110 lines
2.8 KiB
PHP
110 lines
2.8 KiB
PHP
<?php
|
|
/**
|
|
* Geofeed Manager Configuration
|
|
*/
|
|
|
|
// Error reporting (disable in production)
|
|
error_reporting(E_ALL);
|
|
ini_set('display_errors', '0');
|
|
|
|
// Database configuration
|
|
define('DB_HOST', getenv('DB_HOST') ?: 'localhost');
|
|
define('DB_NAME', getenv('DB_NAME') ?: 'geofeed_manager');
|
|
define('DB_USER', getenv('DB_USER') ?: 'root');
|
|
define('DB_PASS', getenv('DB_PASS') ?: '');
|
|
|
|
// Application settings
|
|
define('APP_NAME', 'Geofeed Manager');
|
|
define('APP_VERSION', '1.0.0');
|
|
define('ITEMS_PER_PAGE', 25);
|
|
|
|
// Session configuration
|
|
session_start();
|
|
|
|
// Database connection
|
|
function getDB() {
|
|
static $pdo = null;
|
|
|
|
if ($pdo === null) {
|
|
try {
|
|
$pdo = new PDO(
|
|
"mysql:host=" . DB_HOST . ";dbname=" . DB_NAME . ";charset=utf8mb4",
|
|
DB_USER,
|
|
DB_PASS,
|
|
[
|
|
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
|
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
|
PDO::ATTR_EMULATE_PREPARES => false
|
|
]
|
|
);
|
|
} catch (PDOException $e) {
|
|
die(json_encode(['error' => 'Database connection failed']));
|
|
}
|
|
}
|
|
|
|
return $pdo;
|
|
}
|
|
|
|
// CSRF Protection
|
|
function generateCSRFToken() {
|
|
if (empty($_SESSION['csrf_token'])) {
|
|
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
|
|
}
|
|
return $_SESSION['csrf_token'];
|
|
}
|
|
|
|
function validateCSRFToken($token) {
|
|
return isset($_SESSION['csrf_token']) && hash_equals($_SESSION['csrf_token'], $token);
|
|
}
|
|
|
|
// JSON Response helper
|
|
function jsonResponse($data, $statusCode = 200) {
|
|
http_response_code($statusCode);
|
|
header('Content-Type: application/json');
|
|
echo json_encode($data);
|
|
exit;
|
|
}
|
|
|
|
// Input sanitization
|
|
function sanitizeInput($input) {
|
|
if (is_array($input)) {
|
|
return array_map('sanitizeInput', $input);
|
|
}
|
|
return htmlspecialchars(trim($input), ENT_QUOTES, 'UTF-8');
|
|
}
|
|
|
|
// IP prefix validation
|
|
function isValidIpPrefix($prefix) {
|
|
if (strpos($prefix, '/') !== false) {
|
|
list($ip, $cidr) = explode('/', $prefix);
|
|
|
|
if (!is_numeric($cidr)) {
|
|
return false;
|
|
}
|
|
|
|
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
|
|
return $cidr >= 0 && $cidr <= 32;
|
|
}
|
|
|
|
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
|
|
return $cidr >= 0 && $cidr <= 128;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
return filter_var($prefix, FILTER_VALIDATE_IP) !== false;
|
|
}
|
|
|
|
// Country code validation
|
|
function isValidCountryCode($code) {
|
|
if (empty($code)) return true;
|
|
return preg_match('/^[A-Z]{2}$/i', $code);
|
|
}
|
|
|
|
// Region code validation (ISO 3166-2)
|
|
function isValidRegionCode($code) {
|
|
if (empty($code)) return true;
|
|
return preg_match('/^[A-Z]{2}-[A-Z0-9]{1,3}$/i', $code);
|
|
}
|