<?php

use MVC\Config;

error_reporting(E_ALL);
date_default_timezone_set('Europe/Berlin');

// enable debug output
$aConfig['MVC_DEBUG'] = true;

// show InfoTool bar
$aConfig['MVC_INFOTOOL_ENABLE'] = true;

// MVC fallback routing
$aConfig['MVC_ROUTING_FALLBACK'] = 'module={module}&c=index&m=notFound'; # query

//-------------------------------------------------------------------------------------
// Module {module}

$aConfig['MODULE']['{module}'] = array();

/**
 * Where to activate Session;
 * name Controllers
 */
$aConfig['MODULE']['{module}']['SESSION'] = array(

    // enable session for these controllers
    'aEnableSessionForController' => array(
        '*',        # any
        #'Index',   # concrete
    ),
    // disable session for these controllers
    'aDisableSessionForController' => array(
        #'*',       # any
        #'Index',   # concrete
    ),
);

/**
 * Event Bindings
 * @see https://mymvc.ueffing.net/
 */
$aConfig['MODULE']['{module}']['EVENT_BIND'] = array(

    'mvc.application.setSession.before' => array(
        // enable session (if necessary)
        function(\MVC\DataType\DTArrayObject $oDTArrayObject) {
            \{module}\Event\Index::enableSession($oDTArrayObject);
        }
    ),
    'mvc.reflex.reflect.targetObject.before' => array(
        // minify css + js files (if necessary)
        function(\MVC\DataType\DTArrayObject $oDTArrayObject) use ($aConfig) {
            \MVC\Minify::init();
        },
        // create/update ".myMVC.json" routing file (if necessary)
        function(\MVC\DataType\DTArrayObject $oDTArrayObject) {
            \MVC\Router::createFinalJson();
        }
    ),
    'mvc.reflex.reflect.targetObject.after' => array(
        function (\MVC\DataType\DTArrayObject $oDTArrayObject) {
            if (true === Config::get_MVC_INFOTOOL_ENABLE())
            {
                // load InfoTool
                $oView = $oDTArrayObject
                    ->getDTKeyValueByKey('oReflectionObject')
                    ->get_sValue()
                    ->oView;
                // switch on InfoTool
                new \MVC\InfoTool($oView);
            }
        },
    ),
    'mvc.debug.stop.after' => array(
        function (\MVC\DataType\DTArrayObject $oDTArrayObject) {
            \MVC\Log::write("\n\n*** STOP ***\n" . print_r($oDTArrayObject->get_akeyvalue()[0]->get_sValue(), true));
        }
    ),
    'mvc.error' => array(
        // write errors into error log file
        function(\MVC\DataType\DTArrayObject $oDTArrayObject) {
            \MVC\Log::write($oDTArrayObject, 'error.log');
        }
    ),
);

//-------------------------------------------------------------------------------------
// Module {module} CSP
// For further Rules Explanation @see https://content-security-policy.com/

$aConfig['MODULE']['{module}']['CSP'] = array();

// Websites (URLs) which are allowed to embed our Site into e.g. a <frame>
$aConfig['MODULE']['{module}']['CSP']['X-Frame-Options'] = " allow-from 'none'";

// Content-Security-Policy
$aConfig['MODULE']['{module}']['CSP']['Content-Security-Policy'] = str_replace("\n", '', trim("
default-src 'self';
script-src 'self' 'unsafe-inline';
style-src 'self' 'unsafe-inline';
img-src 'self' blob: data: ;
connect-src 'self';
font-src 'self';
object-src 'none';
media-src 'self';
child-src 'self';
sandbox allow-downloads allow-forms allow-same-origin allow-scripts allow-popups allow-modals allow-orientation-lock allow-pointer-lock allow-presentation allow-popups-to-escape-sandbox allow-top-navigation;
report-uri /;
form-action 'self';
frame-ancestors 'none';
frame-src 'self';
"));

// @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
$aConfig['MODULE']['{module}']['CSP']['X-XSS-Protection'] = '1; mode=block';

// 63072000 for 24 months; @see https://support.servertastic.com/knowledgebase/article/http-strict-transport-security-php
$aConfig['MODULE']['{module}']['CSP']['Strict-Transport-Security'] = 'max-age=63072000';
