smueller/HexaHost-Web-Prod
1
0
Fork 0
mirror of https://git.hexahost.dev/smueller/HexaHost-Frontend.git synced 2026-06-02 09:18:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: smueller:cc1a48943a220671e77bc9f8fdeacf167c85de87
Branches Tags
smueller:main smueller:ci smueller:dev
...
compare: smueller:ci
Branches Tags
smueller:main smueller:ci smueller:dev

12 Commits
cc1a48943a ... ci

Author SHA1 Message Date
smueller
9c92df4ae4 feat(footer): add andere dienste section with hexadns and hexa-mail 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-01 08:49:35 +02:00
smueller
e0bcf15121 fix(styles): scope legal breadcrumb colors to legal pages 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-01 08:36:00 +02:00
smueller
1d4b751316 chore(git): add conventional commit hooks and template 
Add commit-msg hook, .gitmessage, and setup script. Ignore .cursor/ in gitignore and lower contact rate limit to 5 per hour.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-05-29 11:03:09 +02:00
smueller
186b5ae199 Implement product visibility management: Added configuration for product visibility in navigation and footer, along with helper functions to determine visibility and generate HTML attributes. Updated footer, header, and index files to utilize these new functions, enhancing the user interface by conditionally displaying products based on their visibility settings. 2026-05-29 10:52:56 +02:00
smueller
bbc3cbae4e Update README and workflows for release process: Clarified branch usage and workflow steps in README.md, emphasizing the new ci branch for integration. Adjusted Gitea and GitHub workflows to reflect the change from dev to ci for triggering release builds, ensuring a streamlined and consistent obfuscation process for production assets. 2026-05-29 10:42:08 +02:00
smueller
e9d5b55459 Refactor release build process: Updated README.md to clarify branch usage and workflow for development and production. Enhanced Gitea and GitHub workflows to automate merging from dev to main, ensuring consistent obfuscation and asset management during releases. Improved commit messages and streamlined the build process for better clarity and efficiency. 2026-05-28 17:42:06 +02:00
smueller
8f985da61f Enhance obfuscation workflow and asset processing: Updated the Gitea workflow to skip CI for specific commit messages, improving efficiency. Refactored the obfuscation script to include better asset handling, validation, and cleanup processes, ensuring only valid files are processed. Introduced temporary directories for intermediate files during obfuscation, enhancing reliability and reducing errors. 2026-05-28 17:32:21 +02:00
smueller
6c9114e0a7 Update obfuscate workflow: Introduced environment variables for Gitea host and repository path, streamlined commit process to skip CI for bot commits, and adjusted remote URL configuration for secure pushes. Enhanced build process by removing unnecessary steps and ensuring efficient asset obfuscation and hashing. 2026-05-28 17:13:16 +02:00
smueller
f097da7eb1 Update product configuration for improved management: Added new fields for product metadata in the backend, enhancing the organization and retrieval of product information. Adjusted existing product entries to utilize the new metadata structure, ensuring consistency and better data handling. 2026-05-28 11:13:39 +02:00
smueller
b4b1dde484 Refactor production build process: Removed outdated PowerShell and Bash scripts for publishing to main, consolidating build instructions in README.md. Updated production build steps to include automatic obfuscation and minification of assets, enhancing deployment efficiency. 2026-05-28 10:12:27 +02:00
smueller
481d223747 Update product configuration and enhance order functionality: Added shop URLs for various products in the backend configuration, improving the management of product links. Implemented new functions to generate order URLs for featured and first packages, enhancing the user experience on product pages. Updated contact and product pages to utilize the new order URL functionality for streamlined ordering. 2026-05-28 08:30:02 +02:00
smueller
67fbc68d45 Refactor email handling in contact form: Transitioned from PHPMailer to native PHP mail() function, removing Composer dependencies. Updated documentation to reflect changes in email configuration and setup. Enhanced security features including CSRF protection and input validation. Adjusted product pricing and specifications in backend configuration files. 2026-05-27 13:04:52 +02:00
34 changed files with 1715 additions and 1012 deletions
Expand all files Collapse all files

62
.gitea/workflows/obfuscate-main.yml Normal file
View File

@@ -0,0 +1,62 @@
name: Release Build (ci → main)
on:
push:
branches:
- ci
workflow_dispatch:
env:
GITEA_HOST: git.hexahost.dev
REPO_PATH: smueller/HexaHost-Frontend
jobs:
release-build:
if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
runs-on: ubuntu-latest
steps:
- name: Checkout ci (Integration)
uses: actions/checkout@v4
with:
fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: ci
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Run release obfuscation
run: python scripts/obfuscate_release.py --root . --hash-assets
- name: Publish release to main
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main ci
git add -A
if git diff --cached --quiet; then
echo "No release changes to publish."
exit 0
fi
TREE=$(git write-tree)
MSG="chore(release): obfuscate and hash production assets [skip ci]"
if git show-ref --verify --quiet refs/remotes/origin/main; then
PARENT=$(git rev-parse origin/main)
COMMIT=$(git commit-tree "$TREE" -p "$PARENT" -m "$MSG")
else
COMMIT=$(git commit-tree "$TREE" -m "$MSG")
fi
git push origin "${COMMIT}:refs/heads/main"

29
.githooks/commit-msg Normal file
View File

@@ -0,0 +1,29 @@
#!/bin/sh
# Validiert Commit-Messages nach Conventional Commits
# https://www.conventionalcommits.org/
commit_msg_file="$1"
first_line=$(sed '/^#/d;/^$/d' "$commit_msg_file" | head -n 1)
# Merge/Revert von Git erlauben
case "$first_line" in
Merge\ *|Revert\ *)
exit 0
;;
esac
pattern='^(feat|fix|docs|style|refactor|perf|test|build|ci|chore)(\([a-z0-9._-]+\))?!?: .+'
if ! printf '%s\n' "$first_line" | grep -qE "$pattern"; then
echo >&2 "❌ Commit-Message entspricht nicht Conventional Commits."
echo >&2 ""
echo >&2 " Format: type(scope): description"
echo >&2 " Beispiel: feat(products): hide vpc in navigation"
echo >&2 ""
echo >&2 " Erlaubte types: feat, fix, docs, style, refactor, perf, test, build, ci, chore"
echo >&2 " Überspringen: git commit --no-verify"
exit 1
fi
exit 0

63
.github/workflows/obfuscate-main.yml vendored Normal file
View File

@@ -0,0 +1,63 @@
# Hinweis: Gitea nutzt .gitea/workflows/obfuscate-main.yml (identischer Ablauf).
name: Release Build (ci → main)
on:
push:
branches:
- ci
workflow_dispatch:
env:
GITEA_HOST: git.hexahost.dev
REPO_PATH: smueller/HexaHost-Frontend
jobs:
release-build:
if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
runs-on: ubuntu-latest
steps:
- name: Checkout ci (Integration)
uses: actions/checkout@v4
with:
fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: ci
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.12"
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Run release obfuscation
run: python scripts/obfuscate_release.py --root . --hash-assets
- name: Publish release to main
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main ci
git add -A
if git diff --cached --quiet; then
echo "No release changes to publish."
exit 0
fi
TREE=$(git write-tree)
MSG="chore(release): obfuscate and hash production assets [skip ci]"
if git show-ref --verify --quiet refs/remotes/origin/main; then
PARENT=$(git rev-parse origin/main)
COMMIT=$(git commit-tree "$TREE" -p "$PARENT" -m "$MSG")
else
COMMIT=$(git commit-tree "$TREE" -m "$MSG")
fi
git push origin "${COMMIT}:refs/heads/main"

1
.gitignore vendored
View File

@@ -13,6 +13,7 @@ build/
# Environment variables
.env
.cursorrules
.cursor/
.cursorrules.txt
.env.local
.env.development.local

16
.gitmessage Normal file
View File

@@ -0,0 +1,16 @@
# Conventional Commits nur die erste nicht-kommentierte Zeile wird verwendet
# Format: type(scope): description
#
# feat Neues Feature
# fix Bugfix
# docs Dokumentation
# style Formatierung (keine Logik)
# refactor Umbau ohne Feature/Fix
# perf Performance
# test Tests
# build Build / Dependencies
# ci CI/CD
# chore Sonstiges
#
# Beispiel (diese Zeile anpassen und Kommentare löschen oder stehen lassen):
# feat(products): hide vpc and vps in navigation

74
README.md
View File

@@ -46,7 +46,7 @@ Eine moderne und umfangreiche Website für das Hosting-Unternehmen HexaHost.de a
- **HTML5** - Semantisches Markup
- **CSS3** - Moderne Styles mit Custom Properties
- **Vanilla JavaScript** - Keine Framework-Dependencies
- **PHPMailer** - E-Mail-Versand via SMTP
- **Native PHP mail()** - E-Mail-Versand ohne externe Abhängigkeiten
- **Glassmorphism Design** - Moderne Glaseffekte
- **CSS Grid & Flexbox** - Responsive Layouts
- **Inter Font** - Moderne Typografie
@@ -73,7 +73,6 @@ HexaHost-Frontend/
│ ├── sitemap.xml # SEO Sitemap
│ ├── favicon.svg # Website Icon
│ ├── .htaccess # Apache Konfiguration
│ ├── composer.json # PHP Dependencies
│ ├── config/ # ⬅ vom Backend
│ │ ├── config.php # Allgemeine Konfiguration
│ │ └── mail-config.php # E-Mail-Konfiguration
@@ -127,7 +126,6 @@ HexaHost-Frontend/
### Voraussetzungen
- PHP 8.0 oder höher
- Composer (für PHPMailer)
- Apache mit mod_rewrite (für .htaccess)
- [HexaHost-Backend](../HexaHost-Backend) Repository
@@ -147,24 +145,18 @@ HexaHost-Frontend/
cp -r HexaHost-Backend/includes/* HexaHost-Frontend/public/includes/
```
3. **PHP Dependencies installieren**
```bash
cd HexaHost-Frontend/public
composer install
```
4. **Konfiguration anpassen**
3. **Konfiguration anpassen**
```bash
# mail-config.php mit SMTP-Daten bearbeiten
nano config/mail-config.php
```
5. **Lokaler Development Server**
4. **Lokaler Development Server**
```bash
php -S localhost:8000 -t public
```
6. **Website öffnen**
5. **Website öffnen**
```
http://localhost:8000
```
@@ -174,25 +166,51 @@ Für den Produktivbetrieb `public/` als Webroot konfigurieren.
