unifying to ' instead of "

admin/admins.php

@@ -3,7 +3,7 @@ require_once __DIR__ . "/../config.php";
 require_once __DIR__ . "/../includes/functions.php";
 
 // Check admin login
-if (!isset($_SESSION["admin_logged_in"]) || !$_SESSION["admin_logged_in"]) {
+if (!isset($_SESSION['admin_logged_in']) || !$_SESSION['admin_logged_in']) {
     header("Location: login.php");
     exit();
 }
@@ -24,20 +24,20 @@ function isValidAdminEmailInput($email)
     return isValidAdminEmail($email);
 }
 
-if ($_SERVER["REQUEST_METHOD"] === "POST") {
+if ($_SERVER['REQUEST_METHOD'] === "POST") {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $message = "Ungültiges Token. Bitte versuchen Sie es erneut.";
         $messageType = "error";
     } else {
-        if (isset($_POST["add_admin"])) {
-            $username = normalizeAdminUsername($_POST["username"] ?? "");
+        if (isset($_POST['add_admin'])) {
+            $username = normalizeAdminUsername($_POST['username'] ?? "");
             $description = normalizeAdminDescription(
-                $_POST["description"] ?? "",
+                $_POST['description'] ?? "",
             );
-            $email = normalizeAdminEmail($_POST["email"] ?? "");
-            $password = $_POST["password"] ?? "";
-            $passwordConfirm = $_POST["password_confirm"] ?? "";
+            $email = normalizeAdminEmail($_POST['email'] ?? "");
+            $password = $_POST['password'] ?? "";
+            $passwordConfirm = $_POST['password_confirm'] ?? "";
 
             if (!isValidAdminUsername($username)) {
                 $message =
@@ -81,14 +81,14 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             }
         }
 
-        if (isset($_POST["update_description"])) {
+        if (isset($_POST['update_description'])) {
             $targetUsername = normalizeAdminUsername(
-                $_POST["target_username"] ?? "",
+                $_POST['target_username'] ?? "",
             );
             $description = normalizeAdminDescription(
-                $_POST["description"] ?? "",
+                $_POST['description'] ?? "",
             );
-            $email = normalizeAdminEmail($_POST["email"] ?? "");
+            $email = normalizeAdminEmail($_POST['email'] ?? "");
 
             if (!isset($adminAccounts[$targetUsername])) {
                 $message = "Admin nicht gefunden.";
@@ -115,12 +115,12 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             }
         }
 
-        if (isset($_POST["change_password"])) {
+        if (isset($_POST['change_password'])) {
             $targetUsername = normalizeAdminUsername(
-                $_POST["target_username"] ?? "",
+                $_POST['target_username'] ?? "",
             );
-            $newPassword = $_POST["new_password"] ?? "";
-            $newPasswordConfirm = $_POST["new_password_confirm"] ?? "";
+            $newPassword = $_POST['new_password'] ?? "";
+            $newPasswordConfirm = $_POST['new_password_confirm'] ?? "";
 
             if (!isset($adminAccounts[$targetUsername])) {
                 $message = "Admin nicht gefunden.";
@@ -148,9 +148,9 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             }
         }
 
-        if (isset($_POST["delete_admin"])) {
+        if (isset($_POST['delete_admin'])) {
             $targetUsername = normalizeAdminUsername(
-                $_POST["target_username"] ?? "",
+                $_POST['target_username'] ?? "",
             );
 
             if (!isset($adminAccounts[$targetUsername])) {
@@ -168,11 +168,11 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
                     ]);
 
                     if (
-                        isset($_SESSION["admin_username"]) &&
-                        $_SESSION["admin_username"] === $targetUsername
+                        isset($_SESSION['admin_username']) &&
+                        $_SESSION['admin_username'] === $targetUsername
                     ) {
-                        $_SESSION["admin_logged_in"] = false;
-                        unset($_SESSION["admin_username"]);
+                        $_SESSION['admin_logged_in'] = false;
+                        unset($_SESSION['admin_username']);
                         session_destroy();
                         header("Location: login.php");
                         exit();
@@ -188,13 +188,13 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
     }
 }
 
