session
This commit is contained in:
@@ -36,11 +36,29 @@ function browser_quick_test_handle_request(): array
|
|||||||
}
|
}
|
||||||
|
|
||||||
// ---------------------------------------------------------------------
|
// ---------------------------------------------------------------------
|
||||||
// 2. User / Session ermitteln
|
// 2. User / Session ermitteln (robuster)
|
||||||
// ---------------------------------------------------------------------
|
// ---------------------------------------------------------------------
|
||||||
$userId = $_SESSION['user_id'] ?? null; // abhängig von deiner Login-Implementierung
|
$userId = null;
|
||||||
$isLoggedIn = $userId ? 1 : 0;
|
$isLoggedIn = 0;
|
||||||
$sessionId = session_id() ?: null;
|
|
||||||
|
// Variante A: klassisch
|
||||||
|
if (!empty($_SESSION['user_id'])) {
|
||||||
|
$userId = (int)$_SESSION['user_id'];
|
||||||
|
}
|
||||||
|
// Variante B: User-Array in der Session (z.B. $_SESSION['user']['id'])
|
||||||
|
elseif (!empty($_SESSION['user']) && is_array($_SESSION['user']) && !empty($_SESSION['user']['id'])) {
|
||||||
|
$userId = (int)$_SESSION['user']['id'];
|
||||||
|
}
|
||||||
|
// Variante C: auth-Block (z.B. $_SESSION['auth']['user_id'])
|
||||||
|
elseif (!empty($_SESSION['auth']) && is_array($_SESSION['auth']) && !empty($_SESSION['auth']['user_id'])) {
|
||||||
|
$userId = (int)$_SESSION['auth']['user_id'];
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($userId) {
|
||||||
|
$isLoggedIn = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
$sessionId = session_id() ?: null;
|
||||||
|
|
||||||
$ipAddress = $_SERVER['REMOTE_ADDR'] ?? null;
|
$ipAddress = $_SERVER['REMOTE_ADDR'] ?? null;
|
||||||
$userAgent = $_SERVER['HTTP_USER_AGENT'] ?? null;
|
$userAgent = $_SERVER['HTTP_USER_AGENT'] ?? null;
|
||||||
@@ -94,79 +112,78 @@ function browser_quick_test_handle_request(): array
|
|||||||
global $pdo;
|
global $pdo;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$sql = "
|
$sql = "
|
||||||
INSERT INTO web_quicktests (
|
INSERT INTO web_quicktests (
|
||||||
user_id,
|
user_id,
|
||||||
is_logged_in,
|
is_logged_in,
|
||||||
usb_device_id,
|
usb_device_id,
|
||||||
browser_name,
|
browser_name,
|
||||||
browser_version,
|
browser_version,
|
||||||
os_name,
|
os_name,
|
||||||
os_version,
|
os_version,
|
||||||
volume_label,
|
volume_label,
|
||||||
manufacturer,
|
manufacturer,
|
||||||
model_name,
|
model_name,
|
||||||
usb_type,
|
usb_type,
|
||||||
advertised_capacity_bytes,
|
advertised_capacity_bytes,
|
||||||
measured_capacity_bytes,
|
measured_capacity_bytes,
|
||||||
capacity_status,
|
capacity_status,
|
||||||
filesystem,
|
filesystem,
|
||||||
test_report_json,
|
test_report_json,
|
||||||
ip_address,
|
ip_address,
|
||||||
session_id
|
session_id
|
||||||
)
|
)
|
||||||
VALUES (
|
VALUES (
|
||||||
:user_id,
|
:user_id,
|
||||||
:is_logged_in,
|
:is_logged_in,
|
||||||
:usb_device_id,
|
:usb_device_id,
|
||||||
:browser_name,
|
:browser_name,
|
||||||
:browser_version,
|
:browser_version,
|
||||||
:os_name,
|
:os_name,
|
||||||
:os_version,
|
:os_version,
|
||||||
:volume_label,
|
:volume_label,
|
||||||
:manufacturer,
|
:manufacturer,
|
||||||
:model_name,
|
:model_name,
|
||||||
:usb_type,
|
:usb_type,
|
||||||
:advertised_capacity_bytes,
|
:advertised_capacity_bytes,
|
||||||
:measured_capacity_bytes,
|
:measured_capacity_bytes,
|
||||||
:capacity_status,
|
:capacity_status,
|
||||||
:filesystem,
|
:filesystem,
|
||||||
:test_report_json,
|
:test_report_json,
|
||||||
:ip_address,
|
:ip_address,
|
||||||
:session_id
|
:session_id
|
||||||
)
|
)
|
||||||
";
|
";
|
||||||
|
|
||||||
$stmt = $pdo->prepare($sql);
|
$stmt = $pdo->prepare($sql);
|
||||||
|
|
||||||
$stmt->execute([
