From 4b83f596f1be6ff6fd2fab3a60977b6f7e401867 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E2=80=9CVeLiTi=E2=80=9D?= <“info@veliti.nl”>
Date: Fri, 6 Feb 2026 13:34:54 +0100
Subject: [PATCH] Refactor RBAC migration scripts and update configuration
 handling

- Removed old migration scripts for profiles and users to RBAC.
- Updated config redirector to utilize environment variables for configuration loading.
- Added .gitignore files to firmware, log, and marketing directories to prevent unnecessary file tracking.
- Introduced new configuration files for acceptance, development, and production environments with relevant settings.
- Enhanced settings files to include exception lists, security keys, and database settings.
---
 .gitignore                                    |  23 +-
 assets/database/marketing_install.sql         | 114 ---------
 .../database/migration_profiles_to_rbac.sql   | 222 ------------------
 assets/database/migration_users_to_rbac.sql   | 141 -----------
 firmware/.gitignore                           |   2 +
 log/.gitignore                                |   2 +
 marketing/.gitignore                          |   2 +
 settings/acceptance_config.php                |  83 +++++++
 settings/acceptance_settings.php              | 111 +++++++++
 settings/config_redirector.php                |  30 +--
 settings/development_config.php               |  83 +++++++
 settings/development_settings.php             | 112 +++++++++
 settings/production_config.php                |  56 +++++
 settings/production_settings.php              | 112 +++++++++
 settings/settings_redirector.php              |  27 +--
 15 files changed, 575 insertions(+), 545 deletions(-)
 delete mode 100644 assets/database/marketing_install.sql
 delete mode 100644 assets/database/migration_profiles_to_rbac.sql
 delete mode 100644 assets/database/migration_users_to_rbac.sql
 create mode 100644 firmware/.gitignore
 create mode 100644 log/.gitignore
 create mode 100644 marketing/.gitignore
 create mode 100644 settings/acceptance_config.php
 create mode 100644 settings/acceptance_settings.php
 create mode 100644 settings/development_config.php
 create mode 100644 settings/development_settings.php
 create mode 100644 settings/production_config.php
 create mode 100644 settings/production_settings.php

diff --git a/.gitignore b/.gitignore
index d82c57b..4b424cb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,24 +1,5 @@
-dev.php
-test.php
-migration.php
-log_21.txt
-log_22.txt
-marketing/
-firmware/
-log/
-assets/images/products/
-settings/settings.php
-settings/config.php
-variable_scan.php
-settings/soveliti/soveliti_config.php
-settings/soveliti/soveliti_settings.php
-assets/database/dev_schema.sql
-assets/database/migration.sql
-assets/database/prod_schema.sql
+.htaccess
 migration.sql
-assets/database/migration_triggers.sql
-assets/database/migration_v2.sql
-assets/database/migration_v3.sql
 .DS_Store
 api/.DS_Store
 api/v1/.DS_Store
@@ -26,5 +7,3 @@ api/v2/.DS_Store
 api/.DS_Store
 assets/.DS_Store
 assets/images/.DS_Store
-assets/database/ManualUpdates.sql
-assets/database/migration_users_to_rbac.sql
diff --git a/assets/database/marketing_install.sql b/assets/database/marketing_install.sql
deleted file mode 100644
index 7fb34e3..0000000
--- a/assets/database/marketing_install.sql
+++ /dev/null
@@ -1,114 +0,0 @@
--- Marketing System Database Tables
--- Run this script to create the necessary tables for the marketing file management system
--- 
--- Usage: Import this file into your MySQL database or run the commands individually
--- Make sure to select the correct database before running these commands
-
--- Disable foreign key checks temporarily to avoid constraint errors
-SET FOREIGN_KEY_CHECKS = 0;
-
--- Create marketing_folders table
-CREATE TABLE IF NOT EXISTS `marketing_folders` (
-    `id` int(11) NOT NULL AUTO_INCREMENT,
-    `folder_name` varchar(255) NOT NULL,
-    `parent_id` int(11) DEFAULT NULL,
-    `description` text DEFAULT NULL,
-    `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    `createdby` varchar(100) DEFAULT NULL,
-    `updated` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP,
-    `updatedby` varchar(100) DEFAULT NULL,
-    `accounthierarchy` text DEFAULT NULL,
-    PRIMARY KEY (`id`),
-    KEY `parent_id` (`parent_id`),
-    KEY `accounthierarchy_idx` (`accounthierarchy`(100))
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-
--- Create marketing_files table
-CREATE TABLE IF NOT EXISTS `marketing_files` (
-    `id` int(11) NOT NULL AUTO_INCREMENT,
-    `title` varchar(255) NOT NULL,
-    `original_filename` varchar(255) NOT NULL,
-    `file_path` varchar(500) NOT NULL,
-    `thumbnail_path` varchar(500) DEFAULT NULL,
-    `file_type` varchar(10) NOT NULL,
-    `file_size` bigint(20) NOT NULL DEFAULT 0,
-    `folder_id` int(11) DEFAULT NULL,
-    `tags` json DEFAULT NULL,
-    `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    `createdby` varchar(100) DEFAULT NULL,
-    `updated` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP,
-    `updatedby` varchar(100) DEFAULT NULL,
-    `accounthierarchy` text DEFAULT NULL,
-    PRIMARY KEY (`id`),
-    KEY `folder_id` (`folder_id`),
-    KEY `file_type` (`file_type`),
-    KEY `accounthierarchy_idx` (`accounthierarchy`(100)),
-    KEY `created_idx` (`created`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-
--- Create marketing_tags table
-CREATE TABLE IF NOT EXISTS `marketing_tags` (
-    `id` int(11) NOT NULL AUTO_INCREMENT,
-    `tag_name` varchar(100) NOT NULL,
-    `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    PRIMARY KEY (`id`),
-    UNIQUE KEY `tag_name` (`tag_name`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-
--- Create marketing_file_tags junction table
-CREATE TABLE IF NOT EXISTS `marketing_file_tags` (
-    `file_id` int(11) NOT NULL,
-    `tag_id` int(11) NOT NULL,
-    PRIMARY KEY (`file_id`, `tag_id`),
-    KEY `file_id` (`file_id`),
-    KEY `tag_id` (`tag_id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-
--- Add foreign key constraints after all tables are created
-ALTER TABLE `marketing_folders` 
-ADD CONSTRAINT `fk_marketing_folders_parent` 
-FOREIGN KEY (`parent_id`) REFERENCES `marketing_folders`(`id`) ON DELETE CASCADE;
-