-$currentAdmin = isset($_SESSION["admin_username"])
-    ? normalizeAdminUsername($_SESSION["admin_username"])
+$currentAdmin = isset($_SESSION['admin_username'])
+    ? normalizeAdminUsername($_SESSION['admin_username'])
     : "";
-$changeUsername = normalizeAdminUsername($_GET["change"] ?? "");
+$changeUsername = normalizeAdminUsername($_GET['change'] ?? "");
 $selectedChangeUser = null;
 $editDescriptionUsername = normalizeAdminUsername(
-    $_GET["edit_description"] ?? "",
+    $_GET['edit_description'] ?? "",
 );
 $selectedDescriptionUser = null;
 

admin/categories.php

@@ -3,7 +3,7 @@ require_once __DIR__ . "/../config.php";
 require_once __DIR__ . "/../includes/functions.php";
 
 // Check admin login
-if (!isset($_SESSION["admin_logged_in"]) || !$_SESSION["admin_logged_in"]) {
+if (!isset($_SESSION['admin_logged_in']) || !$_SESSION['admin_logged_in']) {
     header("Location: login.php");
     exit();
 }
@@ -14,14 +14,14 @@ $messageType = "";
 $categories = getCategories();
 $products = getProducts();
 
-if ($_SERVER["REQUEST_METHOD"] === "POST") {
+if ($_SERVER['REQUEST_METHOD'] === "POST") {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $message = "Ungültiges Token. Bitte versuchen Sie es erneut.";
         $messageType = "error";
     } else {
-        if (isset($_POST["add_category"])) {
-            $label = normalizeCategoryLabel($_POST["label"] ?? "");
+        if (isset($_POST['add_category'])) {
+            $label = normalizeCategoryLabel($_POST['label'] ?? "");
 
             if (!isValidCategoryLabel($label)) {
                 $message =
@@ -47,9 +47,9 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             }
         }
 
-        if (isset($_POST["update_category"])) {
-            $categoryId = normalizeCategoryId($_POST["category_id"] ?? "");
-            $label = normalizeCategoryLabel($_POST["label"] ?? "");
+        if (isset($_POST['update_category'])) {
+            $categoryId = normalizeCategoryId($_POST['category_id'] ?? "");
+            $label = normalizeCategoryLabel($_POST['label'] ?? "");
             $found = false;
 
             if (!isValidCategoryLabel($label)) {
@@ -86,8 +86,8 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             }
         }
 
-        if (isset($_POST["delete_category"])) {
-            $categoryId = normalizeCategoryId($_POST["category_id"] ?? "");
+        if (isset($_POST['delete_category'])) {
+            $categoryId = normalizeCategoryId($_POST['category_id'] ?? "");
             $label = "";
             $found = false;
 
@@ -135,7 +135,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
     }
 }
 
-$editCategoryId = normalizeCategoryId($_GET["edit"] ?? "");
+$editCategoryId = normalizeCategoryId($_GET['edit'] ?? "");
 $editingCategory = null;
 if ($editCategoryId !== "") {
     $editingCategory = getCategoryById($editCategoryId);

admin/faq.php

@@ -3,7 +3,7 @@ require_once __DIR__ . "/../config.php";
 require_once __DIR__ . "/../includes/functions.php";
 
 // Check admin login
-if (!isset($_SESSION["admin_logged_in"]) || !$_SESSION["admin_logged_in"]) {
+if (!isset($_SESSION['admin_logged_in']) || !$_SESSION['admin_logged_in']) {
     header("Location: login.php");
     exit();
 }
@@ -12,13 +12,13 @@ $pageTitle = "FAQ bearbeiten";
 $message = "";
 $messageType = "";
 
-if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["save_faq"])) {
+if ($_SERVER['REQUEST_METHOD'] === "POST" && isset($_POST['save_faq'])) {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $message = "Ungültiges Token. Bitte versuchen Sie es erneut.";
         $messageType = "error";
     } else {
-        $content = isset($_POST["content"]) ? (string) $_POST["content"] : "";
+        $content = isset($_POST['content']) ? (string) $_POST['content'] : "";
         if (saveFaqContent($content)) {
             logAccess("Admin updated FAQ content");
             $message = "FAQ-Inhalt wurde gespeichert.";

admin/login.php

@@ -5,8 +5,8 @@ require_once __DIR__ . "/../includes/functions.php";
 $error = "";
 
