diff --git a/.idea/dataSources.xml b/.idea/dataSources.xml
index c664185..701773f 100644
--- a/.idea/dataSources.xml
+++ b/.idea/dataSources.xml
@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
   <component name="DataSourceManagerImpl" format="xml" multifile-model="true">
-    <data-source source="LOCAL" name="FSST" uuid="f9586db9-d1df-45a2-a60a-9a8716a08fec">
+    <data-source source="LOCAL" name="VPS" uuid="f9586db9-d1df-45a2-a60a-9a8716a08fec">
       <driver-ref>mysql.8</driver-ref>
       <synchronize>true</synchronize>
       <jdbc-driver>com.mysql.cj.jdbc.Driver</jdbc-driver>
-      <jdbc-url>jdbc:mysql://localhost:3306/FSST</jdbc-url>
+      <jdbc-url>jdbc:mysql://localhost:3306/</jdbc-url>
       <working-dir>$ProjectFileDir$</working-dir>
     </data-source>
   </component>
diff --git a/.idea/php.xml b/.idea/php.xml
index 01ce694..9ced3ac 100644
--- a/.idea/php.xml
+++ b/.idea/php.xml
@@ -15,7 +15,7 @@
       <phpcs_by_interpreter asDefaultInterpreter="true" interpreter_id="b74b3486-711a-42ad-bf18-c51cc1addaa5" timeout="30000" />
     </phpcs_settings>
   </component>
-  <component name="PhpProjectSharedConfiguration" php_language_level="7.0">
+  <component name="PhpProjectSharedConfiguration" php_language_level="8.2">
     <option name="suggestChangeDefaultLanguageLevel" value="false" />
   </component>
   <component name="PhpStan">
diff --git a/account.php b/account.php
index 7d026ee..7934150 100644
--- a/account.php
+++ b/account.php
@@ -10,30 +10,18 @@ if (empty($_SESSION['user_id']))
 
 $userId = (int)$_SESSION['user_id'];
 
-$servername = "localhost";
-$port = 3306;
-$username = "FSST";
-$password = "L9wUNZZ9Qkbt";
-$db = "FSST";
+$conn = db_connect();
 
-$conn = mysqli_connect($servername, $username, $password, $db, $port);
-if (!$conn)
-{
+$stmt = $conn->prepare('SELECT userID, displayName, email, profilePicture FROM users WHERE userID = ? LIMIT 1');
+if (!$stmt) {
     http_response_code(500);
-    die("Datenbankfehler");
+    die('Datenbankfehler');
 }
 
-$stmt = mysqli_prepare($conn, "SELECT userID, displayName, email, profilePicture FROM users WHERE userID = ? LIMIT 1");
-if (!$stmt)
-{
-    http_response_code(500);
-    die("Datenbankfehler");
-}
+$stmt->bind_param('i', $userId);
+$stmt->execute();
 
-mysqli_stmt_bind_param($stmt, "i", $userId);
-mysqli_stmt_execute($stmt);
-
-$result = mysqli_stmt_get_result($stmt);
+$result = $stmt->get_result();
 
 if ($result)
 {
@@ -44,8 +32,8 @@ else
     $user = null;
 }
 
-mysqli_stmt_close($stmt);
-mysqli_close($conn);
+$stmt->close();
+$conn->close();
 
 if (!$user)
 {
diff --git a/compcards.php b/compcards.php
index f851fbe..ffdae3b 100644
--- a/compcards.php
+++ b/compcards.php
@@ -1,23 +1,14 @@
 <?php
 // login.php
 
+require_once __DIR__ . '/lib/bootstrap.php';
+
 ini_set('display_errors', 1);
 ini_set('display_startup_errors', 1);
 error_reporting(E_ALL);
 
 // 1) DB-Verbindung (einmal)
-$servername = "localhost";
-$port = 3306;
-$username = "FSST";
-$password = "L9wUNZZ9Qkbt";
-$db = "FSST";
-
-$conn = mysqli_connect($servername, $username, $password, $db, $port);
-if (!$conn)
-{
-    http_response_code(500);
-    die("Datenbankfehler");
-}
+$conn = db_connect();
 ?>
 
