Your IP : 216.73.216.165
<?php
// config.php
session_start();
// Security configuration
define('ADMIN_USERNAME', 'admin');
// In production, use: password_hash('your_secure_password', PASSWORD_DEFAULT)
define('ADMIN_PASSWORD_HASH', password_hash('admin123', PASSWORD_DEFAULT));
define('XML_FILE', 'arealist.xml');
define('CONTENT_DIR', 'content/');
define('DEFAULT_CONTENT_FILE', 'content/default.php');
// Ensure content directory exists
if (!is_dir(CONTENT_DIR)) {
mkdir(CONTENT_DIR, 0755, true);
}
// CSRF Protection
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
// Helper functions
function createHierarchicalUrlA($slug)
{
return '/' . $slug . '/';
}
function verifyCSRFToken($token)
{
return isset($_SESSION['csrf_token']) && hash_equals($_SESSION['csrf_token'], $token);
}
// Security headers handled below
// config.php - Enhanced version
define('URL', 'delhigal.com');
define('BASE_DOMAIN', 'delhigal.com');
// Security & Performance Settings
define('ENVIRONMENT', 'development'); // Change to 'production' on live server
// Error reporting based on environment
if (ENVIRONMENT === 'development') {
error_reporting(E_ALL);
ini_set('display_errors', 1);
} else {
error_reporting(E_ALL & ~E_NOTICE);
ini_set('display_errors', 0);
}
// Security headers
function setSecurityHeaders()
{
if (!headers_sent()) {
header('X-Frame-Options: SAMEORIGIN');
header('X-XSS-Protection: 1; mode=block');
header('X-Content-Type-Options: nosniff');
}
}
setSecurityHeaders();
include 'functions.php';