220 lines
7.2 KiB
PHP
220 lines
7.2 KiB
PHP
<?php
|
|
|
|
// -----------------------------------------------------------
|
|
// 0) Umgebung / Domains / Error-Level laden
|
|
// → Diese Datei DEFINIERT die Konstanten wie
|
|
// APP_COOKIE_PREFIX, APP_COOKIE_DOMAIN, APP_ENV etc.
|
|
// -----------------------------------------------------------
|
|
// Try to load primary environment bootstrap.
|
|
$envHint = getenv('APP_ENV_FILE') ?: (getenv('APP_ENV') ?: null);
|
|
if ($envHint && !preg_match('/^[A-Za-z0-9_\-]+$/', $envHint)) {
|
|
$envHint = null;
|
|
}
|
|
if ($envHint === null) {
|
|
$host = '';
|
|
if (!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
|
|
$host = strtolower(trim(explode(',', (string)$_SERVER['HTTP_X_FORWARDED_HOST'])[0]));
|
|
} elseif (!empty($_SERVER['HTTP_HOST'])) {
|
|
$host = strtolower((string)$_SERVER['HTTP_HOST']);
|
|
}
|
|
if ($host !== '') {
|
|
$host = preg_replace('/:\\d+$/', '', $host);
|
|
if ($host === 'staging.emailtemplate.it') {
|
|
$envHint = 'staging';
|
|
} elseif (preg_match('/(^|\\.)emailtemplate\\.it$/', $host)) {
|
|
$envHint = 'prod';
|
|
}
|
|
}
|
|
}
|
|
if ($envHint === null) {
|
|
if (is_dir(__DIR__ . '/staging')) {
|
|
$envHint = 'staging';
|
|
} elseif (is_dir(__DIR__ . '/prod')) {
|
|
$envHint = 'prod';
|
|
}
|
|
}
|
|
|
|
$bootstrapCandidates = [__DIR__ . '/config.php'];
|
|
if ($envHint) {
|
|
$bootstrapCandidates[] = __DIR__ . '/' . $envHint . '/config.php';
|
|
}
|
|
$bootstrapLoaded = false;
|
|
foreach ($bootstrapCandidates as $bootstrap) {
|
|
if ($bootstrap && is_file($bootstrap)) {
|
|
require_once $bootstrap;
|
|
$bootstrapLoaded = true;
|
|
}
|
|
}
|
|
if (!$bootstrapLoaded) {
|
|
throw new RuntimeException('No environment config found under config/.');
|
|
}
|
|
|
|
$versionText = null;
|
|
$versionFile = __DIR__ . '/current.ver';
|
|
if (is_file($versionFile)) {
|
|
$raw = trim((string)@file_get_contents($versionFile));
|
|
if ($raw !== '') {
|
|
$versionText = $raw;
|
|
}
|
|
}
|
|
$mainversion = null;
|
|
$subversion = null;
|
|
$patchversion = null;
|
|
if ($versionText && preg_match('/^(\\d+)\\.(\\d+)\\.(\\d+)$/', $versionText, $m)) {
|
|
$mainversion = (int)$m[1];
|
|
$subversion = (int)$m[2];
|
|
$patchversion = (int)$m[3];
|
|
}
|
|
|
|
$emailtemplateConfigPath = __DIR__ . '/emailtemplate.conf.php';
|
|
if (is_file($emailtemplateConfigPath)) {
|
|
$GLOBALS['emailtemplate_config'] = require $emailtemplateConfigPath;
|
|
}
|
|
|
|
|
|
// Diese Werte später ins Template schieben:
|
|
$GLOBALS['app_env'] = APP_ENV;
|
|
$GLOBALS['app_base_url'] = APP_URL_PRIMARY;
|
|
$GLOBALS['app_api_base'] = $apiBaseUrl;
|
|
$GLOBALS['app_version'] = ($mainversion !== null && $subversion !== null && $patchversion !== null)
|
|
? "{$mainversion}.{$subversion}.{$patchversion}"
|
|
: null;
|
|
|
|
if (!function_exists('get_version_badge_markup')) {
|
|
function get_version_badge_markup(): string
|
|
{
|
|
$version = $GLOBALS['app_version'] ?? null;
|
|
if (!$version || php_sapi_name() === 'cli') {
|
|
return '';
|
|
}
|
|
$versionText = htmlspecialchars((string)$version, ENT_QUOTES, 'UTF-8');
|
|
|
|
ob_start();
|
|
?>
|
|
<style>
|
|
.app-version-badge{position:fixed;right:12px;bottom:12px;z-index:2147483000;font-size:12px;font-family:system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",sans-serif;color:#0f172a;background:rgba(248,250,252,.85);border:1px solid rgba(148,163,184,.6);border-radius:999px;padding:4px 10px;box-shadow:0 8px 20px rgba(15,23,42,.15);backdrop-filter:blur(6px);}
|
|
@media print {.app-version-badge{display:none}}
|
|
</style>
|
|
<script>
|
|
(function(){
|
|
var prev=document.querySelector('.app-version-badge');
|
|
if(prev){prev.remove();}
|
|
var badge=document.createElement('div');