### Production-Build & Veröffentlichung
Der Quellcode bleibt auf `dev`, der veröffentlichte Stand liegt auf `main` (ohne Kommentare, obfuskiertes JS).
| Branch | Zweck |
|--------|--------|
| **`dev`** | Entwicklung (lesbarer Code, Kommentare) |
| **`ci`** | Integration (du mergst `dev` hierher) |
| **`main`** | Release/Produktion (obfuskiert, gehashte Assets — nur per Pipeline) |
**Voraussetzungen:** Node.js 18+ (inkl. npm), PHP 8+ CLI, Git
**Ablauf: `dev` → `ci` → `main`**
1. Auf **`dev`** entwickeln und pushen
2. **`dev` nach `ci` mergen** (manuell, z. B. in Gitea oder lokal)
3. **`ci` pushen** → startet `.gitea/workflows/obfuscate-main.yml`
4. Pipeline obfuskiert im Runner-Workspace und publiziert nach **`main`**
```powershell
# Windows
.\scripts\run-build.ps1
.\scripts\publish-to-main.ps1 -Push
# Nach fertigen Änderungen auf dev:
git checkout ci
git pull origin ci
git merge dev
git push origin ci
```
Bei jedem Push auf **`ci`**:
1. Checkout von `ci` im temporären Runner-Workspace
2. Obfuscation-Build (`scripts/obfuscate_release.py --hash-assets`)
3. Ergebnis nach `main` pushen (Bot-Commit mit `[skip ci]`)
**Nicht** `dev` oder `ci` direkt nach `main` mergen. Der Branch **`ci` bleibt lesbar** — Obfuscation wird nur nach `main` publiziert.
`ci`-Branch einmalig anlegen (falls noch nicht vorhanden): `git checkout -b ci dev && git push -u origin ci`
Der Build führt aus:
- Entfernen von Kommentaren (inkl. Block-Kommentaren) in PHP/JS/CSS
- Minify + Obfuscate für JavaScript
- Minify für CSS
- Kein Source-Map-Output
- Hashing von JS/CSS-Dateinamen + automatische Referenz-Anpassung
Lokal testen (nur in Kopie, nicht committen):
```bash
# Linux / macOS
chmod +x scripts/*.sh
./scripts/run-build.sh
./scripts/publish-to-main.sh --push
python scripts/obfuscate_release.py --root . --hash-assets
```
Details: `scripts/build/README.md`
## 🔗 Backend-Integration
Das Backend-Repository enthält folgende wiederverwendbare Komponenten:
@@ -208,13 +226,11 @@ Detaillierte Informationen zu den Backend-Komponenten finden Sie in der [Backend
## 📧 E-Mail-Konfiguration
Die E-Mail-Funktionalität benötigt eine SMTP-Konfiguration in `public/config/mail-config.php`:
Die E-Mail-Funktionalität nutzt die native PHP-`mail()`-Funktion. In `public/config/mail-config.php` müssen mindestens Absender und Empfänger gesetzt werden:
```php
define('SMTP_HOST', 'mail.example.com');
define('SMTP_PORT', 587);
define('SMTP_USER', 'noreply@hexahost.de');
define('SMTP_PASS', 'your-password');
define('SMTP_FROM_EMAIL', 'kontakt@hexahost.de');
define('SMTP_TO_EMAIL', 'info@hexahost.de');
```
Siehe `docs/README-EMAIL-SETUP.md` für detaillierte Anweisungen.
@@ -241,7 +257,7 @@ Siehe `docs/README-EMAIL-SETUP.md` für detaillierte Anweisungen.
### Kontaktformular
- Server-seitige Validierung
- E-Mail-Versand via SMTP
- E-Mail-Versand via native PHP mail()
- CSRF-Schutz
- Auto-Fill basierend auf URL-Parametern
- FAQ-Sektion mit Accordion

57
backend/config/mail-config.php
View File

@@ -2,55 +2,18 @@
/**
* HexaHost.de Mail Configuration
*
* Bitte passen Sie die folgenden SMTP-Einstellungen an Ihre E-Mail-Provider an.
*
* Beispiele für gängige Provider:
*
* Gmail:
* - SMTP_HOST = 'smtp.gmail.com'
* - SMTP_PORT = 587
* - SMTP_USERNAME = 'ihre-email@gmail.com'
* - SMTP_PASSWORD = 'ihr-app-passwort'
*
* Outlook/Hotmail:
* - SMTP_HOST = 'smtp-mail.outlook.com'
* - SMTP_PORT = 587
*
* GMX:
* - SMTP_HOST = 'mail.gmx.net'
* - SMTP_PORT = 587
*
* Web.de:
* - SMTP_HOST = 'smtp.web.de'
* - SMTP_PORT = 587
*
* 1&1:
* - SMTP_HOST = 'smtp.1und1.de'
* - SMTP_PORT = 587
*
* Strato:
* - SMTP_HOST = 'smtp.strato.de'
* - SMTP_PORT = 587
*
* Ionos:
* - SMTP_HOST = 'smtp.ionos.de'
* - SMTP_PORT = 587
* Dieses Projekt versendet E-Mails nativ über PHP mail().
* Es sind keine externen Bibliotheken oder Composer-Installationen erforderlich.
*/
// SMTP Server Einstellungen
define('SMTP_HOST', 'smtp.ihre-domain.de'); // Ihr SMTP-Server
define('SMTP_PORT', 587); // SMTP-Port (meist 587 oder 465)
define('SMTP_USERNAME', 'kontakt@ihre-domain.de'); // Ihr SMTP-Benutzername
define('SMTP_PASSWORD', 'ihr-smtp-passwort'); // Ihr SMTP-Passwort
// E-Mail Adressen
define('SMTP_FROM_EMAIL', 'kontakt@hexahost.de'); // Absender-E-Mail (muss zu SMTP_USERNAME passen)
define('SMTP_FROM_EMAIL', 'kontakt@hexahost.de'); // Absender-E-Mail
define('SMTP_TO_EMAIL', 'info@hexahost.de'); // Empfänger-E-Mail für Kontaktformular
// Sicherheitseinstellungen
define('ENABLE_CSRF_PROTECTION', true); // CSRF-Schutz aktivieren
define('ENABLE_RATE_LIMITING', true); // Rate-Limiting aktivieren
define('MAX_REQUESTS_PER_HOUR', 10); // Max. Anfragen pro Stunde
define('MAX_REQUESTS_PER_HOUR', 5); // Max. Anfragen pro Stunde
// Spam-Schutz Einstellungen
define('ENABLE_SPAM_PROTECTION', true); // Spam-Schutz aktivieren
@@ -87,11 +50,6 @@ define('BLACKLISTED_EMAILS', [
// 'test@test.com'
]);
// Validierung der Konfiguration
if (!defined('SMTP_HOST') || !defined('SMTP_USERNAME') || !defined('SMTP_PASSWORD')) {
die('SMTP-Konfiguration ist unvollständig. Bitte überprüfen Sie die mail-config.php');
}
// Überprüfung der E-Mail-Adressen
if (!filter_var(SMTP_FROM_EMAIL, FILTER_VALIDATE_EMAIL)) {
die('Ungültige SMTP_FROM_EMAIL Adresse');
@@ -149,13 +107,6 @@ function isValidEmail($email) {
*/
function getHexaHostConfig($key = null) {
$config = [
// SMTP Server-Einstellungen
'smtp_host' => SMTP_HOST,
'smtp_port' => SMTP_PORT,
'smtp_username' => SMTP_USERNAME,
'smtp_password' => SMTP_PASSWORD,
'smtp_encryption' => 'tls',
// Absender/Empfänger
'from_email' => SMTP_FROM_EMAIL,
'from_name' => 'HexaHost.de Kontaktformular',

189
backend/config/products-config.php
View File

@@ -2,7 +2,8 @@
/**
* HexaHost.de Produkt-Konfiguration
*
* Hier können Sie alle Preise und Produktinformationen zentral verwalten.
* Hier können Sie alle Preise, Shop-Links und Produktinformationen zentral verwalten.
* Pro Paket: shop_url (WHMCS/Warenkorb-Link, z. B. https://shop.hexahost.de/cart.php?a=add&pid=123)
* Nach Änderungen: npm run build && npm run deploy
*
* Verwendung in PHP-Seiten:
@@ -30,6 +31,7 @@ $PRODUCTS['vpc'] = [
'starter' => [
'name' => 'VPC Starter',
'price' => '4,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'CPU Kerne', 'value' => '1 vCore'],
@@ -49,6 +51,7 @@ $PRODUCTS['vpc'] = [
'business' => [
'name' => 'VPC Business',
'price' => '9,99',
'shop_url' => '',
'featured' => true,
'specs' => [
['label' => 'CPU Kerne', 'value' => '2 vCores'],
@@ -69,6 +72,7 @@ $PRODUCTS['vpc'] = [
'professional' => [
'name' => 'VPC Professional',
'price' => '19,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'CPU Kerne', 'value' => '4 vCores'],
@@ -90,6 +94,7 @@ $PRODUCTS['vpc'] = [
'enterprise' => [
'name' => 'VPC Enterprise',
'price' => '39,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'CPU Kerne', 'value' => '8 vCores'],
@@ -132,6 +137,7 @@ $PRODUCTS['vps'] = [
'starter' => [
'name' => 'VPS Starter',
'price' => '9,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'CPU Kerne', 'value' => '1 vCore'],
@@ -151,6 +157,7 @@ $PRODUCTS['vps'] = [
'business' => [
'name' => 'VPS Business',
'price' => '19,99',
'shop_url' => '',
'featured' => true,
'specs' => [
['label' => 'CPU Kerne', 'value' => '2 vCores'],
@@ -171,6 +178,7 @@ $PRODUCTS['vps'] = [
'professional' => [
'name' => 'VPS Professional',
'price' => '39,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'CPU Kerne', 'value' => '4 vCores'],
@@ -192,6 +200,7 @@ $PRODUCTS['vps'] = [
'enterprise' => [
'name' => 'VPS Enterprise',
'price' => '79,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'CPU Kerne', 'value' => '8 vCores'],
@@ -234,6 +243,7 @@ $PRODUCTS['mail-gateway'] = [
'starter' => [
'name' => 'Mail Starter',
'price' => '4,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'Postfächer', 'value' => '5'],
@@ -252,6 +262,7 @@ $PRODUCTS['mail-gateway'] = [
'business' => [
'name' => 'Mail Business',
'price' => '14,99',
'shop_url' => '',
'featured' => true,
'specs' => [
['label' => 'Postfächer', 'value' => '25'],
@@ -272,6 +283,7 @@ $PRODUCTS['mail-gateway'] = [
'professional' => [
'name' => 'Mail Professional',
'price' => '29,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'Postfächer', 'value' => '100'],
