projects/usbcheck.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

make more flex

Browse Source
This commit is contained in:
Lars Gebhardt-Kusche
2025-12-04 02:06:50 +01:00
parent e83302c7d8
commit d50787a1c6
5 changed files with 98 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
config/fileload.php
View File

@@ -1,20 +1,63 @@
<?php
// 0) Umgebung / Domains / Error-Level
// -----------------------------------------------------------
// 0) Umgebung / Domains / Error-Level laden
// → Diese Datei DEFINIERT die Konstanten wie
// APP_COOKIE_PREFIX, APP_COOKIE_DOMAIN, APP_ENV etc.
// -----------------------------------------------------------
require_once __DIR__ . "/config.php";
// Diese Werte später ins Template schieben:
$GLOBALS['app_env'] = APP_ENV;
$GLOBALS['app_base_url'] = APP_URL_PRIMARY;
$GLOBALS['app_api_base'] = $apiBaseUrl;
// -----------------------------------------------------------
// Session starten
// set cookie / session parameters
// -----------------------------------------------------------
if (!defined('CUSTOM_PREFIX')) {
define('CUSTOM_PREFIX', APP_PREFIX);
}
if(!defined('APP_COOKIE_PREFIX')) {
if(APP_ENV==="staging"){
define('APP_COOKIE_PREFIX', APP_PREFIX.'_stg'.'_');
} else
{
define('APP_COOKIE_PREFIX', APP_PREFIX.'_');
}
}
if (!defined('APP_COOKIE_DOMAIN')) {
// Fallback: aktuelle Domain des Hosts
define('APP_COOKIE_DOMAIN', '.'.APP_DOMAIN_PRIMARY);
define('APP_PRIMARY_DOMAIN', APP_DOMAIN_PRIMARY);
}
if (!defined('APP_CLIENT_COOKIE_LIFETIME')) {
define('APP_CLIENT_COOKIE_LIFETIME', 365 * 24 * 60 * 60); // 1 Jahr
}
// Einheitliche Cookie-Namen (projektübergreifend steuerbar)
$sessionCookieName = APP_COOKIE_PREFIX . 'session';
$clientCookieName = APP_COOKIE_PREFIX . 'client';
// -----------------------------------------------------------
// 1) PHP-Session starten
// -----------------------------------------------------------
if (php_sapi_name() !== 'cli') {
if (session_status() === PHP_SESSION_NONE) {
session_name('usbcheck_session');
session_name($sessionCookieName);
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'domain' => '',
'domain' => APP_COOKIE_DOMAIN ?: '',
'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'),
'httponly' => true,
'samesite' => 'Lax',
@@ -24,72 +67,55 @@ if (php_sapi_name() !== 'cli') {
}
}
/**
* ---------------------------------------------------------
* Persistente Client-ID (über Logins & Sessions hinweg)
* ---------------------------------------------------------
* Cookie-Name: usbcheck_client
* Domain:
* - staging: .staging.usbcheck.it
* - live: .usbcheck.it
*/
if (php_sapi_name() !== 'cli') {
$clientId = $_COOKIE['usbcheck_client'] ?? null;
// jetzt 64 Hex-Zeichen (32 Bytes → 64 Hex)
// -----------------------------------------------------------
// 2) Persistente Client-ID (für Tracking über Besuche hinweg)
// -----------------------------------------------------------
if (php_sapi_name() !== 'cli') {
$clientId = $_COOKIE[$clientCookieName] ?? null;
// Erwartet wird: 64 Hex-Zeichen (32 Bytes)
if (
!is_string($clientId)
|| $clientId === ''
|| !preg_match('/^[a-f0-9]{64}$/', $clientId)
!is_string($clientId) ||
$clientId === '' ||
!preg_match('/^[a-f0-9]{64}$/', $clientId)
) {
// neue ID erzeugen
try {
$clientId = bin2hex(random_bytes(32)); // 32 Bytes → 64 Hex
$clientId = bin2hex(random_bytes(32)); // 32 bytes → 64 hex
} catch (Throwable $e) {
// Fallback sollte praktisch nie passieren
$clientId = bin2hex(openssl_random_pseudo_bytes(32));
}
$host = $_SERVER['HTTP_HOST'] ?? '';
$cookieDomain = null;
if (preg_match('/\.staging\.usbcheck\.it$/', $host)) {
$cookieDomain = '.staging.usbcheck.it';
} elseif (preg_match('/\.usbcheck\.it$/', $host)) {
$cookieDomain = '.usbcheck.it';
}
$cookieOpts = [
'expires' => time() + 365 * 24 * 60 * 60, // ~1 Jahr
'expires' => time() + APP_CLIENT_COOKIE_LIFETIME,
'path' => '/',
'secure' => (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off'),
'httponly' => false, // darf JS lesen, falls du es mal brauchst
'httponly' => false, // JS darf es lesen, wenn erwünscht
'samesite' => 'Lax',
];
if ($cookieDomain) {
$cookieOpts['domain'] = $cookieDomain;
if (!empty(APP_COOKIE_DOMAIN)) {
$cookieOpts['domain'] = APP_COOKIE_DOMAIN;
}
setcookie('usbcheck_client', $clientId, $cookieOpts);
$_COOKIE['usbcheck_client'] = $clientId; // lokal auch verfügbar
setcookie($clientCookieName, $clientId, $cookieOpts);
$_COOKIE[$clientCookieName] = $clientId;
}
// global verfügbar machen
$GLOBALS['usb_client_id'] = $clientId;
// global verfügbar machen (NEUER NAME!)
$GLOBALS['cookie_client_id'] = $clientId;
}
require_once __DIR__ . '/i18n.php'; // <— zentrale Sprachlogik
// ab hier kannst du überall $GLOBALS['lang'] und $GLOBALS['availableLangs'] nutzen
// und für JS:
$usbConfig = [
// ... dein sonstiges Zeug ...
'i18n' => app_i18n_get_frontend_config(),
];
// -----------------------------------------------------------
// Rest des Systems laden
// 3) Sprachlogik laden (bleibt sinnvoll zentral)
// -----------------------------------------------------------
require_once __DIR__ . '/i18n.php';
// -----------------------------------------------------------
// 4) Rest des Systems laden (DB, Funktionen, Hilfs-Libs)
// -----------------------------------------------------------
require_once __DIR__ . "/db.php";
require_once __DIR__ . "/../src/functions.php";
require_once __DIR__ . '/../src/functions.php';