|
|
badge.className='app-version-badge';
|
|
badge.textContent='v <?= $versionText ?>';
|
|
var append=function(){document.body?document.body.appendChild(badge):document.addEventListener('DOMContentLoaded',function(){document.body.appendChild(badge);});};
|
|
if(window.requestAnimationFrame){requestAnimationFrame(append);}else{append();}
|
|
})();
|
|
</script>
|
|
<?php
|
|
return ob_get_clean() ?: '';
|
|
}
|
|
}
|
|
|
|
// -----------------------------------------------------------
|
|
// set cookie / session parameters
|
|
// -----------------------------------------------------------
|
|
|
|
|
|
if (!defined('CUSTOM_PREFIX')) {
|
|
define('CUSTOM_PREFIX', APP_PREFIX);
|
|
}
|
|
|
|
if(!defined('APP_COOKIE_PREFIX')) {
|
|
if(APP_ENV==="staging"){
|
|
define('APP_COOKIE_PREFIX', APP_PREFIX.'_stg'.'_');
|
|
} else
|
|
{
|
|
define('APP_COOKIE_PREFIX', APP_PREFIX.'_');
|
|
}
|
|
}
|
|
|
|
if (!defined('APP_COOKIE_DOMAIN')) {
|
|
// Fallback: aktuelle Domain des Hosts
|
|
define('APP_COOKIE_DOMAIN', '.'.APP_DOMAIN_PRIMARY);
|
|
define('APP_PRIMARY_DOMAIN', APP_DOMAIN_PRIMARY);
|
|
}
|
|
if (!defined('APP_CLIENT_COOKIE_LIFETIME')) {
|
|
define('APP_CLIENT_COOKIE_LIFETIME', 365 * 24 * 60 * 60); // 1 Jahr
|
|
}
|
|
|
|
|
|
// Einheitliche Cookie-Namen (projektübergreifend steuerbar)
|
|
$sessionCookieName = APP_COOKIE_PREFIX . 'session';
|
|
$clientCookieName = APP_COOKIE_PREFIX . 'client';
|
|
|
|
|
|
// -----------------------------------------------------------
|
|
// 1) PHP-Session starten
|
|
// -----------------------------------------------------------
|
|
if (php_sapi_name() !== 'cli') {
|
|
if (session_status() === PHP_SESSION_NONE) {
|
|
|
|
session_name($sessionCookieName);
|
|
|
|
session_set_cookie_params([
|
|
'lifetime' => 0,
|
|
'path' => '/',
|
|
'domain' => APP_COOKIE_DOMAIN ?: '',
|
|
'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'),
|
|
'httponly' => true,
|
|
'samesite' => 'Lax',
|
|
]);
|
|
|
|
session_start();
|
|
}
|
|
}
|
|
|
|
|
|
// -----------------------------------------------------------
|
|
// 2) Persistente Client-ID (für Tracking über Besuche hinweg)
|
|
// -----------------------------------------------------------
|
|
if (php_sapi_name() !== 'cli') {
|
|
$clientId = $_COOKIE[$clientCookieName] ?? null;
|
|
|
|
// Erwartet wird: 64 Hex-Zeichen (32 Bytes)
|
|
if (
|
|
!is_string($clientId) ||
|
|
$clientId === '' ||
|
|
!preg_match('/^[a-f0-9]{64}$/', $clientId)
|
|
) {
|
|
// neue ID erzeugen
|
|
try {
|
|
$clientId = bin2hex(random_bytes(32)); // 32 bytes → 64 hex
|
|
} catch (Throwable $e) {
|
|
$clientId = bin2hex(openssl_random_pseudo_bytes(32));
|
|
}
|
|
|
|
$cookieOpts = [
|
|
'expires' => time() + APP_CLIENT_COOKIE_LIFETIME,
|
|
'path' => '/',
|
|
'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'),
|
|
'httponly' => false, // JS darf es lesen, wenn erwünscht
|
|
'samesite' => 'Lax',
|
|
];
|
|
|
|
if (!empty(APP_COOKIE_DOMAIN)) {
|
|
$cookieOpts['domain'] = APP_COOKIE_DOMAIN;
|
|
}
|
|
|
|
setcookie($clientCookieName, $clientId, $cookieOpts);
|
|
$_COOKIE[$clientCookieName] = $clientId;
|
|
}
|
|
|
|
// global verfügbar machen (NEUER NAME!)
|
|
$GLOBALS['cookie_client_id'] = $clientId;
|
|
}
|
|
|
|
|
|
// -----------------------------------------------------------
|
|
// 3) Sprachlogik laden (bleibt sinnvoll zentral)
|
|
// -----------------------------------------------------------
|
|
require_once __DIR__ . '/i18n.php';
|
|
|
|
|
|
// -----------------------------------------------------------
|
|
// 4) Rest des Systems laden (DB, Funktionen, Hilfs-Libs)
|
|
// -----------------------------------------------------------
|
|
require_once __DIR__ . "/db.php";
|
|
require_once __DIR__ . '/../inc/helpers.php';
|