diff --git a/config/domaindata.php b/config/domaindata.php new file mode 100644 index 0000000..fe8f705 --- /dev/null +++ b/config/domaindata.php @@ -0,0 +1,4 @@ + 0, 'path' => '/', - 'domain' => '', + 'domain' => APP_COOKIE_DOMAIN ?: '', 'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'), 'httponly' => true, 'samesite' => 'Lax', @@ -24,72 +67,55 @@ if (php_sapi_name() !== 'cli') { } } -/** - * --------------------------------------------------------- - * Persistente Client-ID (über Logins & Sessions hinweg) - * --------------------------------------------------------- - * Cookie-Name: usbcheck_client - * Domain: - * - staging: .staging.usbcheck.it - * - live: .usbcheck.it - */ -if (php_sapi_name() !== 'cli') { - $clientId = $_COOKIE['usbcheck_client'] ?? null; - // jetzt 64 Hex-Zeichen (32 Bytes → 64 Hex) +// ----------------------------------------------------------- +// 2) Persistente Client-ID (für Tracking über Besuche hinweg) +// ----------------------------------------------------------- +if (php_sapi_name() !== 'cli') { + $clientId = $_COOKIE[$clientCookieName] ?? null; + + // Erwartet wird: 64 Hex-Zeichen (32 Bytes) if ( - !is_string($clientId) - || $clientId === '' - || !preg_match('/^[a-f0-9]{64}$/', $clientId) + !is_string($clientId) || + $clientId === '' || + !preg_match('/^[a-f0-9]{64}$/', $clientId) ) { // neue ID erzeugen try { - $clientId = bin2hex(random_bytes(32)); // 32 Bytes → 64 Hex + $clientId = bin2hex(random_bytes(32)); // 32 bytes → 64 hex } catch (Throwable $e) { - // Fallback – sollte praktisch nie passieren $clientId = bin2hex(openssl_random_pseudo_bytes(32)); } - $host = $_SERVER['HTTP_HOST'] ?? ''; - $cookieDomain = null; - - if (preg_match('/\.staging\.usbcheck\.it$/', $host)) { - $cookieDomain = '.staging.usbcheck.it'; - } elseif (preg_match('/\.usbcheck\.it$/', $host)) { - $cookieDomain = '.usbcheck.it'; - } - $cookieOpts = [ - 'expires' => time() + 365 * 24 * 60 * 60, // ~1 Jahr + 'expires' => time() + APP_CLIENT_COOKIE_LIFETIME, 'path' => '/', 'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'), - 'httponly' => false, // darf JS lesen, falls du es mal brauchst + 'httponly' => false, // JS darf es lesen, wenn erwünscht 'samesite' => 'Lax', ]; - if ($cookieDomain) { - $cookieOpts['domain'] = $cookieDomain; + if (!empty(APP_COOKIE_DOMAIN)) { + $cookieOpts['domain'] = APP_COOKIE_DOMAIN; } - setcookie('usbcheck_client', $clientId, $cookieOpts); - $_COOKIE['usbcheck_client'] = $clientId; // lokal auch verfügbar + setcookie($clientCookieName, $clientId, $cookieOpts); + $_COOKIE[$clientCookieName] = $clientId; } - // global verfügbar machen - $GLOBALS['usb_client_id'] = $clientId; + // global verfügbar machen (NEUER NAME!) + $GLOBALS['cookie_client_id'] = $clientId; } -require_once __DIR__ . '/i18n.php'; // <— zentrale Sprachlogik - -// ab hier kannst du überall $GLOBALS['lang'] und $GLOBALS['availableLangs'] nutzen -// und für JS: -$usbConfig = [ - // ... dein sonstiges Zeug ... - 'i18n' => app_i18n_get_frontend_config(), -]; // ----------------------------------------------------------- -// Rest des Systems laden +// 3) Sprachlogik laden (bleibt sinnvoll zentral) +// ----------------------------------------------------------- +require_once __DIR__ . '/i18n.php'; + + +// ----------------------------------------------------------- +// 4) Rest des Systems laden (DB, Funktionen, Hilfs-Libs) // ----------------------------------------------------------- require_once __DIR__ . "/db.php"; -require_once __DIR__ . "/../src/functions.php"; +require_once __DIR__ . '/../src/functions.php'; diff --git a/config/prod/config.php b/config/prod/config.php index 