'Home', 'url' => 'index.html'], ...] */ function generateBreadcrumbs($breadcrumbs) { echo '
'; $last_index = count($breadcrumbs) - 1; foreach ($breadcrumbs as $index => $item) { if ($index === $last_index) { // Last item (current page) echo '' . htmlspecialchars($item['title']) . ''; } else { // Link to other pages echo '' . htmlspecialchars($item['title']) . ''; echo '/'; } } echo '
'; } /** * Generate CSRF token for form security * * @return string CSRF token */ function generateCSRFToken() { if (!isset($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); } return $_SESSION['csrf_token']; } /** * CSRF-Token prüfen und nach Erfolg invalidieren (Replay-Schutz) */ function validateCSRFToken($token) { if (!isset($_SESSION['csrf_token']) || !is_string($token)) { return false; } if (!hash_equals($_SESSION['csrf_token'], $token)) { return false; } unset($_SESSION['csrf_token']); return true; } /** * Werte für E-Mail-Header bereinigen (Header-Injection verhindern) */ function sanitizeHeaderValue(string $value): string { return str_replace(["\r", "\n", "\0"], '', trim($value)); } /** * Client-IP für Logging (Cloudflare / vertrauenswürdiger Reverse-Proxy) */ function getClientIP(): string { if (!empty($_SERVER['HTTP_CF_CONNECTING_IP']) && filter_var($_SERVER['HTTP_CF_CONNECTING_IP'], FILTER_VALIDATE_IP)) { return $_SERVER['HTTP_CF_CONNECTING_IP']; } $remoteAddr = $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0'; $isTrustedProxy = filter_var( $remoteAddr, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE ) === false; if ($isTrustedProxy) { foreach (['HTTP_X_REAL_IP', 'HTTP_X_FORWARDED_FOR'] as $header) { if (empty($_SERVER[$header])) { continue; } $ip = trim(explode(',', $_SERVER[$header])[0]); if (filter_var($ip, FILTER_VALIDATE_IP)) { return $ip; } } } return $remoteAddr; } ?>