PHP code example of citomni / http
1. Go to this page and download the library: Download citomni/http library . Choose the download type require .
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
citomni / http example snippets
declare(strict_types=1);
define('CITOMNI_START_TIME', microtime(true));
define('CITOMNI_ENVIRONMENT', 'dev'); // 'dev' | 'stage' | 'prod'
define('CITOMNI_PUBLIC_PATH', __DIR__);
define('CITOMNI_APP_PATH', \dirname(__DIR__));
// In stage/prod you should define an absolute public root URL (or set http.base_url in cfg):
if (\defined('CITOMNI_ENVIRONMENT') && \CITOMNI_ENVIRONMENT !== 'dev') {
define('CITOMNI_PUBLIC_ROOT_URL', 'https://www.example.com');
}
$this->app->cfg->locale->timezone;
$this->app->cfg->http->base_url;
$this->app->cfg->routes['/']; // raw array (routes are exposed as raw arrays)
declare(strict_types=1);
return [
'identity' => [
'app_name' => 'My CitOmni App',
'email' => '[email protected] ',
'phone' => '(+45) 12 34 56 77',
],
'locale' => [
'language' => 'da',
'timezone' => 'Europe/Copenhagen',
'charset' => 'UTF-8',
],
'http' => [
'base_url' => '', // dev will auto-detect when empty
'trust_proxy' => false,
'trusted_proxies' => ['10.0.0.0/8', '192.168.0.0/16', '::1'],
],
'error_handler' => [
'log_file' => CITOMNI_APP_PATH . '/var/logs/system_error_log.json',
'recipient' => '[email protected] ',
'sender' => '[email protected] ',
'max_log_size' => 10_485_760,
'template' => __DIR__ . '/../vendor/citomni/http/templates/errors/failsafe_error.php',
'display_errors' => (defined('CITOMNI_ENVIRONMENT') && CITOMNI_ENVIRONMENT === 'dev'),
],
'session' => [
'name' => 'CITSESSID',
'save_path' => CITOMNI_APP_PATH . '/var/state/php_sessions',
'gc_maxlifetime' => 1440,
'use_strict_mode' => true,
'use_only_cookies' => true,
'lazy_write' => true,
'sid_length' => 48,
'sid_bits_per_character' => 6,
'cookie_secure' => null, // auto if https
'cookie_httponly' => true,
'cookie_samesite' => 'Lax',
'cookie_path' => '/',
'cookie_domain' => null,
'rotate_interval' => 0,
'fingerprint' => [
'bind_user_agent' => false,
'bind_ip_octets' => 0,
'bind_ip_blocks' => 0,
],
],
'cookie' => [
'httponly' => true,
'samesite' => 'Lax',
'path' => '/',
// 'secure' => true, // optional override
// 'domain' => 'example.com',
],
'view' => [
'cache_enabled' => false,
'trim_whitespace' => false,
'remove_html_comments' => false,
'allow_php_tags' => false,
'marketing_scripts' => '',
'view_vars' => [],
// 'asset_version' => '2025-09-29',
],
'security' => [
'csrf_protection' => true,
'csrf_field_name' => 'csrf_token',
'captcha_protection' => true,
'honeypot_protection' => true,
'form_action_switching'=> true,
],
'maintenance' => [
'flag' => [
'path' => CITOMNI_APP_PATH . '/var/flags/maintenance.php',
'template' => __DIR__ . '/../vendor/citomni/http/templates/public/maintenance.php',
'allowed_ips' => [],
'default_retry_after'=> 300,
],
'backup' => [
'enabled' => true,
'keep' => 3,
'dir' => CITOMNI_APP_PATH . '/var/backups/flags',
],
'log' => [
'filename' => 'maintenance.json',
],
],
'webhooks' => [
'enabled' => true,
'ttl_seconds' => 300,
'ttl_clock_skew_tolerance' => 60,
'allowed_ips' => [],
'nonce_dir' => CITOMNI_APP_PATH . '/var/nonces',
// 'secret' => '*** put shared secret here ***',
// 'bind_context' => true,
// 'algo' => 'sha512',
],
// Routes: you can inline them here or
return [
'http' => ['base_url' => 'https://stage.example.com'],
];
return [
'http' => ['base_url' => 'https://www.example.com'],
];
'http' => [
'base_url' => '', // dev auto-detects; stage/prod: absolute URL 1', '::1'],
],
404 => [
'controller' => \CitOmni\Http\Controller\PublicController::class,
'action' => 'errorPage',
'methods' => ['GET'],
'template_file' => 'errors/404.html',
'template_layer' => 'app', // or 'citomni/http' for vendor template
'params' => [404],
],
declare(strict_types=1);
namespace App\Http\Controller;
use CitOmni\Kernel\Controller\BaseController;