5322436..b11bace 100644 --- a/config/prod/config.php +++ b/config/prod/config.php @@ -3,13 +3,16 @@ ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); +require_once __DIR__ . "/domaindata.php"; + +// Umgebung (optional, aber hilfreich für Debugging / Logik) +define('APP_ENV', 'prod'); // oder 'prod', 'local', ... if (!defined('ASSET_VERSION')) { define('ASSET_VERSION', '2024-11-22'); // oder deine aktuelle Version } - // Domain-Konfiguration (kann pro Umgebung angepasst werden) if (!defined('APP_DOMAIN_PRIMARY')) { - define('APP_DOMAIN_PRIMARY', 'usbcheck.it'); + define('APP_DOMAIN_PRIMARY', APP_DOMAIN_NAME); } if (!defined('APP_URL_PRIMARY')) { define('APP_URL_PRIMARY', 'https://' . APP_DOMAIN_PRIMARY); @@ -26,10 +29,6 @@ define('MATOMO_URL', 'https://matomo.my-statistics.info/'); define('MATOMO_ENABLED', true); define('MATOMO_SITE_ID', 7); $env = 'prod'; -$baseUrl = 'https://usbcheck.it'; -$apiBaseUrl = 'https://api.usbcheck.it'; +$baseUrl = 'https://'.APP_DOMAIN_NAME; +$apiBaseUrl = 'https://api.'.APP_DOMAIN_NAME; -// Diese Werte später ins Template schieben: -$GLOBALS['usb_env'] = $env; -$GLOBALS['usb_base_url'] = $baseUrl; -$GLOBALS['usb_api_base'] = $apiBaseUrl; \ No newline at end of file diff --git a/config/staging/config.php b/config/staging/config.php index 62e208e..e2ea33f 100644 --- a/config/staging/config.php +++ b/config/staging/config.php @@ -3,13 +3,19 @@ ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); +require_once __DIR__ . "/domaindata.php"; + +// Umgebung (optional, aber hilfreich für Debugging / Logik) +define('APP_ENV', 'staging'); // oder 'prod', 'local', ... + + if (!defined('ASSET_VERSION')) { define('ASSET_VERSION', time()); // oder deine aktuelle Version } // Domain-Konfiguration (kann pro Umgebung angepasst werden) if (!defined('APP_DOMAIN_PRIMARY')) { - define('APP_DOMAIN_PRIMARY', 'staging.usbcheck.it'); + define('APP_DOMAIN_PRIMARY', 'staging.'.APP_DOMAIN_NAME); } if (!defined('APP_URL_PRIMARY')) { define('APP_URL_PRIMARY', 'https://' . APP_DOMAIN_PRIMARY); @@ -25,10 +31,6 @@ if (!defined('APP_URL_FAKECHECK')) { define('MATOMO_URL', 'https://matomo.my-statistics.info/'); define('MATOMO_ENABLED', false); define('MATOMO_SITE_ID', 8); -$env = 'staging'; +$baseUrl = 'https://'.APP_DOMAIN_PRIMARY; $apiBaseUrl = 'https://api.'.APP_DOMAIN_PRIMARY; -// Diese Werte später ins Template schieben: -$GLOBALS['usb_env'] = $env; -$GLOBALS['usb_base_url'] = APP_URL_PRIMARY; -$GLOBALS['usb_api_base'] = $apiBaseUrl; \ No newline at end of file diff --git a/partials/structure/app_config.php b/partials/structure/app_config.php index 7c93b07..00a165a 100644 --- a/partials/structure/app_config.php +++ b/partials/structure/app_config.php @@ -10,8 +10,8 @@ $requestUri = $_SERVER['REQUEST_URI'] ?? '/'; $currentLang = $GLOBALS['lang'] ?? ($lang ?? 'en'); $allAvailable = $GLOBALS['availableLangs'] ?? []; -// Optional: Environment aus config.php (du hattest $env → $GLOBALS['usb_env']) -$env = $GLOBALS['usb_env'] ?? 'prod'; +// Optional: Environment aus config.php (du hattest $env → $GLOBALS['app_env']) +$env = $GLOBALS['app_env'] ?? 'prod'; // ----------------------------------------------- // USBCheck JavaScript-Konfiguration @@ -38,11 +38,11 @@ $usbConfig = [ // Fakecheck-Tool-Config 'fakecheck' => [ - 'baseUrl' => $GLOBALS['usb_base_url'] ?? '', - 'apiBaseUrl' => $GLOBALS['usb_api_base'] ?? 'https://api.usbcheck.it', + 'baseUrl' => $GLOBALS['app_url'] ?? '', + 'apiBaseUrl' => $GLOBALS['app_api_url'] ?? 'https://api.usbcheck.it', 'locale' => $currentLang, ], - + 'i18n' => app_i18n_get_frontend_config(), // i18n-Konfiguration 'i18n' => [ 'available' => $allAvailable,