First commit
This commit is contained in:
julien
80
app/bootstrap.php
Normal file
80
app/bootstrap.php
Normal file
@@ -0,0 +1,80 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
require __DIR__ . '/Helpers/App.php';
|
||||
require __DIR__ . '/Helpers/Error.php';
|
||||
|
||||
$f3 = Base::instance();
|
||||
|
||||
// ── Configuration ───────────────────────────────────────────────────
|
||||
|
||||
$f3->set('AUTOLOAD', app_root() . '/app/Controllers/;' . app_root() . '/app/Models/;' . app_root() . '/app/Services/');
|
||||
$f3->set('UI', app_root() . '/app/Views/');
|
||||
$f3->set('TEMP', app_root() . '/tmp/');
|
||||
$f3->set('LOGS', app_logs_dir() . '/');
|
||||
|
||||
$f3->config(app_root() . '/app/config.ini');
|
||||
|
||||
$localConfig = app_root() . '/config.local.ini';
|
||||
if (is_file($localConfig)) {
|
||||
$f3->config($localConfig);
|
||||
}
|
||||
|
||||
$f3->set('TZ', app_timezone());
|
||||
$f3->set('DEBUG', app_is_prod() ? 0 : 3);
|
||||
|
||||
app_ensure_dir((string) $f3->get('TEMP'));
|
||||
app_ensure_dir((string) $f3->get('LOGS'));
|
||||
app_ensure_dir(app_public_media_dir());
|
||||
// Web::receive() utilise UPLOADS directement — le résoudre en absolu.
|
||||
$f3->set('UPLOADS', app_root() . '/' . ltrim((string) $f3->get('UPLOADS'), '/'));
|
||||
app_ensure_dir(rtrim((string) $f3->get('UPLOADS'), '/'));
|
||||
app_bootstrap_logging();
|
||||
|
||||
// ── En-têtes de sécurité ────────────────────────────────────────────
|
||||
|
||||
if (PHP_SAPI !== 'cli') {
|
||||
header("Content-Security-Policy: default-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; img-src 'self' data:; style-src 'self'; script-src 'self'");
|
||||
header('Referrer-Policy: same-origin');
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
header('X-Frame-Options: SAMEORIGIN');
|
||||
header('Cross-Origin-Opener-Policy: same-origin');
|
||||
header('Cross-Origin-Resource-Policy: same-origin');
|
||||
header('Permissions-Policy: camera=(), microphone=(), geolocation=()');
|
||||
}
|
||||
|
||||
// ── Base de données ─────────────────────────────────────────────────
|
||||
|
||||
$dbPath = app_db_path();
|
||||
app_ensure_dir(dirname($dbPath));
|
||||
|
||||
$db = new DB\SQL(
|
||||
'sqlite:' . $dbPath,
|
||||
null,
|
||||
null,
|
||||
[
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||
PDO::ATTR_TIMEOUT => 5,
|
||||
]
|
||||
);
|
||||
$db->exec('PRAGMA foreign_keys = ON');
|
||||
$f3->set('DB', $db);
|
||||
|
||||
// ── Session ─────────────────────────────────────────────────────────
|
||||
|
||||
session_name((string) $f3->get('app.session_name'));
|
||||
$f3->set('JAR', [
|
||||
'expire' => 0,
|
||||
'path' => '/',
|
||||
'secure' => $f3->get('SCHEME') === 'https',
|
||||
'httponly' => true,
|
||||
'samesite' => 'Lax',
|
||||
]);
|
||||
|
||||
// ── Erreurs ─────────────────────────────────────────────────────────
|
||||
|
||||
app_bootstrap_errors($f3);
|
||||
|
||||
return $f3;
|
||||
Reference in New Issue
Block a user