@@ -293,6 +305,7 @@ $PRODUCTS['mail-gateway'] = [
'enterprise' => [
'name' => 'Mail Enterprise',
'price' => '59,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'Postfächer', 'value' => 'Unbegrenzt'],
@@ -323,94 +336,106 @@ $PRODUCTS['webhosting'] = [
'name' => 'Webhosting',
'short_name' => 'Webhosting',
'description' => 'Klassisches Hosting mit PHP, MySQL und SSL',
'min_price' => '1,99',
'min_price' => '4,99',
'hero_highlight' => 'Alles für Ihre Website',
'hero_description' => 'Klassisches Webhosting mit allem, was Sie für eine erfolgreiche Website benötigen. PHP, MySQL, SSL-Zertifikate und E-Mail-Postfächer - alles inklusive.',
'hero_description' => 'Klassisches Webhosting mit allem, was Sie für eine erfolgreiche Website benötigen. Plesk, PHP, SSL-Zertifikate und E-Mail-Postfächer - alles inklusive.',
'packages_title' => 'Webhosting Pakete',
'packages_description' => 'Von der ersten Website bis zum professionellen Online-Shop',
'cta_title' => 'Bereit für Ihr Webhosting?',
'cta_description' => 'Starten Sie noch heute mit professionellem Webhosting',
'page_title' => 'Webhosting - Klassisches Hosting für Websites | HexaHost.de',
'page_description' => 'Webhosting mit PHP, MySQL und SSL-Zertifikaten. Klassisches Hosting für Websites ab 1,99€/Monat bei HexaHost.de',
'page_description' => 'Webhosting mit Plesk, PHP und SSL-Zertifikaten. Klassisches Hosting für Websites ab 4,99€/Monat bei HexaHost.de',
'packages' => [
'starter' => [
'name' => 'Webhosting Starter',
'price' => '1,99',
'price' => '4,99',
'shop_url' => 'https://shop.hexahost.de/store/webserver/webhosting-starter',
'featured' => false,
'specs' => [
['label' => 'Webspace', 'value' => '5 GB'],
['label' => 'Domains', 'value' => '1'],
['label' => 'E-Mail-Postfächer', 'value' => '5'],
['label' => 'Datenbanken', 'value' => '1 MySQL'],
['label' => 'Traffic', 'value' => '10 GB'],
['label' => 'Webspace', 'value' => '10 GB'],
['label' => 'Domains inkl.', 'value' => '1'],
['label' => 'Subdomains', 'value' => '5'],
['label' => 'Domain-Alias', 'value' => '2'],
['label' => 'E-Mail-Postfächer', 'value' => '10'],
['label' => 'Datenbanken', 'value' => '2 MySQL'],
['label' => 'Traffic', 'value' => '100 GB'],
],
'features' => [
'cPanel/Webmin',
'PHP 8.1',
'SSL-Zertifikat',
'E-Mail-Postfächer',
'MySQL Datenbank',
'Perfekt für kleine Websites und Blogs',
'Plesk',
'PHP 8.4 (FastCGI), Git, WP Toolkit, Composer',
'SSL-Zertifikat (Let\'s Encrypt)',
'E-Mail-Postfächer à 100MB',
'1-Klick-Apps - WordPress, Joomla, TYPO3, MediaWiki u. v. m.',
],
],
'business' => [
'name' => 'Webhosting Business',
'price' => '4,99',
'price' => '7,99',
'shop_url' => 'https://shop.hexahost.de/store/webserver/webhosting-business',
'featured' => true,
'specs' => [
['label' => 'Webspace', 'value' => '20 GB'],
['label' => 'Domains', 'value' => '5'],
['label' => 'E-Mail-Postfächer', 'value' => '25'],
['label' => 'Webspace', 'value' => '30 GB'],
['label' => 'Domains inkl.', 'value' => '1'],
['label' => 'Subdomains', 'value' => '10'],
['label' => 'Domain-Alias', 'value' => '2'],
['label' => 'E-Mail-Postfächer', 'value' => '20'],
['label' => 'Datenbanken', 'value' => '5 MySQL'],
['label' => 'Traffic', 'value' => '50 GB'],
['label' => 'Traffic', 'value' => '100 GB'],
],
'features' => [
'cPanel/Webmin',
'PHP 8.1',
'SSL-Zertifikat',
'E-Mail-Postfächer',
'MySQL Datenbanken',
'Backup-Service',
'Perfekt für mittlere Websites und Blogs',
'Plesk',
'PHP 8.4 (FastCGI), Git, WP Toolkit, Composer',
'SSL-Zertifikat (Let\'s Encrypt)',
'E-Mail-Postfächer à 100MB',
'1-Klick-Apps - WordPress, Joomla, TYPO3, MediaWiki u. v. m.',
],
],
'professional' => [
'name' => 'Webhosting Professional',
'price' => '9,99',
'shop_url' => 'https://shop.hexahost.de/store/webserver/webhosting-professional',
'featured' => false,
'specs' => [
['label' => 'Webspace', 'value' => '50 GB'],
['label' => 'Domains', 'value' => 'Unbegrenzt'],
['label' => 'Domains inkl.', 'value' => '3'],
['label' => 'Subdomains', 'value' => 'Unbegrenzt'],
['label' => 'Domain-Alias', 'value' => 'Unbegrenzt'],
['label' => 'E-Mail-Postfächer', 'value' => '100'],
['label' => 'Datenbanken', 'value' => 'Unbegrenzt'],
['label' => 'Traffic', 'value' => '200 GB'],
['label' => 'Datenbanken', 'value' => '20 MySQL'],
['label' => 'Traffic', 'value' => '100 GB'],
],
'features' => [
'cPanel/Webmin',
'PHP 8.1',
'SSL-Zertifikat',
'E-Mail-Postfächer',
'MySQL Datenbanken',
'Backup-Service',
'Priority Support',
'Perfekt für größere Websites und Blogs',
'Plesk',
'PHP 8.4 (FastCGI), Git, WP Toolkit, Composer',
'SSL-Zertifikat (Let\'s Encrypt)',
'E-Mail-Postfächer à 100MB',
'1-Klick-Apps - WordPress, Joomla, TYPO3, MediaWiki u. v. m.',
],
],
'enterprise' => [
'name' => 'Webhosting Enterprise',
'price' => '19,99',
'price' => '29,99',
'shop_url' => '',
'featured' => false,
'specs' => [
['label' => 'Webspace', 'value' => '100 GB'],
['label' => 'Domains', 'value' => 'Unbegrenzt'],
['label' => 'Webspace', 'value' => '200 GB'],
['label' => 'Domains inkl.', 'value' => '5'],
['label' => 'Subdomains', 'value' => 'Unbegrenzt'],
['label' => 'Domain-Alias', 'value' => 'Unbegrenzt'],
['label' => 'E-Mail-Postfächer', 'value' => 'Unbegrenzt'],
['label' => 'Datenbanken', 'value' => 'Unbegrenzt'],
['label' => 'Traffic', 'value' => '500 GB'],
['label' => 'Datenbanken', 'value' => '50 MySQL'],
['label' => 'Traffic', 'value' => '1 TB'],
],
'features' => [
'cPanel/Webmin',
'PHP 8.1',
'SSL-Zertifikat',
'E-Mail-Postfächer',
'MySQL Datenbanken',
'Backup-Service',
'Perfekt für Enterprise-Websites und Blogs',
'Plesk',
'PHP 8.4 (FastCGI), Git, WP Toolkit, Composer',
'SSL-Zertifikat (Let\'s Encrypt)',
'E-Mail-Postfächer à 100MB',
'1-Klick-Apps - WordPress, Joomla, TYPO3, MediaWiki u. v. m.',
'Priority Support',
'Individuelle Konfiguration',
],
@@ -418,10 +443,43 @@ $PRODUCTS['webhosting'] = [
],
];
// Sichtbarkeit in Navigation, Footer und auf der Startseite (Seiten bleiben per URL erreichbar)
$PRODUCT_VISIBILITY = [
'vpc' => false,
'vps' => false,
'mail-gateway' => false,
'webhosting' => true,
];
// ============================================================================
// HILFSFUNKTIONEN
// ============================================================================
/**
* Prüft, ob eine Produktkategorie in der Navigation angezeigt wird
*/
function isProductVisible(string $productId): bool {
global $PRODUCT_VISIBILITY;
return $PRODUCT_VISIBILITY[$productId] ?? true;
}
/**
* HTML hidden-Attribut für ausgeblendete Produktkategorien
*/
function productHiddenAttr(string $productId): string {
return isProductVisible($productId) ? '' : ' hidden';
}
/**
* Aktive Navigationsseiten für sichtbare Produktkategorien
*
* @return string[]
*/
function getVisibleProductPageIds(): array {
global $PRODUCT_VISIBILITY;
return array_keys(array_filter($PRODUCT_VISIBILITY, static fn(bool $visible): bool => $visible));
}
/**
* Alle Produkte abrufen
*/
@@ -477,6 +535,38 @@ function formatPrice($price, $withCurrency = true) {
return $withCurrency ? $price . '€' : $price;
}
/**
* Bestell-Link für ein Paket (Online-Shop oder Kontaktformular)
*/
function getOrderUrl($productId, $packageId) {
$package = getPackage($productId, $packageId);
if ($package && !empty($package['shop_url'])) {
return $package['shop_url'];
}
return sprintf('contact.php?package=%s-%s', $productId, $packageId);
}
/**
* Bestell-Link für CTA (beliebtes Paket oder erstes Paket)
*/
function getProductOrderUrl($productId) {
$packages = getProductPackages($productId);
foreach ($packages as $packageId => $package) {
if (!empty($package['featured'])) {
return getOrderUrl($productId, $packageId);
}
}
$firstPackageId = array_key_first($packages);
if ($firstPackageId !== null) {
return getOrderUrl($productId, $firstPackageId);
}
return sprintf('contact.php?product=%s', $productId);
}
/**
* Generiert HTML für eine Paket-Karte
*/
@@ -514,7 +604,7 @@ function renderPackageCard($productId, $packageId, $package) {
<div class="package-features">
%s
</div>
<a href="contact.php?package=%s-%s" class="btn btn-primary">Jetzt bestellen</a>
<a href="%s" class="btn btn-primary">Jetzt bestellen</a>
</div>',
$featuredClass,
$featuredBadge,
