## | string | Cookie name for TLS session marking ||
32 || ##$page## | string | Current page name being processed ||
33 || ##$hash## | string | SHA1 hash of the page name ||
34 || ##$query## | string | Encoded query string ||
35 || ##$lang## | string | Current language code ||
36 || ##$file## | string | Cache file path ||
37 || ##$caching## | int | Flag indicating if page should be cached (0 or 1) ||
38 |#
39
40 ----
41 === Constructor ===
42
43 %%php(hl php)
44 public function __construct(&$db)
45 %%
46
58   6. Enforces TLS session upgrade if needed
59
60 **Example:**
61 %%php(hl php)
62 $http = new Http($db);
63 %%
64
82   - Recovers diagnostic logs from previous session
83
84 **Example:**
85 %%php(hl php)
86 $http->session(0); // Normal session
87 $http->session(2); // Static file serving mode
88 %%
105   - ✅ Only cached for anonymous users (no logged-in users)
106
107 **Example:**
108 %%php(hl php)
109 $http->check_cache('HomePage', 'show');
110 %%
111
112 ----
113
114 ===== ##store_cache(): void## ##store_cache(): void##=====
115 Saves the generated page content to cache file.
116
117 **Features:**
121   - Only executes if caching flag is set and user is anonymous
122
123 **Example:**
124 %%php(hl php)
125 // Called at end of page rendering
126 $http->store_cache();
127 %%
144   4. Returns count of invalidated caches
145
146 **Example:**
147 %%php(hl php)
148 $count = $http->invalidate_page('HomePage');
149 echo "Invalidated $count cache entries";
150 %%
162   - Called when TLS session is detected
163
164 **Example:**
165 %%php(hl php)
166 $http->secure_base_url();
167 // $db->base_url now uses https://
168 %%
181   - Converts relative URLs using current server name
182
183 **Example:**
184 %%php(hl php)
185 $http->ensure_tls('/secure/payment');
186 %%
187
209   - ##reverse_proxy_header## - Custom header name (default: ##X-Forwarded-For##)
210
211 **Example:**
212 %%php(hl php)
213 $client_ip = $http->ip; // e.g., "203.0.113.42"
214 %%
215
231
232 ==== Security Headers ====
233
234 =====##http_security_headers(): void##=====
235
236 Sets security-related HTTP headers.
237
238 **Headers Set:**
239
240 #|
241 *| Header | Purpose | Config Key |*
242 || Content-Security-Policy | XSS/injection protection | ##csp## ||
243 || Permissions-Policy | Control browser features | ##permissions_policy## ||
244 || Referrer-Policy | Control referrer information | ##referrer_policy## ||
245 || Strict-Transport-Security | Force HTTPS | Auto (TLS only) ||
246 || X-Frame-Options | Clickjacking protection | Hardcoded: ##SAMEORIGIN## ||
247 || X-Content-Type-Options | MIME sniffing prevention | Hardcoded: ##nosniff## ||
248 |#
249
250 **CSP Configuration Options:**
251   - ##0## - Disabled
252   - ##1## - Default policy (from ##csp.conf##)
253   - ##2## - Custom policy (from ##csp_custom.conf##)
254
255 **Example:**
256 %%(hl php)
257 $http->http_security_headers();
258 %%
259
260 ----
261 ==== HTTP Methods ====
262
263 ===== ##redirect($url, $permanent = false): void## =====
273   - Uses output buffering to work anywhere in page processing
274
275 **Example:**
276 %%php(hl php)
277 $http->redirect('http://example.com/new-page', true); // 301
278 $http->redirect('/wiki/HomePage'); // 302
279 %%
288   - Ends script execution
289
290 **Example:**
291 %%php(hl php)
292 $http->terminate();
