Edwin Noorlander
60276cdccd
- Fix path traversal with realpath() validation in getPage() and executePhpFile() - Remove insecure JWT secret fallback, require JWT_SECRET env var - Fix IP spoofing by only trusting proxy headers from configured proxies - Add Secure/HttpOnly/SameSite flags to all cookies - Use env var for debug mode instead of hardcoded true - Fix operator precedence bug in MQTTTracker track_user_flows check - Remove dead code: duplicate is_dir() block, unused scanForPageNames() - Remove htmlspecialchars() from filesystem path operations - Remove duplicate require_once calls and redundant autoloader includes - Fix unclosed </div> in getDirectoryListing() - Escape breadcrumb titles and add lang param to search result URLs - Make language prefixes dynamic from config instead of hardcoded nl|en - Make HTML lang attribute dynamic, add go_to translation key - Add aria-label/aria-expanded to sidebar toggle for accessibility - Fix event listener leak in app.js using event delegation - Remove console.log from production code - Update guides (NL/EN) with sidebar toggle documentation - Add TODO.md documenting all identified improvements
57 lines
1.7 KiB
PHP
57 lines
1.7 KiB
PHP
<?php
|
|
|
|
return [
|
|
'name' => 'CodePress Admin Console',
|
|
'version' => '1.0.0',
|
|
'debug' => $_ENV['APP_DEBUG'] ?? false,
|
|
'timezone' => 'Europe/Amsterdam',
|
|
|
|
// Security
|
|
'security' => [
|
|
'jwt_secret' => $_ENV['JWT_SECRET'] ?? throw new \RuntimeException('JWT_SECRET environment variable must be set'),
|
|
'jwt_expiration' => 3600, // 1 hour
|
|
'session_timeout' => 1800, // 30 minutes
|
|
'max_login_attempts' => 5,
|
|
'lockout_duration' => 900, // 15 minutes
|
|
],
|
|
|
|
// Database
|
|
'database' => [
|
|
'type' => 'sqlite',
|
|
'path' => __DIR__ . '/../database/admin.db',
|
|
'backup_path' => __DIR__ . '/../storage/backups/',
|
|
],
|
|
|
|
// CodePress Integration
|
|
'codepress' => [
|
|
'path' => __DIR__ . '/../../',
|
|
'content_dir' => __DIR__ . '/../../public/content/',
|
|
'templates_dir' => __DIR__ . '/../../engine/templates/',
|
|
'plugins_dir' => __DIR__ . '/../../plugins/',
|
|
],
|
|
|
|
// Email
|
|
'mail' => [
|
|
'host' => $_ENV['MAIL_HOST'] ?? 'localhost',
|
|
'port' => $_ENV['MAIL_PORT'] ?? 587,
|
|
'username' => $_ENV['MAIL_USERNAME'] ?? '',
|
|
'password' => $_ENV['MAIL_PASSWORD'] ?? '',
|
|
'from' => $_ENV['MAIL_FROM'] ?? 'admin@codepress.local',
|
|
'from_name' => 'CodePress Admin',
|
|
],
|
|
|
|
// Storage
|
|
'storage' => [
|
|
'uploads_path' => __DIR__ . '/../storage/uploads/',
|
|
'logs_path' => __DIR__ . '/../storage/logs/',
|
|
'cache_path' => __DIR__ . '/../storage/cache/',
|
|
],
|
|
|
|
// UI Settings
|
|
'ui' => [
|
|
'theme' => 'bootstrap',
|
|
'items_per_page' => 20,
|
|
'date_format' => 'd-m-Y H:i',
|
|
'timezone' => 'Europe/Amsterdam',
|
|
],
|
|
]; |