mirror of
https://git.hexahost.dev/smueller/HexaHost-Frontend.git
synced 2026-06-02 04:48:44 +00:00
164 lines
4.8 KiB
PHP
164 lines
4.8 KiB
PHP
<?php
|
|
/**
|
|
* Helper functions for HexaHost.de
|
|
*/
|
|
|
|
$configDir = defined('HEXAHOST_CONFIG_DIR')
|
|
? HEXAHOST_CONFIG_DIR
|
|
: __DIR__ . '/../config';
|
|
|
|
$siteConfigFile = $configDir . '/site-config.php';
|
|
if (is_file($siteConfigFile)) {
|
|
require_once $siteConfigFile;
|
|
} elseif (!function_exists('getSiteHost')) {
|
|
define('SITE_DOMAIN_PRODUCTION', 'hexahost.de');
|
|
define('SITE_DOMAIN_DEVELOPMENT', 'dev.hexahost.de');
|
|
|
|
function getSiteHost()
|
|
{
|
|
$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : SITE_DOMAIN_PRODUCTION;
|
|
$host = strtolower($host);
|
|
if (strpos($host, ':') !== false) {
|
|
$host = explode(':', $host, 2)[0];
|
|
}
|
|
return $host;
|
|
}
|
|
|
|
function isDevelopmentSite()
|
|
{
|
|
return getSiteHost() === SITE_DOMAIN_DEVELOPMENT;
|
|
}
|
|
|
|
function getSiteBaseUrl()
|
|
{
|
|
$https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')
|
|
|| (isset($_SERVER['SERVER_PORT']) && (int) $_SERVER['SERVER_PORT'] === 443);
|
|
return ($https ? 'https' : 'http') . '://' . getSiteHost();
|
|
}
|
|
|
|
function getAllowedOrigins()
|
|
{
|
|
return [
|
|
'https://' . SITE_DOMAIN_PRODUCTION,
|
|
'https://www.' . SITE_DOMAIN_PRODUCTION,
|
|
'https://' . SITE_DOMAIN_DEVELOPMENT,
|
|
'http://localhost',
|
|
'http://127.0.0.1',
|
|
'http://localhost:8000',
|
|
];
|
|
}
|
|
|
|
function getCanonicalBaseUrl()
|
|
{
|
|
return 'https://' . SITE_DOMAIN_PRODUCTION;
|
|
}
|
|
}
|
|
|
|
// Fehleranzeige auf Dev/localhost für einfacheres Debugging
|
|
$hexahostHost = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '';
|
|
if (
|
|
(function_exists('isDevelopmentSite') && isDevelopmentSite())
|
|
|| preg_match('/^(localhost|127\.0\.0\.1)(:\d+)?$/', $hexahostHost)
|
|
) {
|
|
ini_set('display_errors', '1');
|
|
ini_set('display_startup_errors', '1');
|
|
}
|
|
|
|
// Sichere Session-Konfiguration
|
|
if (session_status() === PHP_SESSION_NONE) {
|
|
// Session-Cookie-Sicherheit
|
|
ini_set('session.cookie_httponly', 1);
|
|
ini_set('session.cookie_secure', isset($_SERVER['HTTPS']) ? 1 : 0);
|
|
ini_set('session.cookie_samesite', 'Strict');
|
|
ini_set('session.use_strict_mode', 1);
|
|
ini_set('session.use_only_cookies', 1);
|
|
|
|
session_start();
|
|
|
|
// Session-ID regenerieren bei Login/wichtigen Aktionen (Schutz vor Session Fixation)
|
|
if (!isset($_SESSION['initiated'])) {
|
|
session_regenerate_id(true);
|
|
$_SESSION['initiated'] = true;
|
|
}
|
|
}
|
|
|
|
// PHP Error Display in Produktion deaktivieren
|
|
if (!defined('DEBUG_MODE') || !DEBUG_MODE) {
|
|
ini_set('display_errors', 0);
|
|
ini_set('display_startup_errors', 0);
|
|
error_reporting(E_ALL);
|
|
ini_set('log_errors', 1);
|
|
}
|
|
|
|
/**
|
|
* Set page configuration and include header
|
|
*
|
|
* @param string $title The page title
|
|
* @param string $description The page description
|
|
* @param string $page The current page identifier
|
|
* @param array $scripts Additional scripts to include
|
|
*/
|
|
function includeHeader($title = '', $description = '', $page = '', $scripts = []) {
|
|
global $page_title, $page_description, $current_page, $additional_scripts;
|
|
|
|
// Set page configuration from parameters
|
|
$page_title = !empty($title)
|
|
? $title
|
|
: 'HexaHost.de - Zuverlässiges Hosting aus Niederbayern';
|
|
|
|
$page_description = !empty($description)
|
|
? $description
|
|
: 'HexaHost.de - Zuverlässiges und preiswertes Hosting aus Niederbayern. VPS, VPC, Mail Gateway und Webhosting Lösungen.';
|
|
|
|
$current_page = $page;
|
|
$additional_scripts = $scripts;
|
|
|
|
if (!isset($canonical_url)) {
|
|
$requestPath = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH) ?: '/';
|
|
$canonical_url = rtrim(getCanonicalBaseUrl(), '/') . $requestPath;
|
|
}
|
|
|
|
include __DIR__ . '/header.php';
|
|
}
|
|
|
|
/**
|
|
* Include footer
|
|
*/
|
|
function includeFooter() {
|
|
include __DIR__ . '/footer.php';
|
|
}
|
|
|
|
/**
|
|
* Generate breadcrumb navigation
|
|
*
|
|
* @param array $breadcrumbs Array of breadcrumb items [['title' => 'Home', 'url' => 'index.html'], ...]
|
|
*/
|
|
function generateBreadcrumbs($breadcrumbs) {
|
|
echo '<div class="breadcrumb">';
|
|
$last_index = count($breadcrumbs) - 1;
|
|
|
|
foreach ($breadcrumbs as $index => $item) {
|
|
if ($index === $last_index) {
|
|
// Last item (current page)
|
|
echo '<span>' . htmlspecialchars($item['title']) . '</span>';
|
|
} else {
|
|
// Link to other pages
|
|
echo '<a href="' . htmlspecialchars($item['url']) . '">' . htmlspecialchars($item['title']) . '</a>';
|
|
echo '<span>/</span>';
|
|
}
|
|
}
|
|
echo '</div>';
|
|
}
|
|
|
|
/**
|
|
* Generate CSRF token for form security
|
|
*
|
|
* @return string CSRF token
|
|
*/
|
|
function generateCSRFToken() {
|
|
if (!isset($_SESSION['csrf_token'])) {
|
|
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
|
|
}
|
|
return $_SESSION['csrf_token'];
|
|
}
|