<?php
/**
* Created by PhpStorm.
* User: Kessiler
* Date: 14/12/2014
* Time: 14:58
*/
$app = new Silex\Application();
/** SERVICES */
$app->register(new Silex\Provider\UrlGeneratorServiceProvider());
$app->register(new Silex\Provider\SessionServiceProvider());
$app->register(new Core\Service\ConfigServiceProvider(realpath(__DIR__) . "/../app/config/settings.json"));
$app->register(new Silex\Provider\DoctrineServiceProvider(), array('db.options' => $app['config']['database']));
$app['debug'] = $app['config']['debugger'];
$app->boot();
$app->register(new Silex\Provider\TwigServiceProvider(), array('twig.path' => realpath(__DIR__) . '/../templates/' . $app['config']['template'], 'twig.options' => array('cache' => $app['config']['cache'] ? realpath(__DIR__) . "/../app/cache" : false, 'strict_variables' => true)));
/** ROUTING */
Symfony\Component\HttpFoundation\Request::enableHttpMethodParameterOverride();
require_once realpath(__DIR__) . "/routes.php";
return $app;
/**
* Enables support for the _method request parameter to determine the intended HTTP method.
*
* Be warned that enabling this feature might lead to CSRF issues in your code.
* Check that you are using CSRF tokens when required.
* If the HTTP method parameter override is enabled, an html-form with method "POST" can be altered
* and used to send a "PUT" or "DELETE" request via the _method request parameter.
* If these methods are not protected against CSRF, this presents a possible vulnerability.
*
* The HTTP method can only be overridden when the real HTTP method is POST.
*/
public static function enableHttpMethodParameterOverride()
{
return Symfony\Component\HttpFoundation\Request::enableHttpMethodParameterOverride();
}
