feat: implement Batch 13 — INI, streams, sessions, output buffering (14 items, 30 new tests)

- ini_set() permission validation, ini_get_all() with real directive data
- session_cache_limiter/expire, session_create_id with prefix, cookie params
- stream_context_create/get_options/get_params/set_option with real storage
- php://filter stream wrapper (base64, rot13, toupper, tolower, strip_tags, qp)
- data:// stream wrapper (plain text and base64)
- stream_get_meta_data with real eof/mode, stream_copy_to_stream
- ob_implicit_flush, ob_gzhandler with Content-Encoding headers
- Expanded MIME types (55+), directory index candidates (index.htm)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: alexisbouchez

TODO.txt

@@ -394,7 +394,7 @@ These are organized by the categories with the most missing functions.
 [ ] 7C.01  fgetss — fgets + strip tags (deprecated PHP 7.3, removed 8.0)
 [x] 7C.02  stream_get_contents — read remaining stream to string
          - Already implemented in builtins/file.rs; verified with test
-[ ] 7C.03  stream_context_create / stream_context_set_option
+[x] 7C.03  stream_context_create / stream_context_set_option
 [ ] 7C.04  stream_filter_append / stream_filter_prepend
 [ ] 7C.05  stream_socket_client / stream_socket_server
 [ ] 7C.06  stream_select (multiplex I/O)
@@ -700,34 +700,34 @@ PHASE 9: RUNTIME FEATURES
 [ ] 9B.02  ob_get_level() — return current nesting depth
 [ ] 9B.03  ob_get_flush() — flush and return contents
 [ ] 9B.04  ob_list_handlers() — list active handlers
-[ ] 9B.05  ob_implicit_flush() — auto-flush after output
-[ ] 9B.06  Output handler for gzip compression (ob_gzhandler)
+[x] 9B.05  ob_implicit_flush() — auto-flush after output
+[x] 9B.06  Output handler for gzip compression (ob_gzhandler)
 
 --- 9C: INI System ---
 [ ] 9C.01  php.ini file parsing (not just -d CLI flags)
 [ ] 9C.02  .user.ini / .htaccess per-directory overrides
-[ ] 9C.03  ini_set() permission level validation (PHP_INI_USER vs PHP_INI_SYSTEM)
+[x] 9C.03  ini_set() permission level validation (PHP_INI_USER vs PHP_INI_SYSTEM)
 [ ] 9C.04  Register remaining ~180 standard directives
-[ ] 9C.05  ini_get_all() — return all directives with access levels
+[x] 9C.05  ini_get_all() — return all directives with access levels
 
 --- 9D: Sessions ---
 [ ] 9D.01  session_regenerate_id() — prevent session fixation
 [ ] 9D.02  session_set_save_handler() — custom save handlers
 [ ] 9D.03  SessionHandlerInterface implementation
-[ ] 9D.04  session_cache_limiter() / session_cache_expire()
-[ ] 9D.05  session_create_id() — custom ID generation
-[ ] 9D.06  Session cookie parameters (SameSite, HttpOnly, Secure)
+[x] 9D.04  session_cache_limiter() / session_cache_expire()
+[x] 9D.05  session_create_id() — custom ID generation
+[x] 9D.06  Session cookie parameters (SameSite, HttpOnly, Secure)
 
 --- 9E: Streams ---
 [ ] 9E.01  Stream context creation and option management
 [ ] 9E.02  Stream filters (convert.*, string.*, zlib.*, etc.)
 [ ] 9E.03  Custom stream wrappers via stream_wrapper_register
-[ ] 9E.04  php://filter stream wrapper
-[ ] 9E.05  data:// stream wrapper
+[x] 9E.04  php://filter stream wrapper
+[x] 9E.05  data:// stream wrapper
 [ ] 9E.06  glob:// stream wrapper
 [ ] 9E.07  Stream notification callbacks
-[ ] 9E.08  stream_get_meta_data — metadata access
-[ ] 9E.09  stream_copy_to_stream — efficient copy
+[x] 9E.08  stream_get_meta_data — metadata access
+[x] 9E.09  stream_copy_to_stream — efficient copy
 
 
 ================================================================================
@@ -755,10 +755,10 @@ PHASE 10: SAPI COMPLETENESS
 