@@ -522,8 +612,7 @@ function renderPackageCard($productId, $packageId, $package) {
$package['price'],
$specsHtml,
$featuresHtml,
$productId,
$packageId
htmlspecialchars(getOrderUrl($productId, $packageId), ENT_QUOTES, 'UTF-8')
);
}

15
backend/includes/footer.php
View File

@@ -15,10 +15,17 @@
<div class="footer-section">
<h4>Produkte</h4>
<ul>
<li><a href="/vpc">Virtual Private Container</a></li>
<li><a href="/vps">Virtual Private Server</a></li>
<li><a href="/mail-gateway">Mail Gateway</a></li>
<li><a href="/webhosting">Webhosting</a></li>
<li<?php echo productHiddenAttr('vpc'); ?>><a href="/vpc">Virtual Private Container</a></li>
<li<?php echo productHiddenAttr('vps'); ?>><a href="/vps">Virtual Private Server</a></li>
<li<?php echo productHiddenAttr('mail-gateway'); ?>><a href="/mail-gateway">Mail Gateway</a></li>
<li<?php echo productHiddenAttr('webhosting'); ?>><a href="/webhosting">Webhosting</a></li>
</ul>
</div>
<div class="footer-section">
<h4>Andere Dienste</h4>
<ul>
<li><a href="https://hexadns.de" target="_blank" rel="noopener noreferrer">hexadns.de</a></li>
<li><a href="https://www.hexa-mail.de/" target="_blank" rel="noopener noreferrer">hexa-mail.de</a></li>
</ul>
</div>
<div class="footer-section">

2
backend/includes/functions.php
View File

@@ -3,6 +3,8 @@
* Helper functions for HexaHost.de
*/
require_once __DIR__ . '/../config/products-config.php';
// Sichere Session-Konfiguration
if (session_status() === PHP_SESSION_NONE) {
// Session-Cookie-Sicherheit

10
backend/includes/header.php
View File

@@ -59,12 +59,12 @@
<ul class="nav-menu">
<li><a href="/" class="nav-link <?php echo ($current_page === 'home') ? 'active' : ''; ?>">Home</a></li>
<li class="nav-dropdown">
<a href="#" class="nav-link <?php echo (in_array($current_page, ['vpc', 'vps', 'mail-gateway', 'webhosting'])) ? 'active' : ''; ?>">Produkte</a>
<a href="#" class="nav-link <?php echo (in_array($current_page, getVisibleProductPageIds(), true)) ? 'active' : ''; ?>">Produkte</a>
<ul class="dropdown-menu">
<li><a href="/vpc" class="<?php echo ($current_page === 'vpc') ? 'active' : ''; ?>">Virtual Private Container</a></li>
<li><a href="/vps" class="<?php echo ($current_page === 'vps') ? 'active' : ''; ?>">Virtual Private Server</a></li>
<li><a href="/mail-gateway" class="<?php echo ($current_page === 'mail-gateway') ? 'active' : ''; ?>">Mail Gateway</a></li>
<li><a href="/webhosting" class="<?php echo ($current_page === 'webhosting') ? 'active' : ''; ?>">Webhosting</a></li>
<li<?php echo productHiddenAttr('vpc'); ?>><a href="/vpc" class="<?php echo ($current_page === 'vpc') ? 'active' : ''; ?>">Virtual Private Container</a></li>
<li<?php echo productHiddenAttr('vps'); ?>><a href="/vps" class="<?php echo ($current_page === 'vps') ? 'active' : ''; ?>">Virtual Private Server</a></li>
<li<?php echo productHiddenAttr('mail-gateway'); ?>><a href="/mail-gateway" class="<?php echo ($current_page === 'mail-gateway') ? 'active' : ''; ?>">Mail Gateway</a></li>
<li<?php echo productHiddenAttr('webhosting'); ?>><a href="/webhosting" class="<?php echo ($current_page === 'webhosting') ? 'active' : ''; ?>">Webhosting</a></li>
</ul>
</li>
<li><a href="/it-dienstleistungen" class="nav-link <?php echo ($current_page === 'it-dienstleistungen') ? 'active' : ''; ?>">IT-Dienstleistungen</a></li>

155
docs/KONTAKTFORMULAR-STATUS.md
View File

@@ -1,145 +1,34 @@
# HexaHost.de Kontaktformular - Status-Überprüfung
# HexaHost.de Kontaktformular - Status
## ✅ Behobene Probleme
## Aktueller Stand
### 1. Merge-Konflikt in contact-handler.php
- **Problem**: Git-Merge-Konflikt machte die Datei unbrauchbar
- **Lösung**: Konflikt aufgelöst, saubere Version erstellt
- **Status**: ✅ Behoben
- Kontaktformular und Handler sind funktionsfähig
- Versand erfolgt nativ über PHP `mail()`
- Keine PHPMailer-/Composer-Abhängigkeit mehr
### 2. CSRF-Token Problem
- **Problem**: HTML-Formular versuchte PHP-Code zu verwenden
- **Lösung**: CSRF-Token durch Honeypot-Feld ersetzt
- **Status**: ✅ Behoben
## Sicherheitsfunktionen
### 3. JavaScript-Merge-Konflikt
- **Problem**: Merge-Konflikt in contact.js
- **Lösung**: Konflikt aufgelöst
- **Status**: ✅ Behoben
- CSRF-Token-Prüfung
- Rate Limiting pro IP
- Honeypot gegen Bots
- E-Mail-Validierung und Input-Sanitization
## ⚠️ Noch zu behebende Probleme
## Konfiguration für Produktivbetrieb
### 1. SMTP-Konfiguration
- **Problem**: SMTP-Einstellungen sind noch auf Testwerte
- **Aktueller Status**:
```php
'smtp_host' => 'smtp.gmail.com',
'smtp_username' => 'test@hexahost.de',
'smtp_password' => 'your-app-password',
```
- **Erforderlich**: Echte SMTP-Daten eintragen
- **Status**: ⚠️ Zu konfigurieren
Datei: `backend/config/mail-config.php`
### 2. PHPMailer-Installation
- **Problem**: Composer ist nicht installiert
- **Aktueller Status**: Fallback auf native PHP mail() Funktion
- **Erforderlich**: Composer installieren und PHPMailer einrichten
- **Status**: ⚠️ Optional (Fallback funktioniert)
Zu prüfen:
- `SMTP_FROM_EMAIL` ist eine gültige Absenderadresse
- `SMTP_TO_EMAIL` ist das richtige Zielpostfach
- `mail()` ist beim Hoster aktiv
## 📧 E-Mail-Funktionalität
## Testempfehlung
### Aktuelle Konfiguration
- **SMTP-Host**: smtp.gmail.com
- **Port**: 587
- **Verschlüsselung**: TLS
- **Fallback**: Native PHP mail() Funktion
1. `scripts/test-email.php` ausführen
2. Kontaktformular über `contact.php` absenden
3. Empfang und Darstellung der E-Mail prüfen
### Sicherheitsfeatures
- ✅ Rate Limiting (5 Anfragen/Stunde)
- ✅ Honeypot-Schutz
- ✅ Input-Sanitization
- ✅ E-Mail-Validierung
- ✅ Anti-Spam-Headers
## Hinweis
### E-Mail-Templates
- ✅ HTML-Template mit HexaHost-Design
- ✅ Text-Version als Fallback
- ✅ Responsive Design
- ✅ Strukturierte Darstellung aller Daten
Falls der Versand nicht funktioniert, liegt die Ursache in der Regel an der Server-Mailkonfiguration (MTA/`mail()`), nicht am Formular-Code.
## 🧪 Test-Möglichkeiten
### 1. Test-Datei
- **Datei**: `test-email.php`
- **Zweck**: E-Mail-Funktionalität ohne Formular testen
- **Verwendung**: Im Browser öffnen und "Test-E-Mail senden" klicken
### 2. Kontaktformular
- **Datei**: `contact.html`
- **Zweck**: Vollständiges Formular testen
- **Verwendung**: Formular ausfüllen und absenden
## 🔧 Konfiguration erforderlich
### Für Produktivbetrieb:
1. **SMTP-Daten eintragen** in `config.php`:
```php
'smtp_username' => 'ihre-echte-email@gmail.com',
'smtp_password' => 'ihr-echtes-app-passwort',
'from_email' => 'ihre-echte-email@gmail.com',
'to_email' => 'info@hexahost.de',
```
2. **Composer installieren** (optional):
```bash
# Windows: Composer-Installer herunterladen
# Linux/macOS:
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
```
3. **PHPMailer installieren** (optional):
```bash
cd public
composer install
```
## 📊 Funktionsfähigkeit
### ✅ Funktioniert
- Kontaktformular-HTML
- JavaScript-Validierung
- PHP-Backend-Verarbeitung
- Rate Limiting
- Spam-Schutz
- E-Mail-Templates
- Fallback auf native mail() Funktion
### ⚠️ Benötigt Konfiguration
- SMTP-Einstellungen
- PHPMailer (optional)
### ❌ Nicht funktioniert
- E-Mail-Versand ohne SMTP-Konfiguration
## 🚀 Nächste Schritte
1. **SMTP-Konfiguration anpassen**
- Echte SMTP-Daten in `config.php` eintragen
- Test mit `test-email.php`
2. **E-Mail-Funktionalität testen**
- Kontaktformular ausfüllen
- E-Mail-Empfang prüfen
3. **PHPMailer installieren** (optional)
- Composer installieren
- PHPMailer einrichten
4. **DNS-Einträge konfigurieren**
- SPF Record
- DMARC Record
- DKIM (über Mail-Server)
## 📞 Support
Bei Problemen:
1. `test-email.php` verwenden
2. PHP-Error-Logs prüfen
3. SMTP-Konfiguration überprüfen
4. Hosting-Provider kontaktieren
---
**Status**: Kontaktformular ist funktionsfähig, benötigt nur SMTP-Konfiguration für E-Mail-Versand.

184
docs/README-EMAIL-SETUP.md
View File

@@ -2,172 +2,54 @@
## Übersicht
Das Kontaktformular von HexaHost.de benötigt eine korrekte SMTP-Konfiguration, um E-Mails zu versenden. Diese Anleitung erklärt, wie Sie die E-Mail-Funktionalität einrichten.
Das Kontaktformular nutzt den nativen PHP-Mailversand über `mail()`.
Es wird keine zusätzliche Bibliothek und keine Composer-Installation benötigt.
