chore(release): production build 2026-05-27 13:05

2026-06-02 08:58:43 +00:00 · 2026-05-27 13:05:22 +02:00
parent 67fbc68d45
commit 3dd707ab93
32 changed files with 1421 additions and 360 deletions
--- a/public/includes/functions.php
+++ b/public/includes/functions.php
@@ -0,0 +1,125 @@
+<?php
+
+
+
+if (session_status() === PHP_SESSION_NONE) {
+    
+    ini_set('session.cookie_httponly', 1);
+    ini_set('session.cookie_secure', isset($_SERVER['HTTPS']) ? 1 : 0);
+    ini_set('session.cookie_samesite', 'Strict');
+    ini_set('session.use_strict_mode', 1);
+    ini_set('session.use_only_cookies', 1);
+    
+    session_start();
+    
+    
+    if (!isset($_SESSION['initiated'])) {
+        session_regenerate_id(true);
+        $_SESSION['initiated'] = true;
+    }
+}
+
+
+if (!defined('DEBUG_MODE') || !DEBUG_MODE) {
+    ini_set('display_errors', 0);
+    ini_set('display_startup_errors', 0);
+    error_reporting(E_ALL);
+    ini_set('log_errors', 1);
+}
+
+
+function includeHeader($title = '', $description = '', $page = '', $scripts = []) {
+    global $page_title, $page_description, $current_page, $additional_scripts;
+    
+    
+    $page_title = !empty($title) 
+        ? $title 
+        : 'HexaHost.de - Zuverlässiges Hosting aus Niederbayern';
+    
+    $page_description = !empty($description) 
+        ? $description 
+        : 'HexaHost.de - Zuverlässiges und preiswertes Hosting aus Niederbayern. VPS, VPC, Mail Gateway und Webhosting Lösungen.';
+    
+    $current_page = $page;
+    $additional_scripts = $scripts;
+    
+    include __DIR__ . '/header.php';
+}
+
+
+function includeFooter() {
+    include __DIR__ . '/footer.php';
+}
+
+
+function generateBreadcrumbs($breadcrumbs) {
+    echo '<div class="breadcrumb">';
+    $last_index = count($breadcrumbs) - 1;
+    
+    foreach ($breadcrumbs as $index => $item) {
+        if ($index === $last_index) {
+            
+            echo '<span>' . htmlspecialchars($item['title']) . '</span>';
+        } else {
+            
+            echo '<a href="' . htmlspecialchars($item['url']) . '">' . htmlspecialchars($item['title']) . '</a>';
+            echo '<span>/</span>';
+        }
+    }
+    echo '</div>';
+}
+
+
+function generateCSRFToken() {
+    if (!isset($_SESSION['csrf_token'])) {
+        $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
+    }
+    return $_SESSION['csrf_token'];
+}
+
+
+function validateCSRFToken($token) {
+    if (!isset($_SESSION['csrf_token']) || !is_string($token)) {
+        return false;
+    }
+    if (!hash_equals($_SESSION['csrf_token'], $token)) {
+        return false;
+    }
+    unset($_SESSION['csrf_token']);
+    return true;
+}
+
+
+function sanitizeHeaderValue(string $value): string {
+    return str_replace(["\r", "\n", "\0"], '', trim($value));
+}
+
+
+function getClientIP(): string {
+    if (!empty($_SERVER['HTTP_CF_CONNECTING_IP'])
+        && filter_var($_SERVER['HTTP_CF_CONNECTING_IP'], FILTER_VALIDATE_IP)) {
+        return $_SERVER['HTTP_CF_CONNECTING_IP'];
+    }
+
+    $remoteAddr = $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0';
+    $isTrustedProxy = filter_var(
+        $remoteAddr,
+        FILTER_VALIDATE_IP,
+        FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE
+    ) === false;
+
+    if ($isTrustedProxy) {
+        foreach (['HTTP_X_REAL_IP', 'HTTP_X_FORWARDED_FOR'] as $header) {
+            if (empty($_SERVER[$header])) {
+                continue;
+            }
+            $ip = trim(explode(',', $_SERVER[$header])[0]);
+            if (filter_var($ip, FILTER_VALIDATE_IP)) {
+                return $ip;
+            }
+        }
+    }
+
+    return $remoteAddr;
+}
+?>