🚀 مُصادَق: الإطلاق الأولي للنظام المتكامل

app/Core/Response.php

@@ -0,0 +1,45 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Core;
+
+final class Response
+{
+    public static function json(array $data, int $status = 200, array $headers = []): void
+    {
+        self::send($data, $status, array_merge(['Content-Type' => 'application/json; charset=utf-8'], $headers));
+    }
+
+    public static function error(string $messageAr, string $code, int $status = 400, ?array $details = null): void
+    {
+        $data = [
+            'success' => false,
+            'error' => [
+                'message_ar' => $messageAr,
+                'code' => $code,
+                'details' => $details
+            ]
+        ];
+        self::json($data, $status);
+    }
+
+    private static function send(mixed $data, int $status, array $headers): void
+    {
+        http_response_code($status);
+
+        foreach ($headers as $name => $value) {
+            header("$name: $value");
+        }
+
+        // Apply Security Headers
+        header('X-Content-Type-Options: nosniff');
+        header('X-Frame-Options: DENY');
+        header('X-XSS-Protection: 1; mode=block');
+        header('Referrer-Policy: strict-origin-when-cross-origin');
+        header_remove('X-Powered-By');
+
+        echo json_encode($data, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
+        exit;
+    }
+}