 <?php
diff --git a/lib/bootstrap.php b/lib/bootstrap.php
index ec4d41a..e34323c 100644
--- a/lib/bootstrap.php
+++ b/lib/bootstrap.php
@@ -4,6 +4,8 @@
 // - setzt sinnvolle PHP-Error-Settings für die Entwicklung
 // - lädt die Rollen des eingeloggten Users bei jedem Request
 
+require_once __DIR__ . '/db.php';
+
 ini_set('display_errors', '1');
 ini_set('display_startup_errors', '1');
 error_reporting(E_ALL);
@@ -14,24 +16,22 @@ if (session_status() !== PHP_SESSION_ACTIVE) {
 
 // Rollen bei jedem Request aus der DB aktualisieren
 if (!empty($_SESSION['user_id'])) {
-    $__bsConn = new mysqli('localhost', 'FSST', 'L9wUNZZ9Qkbt', 'FSST', 3306);
-    if (!$__bsConn->connect_error) {
-        $__bsStmt = $__bsConn->prepare(
-            'SELECT r.name FROM userRoles ur JOIN roles r ON r.roleID = ur.roleID WHERE ur.userID = ?'
-        );
-        if ($__bsStmt) {
-            $__bsUid = (int)$_SESSION['user_id'];
-            $__bsStmt->bind_param('i', $__bsUid);
-            $__bsStmt->execute();
-            $__bsResult = $__bsStmt->get_result();
-            $_SESSION['user_roles'] = [];
-            while ($__bsRow = $__bsResult->fetch_assoc()) {
-                $_SESSION['user_roles'][] = $__bsRow['name'];
-            }
-            $__bsStmt->close();
+    $__bsConn = db_connect();
+    $__bsStmt = $__bsConn->prepare(
+        'SELECT r.name FROM userRoles ur JOIN roles r ON r.roleID = ur.roleID WHERE ur.userID = ?'
+    );
+    if ($__bsStmt) {
+        $__bsUid = (int)$_SESSION['user_id'];
+        $__bsStmt->bind_param('i', $__bsUid);
+        $__bsStmt->execute();
+        $__bsResult = $__bsStmt->get_result();
+        $_SESSION['user_roles'] = [];
+        while ($__bsRow = $__bsResult->fetch_assoc()) {
+            $_SESSION['user_roles'][] = $__bsRow['name'];
         }
-        $__bsConn->close();
+        $__bsStmt->close();
     }
+    $__bsConn->close();
 } else {
     $_SESSION['user_roles'] = [];
 }
diff --git a/lib/config.php b/lib/config.php
new file mode 100644
index 0000000..5d095bc
--- /dev/null
+++ b/lib/config.php
@@ -0,0 +1,17 @@
+<?php
+// Zentrale Konfiguration
+// Hinweis: In Produktion idealerweise per Environment-Variablen setzen.
+
+declare(strict_types=1);
+
+return [
+    'db' => [
+        'host' => getenv('GEIZKRAGEN_DB_HOST') ?: 'localhost',
+        'port' => (int)(getenv('GEIZKRAGEN_DB_PORT') ?: 3306),
+        'user' => getenv('GEIZKRAGEN_DB_USER') ?: 'FSST',
+        'pass' => getenv('GEIZKRAGEN_DB_PASS') ?: 'L9wUNZZ9Qkbt',
+        'name' => getenv('GEIZKRAGEN_DB_NAME') ?: 'FSST',
+        'charset' => getenv('GEIZKRAGEN_DB_CHARSET') ?: 'utf8mb4',
+    ],
+];
+
diff --git a/lib/db.php b/lib/db.php
new file mode 100644
index 0000000..cc76c78
--- /dev/null
+++ b/lib/db.php
@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * Liefert eine MySQLi-Verbindung anhand der zentralen Konfiguration.
+ *
+ * Nutzung:
+ *   $conn = db_connect();
+ */
+function db_connect(): mysqli
+{
+    static $cfg;
+    if ($cfg === null) {
+        /** @var array{db: array{host:string,port:int,user:string,pass:string,name:string,charset:string}} $cfg */
+        $cfg = require __DIR__ . '/config.php';
+    }
+
+    $db = $cfg['db'];
+
+    $conn = new mysqli($db['host'], $db['user'], $db['pass'], $db['name'], $db['port']);
+    if ($conn->connect_error) {
+        http_response_code(500);
+        die('Datenbankfehler');
+    }
+
+    // Einheitliches Charset (wichtig für Umlaute/Emojis & Sicherheit)
+    $conn->set_charset($db['charset']);
+
+    return $conn;
+}
+
diff --git a/login.php b/login.php
index 92709bf..1537df5 100644
--- a/login.php
+++ b/login.php
@@ -4,18 +4,7 @@
 require_once __DIR__ . '/lib/bootstrap.php';
 