 // Handle logout via POST + CSRF
-if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["logout"])) {
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+if ($_SERVER['REQUEST_METHOD'] === "POST" && isset($_POST['logout'])) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $error = "Ungültiges Token. Bitte versuchen Sie es erneut.";
     } else {
         $_SESSION = [];
@@ -28,13 +28,13 @@ if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["logout"])) {
     }
 }
 
-if ($_SERVER["REQUEST_METHOD"] === "POST") {
+if ($_SERVER['REQUEST_METHOD'] === "POST") {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $error = "Ungültiges Token. Bitte versuchen Sie es erneut.";
     } else {
-        $username = normalizeAdminUsername($_POST["username"] ?? "");
-        $password = $_POST["password"] ?? "";
+        $username = normalizeAdminUsername($_POST['username'] ?? "");
+        $password = $_POST['password'] ?? "";
 
         $users = getAdminUsers();
         if (
@@ -42,8 +42,8 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             password_verify($password, $users[$username])
         ) {
             session_regenerate_id(true);
-            $_SESSION["admin_logged_in"] = true;
-            $_SESSION["admin_username"] = $username;
+            $_SESSION['admin_logged_in'] = true;
+            $_SESSION['admin_username'] = $username;
             logAccess("Admin login successful", ["username" => $username]);
             header("Location: index.php");
             exit();
@@ -55,7 +55,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
 }
 
 // Redirect if already logged in
-if (isset($_SESSION["admin_logged_in"]) && $_SESSION["admin_logged_in"]) {
+if (isset($_SESSION['admin_logged_in']) && $_SESSION['admin_logged_in']) {
     header("Location: index.php");
     exit();
 }

admin/orders.php

@@ -2,7 +2,7 @@
 require_once __DIR__ . "/../config.php";
 require_once __DIR__ . "/../includes/functions.php";
 
-if (empty($_SESSION["admin_logged_in"])) {
+if (empty($_SESSION['admin_logged_in'])) {
     header("Location: login.php");
     exit();
 }
@@ -14,17 +14,17 @@ $message = "";
 $messageType = "";
 
 if (
-    $_SERVER["REQUEST_METHOD"] === "POST" &&
-    isset($_POST["toggle_item_processed"])
+    $_SERVER['REQUEST_METHOD'] === "POST" &&
+    isset($_POST['toggle_item_processed'])
 ) {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $message = "Ungültiges Token. Bitte versuchen Sie es erneut.";
         $messageType = "error";
     } else {
         $result = toggleOrderItemProcessed(
-            $_POST["order_id"] ?? "",
-            (int) ($_POST["item_index"] ?? -1),
+            $_POST['order_id'] ?? "",
+            (int) ($_POST['item_index'] ?? -1),
         );
         $message = $result["success"]
             ? "Position wurde aktualisiert."
@@ -33,25 +33,25 @@ if (
 
         if ($result["success"]) {
             logAccess("Admin toggled order item", [
-                "admin" => $_SESSION["admin_username"] ?? "unknown",
-                "order_id" => $_POST["order_id"] ?? "",
-                "item_index" => $_POST["item_index"] ?? -1,
+                "admin" => $_SESSION['admin_username'] ?? "unknown",
+                "order_id" => $_POST['order_id'] ?? "",
+                "item_index" => $_POST['item_index'] ?? -1,
             ]);
         }
     }
 }
 
-if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["cancel_order"])) {
+if ($_SERVER['REQUEST_METHOD'] === "POST" && isset($_POST['cancel_order'])) {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $message = "Ungültiges Token. Bitte versuchen Sie es erneut.";
         $messageType = "error";
     } else {
-        $adminUsername = $_SESSION["admin_username"] ?? "";
+        $adminUsername = $_SESSION['admin_username'] ?? "";
         $result = cancelOrder(
-            $_POST["order_id"] ?? "",
+            $_POST['order_id'] ?? "",
             $adminUsername,
-            $_POST["cancellation_reason"] ?? "",
+            $_POST['cancellation_reason'] ?? "",
         );
         $message = $result["success"]
             ? "Bestellung wurde storniert."
@@ -61,7 +61,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["cancel_order"])) {
         if ($result["success"]) {
             logAccess("Admin cancelled order", [
                 "admin" => $adminUsername,
-                "order_id" => $_POST["order_id"] ?? "",
+                "order_id" => $_POST['order_id'] ?? "",
             ]);
         }
     }
@@ -72,9 +72,9 @@ usort($orders, function ($left, $right) {
     return strcmp($right["created_at"], $left["created_at"]);
 });
 