-ALTER TABLE `marketing_files` 
-ADD CONSTRAINT `fk_marketing_files_folder` 
-FOREIGN KEY (`folder_id`) REFERENCES `marketing_folders`(`id`) ON DELETE SET NULL;
-
-ALTER TABLE `marketing_file_tags` 
-ADD CONSTRAINT `fk_marketing_file_tags_file` 
-FOREIGN KEY (`file_id`) REFERENCES `marketing_files`(`id`) ON DELETE CASCADE;
-
-ALTER TABLE `marketing_file_tags` 
-ADD CONSTRAINT `fk_marketing_file_tags_tag` 
-FOREIGN KEY (`tag_id`) REFERENCES `marketing_tags`(`id`) ON DELETE CASCADE;
-
--- Re-enable foreign key checks
-SET FOREIGN_KEY_CHECKS = 1;
-
--- Insert some default sample data (optional)
--- Uncomment the lines below if you want to start with sample folders and tags
-
--- INSERT INTO `marketing_folders` (`folder_name`, `description`, `createdby`) VALUES
--- ('Product Brochures', 'Marketing brochures and product information', 'system'),
--- ('Technical Specifications', 'Technical documentation and specifications', 'system'),
--- ('Images', 'Product images and photos', 'system'),
--- ('Videos', 'Product videos and demonstrations', 'system');
-
--- INSERT INTO `marketing_tags` (`tag_name`) VALUES
--- ('brochure'),
--- ('specification'),
--- ('manual'),
--- ('image'),
--- ('video'),
--- ('product'),
--- ('marketing'),
--- ('technical');
-
--- Create upload directories (Note: This requires manual creation on file system)
--- Create the following directories in your web server:
--- - ./marketing/uploads/
--- - ./marketing/uploads/thumbs/
--- 
--- Linux/macOS commands:
--- mkdir -p marketing/uploads/thumbs
--- chmod 755 marketing/uploads
--- chmod 755 marketing/uploads/thumbs
\ No newline at end of file
diff --git a/assets/database/migration_profiles_to_rbac.sql b/assets/database/migration_profiles_to_rbac.sql
deleted file mode 100644
index 9c70b64..0000000
--- a/assets/database/migration_profiles_to_rbac.sql
+++ /dev/null
@@ -1,222 +0,0 @@
--- ===================================================
--- PROFILE TO RBAC MIGRATION SCRIPT
--- Date: 2025-01-22
--- Description: Migrate from settingsprofiles.php to user_roles RBAC system
--- Note: Uses existing access_elements table (already populated)
--- ===================================================
-
-START TRANSACTION;
-
--- ===================================================
--- PHASE 1: CREATE ROLES (matching existing profiles)
--- ===================================================
-
-INSERT INTO `user_roles` (`name`, `description`, `is_active`, `created`, `createdby`) VALUES
-('Standard', 'Basic user access - view equipment, history, service reports', 1, NOW(), 1),
-('Superuser', 'Extended access - manage equipment, products, users', 1, NOW(), 1),
-('Admin', 'Administrative access - full management capabilities', 1, NOW(), 1),
-('AdminPlus', 'System administrator - complete system access', 1, NOW(), 1),
-('Build', 'Build tool access only', 1, NOW(), 1),
-('Commerce', 'E-commerce and catalog management', 1, NOW(), 1),
-('Distribution', 'Distribution partner access', 1, NOW(), 1),
-('Firmware', 'Firmware/software update access only', 1, NOW(), 1),
-('Garage', 'Car testing and diagnostics', 1, NOW(), 1),
-('Interface', 'API/Interface access', 1, NOW(), 1),
-('Service', 'Service technician access', 1, NOW(), 1),
-('Other', 'Miscellaneous access level', 1, NOW(), 1)
-ON DUPLICATE KEY UPDATE `description` = VALUES(`description`);
-
--- ===================================================
--- PHASE 2: CREATE ROLE_ACCESS_PERMISSIONS MAPPINGS
--- ===================================================
-
--- Get role IDs
-SET @role_standard = (SELECT rowID FROM user_roles WHERE name = 'Standard' LIMIT 1);
-SET @role_superuser = (SELECT rowID FROM user_roles WHERE name = 'Superuser' LIMIT 1);
-SET @role_admin = (SELECT rowID FROM user_roles WHERE name = 'Admin' LIMIT 1);
-SET @role_adminplus = (SELECT rowID FROM user_roles WHERE name = 'AdminPlus' LIMIT 1);
-SET @role_build = (SELECT rowID FROM user_roles WHERE name = 'Build' LIMIT 1);
-SET @role_commerce = (SELECT rowID FROM user_roles WHERE name = 'Commerce' LIMIT 1);
-SET @role_distribution = (SELECT rowID FROM user_roles WHERE name = 'Distribution' LIMIT 1);
-SET @role_firmware = (SELECT rowID FROM user_roles WHERE name = 'Firmware' LIMIT 1);
-SET @role_garage = (SELECT rowID FROM user_roles WHERE name = 'Garage' LIMIT 1);
-SET @role_interface = (SELECT rowID FROM user_roles WHERE name = 'Interface' LIMIT 1);
-SET @role_service = (SELECT rowID FROM user_roles WHERE name = 'Service' LIMIT 1);
-SET @role_other = (SELECT rowID FROM user_roles WHERE name = 'Other' LIMIT 1);
-
--- ===================================================
--- STANDARD ROLE PERMISSIONS (Read-only)
--- Profile: application,firmwaretool,histories,history,servicereport,servicereports,dashboard,profile,equipment,equipments,products_software
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_standard, rowID, 0, 1, 0, 0 FROM access_elements WHERE access_path IN (
-    'application', 'firmwaretool', 'histories', 'history', 'servicereport', 'servicereports',
-    'dashboard', 'profile', 'equipment', 'equipments', 'products_software'
-)
-ON DUPLICATE KEY UPDATE can_read = 1;
-
--- ===================================================
--- SUPERUSER ROLE PERMISSIONS (Create, Read, Update)
--- Profile: application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,
---          servicereport,servicereports,admin,dashboard,profile,equipment,equipment_manage,
---          equipment_manage_edit,equipments,equipments_mass_update,product,product_manage,products,
---          products_software,products_versions,user,user_manage,users
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_superuser, rowID, 1, 1, 1, 0 FROM access_elements WHERE access_path IN (
-    'application', 'firmwaretool', 'histories', 'history', 'history_manage',
-    'marketing', 'partner', 'partners', 'servicereport', 'servicereports',
-    'dashboard', 'profile', 'equipment', 'equipment_manage',
-    'equipments', 'equipments_mass_update', 'product', 'product_manage', 'products',
-    'products_software', 'products_versions', 'user', 'users'
-)
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1;
-
--- ===================================================
--- ADMIN ROLE PERMISSIONS (Full CRUD)