## Aktuelle Probleme
## Erforderliche Konfiguration
### 1. ✅ Behoben: Merge-Konflikt in contact-handler.php
- Der Git-Merge-Konflikt wurde aufgelöst
- Die Datei ist jetzt funktionsfähig
Datei: `backend/config/mail-config.php`
### 2. ⚠️ Zu beheben: SMTP-Konfiguration
- Die SMTP-Einstellungen sind noch auf Testwerte gesetzt
- Sie müssen mit echten SMTP-Daten konfiguriert werden
Mindestens diese Werte müssen korrekt gesetzt sein:
### 3. ⚠️ Zu beheben: PHPMailer-Installation
- Composer ist nicht installiert
- PHPMailer ist nicht verfügbar
- Fallback auf native PHP mail() Funktion ist aktiv
## SMTP-Konfiguration
### Option 1: Gmail SMTP (Empfohlen für Tests)
1. **Gmail-Konto einrichten:**
- Gehen Sie zu Ihren Google-Kontoeinstellungen
- Aktivieren Sie "2-Schritt-Verifizierung"
- Erstellen Sie ein "App-Passwort"
2. **config.php bearbeiten:**
```php
'smtp_host' => 'smtp.gmail.com',
'smtp_port' => 587,
'smtp_username' => 'ihre-email@gmail.com',
'smtp_password' => 'ihr-app-passwort',
'smtp_encryption' => 'tls',
'from_email' => 'ihre-email@gmail.com',
'to_email' => 'info@hexahost.de',
define('SMTP_FROM_EMAIL', 'kontakt@hexahost.de');
define('SMTP_TO_EMAIL', 'info@hexahost.de');
```
### Option 2: Eigener Mail-Server
## Voraussetzungen auf dem Server
1. **SMTP-Daten von Ihrem Hosting-Provider erhalten**
2. **config.php bearbeiten:**
```php
'smtp_host' => 'mail.ihre-domain.de',
'smtp_port' => 587,
'smtp_username' => 'kontakt@ihre-domain.de',
'smtp_password' => 'ihr-smtp-passwort',
'smtp_encryption' => 'tls',
'from_email' => 'kontakt@ihre-domain.de',
'to_email' => 'info@hexahost.de',
```
- `mail()` muss in der PHP-Umgebung aktiviert sein
- Ein Mail Transfer Agent (MTA) bzw. Mailversand beim Hoster muss funktionieren
### Option 3: Andere E-Mail-Provider
## Test der E-Mail-Funktion
#### Outlook/Hotmail:
```php
'smtp_host' => 'smtp-mail.outlook.com',
'smtp_port' => 587,
'smtp_encryption' => 'tls',
```
#### GMX:
```php
'smtp_host' => 'mail.gmx.net',
'smtp_port' => 587,
'smtp_encryption' => 'tls',
```
#### Web.de:
```php
'smtp_host' => 'smtp.web.de',
'smtp_port' => 587,
'smtp_encryption' => 'tls',
```
## PHPMailer-Installation
### Composer installieren:
1. **Windows:**
- Laden Sie Composer von https://getcomposer.org/download/
- Führen Sie den Installer aus
2. **Linux/macOS:**
```bash
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
```
### PHPMailer installieren:
```bash
cd public
composer install
```
## Test der E-Mail-Funktionalität
### 1. Test-Datei verwenden:
- Öffnen Sie `test-email.php` im Browser
- Klicken Sie auf "Test-E-Mail senden"
### 2. Kontaktformular testen:
- Öffnen Sie `contact.html`
- Füllen Sie das Formular aus
- Überprüfen Sie die Antwort
## Sicherheitseinstellungen
### DNS-Einträge für Spam-Schutz:
1. **SPF Record (TXT):**
```
v=spf1 include:_spf.hexahost.de ~all
```
2. **DMARC Record (TXT):**
```
v=DMARC1; p=quarantine; rua=mailto:dmarc@hexahost.de
```
3. **DKIM (wird vom Mail-Server konfiguriert)**
1. Per Script testen:
- `scripts/test-email.php`
2. Kontaktformular testen:
- Seite `contact.php` öffnen
- Formular absenden
- Empfang im Zielpostfach prüfen
## Fehlerbehebung
### Häufige Probleme:
### Meldung: "Mail function not available"
- `mail()` ist auf dem Server deaktiviert
- Hoster kontaktieren und Mailfunktion aktivieren lassen
1. **"SMTP connect() failed"**
- Überprüfen Sie Host und Port
- Prüfen Sie Firewall-Einstellungen
### Nachricht kommt nicht an
- Spam-Ordner prüfen
- Absenderadresse (`SMTP_FROM_EMAIL`) auf gültige Domain setzen
- PHP-Error-Log prüfen
2. **"Authentication failed"**
- Überprüfen Sie Benutzername und Passwort
- Bei Gmail: App-Passwort verwenden
### Versand funktioniert lokal nicht
- Unter Windows/Lokalumgebung ist oft kein SMTP in `php.ini` konfiguriert
- Auf dem echten Webserver testen
3. **"Connection timeout"**
- Prüfen Sie Internetverbindung
- Überprüfen Sie SMTP-Host
## Sicherheit
4. **"Mail function not available"**
- PHP mail() Funktion ist deaktiviert
- Kontaktieren Sie Ihren Hosting-Provider
Das Kontaktformular beinhaltet bereits:
- CSRF-Schutz
- Rate Limiting
- Honeypot-Feld
- Serverseitige Validierung und Sanitization
## Debug-Modus aktivieren
In `config.php` setzen Sie:
```php
'debug_mode' => true,
```
## Logs überprüfen
E-Mail-Fehler werden in den PHP-Error-Logs gespeichert:
- Windows: Event Viewer
- Linux: `/var/log/php_errors.log`
## Nächste Schritte
1. ✅ Merge-Konflikt behoben
2. ⚠️ SMTP-Konfiguration anpassen
3. ⚠️ PHPMailer installieren (optional)
4. ⚠️ E-Mail-Funktionalität testen
5. ⚠️ DNS-Einträge für Spam-Schutz konfigurieren
## Support
Bei Problemen:
- Überprüfen Sie die PHP-Error-Logs
- Testen Sie mit `test-email.php`
- Kontaktieren Sie Ihren Hosting-Provider

14
public/.htaccess
View File

@@ -52,15 +52,6 @@
Deny from all
</Files>
<Files "composer.json">
Order allow,deny
Deny from all
</Files>
<Files "composer.lock">
Order allow,deny
Deny from all
</Files>
# Config-Verzeichnis schützen
<IfModule mod_rewrite.c>
@@ -77,11 +68,6 @@
RewriteRule ^logs/ - [F,L]
</IfModule>
# Vendor-Verzeichnis schützen
<IfModule mod_rewrite.c>
RewriteRule ^vendor/ - [F,L]
</IfModule>
# Cache-Header für statische Dateien
<IfModule mod_expires.c>
ExpiresActive On

4
public/about.php
View File

@@ -41,9 +41,9 @@ includeHeader($page_title, $page_description, $current_page);
<h2 class="section-title">Unsere Geschichte</h2>
<p>
HexaHost.de wurde von mir, Samuel Müller, mit der Vision gegründet, zuverlässiges
und preiswertes Hosting und IT-Lösungen direkt aus Deutschland anzubieten. Als regionales
und preiswertes Hosting und IT-Lösungen direkt aus Bayern anzubieten. Als regionales
Unternehmen aus Niederbayern verstehe ich die Bedürfnisse meiner Kunden
und bieten persönlichen Support.
und biete persönlichen Support.
</p>
<p>
Meine Expertise liegt in der Bereitstellung moderner Hosting- und IT-Lösungen

95
public/assets/css/custom.css
View File

@@ -15,3 +15,98 @@
justify-content: center;
margin-top: 2rem;
}
/* Legal pages: plain white content with black text */
.legal-hero,
.legal-content {
background: #ffffff;
color: #000000;
}
.legal-hero {
margin-top: 70px;
padding: 2rem 0 1.5rem;
border-bottom: 1px solid #e5e5e5;
}
.legal-content {
padding-top: 2rem;
}
.legal-hero-title {
background: none;
-webkit-text-fill-color: #000000;
color: #000000;
margin-bottom: 0.5rem;
}
.legal-hero-description,
.legal-section h2,
.legal-section h3,
.legal-block p,
.legal-block li,
.legal-hero .breadcrumb,
.legal-hero .breadcrumb span,
.legal-content .breadcrumb,
.legal-content .breadcrumb span {
color: #000000;
}
.legal-section,
.legal-section.glass-card {
background: transparent;
border: none;
box-shadow: none;
backdrop-filter: none;
-webkit-backdrop-filter: none;
border-radius: 0;
padding: 0;
}
.legal-section:hover,
.legal-section.glass-card:hover {
transform: none;
box-shadow: none;
border: none;
background: transparent;
}
.legal-content .glass-card:hover {
transform: none;
box-shadow: none;
}
.legal-section h2 {
border-bottom: 1px solid #e5e5e5;
padding-bottom: 0.5rem;
margin-bottom: 0.8rem;
}
.legal-block a,
.legal-hero .breadcrumb a,
.legal-content .breadcrumb a {
color: #0b57d0;
}
.legal-block a:hover,
.legal-hero .breadcrumb a:hover,
.legal-content .breadcrumb a:hover {
color: #0b57d0;
text-decoration: none;
}
/* Ensure absolutely no hover effects on legal text/content */
.legal-hero *,
.legal-content *,
.legal-hero *:hover,
.legal-content *:hover,
.legal-hero *:focus,
.legal-content *:focus,
.legal-hero *:active,
.legal-content *:active {
transform: none !important;
box-shadow: none !important;
text-shadow: none !important;
transition: none !important;
animation: none !important;
}

240
public/assets/js/contact.js
View File

File diff suppressed because one or more lines are too long

211
public/assets/js/cookie-consent.js
View File

File diff suppressed because one or more lines are too long

236
public/assets/js/main.js
View File

File diff suppressed because one or more lines are too long

19
public/composer.json
View File

@@ -1,19 +0,0 @@
{
"name": "hexahost/contact-form",
"description": "HexaHost.de Contact Form with PHPMailer",
"type": "project",
"require": {
"phpmailer/phpmailer": "^6.8"
},
"autoload": {
"psr-4": {
"HexaHost\\": "src/"
}
},
"config": {
"optimize-autoloader": true,
"sort-packages": true
},
"minimum-stability": "stable",
"prefer-stable": true
}

55
public/contact-handler.php
View File

@@ -1,18 +1,13 @@
<?php
/**
* HexaHost.de Contact Form Handler