-$filter = trim((string) ($_GET["filter"] ?? "all"));
-$searchOrderId = trim((string) ($_GET["order_id"] ?? ""));
-$selectedOrderId = trim((string) ($_GET["details"] ?? $searchOrderId));
+$filter = trim((string) ($_GET['filter'] ?? "all"));
+$searchOrderId = trim((string) ($_GET['order_id'] ?? ""));
+$selectedOrderId = trim((string) ($_GET['details'] ?? $searchOrderId));
 
 if ($searchOrderId !== "") {
     $orders = array_values(

admin/organizations.php

@@ -2,7 +2,7 @@
 require_once __DIR__ . "/../config.php";
 require_once __DIR__ . "/../includes/functions.php";
 
-if (empty($_SESSION["admin_logged_in"])) {
+if (empty($_SESSION['admin_logged_in'])) {
     header("Location: login.php");
     exit();
 }
@@ -12,16 +12,16 @@ $message = "";
 $messageType = "";
 $organizations = getOrganizations(false);
 
-if ($_SERVER["REQUEST_METHOD"] === "POST") {
+if ($_SERVER['REQUEST_METHOD'] === "POST") {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $message = "Ungültiges Token. Bitte versuchen Sie es erneut.";
         $messageType = "error";
     } else {
-        if (isset($_POST["add_organization"])) {
-            $label = normalizeOrganizationLabel($_POST["label"] ?? "");
-            $sortOrder = (int) ($_POST["sort_order"] ?? 0);
-            $active = isset($_POST["active"]);
+        if (isset($_POST['add_organization'])) {
+            $label = normalizeOrganizationLabel($_POST['label'] ?? "");
+            $sortOrder = (int) ($_POST['sort_order'] ?? 0);
+            $active = isset($_POST['active']);
 
             if (!isValidOrganizationLabel($label)) {
                 $message =
@@ -52,13 +52,13 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             }
         }
 
-        if (isset($_POST["update_organization"])) {
+        if (isset($_POST['update_organization'])) {
             $organizationId = normalizeOrganizationId(
-                $_POST["organization_id"] ?? "",
+                $_POST['organization_id'] ?? "",
             );
-            $label = normalizeOrganizationLabel($_POST["label"] ?? "");
-            $sortOrder = (int) ($_POST["sort_order"] ?? 0);
-            $active = isset($_POST["active"]);
+            $label = normalizeOrganizationLabel($_POST['label'] ?? "");
+            $sortOrder = (int) ($_POST['sort_order'] ?? 0);
+            $active = isset($_POST['active']);
             $updated = false;
 
             if (!isValidOrganizationLabel($label)) {
@@ -99,9 +99,9 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             }
         }
 
-        if (isset($_POST["delete_organization"])) {
+        if (isset($_POST['delete_organization'])) {
             $organizationId = normalizeOrganizationId(
-                $_POST["organization_id"] ?? "",
+                $_POST['organization_id'] ?? "",
             );
             $orgLabel = "";
             $found = false;
@@ -135,8 +135,8 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
     }
 }
 
-$editingOrganization = isset($_GET["edit"])
-    ? getOrganizationById($_GET["edit"])
+$editingOrganization = isset($_GET['edit'])
+    ? getOrganizationById($_GET['edit'])
     : null;
 
 $bodyClass = "admin-page";

admin/products.php

@@ -2,7 +2,7 @@
 require_once __DIR__ . "/../config.php";
 require_once __DIR__ . "/../includes/functions.php";
 
-if (empty($_SESSION["admin_logged_in"])) {
+if (empty($_SESSION['admin_logged_in'])) {
     header("Location: login.php");
     exit();
 }
@@ -142,9 +142,9 @@ function getSubmittedProductCategoryIds($submittedValues)
     return $validCategoryIds;
 }
 
