57 lines
1.3 KiB
PHP
57 lines
1.3 KiB
PHP
<?php
|
|
// Generated by setup_mariadb_project.sh — edit as needed.
|
|
define('DB_HOST', '127.0.0.1');
|
|
define('DB_NAME', 'app_38220');
|
|
define('DB_USER', 'app_38220');
|
|
define('DB_PASS', '5f905595-f08d-48bc-9b00-3e1a868017ea');
|
|
|
|
if (session_status() === PHP_SESSION_NONE) {
|
|
session_start();
|
|
}
|
|
|
|
function db() {
|
|
static $pdo;
|
|
if (!$pdo) {
|
|
try {
|
|
$pdo = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME.';charset=utf8mb4', DB_USER, DB_PASS, [
|
|
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
|
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
|
PDO::ATTR_EMULATE_PREPARES => false,
|
|
]);
|
|
} catch (PDOException $e) {
|
|
die("Connection failed: " . $e->getMessage());
|
|
}
|
|
}
|
|
return $pdo;
|
|
}
|
|
|
|
/**
|
|
* XSS Protection helper
|
|
*/
|
|
function e($value) {
|
|
return htmlspecialchars($value, ENT_QUOTES, 'UTF-8');
|
|
}
|
|
|
|
/**
|
|
* CSRF Token generation
|
|
*/
|
|
function csrf_token() {
|
|
if (empty($_SESSION['csrf_token'])) {
|
|
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
|
|
}
|
|
return $_SESSION['csrf_token'];
|
|
}
|
|
|
|
/**
|
|
* CSRF Token validation
|
|
*/
|
|
function validate_csrf($token) {
|
|
return !empty($token) && hash_equals($_SESSION['csrf_token'] ?? '', $token);
|
|
}
|
|
|
|
/**
|
|
* Format currency
|
|
*/
|
|
function format_currency($amount) {
|
|
return '$' . number_format((float)$amount, 2);
|
|
} |