* E-Mail-Verarbeitung mit SMTP-Integration und Spam-Schutz
* E-Mail-Verarbeitung mit nativer PHP-mail()-Funktion und Spam-Schutz
*/
require_once __DIR__ . '/../backend/includes/functions.php';
require_once __DIR__ . '/../backend/config/mail-config.php';
require_once __DIR__ . '/../backend/config/contact-config.php';
// PHPMailer Autoload (falls via Composer installiert)
if (file_exists(__DIR__ . '/vendor/autoload.php')) {
require_once __DIR__ . '/vendor/autoload.php';
}
$config = getHexaHostConfig();
// CORS Headers für AJAX-Requests (nur eigene Domain erlauben)
@@ -102,53 +97,6 @@ function getSubjectLabel($subjectKey) {
function sendEmail($data) {
global $config;
if (!class_exists('PHPMailer\PHPMailer\PHPMailer')) {
return sendEmailNative($data);
}
try {
$mail = new PHPMailer\PHPMailer\PHPMailer(true);
$mail->isSMTP();
$mail->Host = $config['smtp_host'];
$mail->SMTPAuth = true;
$mail->Username = $config['smtp_username'];
$mail->Password = $config['smtp_password'];
$mail->SMTPSecure = $config['smtp_encryption'];
$mail->Port = $config['smtp_port'];
$mail->CharSet = 'UTF-8';
$mail->setFrom($config['from_email'], $config['from_name']);
$mail->addReplyTo(
sanitizeHeaderValue($data['email']),
sanitizeHeaderValue($data['firstName'] . ' ' . $data['lastName'])
);
$mail->addAddress($config['to_email'], $config['to_name']);
$subject = getSubjectLabel($data['subject']);
$mail->Subject = '[HexaHost.de] ' . $subject;
$mail->isHTML(true);
$mail->Body = generateEmailHTML($data);
$mail->AltBody = generateEmailText($data);
$mail->addCustomHeader('X-Mailer', 'HexaHost Contact Form');
$mail->addCustomHeader('X-Priority', '3');
$mail->addCustomHeader('X-MSMail-Priority', 'Normal');
$mail->addCustomHeader('Importance', 'Normal');
$mail->addCustomHeader('X-Report-Abuse', 'Please report abuse here: abuse@hexahost.de');
$mail->send();
return true;
} catch (Exception $e) {
error_log('HexaHost Contact Form Error: ' . $e->getMessage());
return false;
}
}
function sendEmailNative($data) {
global $config;
$subject = '[HexaHost.de] ' . getSubjectLabel($data['subject']);
$replyName = sanitizeHeaderValue($data['firstName'] . ' ' . $data['lastName']);
$replyEmail = sanitizeHeaderValue($data['email']);
@@ -165,6 +113,7 @@ function sendEmailNative($data) {
'X-Report-Abuse: Please report abuse here: abuse@hexahost.de',
];
// Native PHP Mailversand ohne externe Libraries
return mail($config['to_email'], $subject, generateEmailHTML($data), implode("\r\n", $headers));
}

6
public/index.php
View File

@@ -54,7 +54,7 @@ includeHeader($page_title, $page_description, $current_page);
</p>
</div>
<div class="products-grid">
<div class="product-card glass-card">
<div class="product-card glass-card"<?php echo productHiddenAttr('vpc'); ?>>
<div class="product-icon">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
<path d="M4 7V4a2 2 0 0 1 2-2h8a2 2 0 0 1 2 2v3"/>
@@ -74,7 +74,7 @@ includeHeader($page_title, $page_description, $current_page);
</ul>
<a href="/vpc" class="btn btn-primary">Mehr erfahren</a>
</div>
<div class="product-card glass-card">
<div class="product-card glass-card"<?php echo productHiddenAttr('vps'); ?>>
<div class="product-icon">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
<rect x="2" y="3" width="20" height="14" rx="2" ry="2"/>
@@ -92,7 +92,7 @@ includeHeader($page_title, $page_description, $current_page);
</ul>
<a href="/vps" class="btn btn-primary">Mehr erfahren</a>
</div>
<div class="product-card glass-card">
<div class="product-card glass-card"<?php echo productHiddenAttr('mail-gateway'); ?>>
<div class="product-icon">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
<path d="M4 4h16c1.1 0 2 .9 2 2v12c0 1.1-.9 2-2 2H4c-1.1 0-2-.9-2-2V6c0-1.1.9-2 2-2z"/>

4
public/mail-gateway.php
View File

@@ -166,8 +166,8 @@ includeHeader($page_title, $page_description, $current_page);
<h2><?php echo htmlspecialchars($product['cta_title'] ?? ('Bereit für ' . $product['name'] . '?')); ?></h2>
<p><?php echo htmlspecialchars($product['cta_description'] ?? ('Starten Sie noch heute mit ' . $product['name'])); ?></p>
<div class="cta-actions">
<a href="contact.php?product=mail-gateway" class="btn btn-primary">Jetzt bestellen</a>
<a href="/contact" class="btn btn-secondary">Beratung anfordern</a>
<a href="<?php echo htmlspecialchars(getProductOrderUrl('mail-gateway'), ENT_QUOTES, 'UTF-8'); ?>" class="btn btn-primary">Jetzt bestellen</a>
<a href="contact.php" class="btn btn-secondary">Beratung anfordern</a>
</div>
</div>
</div>

14
public/sitemap.xml
View File

@@ -2,43 +2,43 @@
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://hexahost.de/</loc>
<lastmod>2024-01-01</lastmod>
<lastmod>2026-05-28</lastmod>
<changefreq>weekly</changefreq>
<priority>1.0</priority>
</url>
<url>
<loc>https://hexahost.de/vpc.html</loc>
<lastmod>2024-01-01</lastmod>
<lastmod>2026-05-28</lastmod>
<changefreq>monthly</changefreq>
<priority>0.9</priority>
</url>
<url>
<loc>https://hexahost.de/vps.html</loc>
<lastmod>2024-01-01</lastmod>
<lastmod>2026-05-28</lastmod>
<changefreq>monthly</changefreq>
<priority>0.9</priority>
</url>
<url>
<loc>https://hexahost.de/mail-gateway.html</loc>
<lastmod>2024-01-01</lastmod>
<lastmod>2026-05-28</lastmod>
<changefreq>monthly</changefreq>
<priority>0.9</priority>
</url>
<url>
<loc>https://hexahost.de/webhosting.html</loc>
<lastmod>2024-01-01</lastmod>
<lastmod>2026-05-28</lastmod>
<changefreq>monthly</changefreq>
<priority>0.9</priority>
</url>
<url>
<loc>https://hexahost.de/about.html</loc>
<lastmod>2024-01-01</lastmod>
<lastmod>2026-05-28</lastmod>
<changefreq>monthly</changefreq>
<priority>0.7</priority>
</url>
<url>
<loc>https://hexahost.de/contact.html</loc>
<lastmod>2024-01-01</lastmod>
<lastmod>2026-05-28</lastmod>
<changefreq>monthly</changefreq>
<priority>0.8</priority>
</url>

4
public/vpc.php
View File

@@ -166,8 +166,8 @@ includeHeader($page_title, $page_description, $current_page);
<h2><?php echo htmlspecialchars($product['cta_title'] ?? ('Bereit für ' . $product['name'] . '?')); ?></h2>
<p><?php echo htmlspecialchars($product['cta_description'] ?? ('Starten Sie noch heute mit ' . $product['name'])); ?></p>
<div class="cta-actions">
<a href="contact.php?product=vpc" class="btn btn-primary">Jetzt bestellen</a>
<a href="/contact" class="btn btn-secondary">Beratung anfordern</a>
<a href="<?php echo htmlspecialchars(getProductOrderUrl('vpc'), ENT_QUOTES, 'UTF-8'); ?>" class="btn btn-primary">Jetzt bestellen</a>
<a href="contact.php" class="btn btn-secondary">Beratung anfordern</a>
</div>
</div>
</div>

4
public/vps.php
View File

@@ -171,8 +171,8 @@ includeHeader($page_title, $page_description, $current_page);
<h2><?php echo htmlspecialchars($product['cta_title'] ?? ('Bereit für ' . $product['name'] . '?')); ?></h2>
<p><?php echo htmlspecialchars($product['cta_description'] ?? ('Starten Sie noch heute mit ' . $product['name'])); ?></p>
<div class="cta-actions">
<a href="contact.php?product=vps" class="btn btn-primary">Jetzt bestellen</a>
<a href="/contact" class="btn btn-secondary">Beratung anfordern</a>
<a href="<?php echo htmlspecialchars(getProductOrderUrl('vps'), ENT_QUOTES, 'UTF-8'); ?>" class="btn btn-primary">Jetzt bestellen</a>
<a href="contact.php" class="btn btn-secondary">Beratung anfordern</a>
</div>
</div>
</div>

6
public/webhosting.php
View File

@@ -95,7 +95,7 @@ includeHeader($page_title, $page_description, $current_page);
<polyline points="10,9 9,9 8,9"/>
</svg>
</div>
<h3>cPanel/Webmin</h3>
<h3>Plesk</h3>
<p>Benutzerfreundliche Verwaltungsoberfläche für einfache Website-Verwaltung und E-Mail-Konfiguration.</p>
</div>
<div class="detail-card glass-card">
@@ -170,8 +170,8 @@ includeHeader($page_title, $page_description, $current_page);
<h2><?php echo htmlspecialchars($product['cta_title'] ?? ('Bereit für ' . $product['name'] . '?')); ?></h2>
<p><?php echo htmlspecialchars($product['cta_description'] ?? ('Starten Sie noch heute mit ' . $product['name'])); ?></p>
<div class="cta-actions">
<a href="contact.php?product=webhosting" class="btn btn-primary">Jetzt bestellen</a>
<a href="/contact" class="btn btn-secondary">Beratung anfordern</a>
<a href="<?php echo htmlspecialchars(getProductOrderUrl('webhosting'), ENT_QUOTES, 'UTF-8'); ?>" class="btn btn-primary">Jetzt bestellen</a>
<a href="contact.php" class="btn btn-secondary">Beratung anfordern</a>
</div>
</div>
</div>

BIN
scripts/__pycache__/obfuscate_release.cpython-314.pyc Normal file
View File

Binary file not shown.