final class HomeController extends BaseController {
// Optional boot hook (called by BaseController::__construct)
protected function init(): void {
// e.g. preload something for the view
}
public function index(): void {
$this->app->view->render(
$this->routeConfig['template_file'] ?? 'public/index.html',
$this->routeConfig['template_layer'] ?? 'app',
[
'noindex' => 0,
'canonical' => \CITOMNI_PUBLIC_ROOT_URL,
]
);
}
}
'/health' => [
'controller' => \CitOmni\Http\Controller\PublicController::class,
'action' => 'health',
'methods' => ['GET'],
],
// In PublicController:
public function health(): void {
$this->app->response->jsonStatus([
'status' => 'ok',
'env' => defined('CITOMNI_ENVIRONMENT') ? CITOMNI_ENVIRONMENT : 'unknown',
'maintenance' => $this->app->maintenance->isEnabled(),
], 200);
}
use CitOmni\Kernel\Controller\BaseController;
final class PublicController extends BaseController
{
public function index(): void
{
$this->app->view->render('public/home.html', 'citomni/http', [
'title' => 'Welcome',
'lead' => 'Fast, predictable HTTP runtime for CitOmni apps.',
'cta_path' => '/docs/get-started',
]);
}
}
\CitOmni\Http\Boot\Services::MAP
// [
'request' => \CitOmni\Http\Service\Request::class,
'response' => \CitOmni\Http\Service\Response::class,
'router' => \CitOmni\Http\Service\Router::class,
'session' => \CitOmni\Http\Service\Session::class,
'cookie' => \CitOmni\Http\Service\Cookie::class,
'view' => \CitOmni\Http\Service\View::class,
'security' => \CitOmni\Http\Service\Security::class,
'nonce' => \CitOmni\Http\Service\Nonce::class,
'maintenance' => \CitOmni\Http\Service\Maintenance::class,
'webhooksAuth' => \CitOmni\Http\Service\WebhooksAuth::class,
// ]
return [
// Simple override:
'router' => \CitOmni\Http\Service\Router::class,
// With options (constructor is __construct(App $app, array $options = []))
'view' => [
'class' => \CitOmni\Http\Service\View::class,
'options' => ['asset_version' => '2025-09-29'],
],
];
$this->app->response->noCache();
$this->app->request->json();
$this->app->maintenance->enable(['1.2.3.4']);
$raw = \file_get_contents('php://input') ?: '';
$this->app->webhooksAuth
->setOptions($this->app->cfg->webhooks)
->assertAuthorized($_SERVER, $raw); // throws on failure
$secret = 'shared-secret';
$ts = time();
$nonce = bin2hex(random_bytes(16));
$body = json_encode(['event' => 'ping'], JSON_UNESCAPED_UNICODE);
// Simple mode base: "<ts>.<nonce>.<rawBody>"
$base = $ts . '.' . $nonce . '.' . $body;
$sig = hash_hmac('sha256', $base, $secret); // hex
$ch = curl_init('https://example.com/admin/webhook');
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $body,
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
'X-Citomni-Timestamp: ' . $ts,
'X-Citomni-Nonce: ' . $nonce,
'X-Citomni-Signature: ' . $sig,
],
CURLOPT_RETURNTRANSFER => true,
]);
$resp = curl_exec($ch);
public function submit(): void {
$ok = $this->app->security->verifyCsrf($this->app->request->post('csrf_token'));
if (!$ok) {
$this->app->security->logFailedCsrf('form.submit');
$this->app->response->jsonProblem('Invalid CSRF token', 422);
}
// ... handle form
$this->app->response->jsonStatus(['ok' => true], 200);
}
return [
\Vendor\Foo\Boot\Services::class, // contributes MAP_HTTP + CFG_HTTP
\Vendor\Bar\Boot\Services::class,
];
return [
'enabled' => true,
'allowed_ips' => ['1.2.3.4'],
'retry_after' => 600,
];
$result = $this->app->warmCache(overwrite: true, opcacheInvalidate: true);
/app-root
/bin
/config
providers.php # optional list of provider FQCNs
citomni_http_cfg.php # app baseline config (HTTP)
citomni_http_cfg.stage.php # optional per-env overlay
citomni_http_cfg.prod.php # optional per-env overlay
services.php # optional service map overrides/additions
/public
index.php
/src
/Http/{Controller,Service,Model}
/Service /Model ...
/templates
/var/{cache,flags,logs,nonces,state}
/vendor
nginx
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;