ES_Sami7777/easystream-main
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync current dev state
Some checks failed
EasyStream Test Suite / test (pull_request) Has been cancelled
Details
EasyStream Test Suite / code-quality (pull_request) Has been cancelled
Details
EasyStream Test Suite / integration-test (pull_request) Has been cancelled
Details

Browse Source
This commit is contained in:
SamiAhmed7777
2025-12-15 17:28:21 -08:00
parent 3bf64b1058
commit f0f346deb9
54 changed files with 11060 additions and 484 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
f_core/config.define.php
View File

@@ -18,7 +18,7 @@ defined('_ISVALID') or header("Location: /error");
---- edit
*/
$COOKIE_VALIDATION = false; //BETA feature in testing phase, keep disabled for now
$COOKIE_DOMAIN = '.easystreamdemo.com';
$COOKIE_DOMAIN = ''; // Empty string allows cookies to work with any domain (localhost, IP, domain name)
$COOKIE_WHITELIST = array('127.0.0.1');
/*
---- end edit
@@ -36,37 +36,58 @@ set_include_path($main_dir);
if (!defined('_INCLUDE')) {
define('_INCLUDE', true);
}
define('REM_ADDR', (isset($_SERVER["HTTP_X_FORWARDED_FOR"]) ? 'HTTP_X_FORWARDED_FOR' : 'REMOTE_ADDR'));
define('ENC_FIRSTKEY', '4xR5Zlcwo8uUxyrdA5ykgFUXXQFV32o7abJiv+SBzBqXLCAmPq+ciq2ik1M32aGx8f/PZuNxHZ3uckPF/8BL2w==');
define('ENC_SECONDKEY', 'sH7ZuZ0jsiq9DKvjHHzQWAJaB1Ypav17v1rXVxyXpJSCI0untO8B1BUaUT7jxN2YlnyLy2e/JPJO3hMPSneJhhfQbV+ifrWIgD9JmubK+8PDTzB4gM9C0lV1g5R00KQmHWJ0iScv/oXldB0y6nMnLjiVhnTGNwf6gq1JEvukfac=');
// define('CA_CERT', '/etc/ssl/certs/cacert.pm');
define('COOKIE_VALIDATION', $COOKIE_VALIDATION);
define('COOKIE_DOMAIN', $COOKIE_DOMAIN);
define('COOKIE_VALIDATION_WHITELIST', $COOKIE_WHITELIST);
define('COOKIE_LOG', $main_dir . '/f_data/data_logs/log_error/log_cookie/' . date("Ymd") . "-cookie.log");
define('REQUEST_LOG', $main_dir . '/f_data/data_logs/log_error/log_request/' . date("Ymd") . "-request.log");
define('LIVE_AUTH_LOG', $main_dir . '/f_data/data_logs/log_error/log_live/' . date("Ymd") . "-auth.log");
define('LIVE_DONE_LOG', $main_dir . '/f_data/data_logs/log_error/log_live/' . date("Ymd") . "-done.log");
define('LIVE_REC_LOG', $main_dir . '/f_data/data_logs/log_error/log_live/' . date("Ymd") . "-rec.log");
// Detect HTTPS (supports reverse proxies) to decide secure cookies dynamically
$IS_HTTPS = (
(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ||
(isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) === 'https') ||
(isset($_SERVER['REQUEST_SCHEME']) && strtolower($_SERVER['REQUEST_SCHEME']) === 'https')
);
// Environment-based SameSite policy: Strict on HTTPS in production, Lax in development
$APP_ENV = getenv('APP_ENV') ?: ((isset($_SERVER['HTTP_HOST']) && preg_match('/(localhost|127\.0\.0\.1)$/', $_SERVER['HTTP_HOST'])) ? 'development' : 'production');
$SAMESITE_POLICY = ($APP_ENV === 'production' && $IS_HTTPS) ? 'Strict' : 'Lax';
define('SET_COOKIE_OPTIONS', array(
'expires' => time() + 60 * 60 * 24 * 10, //10 days
'path' => '/',
'domain' => COOKIE_DOMAIN, // leading dot for compatibility or use subdomain
'secure' => true, // or false
'httponly' => true, // or false
'samesite' => 'Strict', // None || Lax || Strict
'secure' => $IS_HTTPS, // secure only over HTTPS
'httponly' => true,
'samesite' => $SAMESITE_POLICY,
));
define('DEL_COOKIE_OPTIONS', array(
'expires' => time() - 60 * 60 * 24 * 10, //10 days
'path' => '/',
'domain' => COOKIE_DOMAIN, // leading dot for compatibility or use subdomain
'secure' => true, // or false
'httponly' => true, // or false
'samesite' => 'Strict', // None || Lax || Strict
'secure' => $IS_HTTPS, // secure only over HTTPS
'httponly' => true,
'samesite' => $SAMESITE_POLICY,
));
define('SK_INC', (int) 0);
?>