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_admin, rowID, 1, 1, 1, 1 FROM access_elements WHERE access_path IN (
-    'application', 'buildtool', 'cartest', 'cartest_manage', 'cartests',
-    'changelog', 'communication', 'communication_send', 'communications', 'firmwaretool',
-    'histories', 'history', 'history_manage', 'marketing', 'partner', 'partners',
-    'servicereport', 'servicereports', 'software_available', 'software_download',
-    'software_update', 'softwaretool', 'account', 'accounts', 'dashboard', 'profile',
-    'contract', 'contract_manage', 'contracts', 'equipment', 'equipment_data',
-    'equipment_healthindex', 'equipment_history', 'equipment_manage',
-    'equipments', 'equipments_mass_update', 'product', 'product_manage', 'products',
-    'products_software', 'products_software_assignment', 'products_software_assignments',
-    'products_software_licenses', 'products_versions', 'report_build',
-    'report_contracts_billing', 'report_healthindex', 'rma', 'rma_history',
-    'rma_manage', 'rmas', 'user', 'users'
-)
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1, can_delete = 1;
-
--- ===================================================
--- ADMINPLUS ROLE PERMISSIONS (Full access to everything)
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_adminplus, rowID, 1, 1, 1, 1 FROM access_elements WHERE is_active = 1
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1, can_delete = 1;
-
--- ===================================================
--- BUILD ROLE PERMISSIONS
--- Profile: application,buildtool,firmwaretool,dashboard,profile,products_software
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_build, rowID, 1, 1, 1, 0 FROM access_elements WHERE access_path IN (
-    'application', 'buildtool', 'firmwaretool', 'dashboard', 'profile', 'products_software'
-)
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1;
-
--- ===================================================
--- COMMERCE ROLE PERMISSIONS
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_commerce, rowID, 1, 1, 1, 1 FROM access_elements WHERE access_path IN (
-    'application', 'catalog', 'categories', 'category', 'checkout', 'discount', 'discounts',
-    'identity', 'invoice', 'media', 'media_manage', 'order', 'orders', 'partner', 'partners',
-    'placeorder', 'pricelists', 'pricelists_items', 'pricelists_manage', 'shipping',
-    'shipping_manage', 'shopping_cart', 'taxes', 'transactions', 'transactions_items',
-    'translation_manage', 'translations', 'translations_details', 'uploader',
-    'dashboard', 'profile', 'product', 'product_manage', 'products', 'products_attributes',
-    'products_attributes_items', 'products_attributes_manage', 'products_categories',
-    'products_configurations', 'products_media', 'products_software', 'products_versions',
-    'user', 'users'
-)
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1, can_delete = 1;
-
--- ===================================================
--- DISTRIBUTION ROLE PERMISSIONS
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_distribution, rowID, 1, 1, 1, 0 FROM access_elements WHERE access_path IN (
-    'application', 'firmwaretool', 'histories', 'history', 'history_manage',
-    'marketing', 'partner', 'partners', 'servicereport', 'servicereports',
-    'dashboard', 'profile', 'equipment', 'equipment_manage',
-    'equipments', 'equipments_mass_update', 'product', 'product_manage', 'products',
-    'products_software', 'products_versions', 'user', 'users'
-)
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1;
-
--- ===================================================
--- FIRMWARE ROLE PERMISSIONS
--- Profile: application,software_available,software_download,software_update,softwaretool,
---          transactions,transactions_items,products_software_versions
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_firmware, rowID, 0, 1, 1, 0 FROM access_elements WHERE access_path IN (
-    'application', 'software_available', 'software_download', 'software_update',
-    'softwaretool', 'transactions', 'transactions_items', 'products_software_versions'
-)
-ON DUPLICATE KEY UPDATE can_read = 1, can_update = 1;
-
--- ===================================================
--- GARAGE ROLE PERMISSIONS
--- Profile: application,cartest,cartest_manage,cartests,dashboard,profile,products_versions
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_garage, rowID, 1, 1, 1, 0 FROM access_elements WHERE access_path IN (
-    'application', 'cartest', 'cartest_manage', 'cartests', 'dashboard', 'profile', 'products_versions'
-)
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1;
-
--- ===================================================
--- INTERFACE ROLE PERMISSIONS
--- Profile: application,firmwaretool,invoice,payment,transactions,transactions_items,
---          contract,contracts,equipment_manage,equipments,products_software,products_versions,users
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_interface, rowID, 1, 1, 1, 0 FROM access_elements WHERE access_path IN (
-    'application', 'firmwaretool', 'invoice', 'payment', 'transactions', 'transactions_items',
-    'contract', 'contracts', 'equipment_manage', 'equipments', 'products_software',
-    'products_versions', 'users'
-)
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1;
-
--- ===================================================
--- SERVICE ROLE PERMISSIONS
--- Profile: application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,
---          servicereport,servicereports,admin,dashboard,profile,equipment,equipment_manage,equipments,
---          products_software,user,user_manage,users
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_service, rowID, 1, 1, 1, 0 FROM access_elements WHERE access_path IN (
-    'application', 'firmwaretool', 'histories', 'history', 'history_manage',
-    'marketing', 'partner', 'partners', 'servicereport', 'servicereports',
-    'dashboard', 'profile', 'equipment', 'equipment_manage', 'equipments', 'products_software',
-    'user', 'users'
-)
-ON DUPLICATE KEY UPDATE can_create = 1, can_read = 1, can_update = 1;
-
--- ===================================================
--- OTHER ROLE PERMISSIONS
--- Profile: application,assets,firmwaretool,histories,history,history_manage,marketing,partner,partners,
