helper funcs

app/bootstrap.php

@@ -34,7 +34,6 @@ $sql = new SQL();
  * Helper laden
  * ========================= */
 require_once __DIR__ . '/lib/helpers.php';
-// TODO: Globale Funktionen: escape, redirect, flash messages, etc.
 
 /* =========================
  * Optional: Fehlerbehandlung

app/lib/helpers.php

@@ -12,6 +12,11 @@
  * KEINE Business-Logik
  */
 
+/**
+ * Sitzungs-Keys
+ */
+const FLASH_SESSION_KEY = 'flash_messages';
+
 /* =========================
  * Output / Sicherheit
  * ========================= */
@@ -24,10 +29,13 @@
  */
 function e(?string $value): string
 {
-    // TODO: htmlspecialchars mit ENT_QUOTES + UTF-8
+    if ($value === null) {
         return '';
     }
 
+    return htmlspecialchars($value, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
+}
+
 /* =========================
  * Redirects
  * ========================= */
@@ -40,7 +48,10 @@ function e(?string $value): string
  */
 function redirect(string $url, int $code = 302): void
 {
-    // TODO: header("Location: ...")
+    if (!headers_sent()) {
+        header('Location: ' . $url, true, $code);
+    }
+
     exit;
 }
 
@@ -56,7 +67,15 @@ function redirect(string $url, int $code = 302): void
  */
 function flash(string $type, string $message): void
 {
-    // TODO: In $_SESSION speichern
+    if (session_status() !== PHP_SESSION_ACTIVE) {
+        session_start();
+    }
+
+    if (!isset($_SESSION[FLASH_SESSION_KEY])) {
+        $_SESSION[FLASH_SESSION_KEY] = [];
+    }
+
+    $_SESSION[FLASH_SESSION_KEY][] = ['type' => $type, 'message' => $message];
 }
 
 /**
@@ -66,8 +85,14 @@ function flash(string $type, string $message): void
  */
 function getFlashes(): array
 {
-    // TODO: Aus Session lesen und löschen
+    if (session_status() !== PHP_SESSION_ACTIVE) {
-    return [];
+        session_start();
+    }
+
+    $messages = $_SESSION[FLASH_SESSION_KEY] ?? [];
+    unset($_SESSION[FLASH_SESSION_KEY]);
+
+    return $messages;
 }
 
 /* =========================
@@ -83,8 +108,7 @@ function getFlashes(): array
  */
 function post(string $key, $default = null)
 {
-    // TODO: $_POST prüfen
+    return $_POST[$key] ?? $default;
-    return $default;
 }
 
 /**
@@ -96,8 +120,7 @@ function post(string $key, $default = null)
  */
 function get(string $key, $default = null)
 {
-    // TODO: $_GET prüfen
+    return $_GET[$key] ?? $default;
-    return $default;
 }
 
 /**
@@ -107,8 +130,7 @@ function get(string $key, $default = null)
  */
 function isPost(): bool
 {
-    // TODO: $_SERVER['REQUEST_METHOD']
+    return ($_SERVER['REQUEST_METHOD'] ?? '') === 'POST';
-    return false;
 }
 
 /* =========================
@@ -123,8 +145,11 @@ function isPost(): bool
  */
 function isEmpty($value): bool
 {
-    // TODO: trim + empty
+    if (is_string($value)) {
-    return false;
+        return trim($value) === '';
+    }
+
+    return empty($value);
 }
 
 /* =========================
@@ -139,10 +164,31 @@ function isEmpty($value): bool
  */
 function url(string $path = ''): string
 {
-    // TODO: Base-URL aus config.php
+    if ($path === '') {
+        $path = '/';
+    }
+
+    if (preg_match('~^([a-z]+:)?//~i', $path)) {
         return $path;
     }
 
+    $script = $_SERVER['SCRIPT_NAME'] ?? '';
+    $baseDir = rtrim(strtr(dirname($script), '\\\\', '/'), '/');
+
+    if ($baseDir === '.' || $baseDir === '\\\\') {
+        $baseDir = '';
+    }
+
+    $segment = ltrim($path, '/');
+    $prefix = $baseDir === '' ? '' : $baseDir;
+
+    if ($segment === '') {
+        return $prefix === '' ? '/' : $prefix;
+    }
+
+    return ($prefix === '' ? '' : $prefix) . '/' . $segment;
+}
+
 /* =========================
  * Debug / Entwicklung
  * ========================= */
@@ -154,7 +200,9 @@ function url(string $path = ''): string
  */
 function dd($value): void
 {
-    // TODO: var_dump / print_r + exit
+    echo '<pre>';
+    var_dump($value);
+    echo '</pre>';
     exit;
 }