Hugging Face's logo

Spaces:
Softedge
/
Corporations
Sleeping

App Files Community
Corporations
File size: 4,736 Bytes 
343aa99
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
 
<?php

/**

 * SoftEdge Corporation - Initialization File

 * Sets up the application environment and autoloading

 */

// Start session if not already started
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}

// Set timezone
date_default_timezone_set('Africa/Luanda');

// Error handling for production
if (getenv('APP_ENV') === 'production') {
    ini_set('display_errors', 0);
    ini_set('display_startup_errors', 0);
    error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT);
} else {
    ini_set('display_errors', 1);
    ini_set('display_startup_errors', 1);
    error_reporting(E_ALL);
}

// Load environment variables if .env exists
if (file_exists(__DIR__ . '/../.env')) {
    $dotenv = \Dotenv\Dotenv::createImmutable(__DIR__ . '/..');
    $dotenv->load();
}

// Set default environment variables
$_ENV['APP_NAME'] = $_ENV['APP_NAME'] ?? 'SoftEdge Corporation';
$_ENV['APP_URL'] = $_ENV['APP_URL'] ?? 'https://softedge-corporation.up.railway.app';
$_ENV['APP_ENV'] = $_ENV['APP_ENV'] ?? 'production';

// Security headers
header('X-Content-Type-Options: nosniff');
header('X-Frame-Options: DENY');
header('X-XSS-Protection: 1; mode=block');
header('Referrer-Policy: strict-origin-when-cross-origin');

// Content Security Policy
header("Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://unpkg.com https://cdn.tailwindcss.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self'");

// Create logs directory if it doesn't exist
$logsDir = __DIR__ . '/../logs';
if (!is_dir($logsDir)) {
    mkdir($logsDir, 0755, true);
}

// Set custom error log
ini_set('error_log', $logsDir . '/php_errors.log');

// Function to get base URL
function getBaseUrl(): string

{
    $protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http';
    $host = $_SERVER['HTTP_HOST'] ?? 'localhost';
    $port = $_SERVER['SERVER_PORT'] ?? 80;

    // Don't include port if it's the default for the protocol
    if (($protocol === 'http' && $port == 80) || ($protocol === 'https' && $port == 443)) {
        return $protocol . '://' . $host;
    }

    return $protocol . '://' . $host . ':' . $port;
}

// Function to get current URL
function getCurrentUrl(): string

{
    return getBaseUrl() . $_SERVER['REQUEST_URI'];
}

// Function to redirect
function redirect(string $url, int $statusCode = 302): void

{
    header('Location: ' . $url, true, $statusCode);
    exit;
}

// Function to sanitize input
function sanitizeInput(string $input): string

{
    return htmlspecialchars(trim($input), ENT_QUOTES, 'UTF-8');
}

// Function to generate CSRF token
function generateCsrfToken(): string

{
    if (empty($_SESSION['csrf_token'])) {
        $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
    }
    return $_SESSION['csrf_token'];
}

// Function to validate CSRF token
function validateCsrfToken(string $token): bool

{
    return isset($_SESSION['csrf_token']) && hash_equals($_SESSION['csrf_token'], $token);
}

// Function to log activity
function logActivity(string $message, string $level = 'INFO'): void

{
    $logFile = __DIR__ . '/../logs/activity.log';
    $timestamp = date('Y-m-d H:i:s');
    $ip = $_SERVER['REMOTE_ADDR'] ?? 'unknown';
    $userAgent = $_SERVER['HTTP_USER_AGENT'] ?? 'unknown';

    $logEntry = "[$timestamp] [$level] [$ip] [$userAgent] $message" . PHP_EOL;

    file_put_contents($logFile, $logEntry, FILE_APPEND | LOCK_EX);
}

// Function to check if user is rate limited
function isRateLimited(string $identifier, int $maxRequests = 5, int $timeWindow = 300): bool

{
    $rateLimitFile = __DIR__ . "/../logs/rate_limit_{$identifier}.txt";
    $currentTime = time();

    // Read existing requests
    $requests = [];
    if (file_exists($rateLimitFile)) {
        $requests = json_decode(file_get_contents($rateLimitFile), true) ?? [];
    }

    // Filter out old requests
    $requests = array_filter($requests, function($timestamp) use ($currentTime, $timeWindow) {
        return ($currentTime - $timestamp) < $timeWindow;
    });

    // Check if rate limit exceeded
    if (count($requests) >= $maxRequests) {
        return true;
    }

    // Add current request
    $requests[] = $currentTime;

    // Save updated requests
    file_put_contents($rateLimitFile, json_encode($requests));

    return false;
}

// Initialize application
logActivity("Application initialized");

// Autoload classes (Composer will handle this)
require_once __DIR__ . '/../vendor/autoload.php';