---          servicereport,servicereports,admin,dashboard,profile,equipment,equipment_manage,equipments,products_software
--- ===================================================
-INSERT INTO `role_access_permissions` (`role_id`, `access_id`, `can_create`, `can_read`, `can_update`, `can_delete`)
-SELECT @role_other, rowID, 0, 1, 1, 0 FROM access_elements WHERE access_path IN (
-    'application', 'firmwaretool', 'histories', 'history', 'history_manage',
-    'marketing', 'partner', 'partners', 'servicereport', 'servicereports',
-    'dashboard', 'profile', 'equipment', 'equipment_manage', 'equipments', 'products_software'
-)
-ON DUPLICATE KEY UPDATE can_read = 1, can_update = 1;
-
--- ===================================================
--- VERIFICATION QUERIES
--- ===================================================
-
--- Check roles created
-SELECT rowID, name, description, is_active FROM user_roles ORDER BY rowID;
-
--- Check permissions per role
-SELECT ur.name as role_name, COUNT(rap.rowID) as permission_count
-FROM user_roles ur
-LEFT JOIN role_access_permissions rap ON ur.rowID = rap.role_id
-GROUP BY ur.rowID, ur.name
-ORDER BY ur.rowID;
-
--- ===================================================
--- Change ROLLBACK to COMMIT when ready to apply
--- ===================================================
-COMMIT;
diff --git a/assets/database/migration_users_to_rbac.sql b/assets/database/migration_users_to_rbac.sql
deleted file mode 100644
index 3fc2400..0000000
--- a/assets/database/migration_users_to_rbac.sql
+++ /dev/null
@@ -1,141 +0,0 @@
--- ===================================================
--- USER TO RBAC ROLE ASSIGNMENT MIGRATION SCRIPT
--- Date: 2025-01-22
--- Description: Migrate users from settings/view fields to user_role_assignments
--- Prerequisites: Run migration_profiles_to_rbac.sql first to create roles
--- ===================================================
-
-START TRANSACTION;
-
--- ===================================================
--- MAPPING REFERENCE:
---
--- users.settings field values -> role names:
---   'admin_profile' or view=4                 -> TSS_Admin
---   'distribution'                            -> Distribution
---   'service'                                 -> Service
---   'firmware'                                -> Software_Tool
---   'interface'                               -> Interface
---   'superuser_profile' or view=1             -> Service
---   All others (including empty/NULL)         -> Service
---
--- IGNORED/REMOVED PROFILES:
---   'standard_profile', 'adminplus_profile', 'build', 'commerce',
---   'garage', 'other'
--- ===================================================
-
--- Get role IDs
-SET @role_tss_admin = (SELECT rowID FROM user_roles WHERE name = 'TSS_Admin' LIMIT 1);
-SET @role_distribution = (SELECT rowID FROM user_roles WHERE name = 'Distribution' LIMIT 1);
-SET @role_service = (SELECT rowID FROM user_roles WHERE name = 'Service' LIMIT 1);
-SET @role_software_tool = (SELECT rowID FROM user_roles WHERE name = 'Software_Tool' LIMIT 1);
-SET @role_interface = (SELECT rowID FROM user_roles WHERE name = 'Interface' LIMIT 1);
-
--- ===================================================
--- PHASE 1: MIGRATE USERS BY SETTINGS FIELD (profile name)
--- ===================================================
-
--- Users with 'admin_profile' setting -> TSS_Admin
-INSERT INTO `user_role_assignments` (`user_id`, `role_id`, `is_active`, `assigned_by`, `assigned_at`, `created`, `createdby`)
-SELECT id, @role_tss_admin, 1, 'migration_script', NOW(), NOW(), 1
-FROM users
-WHERE settings = 'admin_profile'
-ON DUPLICATE KEY UPDATE updated = NOW();
-
--- Users with 'distribution' setting -> Distribution
-INSERT INTO `user_role_assignments` (`user_id`, `role_id`, `is_active`, `assigned_by`, `assigned_at`, `created`, `createdby`)
-SELECT id, @role_distribution, 1, 'migration_script', NOW(), NOW(), 1
-FROM users
-WHERE settings = 'distribution'
-ON DUPLICATE KEY UPDATE updated = NOW();
-
--- Users with 'service' setting -> Service
-INSERT INTO `user_role_assignments` (`user_id`, `role_id`, `is_active`, `assigned_by`, `assigned_at`, `created`, `createdby`)
-SELECT id, @role_service, 1, 'migration_script', NOW(), NOW(), 1
-FROM users
-WHERE settings = 'service'
-ON DUPLICATE KEY UPDATE updated = NOW();
-
--- Users with 'firmware' setting -> Software_Tool
-INSERT INTO `user_role_assignments` (`user_id`, `role_id`, `is_active`, `assigned_by`, `assigned_at`, `created`, `createdby`)
-SELECT id, @role_software_tool, 1, 'migration_script', NOW(), NOW(), 1
-FROM users
-WHERE settings = 'firmware'
-ON DUPLICATE KEY UPDATE updated = NOW();
-
--- Users with 'interface' setting -> Interface
-INSERT INTO `user_role_assignments` (`user_id`, `role_id`, `is_active`, `assigned_by`, `assigned_at`, `created`, `createdby`)
-SELECT id, @role_interface, 1, 'migration_script', NOW(), NOW(), 1
-FROM users
-WHERE settings = 'interface'
-ON DUPLICATE KEY UPDATE updated = NOW();
-
--- Users with 'superuser_profile' setting -> Service
-INSERT INTO `user_role_assignments` (`user_id`, `role_id`, `is_active`, `assigned_by`, `assigned_at`, `created`, `createdby`)
-SELECT id, @role_service, 1, 'migration_script', NOW(), NOW(), 1
-FROM users
-WHERE settings = 'superuser_profile'
-ON DUPLICATE KEY UPDATE updated = NOW();
-
--- ===================================================
--- PHASE 2: MIGRATE USERS WITH EMPTY/NULL SETTINGS (use view field)
--- Only for users not already assigned a role
--- ===================================================
-
--- Users with view=4 (Admin) and no settings -> TSS_Admin
-INSERT INTO `user_role_assignments` (`user_id`, `role_id`, `is_active`, `assigned_by`, `assigned_at`, `created`, `createdby`)
-SELECT u.id, @role_tss_admin, 1, 'migration_script', NOW(), NOW(), 1
-FROM users u
-LEFT JOIN user_role_assignments ura ON u.id = ura.user_id AND ura.is_active = 1
-WHERE (u.settings IS NULL OR u.settings = '')
-  AND u.view = '4'
-  AND ura.rowID IS NULL
-ON DUPLICATE KEY UPDATE updated = NOW();
-
--- ===================================================
--- PHASE 3: CATCH-ALL - Any remaining users without role -> Service
--- ===================================================
-
-INSERT INTO `user_role_assignments` (`user_id`, `role_id`, `is_active`, `assigned_by`, `assigned_at`, `created`, `createdby`)