|
|
||||||
'user_id' => $userId,
|
|
||||||
'is_logged_in' => $isLoggedIn,
|
|
||||||
'usb_device_id' => null,
|
|
||||||
'browser_name' => $browserName,
|
|
||||||
'browser_version' => $browserVersion,
|
|
||||||
'os_name' => $osName,
|
|
||||||
'os_version' => $osVersion,
|
|
||||||
'volume_label' => $volumeLabel,
|
|
||||||
'manufacturer' => $manufacturer,
|
|
||||||
'model_name' => $modelName,
|
|
||||||
'usb_type' => $usbType,
|
|
||||||
'advertised_capacity_bytes' => $advCapacityBytes,
|
|
||||||
'measured_capacity_bytes' => $measuredBytes ?: null,
|
|
||||||
'capacity_status' => $capacityStatus,
|
|
||||||
'filesystem' => $filesystem,
|
|
||||||
'test_report_json' => $testReportJson,
|
|
||||||
'ip_address' => $ipAddress,
|
|
||||||
'session_id' => $sessionId,
|
|
||||||
]);
|
|
||||||
|
|
||||||
|
$stmt->execute([
|
||||||
|
'user_id' => $userId,
|
||||||
|
'is_logged_in' => $isLoggedIn,
|
||||||
|
'usb_device_id' => null,
|
||||||
|
'browser_name' => $browserName,
|
||||||
|
'browser_version' => $browserVersion,
|
||||||
|
'os_name' => $osName,
|
||||||
|
'os_version' => $osVersion,
|
||||||
|
'volume_label' => $volumeLabel,
|
||||||
|
'manufacturer' => $manufacturer,
|
||||||
|
'model_name' => $modelName,
|
||||||
|
'usb_type' => $usbType,
|
||||||
|
'advertised_capacity_bytes' => $advCapacityBytes,
|
||||||
|
'measured_capacity_bytes' => $measuredBytes ?: null,
|
||||||
|
'capacity_status' => $capacityStatus,
|
||||||
|
'filesystem' => $filesystem,
|
||||||
|
'test_report_json' => $testReportJson,
|
||||||
|
'ip_address' => $ipAddress,
|
||||||
|
'session_id' => $sessionId,
|
||||||
|
]);
|
||||||
|
|
||||||
$id = (int)$pdo->lastInsertId();
|
$id = (int)$pdo->lastInsertId();
|
||||||
|
|
||||||
return [
|
return [
|
||||||
'ok' => true,
|
'ok' => true,
|
||||||
'id' => $id,
|
'id' => $id,
|
||||||
'mode' => $modeRequested,
|
'mode' => $modeRequested,
|
||||||
'measured_bytes' => $measuredBytes ?: null,
|
'measured_bytes' => $measuredBytes ?: null,
|
||||||
];
|
];
|
||||||
} catch (Throwable $e) {
|
} catch (Throwable $e) {
|
||||||
|
|||||||
@@ -4,61 +4,47 @@
|
|||||||
require_once __DIR__ . "/config.php";
|
require_once __DIR__ . "/config.php";
|
||||||
|
|
||||||
// -----------------------------------------------------------
|
// -----------------------------------------------------------
|
||||||
// Session starten (gemeinsam für Frontend + API)
|
// Session starten (Frontend + API sollen dieselbe Session nutzen)
|
||||||
// -----------------------------------------------------------
|
// -----------------------------------------------------------
|
||||||
if (php_sapi_name() !== 'cli') {
|
if (php_sapi_name() !== 'cli') {
|
||||||
if (session_status() === PHP_SESSION_NONE) {
|
if (session_status() === PHP_SESSION_NONE) {
|
||||||
|
|
||||||
// Host ermitteln
|
|
||||||
$host = $_SERVER['HTTP_HOST'] ?? '';
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Ziel:
|
|
||||||
* STAGING:
|
|
||||||
* - staging.usbcheck.it
|
|
||||||
* - api.staging.usbcheck.it
|
|
||||||
* -> Cookie-Domain: .staging.usbcheck.it
|
|
||||||
*
|
|
||||||
* PROD:
|
|
||||||
* - usbcheck.it
|
|
||||||
* - www.usbcheck.it
|
|
||||||
* - api.usbcheck.it
|
|
||||||
* -> Cookie-Domain: .usbcheck.it
|
|
||||||
*
|
|
||||||
* LOKAL/SONSTIG:
|
|
||||||
* - z.B. localhost, 127.0.0.1
|
|
||||||
* -> Keine Domain setzen (Browser nimmt Host)
|
|
||||||
*/
|
|
||||||
$cookieDomain = '';
|
|
||||||
|
|
||||||
if (preg_match('~\.staging\.usbcheck\.it$~', $host)) {
|
|
||||||
// alles unter *.staging.usbcheck.it
|
|
||||||
$cookieDomain = '.staging.usbcheck.it';
|
|
||||||
} elseif (preg_match('~(^|\.)(usbcheck\.it)$~', $host)) {
|
|
||||||
// usbcheck.it, www.usbcheck.it, api.usbcheck.it, ...