-if ($_SERVER["REQUEST_METHOD"] === "POST") {
+if ($_SERVER['REQUEST_METHOD'] === "POST") {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $message = "Ungültiges Token. Bitte versuchen Sie es erneut.";
         $messageType = "error";
     } else {
@@ -154,8 +154,8 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             $message = "Bitte zuerst mindestens eine Kategorie anlegen.";
             $messageType = "error";
         } elseif (
-            isset($_POST["add_product"]) ||
-            isset($_POST["update_product"])
+            isset($_POST['add_product']) ||
+            isset($_POST['update_product'])
         ) {
             $uploadResult = handleImageUpload();
             if (!$uploadResult["success"]) {
@@ -164,8 +164,8 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             } else {
                 $categoryIds = getSubmittedProductCategoryIds($_POST);
                 $existingLabels = [];
-                $productId = isset($_POST["product_id"])
-                    ? (int) $_POST["product_id"]
+                $productId = isset($_POST['product_id'])
+                    ? (int) $_POST['product_id']
                     : 0;
                 foreach ($products as $product) {
                     if ((int) $product["id"] === $productId) {
@@ -175,7 +175,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
                 }
 
                 $sizeData = buildProductAvailabilityFields(
-                    $_POST["sizes"] ?? "",
+                    $_POST['sizes'] ?? "",
                     $_POST,
                     $existingLabels,
                 );
@@ -186,15 +186,15 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
                     $messageType = "error";
                 } else {
                     $record = [
-                        "name" => sanitize($_POST["name"] ?? ""),
+                        "name" => sanitize($_POST['name'] ?? ""),
                         "description" => trim(
-                            (string) ($_POST["description"] ?? ""),
+                            (string) ($_POST['description'] ?? ""),
                         ),
                         "categories" => $categoryIds,
                         "image" =>
                             $uploadResult["filename"] !== null
                                 ? $uploadResult["filename"]
-                                : trim((string) ($_POST["image"] ?? "")),
+                                : trim((string) ($_POST['image'] ?? "")),
                         "sizes" => $sizeData["sizes"],
                         "availability_labels" =>
                             $sizeData["availability_labels"],
@@ -203,7 +203,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
                     if ($record["name"] === "") {
                         $message = "Bitte einen Produktnamen eingeben.";
                         $messageType = "error";
-                    } elseif (isset($_POST["add_product"])) {
+                    } elseif (isset($_POST['add_product'])) {
                         $newId = empty($products)
                             ? 1
                             : max(
@@ -259,8 +259,8 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
             }
         }
 
-        if (isset($_POST["delete_product"])) {
-            $productId = (int) ($_POST["product_id"] ?? 0);
+        if (isset($_POST['delete_product'])) {
+            $productId = (int) ($_POST['product_id'] ?? 0);
             $productName = "";
             foreach ($products as $product) {
                 if ((int) $product["id"] === $productId) {
@@ -289,8 +289,8 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
 }
 
 $products = getProducts();
-$editingProduct = isset($_GET["edit"])
-    ? getProductById((int) $_GET["edit"])
+$editingProduct = isset($_GET['edit'])
+    ? getProductById((int) $_GET['edit'])
     : null;
 
 $bodyClass = "admin-page";

admin/settings.php

@@ -2,7 +2,7 @@
 require_once __DIR__ . "/../config.php";
 require_once __DIR__ . "/../includes/functions.php";
 
-if (empty($_SESSION["admin_logged_in"])) {
+if (empty($_SESSION['admin_logged_in'])) {
     header("Location: login.php");
     exit();
 }
@@ -11,21 +11,21 @@ $pageTitle = "Einstellungen";
 $message = "";
 $messageType = "";
 
-if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["save_settings"])) {
+if ($_SERVER['REQUEST_METHOD'] === "POST" && isset($_POST['save_settings'])) {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $message = "Ungültiges Token. Bitte versuchen Sie es erneut.";
         $messageType = "error";
     } else {
         $settings = [
-            "order_recipient_email" => $_POST["order_recipient_email"] ?? "",
+            "order_recipient_email" => $_POST['order_recipient_email'] ?? "",
             "order_confirmation_required" => isset(
-                $_POST["order_confirmation_required"],
+                $_POST['order_confirmation_required'],
             ),
             "order_confirmation_expiry_days" =>
-                (int) ($_POST["order_confirmation_expiry_days"] ?? 7),
+                (int) ($_POST['order_confirmation_expiry_days'] ?? 7),
             "attach_order_pdf_to_admin_email" => isset(
-                $_POST["attach_order_pdf_to_admin_email"],
+                $_POST['attach_order_pdf_to_admin_email'],
             ),
         ];
 