-SELECT u.id, @role_service, 1, 'migration_script', NOW(), NOW(), 1
-FROM users u
-LEFT JOIN user_role_assignments ura ON u.id = ura.user_id AND ura.is_active = 1
-WHERE ura.rowID IS NULL
-ON DUPLICATE KEY UPDATE updated = NOW();
-
--- ===================================================
--- VERIFICATION QUERIES
--- ===================================================
-
--- Check migration results: users per role
-SELECT
-    ur.name as role_name,
-    COUNT(ura.user_id) as user_count
-FROM user_roles ur
-LEFT JOIN user_role_assignments ura ON ur.rowID = ura.role_id AND ura.is_active = 1
-GROUP BY ur.rowID, ur.name
-ORDER BY user_count DESC;
-
--- Check for users without role assignments (should be 0)
-SELECT COUNT(*) as users_without_role
-FROM users u
-LEFT JOIN user_role_assignments ura ON u.id = ura.user_id AND ura.is_active = 1
-WHERE ura.rowID IS NULL;
-
--- Compare old vs new: show users with their old settings and new role
-SELECT
-    u.id,
-    u.username,
-    u.settings as old_profile,
-    u.view as old_view_level,
-    ur.name as new_role
-FROM users u
-LEFT JOIN user_role_assignments ura ON u.id = ura.user_id AND ura.is_active = 1
-LEFT JOIN user_roles ur ON ura.role_id = ur.rowID
-ORDER BY u.id
-LIMIT 50;
-
--- ===================================================
--- Change ROLLBACK to COMMIT when ready to apply
--- ===================================================
-COMMIT;
diff --git a/firmware/.gitignore b/firmware/.gitignore
new file mode 100644
index 0000000..c96a04f
--- /dev/null
+++ b/firmware/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
\ No newline at end of file
diff --git a/log/.gitignore b/log/.gitignore
new file mode 100644
index 0000000..c96a04f
--- /dev/null
+++ b/log/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
\ No newline at end of file
diff --git a/marketing/.gitignore b/marketing/.gitignore
new file mode 100644
index 0000000..c96a04f
--- /dev/null
+++ b/marketing/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
\ No newline at end of file
diff --git a/settings/acceptance_config.php b/settings/acceptance_config.php
new file mode 100644
index 0000000..6175a8f
--- /dev/null
+++ b/settings/acceptance_config.php
@@ -0,0 +1,83 @@
+<?php
+require 'settingsprofiles.php';
+
+// This will change the title on the website
+define('site_name','Customer Portal - TEST');
+define('site_name_footer','Total Safety Solutions - TEST');
+// This will change the title on browser TAB
+define('site_title','Total Safety Solutions - TEST');
+//Scriptversion
+define('script_version','v5');
+//Enable VeLiTi-issue mgt
+define('veliti_cim',false);
+//Enable VeLiTi-analytics
+define('veliti_analytics',false);
+//Rewrite rule
+define('rewrite_url',true);
+define('news','');
+//maintenance_mode
+define('maintenance_mode_communication',true);
+define('maintenance_mode_notification','Notice: This is a test instance and can go on and offline without notice.');
+define('maintenance_mode',false);
+define('maintenance_mode_user','veliti_admin');
+define('maintenance_mode_text','System in maintenance.');
+define('debug',false);
+define('debug_id','114');
+
+/*Business_Rules*/
+//Business rules
+define('WARRANTY_MONTHS','12');
+define('WARRANTY_ELIGIBILITY_WINDOW','3');
+define('WARRANTY_EXTENDED_MONTH','24');
+define('SERVICE_MONTHS','12');
+//Prevent downgrade from paid to free software versions
+define('PREVENT_PAID_VERSION_DOWNGRADE',true);
+
+/*Security*/
+// Page security
+define('page_security_key','secure_admin_342642');
+define('cronjob_number','25');
+define('header_security',false);
+
+/* Email */
+// The from email that will appear on the customer's order details email
+define('mail_from','CustomerPortal');
+// Your email
+define('email','CustomerPortal@veliti.nl');
+//Additional phpmailer-settings
+define('email_host_name','veliti.nl');
+define('email_reply_to','info@gewoonlekkerspaans.nl');
+define('email_outgoing_pw','306yc%X5f');
+define('email_outgoing_port','465');
+define('email_outgoing_security','ssl');
+// Enable automatice invoice forward to bookkeeping software
+define('invoice_bookkeeping',true);
+// Email of bookkeeping software
+define('email_bookkeeping','finance@totalsafetysolutions.nl');
+
+/* Payment options */
+// Mollie
+define('mollie_enabled',true);
+define('mollie_api_key','test_jFHqrt9KCSvaBwb4En9ttAM9MTrp9W'); //live_WhsBD8qv3ygR9WVKF3KnCvz9zzNaxh
+
+// PayPal
+define('paypal_enabled',true);
+define('PAYPAL_URL','https://api-m.sandbox.paypal.com'); 
+define('PAYPAL_WEBHOOK_ID','0SA327855M129725W'); 
+define('PAYPAL_WEBHOOK','https://acc.veliti.nl/webhook_paypal.php'); 
+define('PAYPAL_CLIENT_ID','ASz3ae7Fx3kFxTe6dCfMP1KkLN2YnfjkuifHT9Lan4nlRjUuUeqlLtYN4qrwUCCGTIRUCAyJ78e2m4Wx'); 
+define('PAYPAL_CLIENT_SECRET','EHLzDaAMMpRUgD0FNL6vMfktaYww-tuhafQwVGV0P-gBIZ9Wb0_VcBiGyRpp0mhYBVx6hULUW5vxc5Ub');
+
+define('pay_on_delivery_enabled',false);
+/*Appearance*/
+//Icon
+define('icon_image','/assets/images/TSS-logo3.png');
+define('color','#005655c2');
+define('color_accent','#2FAC66');
+define('emaillogo','/assets/images/TSSemail.png');
+
+/*Default Users*/
+define('software_update_user','EMP-updater');
+define('software_update_pw','EMP-updater');
+define('interface_user','interface@test.nl');
+define('interface_pw','test1234');
\ No newline at end of file
diff --git a/settings/acceptance_settings.php b/settings/acceptance_settings.php
new file mode 100644
index 0000000..1ea05d5
--- /dev/null
+++ b/settings/acceptance_settings.php
@@ -0,0 +1,111 @@
+<?php
+//------------------------------------------
+//EXCEPTION LIST
+//------------------------------------------
+$serialnumber_exceptions = array("221100XX");
+
+//------------------------------------------
+// Security
+//------------------------------------------
+$security_key = 'secure_34563$52';
+
+//------------------------------------------
+// Base color
+//------------------------------------------
+$color =  '#005655';//'#0b1054';
+$color_accent = '#2FAC66'; //'#ececec';
+
+//------------------------------------------
+// Database settings
+//------------------------------------------
+
+require '/var/www/vhosts/veliti.nl/settings/portalsettings-test.php';
+
+//------------------------------------------