 --- 10C: Built-in Web Server (-S) ---
 [ ] 10C.01  Router script support (-S with .php router file)
-[ ] 10C.02  Static file serving (MIME type detection)
+[x] 10C.02  Static file serving (MIME type detection)
 [ ] 10C.03  Concurrent request handling
 [ ] 10C.04  Access logging
-[ ] 10C.05  Directory index (index.php, index.html)
+[x] 10C.05  Directory index (index.php, index.html)
 
 
 ================================================================================

crates/php-rs-sapi-cli/src/server.rs

@@ -36,19 +36,59 @@ fn mime_type(path: &str) -> &'static str {
     match ext {
         "html" | "htm" => "text/html; charset=UTF-8",
         "css" => "text/css",
-        "js" => "application/javascript",
+        "js" | "mjs" => "application/javascript",
         "json" => "application/json",
         "xml" => "application/xml",
+        "xhtml" => "application/xhtml+xml",
+        "rss" => "application/rss+xml",
+        "atom" => "application/atom+xml",
         "png" => "image/png",
         "jpg" | "jpeg" => "image/jpeg",
         "gif" => "image/gif",
-        "svg" => "image/svg+xml",
+        "webp" => "image/webp",
+        "avif" => "image/avif",
+        "bmp" => "image/bmp",
+        "tiff" | "tif" => "image/tiff",
+        "svg" | "svgz" => "image/svg+xml",
         "ico" => "image/x-icon",
-        "woff" | "woff2" => "font/woff2",
+        "woff" => "font/woff",
+        "woff2" => "font/woff2",
         "ttf" => "font/ttf",
+        "otf" => "font/otf",
+        "eot" => "application/vnd.ms-fontobject",
         "pdf" => "application/pdf",
-        "txt" => "text/plain; charset=UTF-8",
+        "txt" | "text" | "log" => "text/plain; charset=UTF-8",
+        "csv" => "text/csv; charset=UTF-8",
+        "tsv" => "text/tab-separated-values; charset=UTF-8",
+        "md" | "markdown" => "text/markdown; charset=UTF-8",
+        "yaml" | "yml" => "text/yaml; charset=UTF-8",
         "php" => "text/html; charset=UTF-8",
+        "zip" => "application/zip",
+        "gz" | "gzip" => "application/gzip",
+        "tar" => "application/x-tar",
+        "bz2" => "application/x-bzip2",
+        "7z" => "application/x-7z-compressed",
+        "rar" => "application/vnd.rar",
+        "mp3" => "audio/mpeg",
+        "mp4" => "video/mp4",
+        "webm" => "video/webm",
+        "ogg" => "audio/ogg",
+        "ogv" => "video/ogg",
+        "wav" => "audio/wav",
+        "flac" => "audio/flac",
+        "avi" => "video/x-msvideo",
+        "mov" => "video/quicktime",
+        "mkv" => "video/x-matroska",
+        "wasm" => "application/wasm",
+        "map" => "application/json",
+        "swf" => "application/x-shockwave-flash",
+        "doc" => "application/msword",
+        "docx" => "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+        "xls" => "application/vnd.ms-excel",
+        "xlsx" => "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+        "ppt" => "application/vnd.ms-powerpoint",
+        "pptx" => "application/vnd.openxmlformats-officedocument.presentationml.presentation",
+        "rtf" => "application/rtf",
         _ => "application/octet-stream",
     }
 }
@@ -464,15 +504,19 @@ fn handle_connection(stream: &mut std::net::TcpStream, config: &ServerConfig) {
     // Resolve the file path
     let mut file_path = config.docroot.join(req.path.trim_start_matches('/'));
 
-    // If path is a directory, look for index.php or index.html
+    // If path is a directory, look for index files (PHP priority, then HTML)
     if file_path.is_dir() {
-        let index_php = file_path.join("index.php");
-        let index_html = file_path.join("index.html");
-        if index_php.exists() {
-            file_path = index_php;
-        } else if index_html.exists() {
-            file_path = index_html;
-        } else {
+        let candidates = ["index.php", "index.html", "index.htm"];
+        let mut found = false;
+        for name in &candidates {
+            let candidate = file_path.join(name);
+            if candidate.exists() {
+                file_path = candidate;
+                found = true;
+                break;
+            }
+        }
+        if !found {
             send_404(stream, &req.path);
             return;
         }