cart.php

@@ -5,12 +5,12 @@ require_once __DIR__ . "/includes/functions.php";
 $pageTitle = "Warenkorb";
 
 if (
-    $_SERVER["REQUEST_METHOD"] === "POST" &&
-    isset($_POST["remove_item_index"])
+    $_SERVER['REQUEST_METHOD'] === "POST" &&
+    isset($_POST['remove_item_index'])
 ) {
     // Validate CSRF token
-    if (validateCsrfToken($_POST["csrf_token"] ?? "")) {
-        removeCartItemByIndex((int) $_POST["remove_item_index"]);
+    if (validateCsrfToken($_POST['csrf_token'] ?? "")) {
+        removeCartItemByIndex((int) $_POST['remove_item_index']);
     }
 }
 

checkout.php

@@ -12,9 +12,9 @@ if (empty($cartItems)) {
     exit();
 }
 
-if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["create_order"])) {
+if ($_SERVER['REQUEST_METHOD'] === "POST" && isset($_POST['create_order'])) {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $errors[] = "Ungültiges Token. Bitte versuchen Sie es erneut.";
     } else {
         $validator = new Validator($_POST);
@@ -30,7 +30,7 @@ if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["create_order"])) {
             ->maxLength("comment", 1000, "Kommentar");
 
         // Validate organization exists
-        $organizationId = $_POST["organization_id"] ?? "";
+        $organizationId = $_POST['organization_id'] ?? "";
         $organizations = getOrganizations(true);
         $validOrgIds = array_column($organizations, "id");
 
@@ -41,9 +41,9 @@ if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["create_order"])) {
         if (!$validator->isValid()) {
             $errors = array_merge($errors, $validator->getErrors());
         } else {
-            $customerName = trim($_POST["customer_name"]);
-            $customerEmail = trim(strtolower($_POST["customer_email"]));
-            $comment = trim($_POST["comment"] ?? "");
+            $customerName = trim($_POST['customer_name']);
+            $customerEmail = trim(strtolower($_POST['customer_email']));
+            $comment = trim($_POST['comment'] ?? "");
 
             $result = createOrder(
                 $customerName,
@@ -113,18 +113,18 @@ include __DIR__ . "/includes/header.php";
             <div class="form-group">
                 <label for="customer_name">Name *</label>
                 <input type="text" id="customer_name" name="customer_name" required value="<?php echo isset(
-                    $_POST["customer_name"],
+                    $_POST['customer_name'],
                 )
-                    ? escape($_POST["customer_name"])
+                    ? escape($_POST['customer_name'])
                     : ""; ?>">
             </div>
 
             <div class="form-group">
                 <label for="customer_email">E-Mail-Adresse *</label>
                 <input type="email" id="customer_email" name="customer_email" required value="<?php echo isset(
-                    $_POST["customer_email"],
+                    $_POST['customer_email'],
                 )
-                    ? escape($_POST["customer_email"])
+                    ? escape($_POST['customer_email'])
                     : ""; ?>">
             </div>
 
@@ -135,8 +135,8 @@ include __DIR__ . "/includes/header.php";
                     <?php foreach ($organizations as $organization): ?>
                         <option value="<?php echo escape(
                             $organization["id"],
-                        ); ?>" <?php echo isset($_POST["organization_id"]) &&
-$_POST["organization_id"] === $organization["id"]
+                        ); ?>" <?php echo isset($_POST['organization_id']) &&
+$_POST['organization_id'] === $organization["id"]
     ? "selected"
     : ""; ?>>
                             <?php echo escape($organization["label"]); ?>
@@ -148,9 +148,9 @@ $_POST["organization_id"] === $organization["id"]
             <div class="form-group">
                 <label for="comment">Kommentar</label>
                 <textarea id="comment" name="comment" rows="5"><?php echo isset(
-                    $_POST["comment"],
+                    $_POST['comment'],
                 )
-                    ? escape($_POST["comment"])
+                    ? escape($_POST['comment'])
                     : ""; ?></textarea>
             </div>
 