293 %%
294
298 Sets HTTP response status code.
299
300 **Supported Status Codes:**
301 %%php(hl php)
302 200 => 'OK'
303 206 => 'Partial Content'
304 301 => 'Moved Permanently'
318 %%
319
320 **Example:**
321 %%php(hl php)
322 $http->status(404); // Send 404 Not Found
323 %%
324
339   - ##Cache-Control: no-store##
340
341 **Example:**
342 %%php(hl php)
343 $http->no_cache(); // Client-side only
344 $http->no_cache(false); // Both client & server
345 %%
353   - ##Cache-Control: public##
354
355 **Example:**
356 %%php(hl php)
357 $http->cache_promisc();
358 %%
359
398   - Associative array: ##['en' => 'en', 'de' => 'de', ...]##
399
400 **Example:**
401 %%php(hl php)
402 $all_langs = $http->available_languages(false);
403 $allowed = $http->available_languages(true);
404 %%
424   - GZip compression for text files
425
426 **Special Paths:**
427 %%php(hl php)
428 $http->sendfile(404); // Serves file defined by HTTP_404 constant
429 $http->sendfile(403); // Serves file defined by HTTP_403 constant
430 %%
431
432 **Example:**
433 %%php(hl php)
434 $http->sendfile('uploads/document.pdf', 'my-document.pdf', 30);
435 %%
436
444   - Default: ##'application/octet-stream'##
445
446 **Example:**
447 %%php(hl php)
448 $mime = $http->mime_type('file.pdf'); // 'application/pdf'
449 %%
450
474   - Headers not already sent
475
476 **Example:**
477 %%php(hl php)
478 $http->gzip();
479 %%
480
490   - Converts encoding properly
491
492 **Example:**
493 %%php(hl php)
494 $data = $http->parse_str('name=John&age=30');
495 %%
496
522
523 ----
524
525 ===Configuration Dependencies===
526
527 The class relies on these database configuration settings:
528
529 #|
530 *| Setting | Type | Purpose |*
531 || ##base_url## | string | Wiki's base URL ||
532 || ##tls## | bool | Enable HTTPS enforcement ||
533 || ##cache## | bool | Enable page caching ||
534 || ##cache_ttl## | int | Cache lifetime in seconds ||
535 || ##session_store## | int | 1=File, 0=Database ||
536 || ##system_seed_hash## | string | Session encryption seed ||
537 || ##cookie_prefix## | string | Session cookie prefix ||
538 || ##cookie_path## | string | Cookie path ||
539 || ##allow_persistent_cookie## | bool | Allow persistent login ||
540 || ##session_length## | int | Session lifetime in seconds ||
541 || ##reverse_proxy_addresses## | string | Comma/space-separated proxy IPs ||
542 || ##reverse_proxy_header## | string | Custom X-Forwarded header ||
543 || ##language## | string | Default language code ||
544 || ##multilanguage## | bool | Enable language negotiation ||
545 || ##allowed_languages## | string | Comma/space-separated allowed langs ||
546 || ##enable_security_headers## | bool | Send security headers ||
547 || ##csp## | int | CSP setting (0/1/2) ||
548 || ##permissions_policy## | int | Permissions-Policy setting (0/1/2) ||
549 || ##referrer_policy## | int | Referrer-Policy setting (0-8) ||
550 |#
551
552 ----
553
554 ===Constants Used===
555
556 #|
557 *| Constant | Type | Purpose |*
558 || ##IN_WACKO## | bool | Security check (exit if not defined) ||
559 || ##CHMOD_SAFE## | int | File permissions for cache files ||
560 || ##CHMOD_FILE## | int | File permissions for config cache ||
561 || ##CACHE_PAGE_DIR## | string | Page cache directory ||
562 || ##CACHE_SESSION_DIR## | string | Session cache directory ||
563 || ##CACHE_CONFIG_DIR## | string | Config cache directory ||
564 || ##CONFIG_DIR## | string | Configuration directory ||
565 || ##LANG_DIR## | string | Language files directory ||
566 || ##DAYSECS## | int | Seconds in a day (86400) ||
567 || ##HTTP_404## | string | Path to 404 error page ||
568 || ##HTTP_403## | string | Path to 403 error page ||
569 |#
570
571 ----
572
573 === Workflow Examples ===
574
575 ==== Example 1: Handling a GET Request Example 1: Handling a GET Request====
576
577 %%php(hl php)
578 // In main wiki entry point
579 $http = new Http($db);
580 $http->session(0); // Start session
596
597 ==== Example 2: Handling TLS/HTTPS Upgrade ====
598
599 %%php(hl php)
600 $http = new Http($db); // Constructor detects TLS requirement
601 // If TLS is enabled and user wasn't in TLS before:
602 // - Sets TLS session flag
606
607 ==== Example 3: Invalidating Cache After Page Edit ====
608
609 %%php(hl php)
610 // User edits a page
611 $http = new Http($db);
612 $count = $http->invalidate_page('HomePage');
615
616 ==== Example 4: Serving a File ====
617
618 %%php(hl php)
619 $http = new Http($db);
620 $http->session(2); // Static file mode - no session replay prevention
621
690
691 The class integrates with WackoWiki's diagnostic system:
692
693 %%php(hl php)
694 // Diagnostic messages are preserved across redirects
695 // via session flash data
696