 // 1) DB-Verbindung (einmal)
-$servername = "localhost";
-$port = 3306;
-$username = "FSST";
-$password = "L9wUNZZ9Qkbt";
-$db = "FSST";
-
-$conn = mysqli_connect($servername, $username, $password, $db, $port);
-if (!$conn)
-{
-    http_response_code(500);
-    die("Datenbankfehler");
-}
+$conn = db_connect();
 
 // 2) POST-Verarbeitung VOR jeglicher Ausgabe
 $loginError = null;
diff --git a/productAdder.php b/productAdder.php
index 0edea3b..6dfac30 100644
--- a/productAdder.php
+++ b/productAdder.php
@@ -30,10 +30,7 @@ if (isset($_GET['categoryID']) && ctype_digit($_GET['categoryID'])) {
 /* =======================
    2) DB-Verbindung
    ======================= */
-$conn = new mysqli("localhost", "FSST", "L9wUNZZ9Qkbt", "FSST", 3306);
-if ($conn->connect_error) {
-    die("Datenbankfehler");
-}
+$conn = db_connect();
 
 /* =======================
    3) Kategorien laden
@@ -89,10 +86,10 @@ $debugMode = isset($_GET['debug']) && $_GET['debug'] === '1';
 $debugDetails = [];
 if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['saveProduct'])) {
 
-    $model       = trim($_POST['model']);
+    $model = trim($_POST['model']);
     $description = $_POST['description'] ?? null;
-    $categoryID  = (int)$_POST['categoryID'];
-    $brandID     = (int)($_POST['brandID'] ?? 0);
+    $categoryID = (int)$_POST['categoryID'];
+    $brandID = (int)($_POST['brandID'] ?? 0);
 
     $imageUrl = trim((string)($_POST['imageUrl'] ?? ''));
     $imageFile = (isset($_FILES['productImage']) && is_array($_FILES['productImage'])) ? $_FILES['productImage'] : null;
@@ -130,8 +127,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['saveProduct'])) {
                 $saveError = 'Upload-Datei ungueltig.';
             } else {
                 $allowedMimeToExt = [
-                    'image/jpeg' => 'jpg',
-                    'image/png' => 'png',
+                        'image/jpeg' => 'jpg',
+                        'image/png' => 'png',
                 ];
 
                 $mime = null;
@@ -199,8 +196,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['saveProduct'])) {
                     $documentRoot = isset($_SERVER['DOCUMENT_ROOT']) ? (string)$_SERVER['DOCUMENT_ROOT'] : '';
                     $docRootTrim = rtrim($documentRoot, "\\/");
                     $docTargetDir = ($docRootTrim !== '')
-                        ? $docRootTrim . DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $relativeTargetDir)
-                        : '';
+                            ? $docRootTrim . DIRECTORY_SEPARATOR . str_replace('/', DIRECTORY_SEPARATOR, $relativeTargetDir)
+                            : '';
 
                     $targetDir = $dirTargetDir;
                     if ($docTargetDir !== '' && !is_dir($dirTargetDir) && is_dir($docTargetDir)) {
@@ -268,7 +265,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['saveProduct'])) {
 
