PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARES => false ] ); } catch (PDOException $e) { die(json_encode(['error' => 'Database connection failed'])); } } return $pdo; } // CSRF Protection function generateCSRFToken() { if (empty($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); } return $_SESSION['csrf_token']; } function validateCSRFToken($token) { return isset($_SESSION['csrf_token']) && hash_equals($_SESSION['csrf_token'], $token); } // JSON Response helper function jsonResponse($data, $statusCode = 200) { http_response_code($statusCode); header('Content-Type: application/json'); echo json_encode($data); exit; } // Input sanitization function sanitizeInput($input) { if (is_array($input)) { return array_map('sanitizeInput', $input); } return htmlspecialchars(trim($input), ENT_QUOTES, 'UTF-8'); } // IP prefix validation function isValidIpPrefix($prefix) { if (strpos($prefix, '/') !== false) { list($ip, $cidr) = explode('/', $prefix); if (!is_numeric($cidr)) { return false; } if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { return $cidr >= 0 && $cidr <= 32; } if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { return $cidr >= 0 && $cidr <= 128; } return false; } return filter_var($prefix, FILTER_VALIDATE_IP) !== false; } // Country code validation function isValidCountryCode($code) { if (empty($code)) return true; return preg_match('/^[A-Z]{2}$/i', $code); } // Region code validation (ISO 3166-2) function isValidRegionCode($code) { if (empty($code)) return true; return preg_match('/^[A-Z]{2}-[A-Z0-9]{1,3}$/i', $code); }