+// Menusetup & settings
+//------------------------------------------
+require 'settingsmenu.php';
+
+//------------------------------------------
+// API BaseUrl
+//------------------------------------------
+$baseurl = 'https://'.$_SERVER['SERVER_NAME'].'/api.php'; //URL of API
+$portalURL = $_SERVER['SERVER_NAME'];
+
+//------------------------------------------
+// Equipmentdetails 
+//------------------------------------------
+$servicedate = date("Y-m-d", strtotime("-365 days"));
+$warrantydate = date("Y-m-d", strtotime("-365 days"));
+$warranty_extended = date("Y-m-d", strtotime("+365 days"));
+$date = date('Y-m-d H:i:s');
+
+$curYear = date("Y", time()); 
+$curMonth = date("m", time()); 
+$curQuarter = (int)ceil($curMonth / 3);
+$curdateObj   = DateTime::createFromFormat('!m', $curMonth);
+$curMonth_name = $curdateObj->format('F');
+//------------------------------------------
+//History Type
+//------------------------------------------
+$type1 = 'General';
+$type2 = 'Customer';
+$type3 = 'Service';
+$type4 = 'Testing';
+$type5 = 'Data';
+$type6 = 'Other';
+$type7 = 'Internal';
+$type8 = 'Ignore';
+$type9 = 'Warranty';
+$type10 = 'Contract';
+$type11 = 'Warranty-Expired';
+$type12 = 'Contract-Expired';
+$type13 = "Order";
+$type14 = "ServiceReport";
+$type15 = "SRIncluded";
+$type16 = "Notes";
+$type17 = "Visual";
+
+$HistoryType_1 = 'Bootloader';
+$HistoryType_2 = 'Firmware';
+$HistoryType_3 = 'SerialNumber';
+$HistoryType_4 = 'Visual_Test';
+$HistoryType_5 = 'Maintenance_Test';
+$HistoryType_6 = 'Assembly_Test';
+$HistoryType_7 = 'ProductNumber';
+$HistoryType_8 = 'Visual';
+$HistoryType_9 = 'ServiceReport';
+//------------------------------------------
+//Permissions CRUD
+//------------------------------------------
+$permission_4 = 'CRUD'; //Admin+
+$permission_3 = 'CRUD'; //Admin
+$permission_2 = 'CRU'; //SuperUser
+$permission_1 = 'CRU'; //CreateUpdate
+$permission_0 = 'R'; //Readonly
+
+$permissionlabel1 = 'Permission';
+$permission1 = 'Superuser'; #1
+$permission2 = 'Create & Update'; #2
+$permission3 = 'read-only'; // #3
+$permission4 = 'Admin';	//#4
+$permission5 = 'Admin+'; // #5
+
+$settingslabel1 = 'profile';
+$setting1 = 'firmware'; //Fix
+$setting2 = 'service';
+$setting3 = 'build'; //Fix
+$setting4 = 'distribution';
+$setting5 = '';
+$setting6 = '';
+$setting7 = ''; //Fix
+$setting8 = 'interface';
+
+//------------------------------------------
+//Partners
+//------------------------------------------
+$partnertype1 = 'SalesID';
+$partnertype2 = 'SoldTo';
+$partnertype3 = 'ShipTo';
+$partnertype4 = 'Location';
+$partnertype5 = 'Section';
diff --git a/settings/config_redirector.php b/settings/config_redirector.php
index b5a86bc..0497918 100644
--- a/settings/config_redirector.php
+++ b/settings/config_redirector.php
@@ -1,31 +1,11 @@
 <?php
 
-//=========================================
-//REDIRECTOR TO CONFIG FILE BASED ON DOMAIN
-//=========================================
-function getDomain($hostname) {
-    // Extract the domain parts
-    $parts = explode('.', $hostname);
-    $count = count($parts);
-    
-    // For hostnames with enough parts to have a subdomain (at least 3 parts)
-    if ($count >= 3) {
-        // Return the second-to-last and third-to-last parts
-        return $parts[$count - 2];
-    } 
-    // For hostnames with just domain and TLD (2 parts)
-    else if ($count == 2) {
-        // Return just the domain part (without the TLD)
-        return $parts[0];
-    }
-    // If it's a single part hostname
-    else {
-        return $hostname;
-    }
-}
+//======================================================================
+//REDIRECTOR TO CONFIG FILE BASED ON .htacces - SetEnv APP_ENV development
+//======================================================================
+$env = getenv('APP_ENV') ?: 'development';
 
-$domain = getDomain($_SERVER['SERVER_NAME']);
-$config_location = ((file_exists(dirname(__FILE__,2).'/custom/'.$domain.'/settings/'.$domain.'_config.php')) ? dirname(__FILE__,2).'/custom/'.$domain.'/settings/'.$domain.'_config.php' : dirname(__FILE__).'/config.php');
+$config_location = ((file_exists(dirname(__FILE__,2).'/custom/'.$env.'/settings/'.$env.'_config.php')) ? dirname(__FILE__,2).'/custom/'.$env.'/settings/'.$env.'_config.php' : dirname(__FILE__).'/'.$env.'_config.php');
 
 include $config_location;
 ?>
\ No newline at end of file
diff --git a/settings/development_config.php b/settings/development_config.php
new file mode 100644
index 0000000..9b3b1b6
--- /dev/null
+++ b/settings/development_config.php
@@ -0,0 +1,83 @@
+<?php
+require 'settingsprofiles.php';
+
+// This will change the title on the website
+define('site_name','Customer Portal - TEST');
+define('site_name_footer','Total Safety Solutions - TEST');
+// This will change the title on browser TAB
+define('site_title','Total Safety Solutions - TEST');
+//Scriptversion
+define('script_version','v3');
+//Enable VeLiTi-issue mgt
+define('veliti_cim',true);
+//Enable VeLiTi-analytics
+define('veliti_analytics',false);
+//Rewrite rule
+define('rewrite_url',true);
+define('news','');
+//maintenance_mode
+define('maintenance_mode_communication',false);
+define('maintenance_mode_notification','Notice: Portal not accessible due to maintenance on May 15th between 12.00 - 13.00 CET.');
+define('maintenance_mode',false);
+define('maintenance_mode_user','veliti_admin');
+define('maintenance_mode_text','System in maintenance');
+define('debug',true);
+define('debug_id','114');
+
+/*Business_Rules*/
+//Business rules
+define('WARRANTY_MONTHS','12');
+define('WARRANTY_ELIGIBILITY_WINDOW','3');
+define('WARRANTY_EXTENDED_MONTH','24');
+define('SERVICE_MONTHS','12');
+//Prevent downgrade from paid to free software versions
+define('PREVENT_PAID_VERSION_DOWNGRADE',false);
+
+/*Security*/
+// Page security
+define('page_security_key','secure_admin_342642');
+define('cronjob_number','25');
+define('header_security',false);
+
+/* Email */
+// The from email that will appear on the customer's order details email
+define('mail_from','CustomerPortal');
+// Your email
+define('email','CustomerPortal@veliti.nl');
+//Additional phpmailer-settings
+define('email_host_name','veliti.nl');
+define('email_reply_to','info@gewoonlekkerspaans.nl');