463
scripts/obfuscate_release.py Normal file
View File

@@ -0,0 +1,463 @@
#!/usr/bin/env python3
from __future__ import annotations
import argparse
import hashlib
import re
import shutil
import subprocess
import sys
import tempfile
from collections import defaultdict
from pathlib import Path
TEXT_EXTENSIONS = {".php", ".html", ".htm", ".xml", ".txt", ".js", ".css"}
HASH_SUFFIX_RE = re.compile(r"\.[a-f0-9]{12}$", re.I)
def strip_comments_keep_strings(text: str) -> str:
out = []
i = 0
n = len(text)
in_single = False
in_double = False
in_template = False
escape = False
in_line_comment = False
in_block_comment = False
while i < n:
ch = text[i]
nxt = text[i + 1] if i + 1 < n else ""
if in_line_comment:
if ch == "\n":
in_line_comment = False
out.append(ch)
i += 1
continue
if in_block_comment:
if ch == "*" and nxt == "/":
in_block_comment = False
i += 2
else:
if ch == "\n":
out.append("\n")
i += 1
continue
if in_single or in_double or in_template:
out.append(ch)
if escape:
escape = False
elif ch == "\\":
escape = True
elif in_single and ch == "'":
in_single = False
elif in_double and ch == '"':
in_double = False
elif in_template and ch == "`":
in_template = False
i += 1
continue
if ch == "/" and nxt == "/":
in_line_comment = True
i += 2
continue
if ch == "/" and nxt == "*":
in_block_comment = True
i += 2
continue
if ch == "'":
in_single = True
out.append(ch)
i += 1
continue
if ch == '"':
in_double = True
out.append(ch)
i += 1
continue
if ch == "`":
in_template = True
out.append(ch)
i += 1
continue
out.append(ch)
i += 1
return "".join(out)
def strip_php_comments(text: str) -> str:
out = []
i = 0
n = len(text)
in_single = False
in_double = False
in_line_comment = False
in_block_comment = False
escape = False
while i < n:
ch = text[i]
nxt = text[i + 1] if i + 1 < n else ""
if in_line_comment:
if ch == "\n":
in_line_comment = False
out.append("\n")
i += 1
continue
if in_block_comment:
if ch == "*" and nxt == "/":
in_block_comment = False
i += 2
else:
if ch == "\n":
out.append("\n")
i += 1
continue
if in_single or in_double:
out.append(ch)
if escape:
escape = False
elif ch == "\\":
escape = True
elif in_single and ch == "'":
in_single = False
elif in_double and ch == '"':
in_double = False
i += 1
continue
if ch == "/" and nxt == "/":
in_line_comment = True
i += 2
continue
if ch == "#":
in_line_comment = True
i += 1
continue
if ch == "/" and nxt == "*":
in_block_comment = True
i += 2
continue
if ch == "'":
in_single = True
elif ch == '"':
in_double = True
out.append(ch)
i += 1
return "".join(out)
def minify_css_fallback(text: str) -> str:
text = strip_comments_keep_strings(text)
text = re.sub(r"\s+", " ", text)
text = re.sub(r"\s*([{}:;,>+~])\s*", r"\1", text)
return text.strip()
def minify_js_fallback(text: str) -> str:
text = strip_comments_keep_strings(text)
text = re.sub(r"\s+", " ", text)
text = re.sub(r"\s*([{}:;,()=+\-*/<>!&|?])\s*", r"\1", text)
return text.strip()
def canonical_asset_base(stem: str) -> str:
name = stem
while HASH_SUFFIX_RE.search(name):
name = HASH_SUFFIX_RE.sub("", name)
return name
def is_skipped_asset(path: Path) -> bool:
lowered = path.as_posix().lower()
if ".min." in path.name or ".obf." in path.name or ".deob." in path.name:
return True
if "deobfuscated" in lowered:
return True
return False
def is_valid_source_content(content: str) -> bool:
if "[javascript-obfuscator-cli]" in content:
return False
return len(content.strip()) >= 20
def collect_asset_groups(asset_root: Path) -> dict[tuple[Path, str, str], list[Path]]:
groups: dict[tuple[Path, str, str], list[Path]] = defaultdict(list)
for ext in (".js", ".css"):
for file_path in sorted(asset_root.rglob(f"*{ext}")):
if is_skipped_asset(file_path):
continue
base = canonical_asset_base(file_path.stem)
key = (file_path.parent, base, ext)
groups[key].append(file_path)
return groups
def pick_source_file(paths: list[Path], base: str, ext: str) -> Path | None:
if not paths:
return None
parent = paths[0].parent
plain = parent / f"{base}{ext}"
ordered: list[Path] = []
if plain in paths:
ordered.append(plain)
for candidate in sorted(paths, key=lambda p: len(p.name)):
if candidate not in ordered:
ordered.append(candidate)
for candidate in ordered:
try:
content = candidate.read_text(encoding="utf-8")
except (OSError, UnicodeDecodeError):
continue
if is_valid_source_content(content):
return candidate
return None
def cleanup_invalid_siblings(paths: list[Path], source: Path) -> None:
for path in paths:
if path == source or not path.exists():
continue
try:
content = path.read_text(encoding="utf-8")
except (OSError, UnicodeDecodeError):
content = ""
if not is_valid_source_content(content):
path.unlink()
def run_cmd(command: list[str], cwd: Path) -> None:
proc = subprocess.run(
command,
cwd=str(cwd),
text=True,
capture_output=True,
check=False,
)
if proc.returncode != 0:
raise RuntimeError(proc.stderr.strip() or proc.stdout.strip() or "command failed")
def process_js(path: Path, cwd: Path) -> None:
original = path.read_text(encoding="utf-8")
if not is_valid_source_content(original):
raise ValueError(
f"invalid or corrupted JS source: {path} "
f"(restore e.g. 'git checkout dev -- {path.as_posix()}')"
)
if shutil.which("npx"):
tmpdir = Path(tempfile.mkdtemp())
try:
src = tmpdir / "input.js"
out = tmpdir / "output.js"
src.write_text(original, encoding="utf-8")
run_cmd(
[
"npx",
"--yes",
"terser",
str(src),
"-o",
str(src),
"--compress",
"--mangle",
"--comments",
"false",
],
cwd,
)
run_cmd(
[
"npx",
"--yes",
"javascript-obfuscator",
str(src),
"--output",
str(out),
"--compact",
"true",
"--control-flow-flattening",
"true",
"--dead-code-injection",
"true",
"--string-array",
"true",
"--string-array-encoding",
"base64",
"--target",
"browser-no-eval",
"--source-map",
"false",
],
cwd,
)
if not out.exists():
raise RuntimeError("obfuscator produced no output file")
result = out.read_text(encoding="utf-8")
if not is_valid_source_content(result):
raise RuntimeError("obfuscator output looks invalid")
path.write_text(result.strip() + "\n", encoding="utf-8")
return
except Exception:
pass
finally:
shutil.rmtree(tmpdir, ignore_errors=True)
path.write_text(minify_js_fallback(original) + "\n", encoding="utf-8")
def process_css(path: Path, cwd: Path) -> None:
original = path.read_text(encoding="utf-8")
if shutil.which("npx"):
tmpdir = Path(tempfile.mkdtemp())
try:
src = tmpdir / "input.css"
out = tmpdir / "output.css"
src.write_text(original, encoding="utf-8")
run_cmd(
[
"npx",
"--yes",
"clean-css-cli",
str(src),
"-o",
str(out),
"--skip-rebase",
"-O2",
],
cwd,
)
path.write_text(out.read_text(encoding="utf-8").strip() + "\n", encoding="utf-8")
return
except Exception:
pass
finally:
shutil.rmtree(tmpdir, ignore_errors=True)
path.write_text(minify_css_fallback(original) + "\n", encoding="utf-8")
def process_php(path: Path) -> None:
original = path.read_text(encoding="utf-8")
stripped = strip_php_comments(original)
path.write_text(stripped, encoding="utf-8")
def hash_file(path: Path) -> str:
return hashlib.sha256(path.read_bytes()).hexdigest()[:12]
def replace_references(root: Path, mapping: dict[str, str]) -> None:
for candidate in root.rglob("*"):
if not candidate.is_file() or candidate.suffix.lower() not in TEXT_EXTENSIONS:
continue
try:
content = candidate.read_text(encoding="utf-8")
except UnicodeDecodeError:
continue
updated = content
for src, dst in sorted(mapping.items(), key=lambda item: len(item[0]), reverse=True):
updated = updated.replace(src, dst)
updated = updated.replace("/" + src, "/" + dst)
if updated != content:
candidate.write_text(updated, encoding="utf-8")
def build_hash_mapping(public_root: Path) -> dict[str, str]:
mapping: dict[str, str] = {}
asset_root = public_root / "assets"
if not asset_root.exists():
return mapping
groups = collect_asset_groups(asset_root)
for (parent, base, ext), paths in groups.items():
source = pick_source_file(paths, base, ext)
if source is None:
continue
digest = hash_file(source)
target = parent / f"{base}.{digest}{ext}"
rel_new = target.relative_to(public_root).as_posix()
for old in paths:
rel_old = old.relative_to(public_root).as_posix()
if rel_old != rel_new:
mapping[rel_old] = rel_new
if source != target:
if target.exists():
target.unlink()
source.replace(target)
for old in paths:
if old != target and old.exists():
old.unlink()
return mapping
def main() -> int:
parser = argparse.ArgumentParser(description="Release obfuscation build.")
parser.add_argument("--root", default=".", help="Repository root")
parser.add_argument("--hash-assets", action="store_true", help="Hash JS/CSS file names")
args = parser.parse_args()
repo_root = Path(args.root).resolve()
public_root = repo_root / "public"
if not public_root.exists():
print("public directory not found", file=sys.stderr)
return 1
asset_root = public_root / "assets"
if asset_root.exists():
groups = collect_asset_groups(asset_root)
for (parent, base, ext), paths in sorted(groups.items()):
source = pick_source_file(paths, base, ext)
if source is None:
rel = (parent / f"{base}{ext}").relative_to(public_root)
print(
f"ERROR: No valid source for {rel}. "
f"Restore from dev, e.g.: git checkout dev -- {rel}",
file=sys.stderr,
)
return 1
cleanup_invalid_siblings(paths, source)
if ext == ".js":
process_js(source, repo_root)
else:
process_css(source, repo_root)
for php in sorted(public_root.rglob("*.php")):
process_php(php)
for php in sorted((repo_root / "backend").rglob("*.php")):
process_php(php)
if args.hash_assets:
mapping = build_hash_mapping(public_root)
replace_references(repo_root, mapping)
print("Release obfuscation complete.")
return 0
if __name__ == "__main__":
raise SystemExit(main())

185
scripts/publish-to-main.ps1
View File

@@ -1,185 +0,0 @@
#Requires -Version 5.1
<#
.SYNOPSIS
Erstellt einen Production-Build und veroeffentlicht ihn auf den Branch main.
.DESCRIPTION
1. Wechselt auf main und setzt ihn auf den Stand von dev
2. Entfernt Kommentare, minifiziert CSS, obfuskiert JavaScript
3. Committet und pusht main (optional)
4. Wechselt zurueck auf dev (Quellcode bleibt unveraendert)
.PARAMETER Push
Pusht main nach origin (Standard: nur lokaler Commit)
.PARAMETER DryRun
Fuehrt Git-Schritte nur simuliert aus (Build wird trotzdem erstellt)
.PARAMETER AllowDirty
Erlaubt uncommittete Aenderungen
.PARAMETER Message
Commit-Nachricht fuer den Production-Build
.EXAMPLE
.\scripts\publish-to-main.ps1
.EXAMPLE
.\scripts\publish-to-main.ps1 -Push
#>
[CmdletBinding()]
param(
[switch]$Push,
[switch]$DryRun,
[switch]$AllowDirty,
[string]$Message = ""
)
$ErrorActionPreference = "Stop"
$Root = (Resolve-Path (Join-Path $PSScriptRoot "..")).Path
$BuildDir = Join-Path $Root "scripts\build"
$OriginalBranch = ""
function Write-Step([string]$Text) {
Write-Host ""
Write-Host "==> $Text" -ForegroundColor Cyan
}
function Ensure-GitClean {
$status = git -C $Root status --porcelain
if ($status) {
throw "Uncommittete Aenderungen im Repository. Bitte zuerst committen oder stashen."
}
}
function Resolve-NodeTool([string]$ToolName) {
$command = Get-Command $ToolName -ErrorAction SilentlyContinue
if ($command) {
return $command.Source
}
$candidates = @(
(Join-Path $env:ProgramFiles "nodejs\$ToolName.cmd"),
(Join-Path ${env:ProgramFiles(x86)} "nodejs\$ToolName.cmd"),
(Join-Path $env:LOCALAPPDATA "Programs\nodejs\$ToolName.cmd"),
"c:\Program Files\cursor\resources\app\resources\helpers\node.exe"
)
foreach ($candidate in $candidates) {
if ($ToolName -eq "node" -and (Test-Path $candidate)) {
return $candidate
}
if ($ToolName -ne "node" -and (Test-Path $candidate)) {
return $candidate
}
}
return $null
}
function Ensure-Node {
$script:NodeExe = Resolve-NodeTool "node"
$script:NpmExe = Resolve-NodeTool "npm"
if (-not $script:NodeExe) {
throw "Node.js ist nicht installiert. Bitte Node.js 18+ installieren: https://nodejs.org/"
}
if (-not $script:NpmExe) {
throw "npm wurde nicht gefunden. Bitte Node.js inkl. npm installieren und PATH setzen."
}
}
try {
Set-Location $Root
Ensure-Node
if (-not $AllowDirty) {
Ensure-GitClean
} else {
Write-Warning "AllowDirty aktiv - uncommittete Aenderungen werden mit veroeffentlicht."