config.sample.php

@@ -47,9 +47,9 @@ define('UPLOADS_URL', SITE_URL . '/data/uploads');
 // Session settings
 if (session_status() === PHP_SESSION_NONE) {
     $isHttps =
-        (!empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] !== "off") ||
-        (isset($_SERVER["SERVER_PORT"]) &&
-            (int) $_SERVER["SERVER_PORT"] === 443);
+        (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== "off") ||
+        (isset($_SERVER['SERVER_PORT']) &&
+            (int) $_SERVER['SERVER_PORT'] === 443);
 
     ini_set("session.use_strict_mode", "1");
     ini_set("session.cookie_httponly", "1");

includes/functions.php

@@ -69,18 +69,18 @@ function escape($value)
  */
 function generateCsrfToken()
 {
-    if (empty($_SESSION["csrf_token"])) {
-        $_SESSION["csrf_token"] = bin2hex(random_bytes(32));
+    if (empty($_SESSION['csrf_token'])) {
+        $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
     }
-    return $_SESSION["csrf_token"];
+    return $_SESSION['csrf_token'];
 }
 
 function validateCsrfToken($token)
 {
-    if (empty($_SESSION["csrf_token"])) {
+    if (empty($_SESSION['csrf_token'])) {
         return false;
     }
-    return hash_equals($_SESSION["csrf_token"], $token);
+    return hash_equals($_SESSION['csrf_token'], $token);
 }
 
 function csrfField()
@@ -130,7 +130,7 @@ function setFlashMessage($key, $type, $message)
         return;
     }
 
-    $_SESSION["flash_messages"][$key] = [
+    $_SESSION['flash_messages'][$key] = [
         "type" => $type,
         "message" => $message,
     ];
@@ -143,7 +143,7 @@ function consumeFlashMessage($key)
         return null;
     }
 
-    $messages = $_SESSION["flash_messages"] ?? [];
+    $messages = $_SESSION['flash_messages'] ?? [];
     if (
         !is_array($messages) ||
         !isset($messages[$key]) ||
@@ -153,7 +153,7 @@ function consumeFlashMessage($key)
     }
 
     $message = $messages[$key];
-    unset($_SESSION["flash_messages"][$key]);
+    unset($_SESSION['flash_messages'][$key]);
 
     $type = trim((string) ($message["type"] ?? ""));
     $text = trim((string) ($message["message"] ?? ""));
@@ -1350,7 +1350,7 @@ function buildAbsoluteUrl($path)
     }
 
     $scheme = isHttpsRequest() ? "https" : "http";
-    $host = $_SERVER["HTTP_HOST"] ?? "";
+    $host = $_SERVER['HTTP_HOST'] ?? "";
     if ($host === "") {
         return $path;
     }
@@ -1361,20 +1361,20 @@ function buildAbsoluteUrl($path)
 function isHttpsRequest(): bool
 {
     if (
-        !empty($_SERVER["HTTPS"]) &&
-        strtolower((string) $_SERVER["HTTPS"]) !== "off"
+        !empty($_SERVER['HTTPS']) &&
+        strtolower((string) $_SERVER['HTTPS']) !== "off"
     ) {
         return true;
     }
     if (
-        !empty($_SERVER["HTTP_X_FORWARDED_PROTO"]) &&
-        strtolower((string) $_SERVER["HTTP_X_FORWARDED_PROTO"]) === "https"
+        !empty($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
+        strtolower((string) $_SERVER['HTTP_X_FORWARDED_PROTO']) === "https"
     ) {
         return true;
     }
     if (
-        !empty($_SERVER["SERVER_PORT"]) &&
-        (int) $_SERVER["SERVER_PORT"] === 443
+        !empty($_SERVER['SERVER_PORT']) &&
+        (int) $_SERVER['SERVER_PORT'] === 443
     ) {
         return true;
     }
@@ -1708,7 +1708,7 @@ function formatDate($dateString)
 
 function getCart()
 {
-    $cart = $_SESSION["cart"] ?? [];
+    $cart = $_SESSION['cart'] ?? [];
     if (!is_array($cart)) {
         $cart = [];
     }
@@ -1742,8 +1742,8 @@ function getCart()
         ];
     }
 
-    $_SESSION["cart"] = array_values($normalized);
-    return $_SESSION["cart"];
+    $_SESSION['cart'] = array_values($normalized);
+    return $_SESSION['cart'];
 }
 
 function addCartItem($productId, $size = "")
@@ -1786,7 +1786,7 @@ function addCartItem($productId, $size = "")
         }
 