|
|
||||||
$cookieDomain = '.usbcheck.it';
|
|
||||||
} else {
|
|
||||||
// z.B. localhost → leer lassen
|
|
||||||
$cookieDomain = '';
|
|
||||||
}
|
|
||||||
|
|
||||||
// Einheitlicher Session-Name für alle usbcheck-Hosts
|
|
||||||
session_name('usbcheck_session');
|
session_name('usbcheck_session');
|
||||||
|
|
||||||
|
// Cookie-Domain dynamisch bestimmen
|
||||||
|
$cookieDomain = '';
|
||||||
|
if (!empty($_SERVER['HTTP_HOST'])) {
|
||||||
|
$host = $_SERVER['HTTP_HOST'];
|
||||||
|
// evtl. Port abschneiden
|
||||||
|
$host = preg_replace('/:\d+$/', '', $host);
|
||||||
|
|
||||||
|
// Für alle Subdomains von usbcheck.it dieselbe Session
|
||||||
|
if (preg_match('/\.?usbcheck\.it$/i', $host)) {
|
||||||
|
// wirkt für usbcheck.it, staging.usbcheck.it, api.staging.usbcheck.it, ...
|
||||||
|
$cookieDomain = '.usbcheck.it';
|
||||||
|
}
|
||||||
|
|
||||||
|
// Falls du später andere Projekte auch per Subdomain teilen willst,
|
||||||
|
// kannst du hier weitere Regeln ergänzen, z.B.:
|
||||||
|
// elseif (preg_match('/\.?kusche\.berlin$/i', $host)) {
|
||||||
|
// $cookieDomain = '.kusche.berlin';
|
||||||
|
// }
|
||||||
|
}
|
||||||
|
|
||||||
session_set_cookie_params([
|
session_set_cookie_params([
|
||||||
'lifetime' => 0,
|
'lifetime' => 0,
|
||||||
'path' => '/',
|
'path' => '/',
|
||||||
'domain' => $cookieDomain, // wichtig für gemeinsame Session über Subdomains
|
'domain' => $cookieDomain, // WICHTIG: jetzt ggf. .usbcheck.it
|
||||||
'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'),
|
'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'),
|
||||||
'httponly' => true,
|
'httponly' => true,
|
||||||
'samesite' => 'Lax', // reicht für gleiche Site (staging/api.*.usbcheck.it)
|
'samesite' => 'Lax',
|
||||||
]);
|
]);
|
||||||
|
|
||||||
session_start();
|
session_start();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
require_once __DIR__ . '/i18n.php'; // zentrale Sprachlogik
|
require_once __DIR__ . '/i18n.php'; // <— zentrale Sprachlogik
|
||||||
|
|
||||||
// ab hier kannst du überall $GLOBALS['lang'] und $GLOBALS['availableLangs'] nutzen
|
// ab hier kannst du überall $GLOBALS['lang'] und $GLOBALS['availableLangs'] nutzen
|
||||||
// und für JS:
|
// und für JS:
|
||||||
|
|||||||
Reference in New Issue
Block a user