}
$OriginalBranch = (git branch --show-current).Trim()
if ($OriginalBranch -ne "dev") {
Write-Warning "Empfohlen: Auf Branch 'dev' starten (aktuell: $OriginalBranch)"
}
if ([string]::IsNullOrWhiteSpace($Message)) {
$Message = "chore(release): production build $(Get-Date -Format 'yyyy-MM-dd HH:mm')"
}
Write-Step "Installiere Build-Abhaengigkeiten"
Set-Location $BuildDir
if (-not $DryRun) {
& $NpmExe ci --no-fund --no-audit
if ($LASTEXITCODE -ne 0) { throw "npm ci fehlgeschlagen" }
}
Write-Step "Wechsle auf main und synchronisiere mit dev"
Set-Location $Root
if ($DryRun) {
Write-Host '[DryRun] git checkout main'
Write-Host '[DryRun] git reset --hard dev'
} else {
git checkout main
git reset --hard dev
}
Write-Step "Production-Build (Kommentare entfernen, JS obfuscaten)"
Set-Location $BuildDir
if ($DryRun) {
Write-Host '[DryRun] npm run build:in-place'
} else {
& $NpmExe run build:in-place
if ($LASTEXITCODE -ne 0) { throw "Production-Build fehlgeschlagen" }
}
Write-Step "Production-Build committen"
Set-Location $Root
if ($DryRun) {
Write-Host '[DryRun] git add -A'
Write-Host ('[DryRun] git commit -m "' + $Message + '"')
} else {
git add -A
$null = git diff --cached --quiet
if ($LASTEXITCODE -eq 0) {
Write-Warning "Keine Build-Aenderungen - nichts zu committen."
} else {
git commit -m $Message
}
}
if ($Push) {
Write-Step "Push nach origin/main"
if ($DryRun) {
Write-Host '[DryRun] git push origin main'
} else {
git push origin main
}
} else {
Write-Host "Hinweis: Ohne -Push wurde nur lokal auf main gebaut." -ForegroundColor Yellow
}
Write-Step "Zurueck auf $OriginalBranch"
if (-not $DryRun) {
if ([string]::IsNullOrWhiteSpace($OriginalBranch)) {
git checkout dev
} else {
git checkout $OriginalBranch
}
}
Write-Host ""
Write-Host "Production-Release abgeschlossen." -ForegroundColor Green
if (-not $Push -and -not $DryRun) {
Write-Host "Zum Veroeffentlichen: git push origin main" -ForegroundColor Yellow
}
}
catch {
Write-Host ""
Write-Host ('FEHLER: ' + $_.Exception.Message) -ForegroundColor Red
Set-Location $Root
if ($OriginalBranch -and -not $DryRun) {
git checkout $OriginalBranch 2>$null
}
exit 1
}

187
scripts/publish-to-main.sh
View File

@@ -1,187 +0,0 @@
#!/usr/bin/env bash
#
# Erstellt einen Production-Build und veröffentlicht ihn auf den Branch main.
#
# 1. Wechselt auf main und setzt ihn auf den Stand von dev
# 2. Entfernt Kommentare, minifiziert CSS, obfuskiert JavaScript
# 3. Committet und pusht main (optional)
# 4. Wechselt zurück auf den ursprünglichen Branch (dev bleibt unverändert)
#
# Nutzung:
# ./scripts/publish-to-main.sh
# ./scripts/publish-to-main.sh --push
# ./scripts/publish-to-main.sh --dry-run
# ./scripts/publish-to-main.sh --allow-dirty --message "chore(release): v1.2"
#
set -euo pipefail
PUSH=false
DRY_RUN=false
ALLOW_DIRTY=false
MESSAGE=""
usage() {
cat <<'EOF'
Usage: publish-to-main.sh [OPTIONS]
Options:
--push Push nach origin/main
--dry-run Git-Schritte nur anzeigen (Build wird ausgeführt)
--allow-dirty Uncommittete Änderungen erlauben
--message TEXT Commit-Nachricht
-h, --help Hilfe anzeigen
EOF
}
while [[ $# -gt 0 ]]; do
case "$1" in
--push)
PUSH=true
shift
;;
--dry-run)
DRY_RUN=true
shift
;;
--allow-dirty)
ALLOW_DIRTY=true
shift
;;
--message)
MESSAGE="${2:-}"
shift 2
;;
-h|--help)
usage
exit 0
;;
*)
echo "Unbekannte Option: $1" >&2
usage >&2
exit 1
;;
esac
done
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
BUILD_DIR="$ROOT/scripts/build"
ORIGINAL_BRANCH=""
step() {
echo ""
echo "==> $1"
}
require_command() {
if ! command -v "$1" >/dev/null 2>&1; then
echo "FEHLER: '$1' nicht gefunden. Bitte installieren und PATH setzen." >&2
exit 1
fi
}
ensure_git_clean() {
if [[ -n "$(git -C "$ROOT" status --porcelain)" ]]; then
echo "FEHLER: Uncommittete Änderungen. Bitte zuerst committen oder stashen." >&2
exit 1
fi
}
cleanup_on_error() {
echo ""
echo "FEHLER: Abgebrochen." >&2
cd "$ROOT" || true
if [[ -n "$ORIGINAL_BRANCH" && "$DRY_RUN" == false ]]; then
git checkout "$ORIGINAL_BRANCH" 2>/dev/null || true
fi
}
trap cleanup_on_error ERR
require_command node
require_command npm
require_command git
cd "$ROOT"
if [[ "$ALLOW_DIRTY" == false ]]; then
ensure_git_clean
else
echo "WARNUNG: --allow-dirty aktiv uncommittete Änderungen werden mit veröffentlicht." >&2
fi
ORIGINAL_BRANCH="$(git branch --show-current | tr -d '[:space:]')"
if [[ "$ORIGINAL_BRANCH" != "dev" ]]; then
echo "WARNUNG: Empfohlen auf Branch 'dev' zu starten (aktuell: ${ORIGINAL_BRANCH:-detached})" >&2
fi
if [[ -z "$MESSAGE" ]]; then
MESSAGE="chore(release): production build $(date '+%Y-%m-%d %H:%M')"
fi
step "Installiere Build-Abhängigkeiten"
cd "$BUILD_DIR"
if [[ "$DRY_RUN" == false ]]; then
npm ci --no-fund --no-audit
fi
step "Wechsle auf main und synchronisiere mit dev"
cd "$ROOT"
if [[ "$DRY_RUN" == true ]]; then
echo "[DryRun] git checkout main"
echo "[DryRun] git reset --hard dev"
else
git checkout main
git reset --hard dev
fi
step "Production-Build (Kommentare entfernen, JS obfuscaten)"
cd "$BUILD_DIR"
if [[ "$DRY_RUN" == true ]]; then
echo "[DryRun] npm run build:in-place"
else
npm run build:in-place
fi
step "Production-Build committen"
cd "$ROOT"
if [[ "$DRY_RUN" == true ]]; then
echo "[DryRun] git add -A"
echo "[DryRun] git commit -m \"$MESSAGE\""
else
git add -A
if git diff --cached --quiet; then
echo "WARNUNG: Keine Build-Änderungen nichts zu committen." >&2
else
git commit -m "$MESSAGE"
fi
fi
if [[ "$PUSH" == true ]]; then
step "Push nach origin/main"
if [[ "$DRY_RUN" == true ]]; then
echo "[DryRun] git push origin main"
else
git push origin main
fi
else
echo "Hinweis: Ohne --push wurde nur lokal auf main gebaut."
fi
step "Zurück auf ${ORIGINAL_BRANCH:-dev}"
if [[ "$DRY_RUN" == false ]]; then
if [[ -n "$ORIGINAL_BRANCH" ]]; then
git checkout "$ORIGINAL_BRANCH"
else
git checkout dev
fi
fi
trap - ERR
echo ""
echo "Production-Release abgeschlossen."
if [[ "$PUSH" == false && "$DRY_RUN" == false ]]; then
echo "Zum Veröffentlichen: git push origin main"
fi

46
scripts/run-build.ps1
View File

@@ -1,46 +0,0 @@
#Requires -Version 5.1
<#
.SYNOPSIS
Erstellt ein Production-Bundle unter dist/ (ohne Branch-Wechsel).
#>
[CmdletBinding()]
param(
[switch]$InPlace
)
$ErrorActionPreference = "Stop"
$Root = (Resolve-Path (Join-Path $PSScriptRoot "..")).Path
$BuildDir = Join-Path $Root "scripts\build"
function Resolve-NodeTool([string]$ToolName) {
$command = Get-Command $ToolName -ErrorAction SilentlyContinue
if ($command) { return $command.Source }
$candidates = @(
(Join-Path $env:ProgramFiles "nodejs\$ToolName.cmd"),
(Join-Path ${env:ProgramFiles(x86)} "nodejs\$ToolName.cmd")
)
foreach ($candidate in $candidates) {
if (Test-Path $candidate) { return $candidate }
}
return $null
}
$npm = Resolve-NodeTool "npm"
if (-not $npm) {
throw "npm nicht gefunden. Bitte Node.js installieren."
}
Set-Location $BuildDir
& $npm ci --no-fund --no-audit
if ($LASTEXITCODE -ne 0) { exit $LASTEXITCODE }
if ($InPlace) {
& $npm run build:in-place
} else {
& $npm run build
}
exit $LASTEXITCODE

58
scripts/run-build.sh
View File

@@ -1,58 +0,0 @@
#!/usr/bin/env bash
#
# Erstellt ein Production-Bundle unter dist/ (ohne Branch-Wechsel).
#
# Nutzung:
# ./scripts/run-build.sh
# ./scripts/run-build.sh --in-place
#
set -euo pipefail
IN_PLACE=false
usage() {
cat <<'EOF'
Usage: run-build.sh [OPTIONS]
Options:
--in-place Build direkt im Repository (statt dist/)
-h, --help Hilfe anzeigen
EOF
}
while [[ $# -gt 0 ]]; do
case "$1" in
--in-place)
IN_PLACE=true
shift
;;
-h|--help)
usage
exit 0
;;
*)
echo "Unbekannte Option: $1" >&2
usage >&2
exit 1
;;
esac
done
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
BUILD_DIR="$ROOT/scripts/build"
if ! command -v npm >/dev/null 2>&1; then
echo "FEHLER: npm nicht gefunden. Bitte Node.js installieren." >&2
exit 1
fi
cd "$BUILD_DIR"
npm ci --no-fund --no-audit
if [[ "$IN_PLACE" == true ]]; then
npm run build:in-place
else
npm run build
fi

17
scripts/setup-git-hooks.ps1 Normal file
View File

@@ -0,0 +1,17 @@
# Einmal pro Clone ausführen: Commit-Template + Conventional-Commits-Hook aktivieren
$ErrorActionPreference = "Stop"
$repoRoot = Resolve-Path (Join-Path $PSScriptRoot "..")
Push-Location $repoRoot
try {
git config --local commit.template .gitmessage
git config --local core.hooksPath .githooks
Write-Host "Git Hooks aktiv:" -ForegroundColor Green
Write-Host " commit.template = .gitmessage"
Write-Host " core.hooksPath = .githooks"
Write-Host ""
Write-Host "Commit-Format: feat(scope): beschreibung"
} finally {
Pop-Location
}