         $cart[$index]["size"] = $size;
-        $_SESSION["cart"] = array_values($cart);
+        $_SESSION['cart'] = array_values($cart);
 
         return [
             "success" => true,
@@ -1801,7 +1801,7 @@ function addCartItem($productId, $size = "")
         "size" => $size,
     ];
 
-    $_SESSION["cart"] = array_values($cart);
+    $_SESSION['cart'] = array_values($cart);
     return [
         "success" => true,
         "status" => "added",
@@ -1814,13 +1814,13 @@ function removeCartItemByIndex($index)
     $cart = getCart();
     if (isset($cart[$index])) {
         unset($cart[$index]);
-        $_SESSION["cart"] = array_values($cart);
+        $_SESSION['cart'] = array_values($cart);
     }
 }
 
 function clearCart()
 {
-    $_SESSION["cart"] = [];
+    $_SESSION['cart'] = [];
 }
 
 function getCartItemsDetailed()
@@ -2341,9 +2341,9 @@ function logError($message, $context = [], $level = "ERROR")
         "level" => $level,
         "message" => $message,
         "context" => $context,
-        "ip" => $_SERVER["REMOTE_ADDR"] ?? "unknown",
-        "user_agent" => $_SERVER["HTTP_USER_AGENT"] ?? "unknown",
-        "request_uri" => $_SERVER["REQUEST_URI"] ?? "unknown",
+        "ip" => $_SERVER['REMOTE_ADDR'] ?? "unknown",
+        "user_agent" => $_SERVER['HTTP_USER_AGENT'] ?? "unknown",
+        "request_uri" => $_SERVER['REQUEST_URI'] ?? "unknown",
         "session_id" => session_id()
             ? substr(session_id(), 0, 8) . "..."
             : "none",
@@ -2368,9 +2368,9 @@ function logAccess($message, $context = [])
         "timestamp" => date("Y-m-d H:i:s.u"),
         "message" => $message,
         "context" => $context,
-        "ip" => $_SERVER["REMOTE_ADDR"] ?? "unknown",
-        "request_method" => $_SERVER["REQUEST_METHOD"] ?? "unknown",
-        "request_uri" => $_SERVER["REQUEST_URI"] ?? "unknown",
+        "ip" => $_SERVER['REMOTE_ADDR'] ?? "unknown",
+        "request_method" => $_SERVER['REQUEST_METHOD'] ?? "unknown",
+        "request_uri" => $_SERVER['REQUEST_URI'] ?? "unknown",
     ];
 
     $logLine = json_encode($entry, JSON_UNESCAPED_UNICODE) . PHP_EOL;

index.php

@@ -6,8 +6,8 @@ $pageTitle = "Startseite";
 $products = getProducts();
 $categories = getCategories();
 
-$category = isset($_GET["category"])
-    ? normalizeCategoryId($_GET["category"])
+$category = isset($_GET['category'])
+    ? normalizeCategoryId($_GET['category'])
     : "";
 if ($category !== "" && getCategoryById($category) !== null) {
     $products = array_values(

product.php

@@ -2,7 +2,7 @@
 require_once __DIR__ . "/config.php";
 require_once __DIR__ . "/includes/functions.php";
 
-$productId = isset($_GET["id"]) ? (int) $_GET["id"] : 0;
+$productId = isset($_GET['id']) ? (int) $_GET['id'] : 0;
 $product = getProductById($productId);
 
 if ($product === null) {
@@ -13,12 +13,12 @@ if ($product === null) {
 $pageTitle = $product["name"];
 $sizes = getProductSizes($product);
 
-if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["add_to_cart"])) {
+if ($_SERVER['REQUEST_METHOD'] === "POST" && isset($_POST['add_to_cart'])) {
     // Validate CSRF token
-    if (!validateCsrfToken($_POST["csrf_token"] ?? "")) {
+    if (!validateCsrfToken($_POST['csrf_token'] ?? "")) {
         $error = "Ungültiges Token. Bitte versuchen Sie es erneut.";
     } else {
-        $size = trim((string) ($_POST["size"] ?? ""));
+        $size = trim((string) ($_POST['size'] ?? ""));
 
         if (
             !empty($sizes) &&