+define('email_outgoing_pw','306yc%X5f');
+define('email_outgoing_port','465');
+define('email_outgoing_security','ssl');
+// Enable automatice invoice forward to bookkeeping software
+define('invoice_bookkeeping',false);
+// Email of bookkeeping software
+define('email_bookkeeping','');
+
+/* Payment options */
+// Mollie
+define('mollie_enabled',true);
+define('mollie_api_key','test_jFHqrt9KCSvaBwb4En9ttAM9MTrp9W'); //live_WhsBD8qv3ygR9WVKF3KnCvz9zzNaxh
+
+// PayPal
+define('paypal_enabled',true);
+define('PAYPAL_URL','https://api-m.sandbox.paypal.com'); 
+define('PAYPAL_WEBHOOK_ID','3UU05694H1382772B'); 
+define('PAYPAL_WEBHOOK','https://acc.veliti.nl/webhook_paypal.php'); 
+define('PAYPAL_CLIENT_ID','AYI8iqzBSD2rNrPStfC0xd3jNR3WzwrSIbPw7qgrEs_sOIvORJMZp3j2QjG7SOCOyI5OQ1s42IcZAJI-'); 
+define('PAYPAL_CLIENT_SECRET','EEwnnw8adeHicjXSCv9abiQG6_0rCTqDWQAqn3TyMMyz7FURZChL3_ywlHF4BTwqUQtJZsQ4Q_WSwB9R');
+
+define('pay_on_delivery_enabled',false);
+/*Appearance*/
+//Icon
+define('icon_image','/assets/images/TSS-logo3.png');
+define('color','#005655c2');
+define('color_accent','#2FAC66');
+define('emaillogo','/assets/images/TSSemail.png');
+
+/*Default Users*/
+define('software_update_user','EMP-updater');
+define('software_update_pw','EMP-updater');
+define('interface_user','interface@test.nl');
+define('interface_pw','test1234');
\ No newline at end of file
diff --git a/settings/development_settings.php b/settings/development_settings.php
new file mode 100644
index 0000000..9b4e097
--- /dev/null
+++ b/settings/development_settings.php
@@ -0,0 +1,112 @@
+<?php
+//------------------------------------------
+//EXCEPTION LIST
+//------------------------------------------
+$serialnumber_exceptions = array("22050695","22110095");
+
+//------------------------------------------
+// Security
+//------------------------------------------
+$security_key = 'secure_34563$52';
+
+//------------------------------------------
+// Base color
+//------------------------------------------
+$color =  '#005655';//'#0b1054';
+$color_accent = '#2FAC66'; //'#ececec';
+
+//------------------------------------------
+// Database settings
+//------------------------------------------
+
+require '/var/www/vhosts/veliti.nl/settings/portalsettings-acc.php';
+
+//------------------------------------------
+// Menusetup & settings
+//------------------------------------------
+require 'settingsmenu.php';
+
+//------------------------------------------
+// API BaseUrl
+//------------------------------------------
+$baseurl = 'https://'.$_SERVER['SERVER_NAME'].'/api.php'; //URL of API
+$portalURL = $_SERVER['SERVER_NAME'];
+
+//------------------------------------------
+// Equipmentdetails 
+//------------------------------------------
+$servicedate = date("Y-m-d", strtotime("-365 days"));
+$warrantydate = date("Y-m-d", strtotime("-365 days"));
+$warranty_extended = date("Y-m-d", strtotime("+365 days"));
+$date = date('Y-m-d H:i:s');
+
+$curYear = date("Y", time()); 
+$curMonth = date("m", time()); 
+$curQuarter = (int)ceil($curMonth / 3);
+$curdateObj   = DateTime::createFromFormat('!m', $curMonth);
+$curMonth_name = $curdateObj->format('F');
+
+//------------------------------------------
+//History Type
+//------------------------------------------
+$type1 = 'General';
+$type2 = 'Customer';
+$type3 = 'Service';
+$type4 = 'Testing';
+$type5 = 'Data';
+$type6 = 'Other';
+$type7 = 'Internal';
+$type8 = 'Ignore';
+$type9 = 'Warranty';
+$type10 = 'Contract';
+$type11 = 'Warranty-Expired';
+$type12 = 'Contract-Expired';
+$type13 = "Order";
+$type14 = "ServiceReport";
+$type15 = "SRIncluded";
+$type16 = "Notes";
+$type17 = "Visual";
+
+$HistoryType_1 = 'Bootloader';
+$HistoryType_2 = 'Firmware';
+$HistoryType_3 = 'SerialNumber';
+$HistoryType_4 = 'Visual_Test';
+$HistoryType_5 = 'Maintenance_Test';
+$HistoryType_6 = 'Assembly_Test';
+$HistoryType_7 = 'ProductNumber';
+$HistoryType_8 = 'Visual';
+$HistoryType_9 = 'ServiceReport';
+//------------------------------------------
+//Permissions CRUD
+//------------------------------------------
+$permission_4 = 'CRUD'; //Admin+
+$permission_3 = 'CRUD'; //Admin
+$permission_2 = 'CRU'; //SuperUser
+$permission_1 = 'CRU'; //CreateUpdate
+$permission_0 = 'R'; //Readonly
+
+$permissionlabel1 = 'Permission';
+$permission1 = 'Superuser'; #1
+$permission2 = 'Create & Update'; #2
+$permission3 = 'read-only'; // #3
+$permission4 = 'Admin';	//#4
+$permission5 = 'Admin+'; // #5
+
+$settingslabel1 = 'profile';
+$setting1 = 'firmware'; //Fix
+$setting2 = 'service';
+$setting3 = 'build'; //Fix
+$setting4 = 'distribution';
+$setting5 = '';
+$setting6 = '';
+$setting7 = ''; //Fix
+$setting8 = 'interface';
+
+//------------------------------------------
+//Partners
+//------------------------------------------
+$partnertype1 = 'SalesID';
+$partnertype2 = 'SoldTo';
+$partnertype3 = 'ShipTo';
+$partnertype4 = 'Location';
+$partnertype5 = 'Section';
\ No newline at end of file
diff --git a/settings/production_config.php b/settings/production_config.php
new file mode 100644
index 0000000..53167d5
--- /dev/null
+++ b/settings/production_config.php
@@ -0,0 +1,56 @@
+<?php
+require 'settingsprofiles.php';
+
+// This will change the title on the website
+define('site_name','Customer Portal');
+define('site_name_footer','Total Safety Solutions');
+// This will change the title on browser TAB
+define('site_title','Total Safety Solutions');
+//Scriptversion
+define('script_version','v12');
+//Enable VeLiTi-issue mgt
+define('veliti_cim',false);
+//Enable VeLiTi-analytics
+define('veliti_analytics',true);
+//Rewrite rule
+define('rewrite_url',false);
+define('news','');
+//maintenance_mode
+define('maintenance_mode_communication',false);
+define('maintenance_mode_notification','Notice: The Portal is offline due to infrastructure services issues');
+define('maintenance_mode',false);
+define('maintenance_mode_text','Portal not accessible due to infrastructure services issues.');
+define('debug',false);
+define('debug_id','114');
+
+/*Security*/
+// Page security
+define('page_security_key','secure_admin_342642');
+define('cronjob_number','43256');
+define('header_security',false);
+
+/* Email */
+// The from email that will appear on the customer's order details email
