50a5308f43
- Removed ALTER TABLE DDL statements from Admin/auth/register.php (belongs in migration scripts) - Added validated CORS with configurable allowed origins via CORS_ALLOWED_ORIGINS env var - Removed assignment in load_env.php (secrets no longer exposed in superglobal)
22 lines
633 B
PHP
22 lines
633 B
PHP
<?php
|
|
function loadEnvironment($env_file) {
|
|
if (!file_exists($env_file)) {
|
|
error_log("❌ .env not found: $env_file");
|
|
return false;
|
|
}
|
|
|
|
$lines = file($env_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
|
|
foreach ($lines as $line) {
|
|
$line = trim($line);
|
|
if (empty($line) || strpos($line, '#') === 0) continue;
|
|
$parts = explode('=', $line, 2);
|
|
if (count($parts) === 2) {
|
|
[$keyName, $value] = $parts;
|
|
$value = trim($value, "\"'");
|
|
putenv("$keyName=$value");
|
|
$_ENV[$keyName] = $value;
|
|
}
|
|
}
|
|
|
|
return true;
|
|
} |