+define('mail_from','CustomerPortal');
+// Your email
+define('email','portal@totalsafetysolutions.nl');
+//Additional phpmailer-settings
+define('email_host_name','');
+define('email_reply_to','service@totalsafetysolutions.nl');
+define('email_outgoing_pw','test1234');
+define('email_outgoing_port','587');
+define('email_outgoing_security','tls');
+
+/*Appearance*/
+//Icon
+define('icon_image','/assets/images/TSS-logo3.png');
+define('color','#005655c2');
+define('color_accent','#2FAC66');
+define('emaillogo','/assets/images/tss-green.png');
+
+
+/*Default Users*/
+define('software_update_user','EMP-updater');
+define('software_update_pw','EMP-updater');
+define('interface_user','interface@test.nl');
+define('interface_pw','test1234');
diff --git a/settings/production_settings.php b/settings/production_settings.php
new file mode 100644
index 0000000..a936a59
--- /dev/null
+++ b/settings/production_settings.php
@@ -0,0 +1,112 @@
+<?php
+//------------------------------------------
+//EXCEPTION LIST
+//------------------------------------------
+$serialnumber_exceptions  = array("22050253","22050821","22050799","22050813","22050203","22050810","22050803","22050834","22050811","22050817","22050849","22050820","22050819","22050897","22050924","22050905","22050906","22050670","22050762","22050947","22050948","22050120","22050863","22050571","22050213","22051233","22051226");
+
+//------------------------------------------
+// Security
+//------------------------------------------
+$security_key = 'secure_34563$52';
+
+//------------------------------------------
+// Base color
+//------------------------------------------
+$color =  '#005655';//'#0b1054';
+$color_accent = '#2FAC66'; //'#ececec';
+
+//------------------------------------------
+// Database settings
+//------------------------------------------
+
+require '/var/www/vhosts/veliti.nl/settings/portalsettings-prod.php';
+
+//------------------------------------------
+// Menusetup & settings
+//------------------------------------------
+require 'settingsmenu.php';
+
+//------------------------------------------
+// API BaseUrl
+//------------------------------------------
+$baseurl = 'https://'.$_SERVER['SERVER_NAME'].'/api.php'; //URL of API
+$portalURL = $_SERVER['SERVER_NAME'];
+
+//------------------------------------------
+// Equipmentdetails 
+//------------------------------------------
+$servicedate = date("Y-m-d", strtotime("-365 days"));
+$warrantydate = date("Y-m-d", strtotime("-365 days"));
+$warranty_extended = date("Y-m-d", strtotime("+365 days"));
+$date = date('Y-m-d H:i:s');
+
+$curYear = date("Y", time()); 
+$curMonth = date("m", time()); 
+$curQuarter = (int)ceil($curMonth / 3);
+$curdateObj   = DateTime::createFromFormat('!m', $curMonth);
+$curMonth_name = $curdateObj->format('F');
+//------------------------------------------
+//History Type
+//------------------------------------------
+$type1 = 'General';
+$type2 = 'Customer';
+$type3 = 'Service';
+$type4 = 'Testing';
+$type5 = 'Data';
+$type6 = 'Other';
+$type7 = 'Internal';
+$type8 = 'Ignore';
+$type9 = 'Warranty';
+$type10 = 'Contract';
+$type11 = 'Warranty-Expired';
+$type12 = 'Contract-Expired';
+$type13 = "Order";
+$type14 = "ServiceReport";
+$type15 = "SRIncluded";
+$type16 = "Notes";
+$type17 = "Visual";
+
+$HistoryType_1 = 'Bootloader';
+$HistoryType_2 = 'Firmware';
+$HistoryType_3 = 'SerialNumber';
+$HistoryType_4 = 'Visual_Test';
+$HistoryType_5 = 'Maintenance_Test';
+$HistoryType_6 = 'Assembly_Test';
+$HistoryType_7 = 'ProductNumber';
+$HistoryType_8 = 'Visual';
+$HistoryType_9 = 'ServiceReport';
+//------------------------------------------
+//Permissions CRUD
+//------------------------------------------
+$permission_4 = 'CRUD'; //Admin+
+$permission_3 = 'CRU'; //Admin
+$permission_2 = 'CRU'; //SuperUser
+$permission_1 = 'CRU'; //CreateUpdate
+$permission_0 = 'R'; //Readonly
+
+$permissionlabel1 = 'Permission';
+$permission1 = 'Superuser'; #1
+$permission2 = 'Create & Update'; #2
+$permission3 = 'read-only'; // #3
+$permission4 = 'Admin';	//#4
+$permission5 = 'Admin+'; // #5
+
+$settingslabel1 = 'profile';
+$setting1 = 'firmware'; //Fix
+$setting2 = 'service';
+$setting3 = 'build'; //Fix
+$setting4 = 'distribution';
+$setting5 = '';
+$setting6 = '';
+$setting7 = ''; //Fix
+$setting8 = 'interface';
+
+//------------------------------------------
+//Partners
+//------------------------------------------
+$partnertype1 = 'SalesID';
+$partnertype2 = 'SoldTo';
+$partnertype3 = 'ShipTo';
+$partnertype4 = 'Location';
+$partnertype5 = 'Section';
+
diff --git a/settings/settings_redirector.php b/settings/settings_redirector.php
index 895d4a7..131b70d 100644
--- a/settings/settings_redirector.php
+++ b/settings/settings_redirector.php
@@ -1,27 +1,12 @@
 <?php
 
-//=========================================
-//REDIRECTOR TO CONFIG FILE BASED ON DOMAIN
-//=========================================
 
-    $parts = explode('.', $_SERVER['SERVER_NAME']);
-    $count = count($parts);
-    
-    // For hostnames with enough parts to have a subdomain (at least 3 parts)
-    if ($count >= 3) {
-        // Return the second-to-last and third-to-last parts
-        $domain = $parts[$count - 2];
-    } 
-    // For hostnames with just domain and TLD (2 parts)
-    else if ($count == 2) {
-        // Return just the domain part (without the TLD)
-        $domain =  $parts[0];
-    }
-    // If it's a single part hostname
-    else {
-        $domain =  $hostname;
-    }
+//======================================================================
+//REDIRECTOR TO settings FILE BASED ON .htacces - SetEnv APP_ENV development
+//======================================================================
+$env = getenv('APP_ENV') ?: 'development';
+
+$settings_location = ((file_exists(dirname(__FILE__,2).'/custom/'.$env.'/settings/'.$env.'_settings.php')) ? dirname(__FILE__,2).'/custom/'.$env.'/settings/'.$env.'_settings.php' : dirname(__FILE__).'/'.$env.'_settings.php');
 
-$settings_location = ((file_exists(dirname(__FILE__,2).'/custom/'.$domain.'/settings/'.$domain.'_settings.php')) ? dirname(__FILE__,2).'/custom/'.$domain.'/settings/'.$domain.'_settings.php' : dirname(__FILE__).'/settings.php');
 include $settings_location;
 ?>
\ No newline at end of file