                         $valueString = null;
                         $valueNumber = null;
-                        $valueBool   = null;
+                        $valueBool = null;
 
                         if (is_numeric($value)) {
                             $valueNumber = $value;
@@ -279,12 +276,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['saveProduct'])) {
                         }
 
                         $stmtAttr->bind_param(
-                            "iisdi",
-                            $productID,
-                            $attributeID,
-                            $valueString,
-                            $valueNumber,
-                            $valueBool
+                                "iisdi",
+                                $productID,
+                                $attributeID,
+                                $valueString,
+                                $valueNumber,
+                                $valueBool
                         );
                         $stmtAttr->execute();
                     }
@@ -314,11 +311,12 @@ include 'header.php';
             <form method="get" class="auth__form">
                 <div class="auth__select__wrap">
                     <label class="auth__select__label" for="categoryID">Kategorie</label>
-                    <select id="categoryID" name="categoryID" class="auth__select" onchange="this.form.submit()" required>
+                    <select id="categoryID" name="categoryID" class="auth__select" onchange="this.form.submit()"
+                            required>
                         <option value="">Kategorie wählen</option>
                         <?php foreach ($categories as $cat): ?>
                             <option value="<?= $cat['categoryID'] ?>"
-                                <?= $cat['categoryID'] === $categoryID ? 'selected' : '' ?>>
+                                    <?= $cat['categoryID'] === $categoryID ? 'selected' : '' ?>>
                                 <?= htmlspecialchars($cat['name']) ?>
                             </option>
                         <?php endforeach; ?>
@@ -381,9 +379,9 @@ include 'header.php';
                         </label>
 
                         <input
-                            type="<?= $attr['dataType'] === 'number' ? 'number' : 'text' ?>"
-                            name="attributes[<?= $attr['attributeID'] ?>]"
-                            class="auth__input"
+                                type="<?= $attr['dataType'] === 'number' ? 'number' : 'text' ?>"
+                                name="attributes[<?= $attr['attributeID'] ?>]"
+                                class="auth__input"
                         >
                     <?php endforeach; ?>
 
diff --git a/productpage.php b/productpage.php
index 77eb185..02767af 100644
--- a/productpage.php
+++ b/productpage.php
@@ -4,18 +4,7 @@
 require_once __DIR__ . '/lib/bootstrap.php';
 
 // 1) DB-Verbindung (einmal)
-$servername = "localhost";
-$port = 3306;
-$username = "FSST";
-$password = "L9wUNZZ9Qkbt";
-$db = "FSST";
-
-$conn = mysqli_connect($servername, $username, $password, $db, $port);
-if (!$conn)
-{
-    http_response_code(500);
-    die("Datenbankfehler");
-}
+$conn = db_connect();
 
 $productId = isset($_GET['id']) ? (int)$_GET['id'] : 0;
 ?>
diff --git a/register.php b/register.php
index f2038a0..7a02b86 100644
--- a/register.php
+++ b/register.php
@@ -6,18 +6,7 @@ require_once __DIR__ . '/lib/bootstrap.php';
 require_once __DIR__ . '/lib/strings.php';
 
 // 1) DB-Verbindung (einmal)
-$servername = "localhost";
-$port = 3306;
-$username = "FSST";
-$password = "L9wUNZZ9Qkbt";
-$db = "FSST";
-
-$conn = mysqli_connect($servername, $username, $password, $db, $port);
-if (!$conn)
-{
-    http_response_code(500);
-    die("Datenbankfehler");
-}
+$conn = db_connect();
 
 $errors = [];
 $values = [
diff --git a/upload.php b/upload.php
index 3e745d9..91ee90d 100644
--- a/upload.php
+++ b/upload.php
@@ -121,16 +121,8 @@ $publicPath = 'assets/images/profilePictures/' . $filename;
 
 $servername = "localhost";
 $port = 3306;
-$username = "FSST";
-$password = "L9wUNZZ9Qkbt";
-$db = "FSST";
 
-$conn = mysqli_connect($servername, $username, $password, $db, $port);
-if (!$conn)
-{
-    header('Location: account.php?upload=err');
-    exit();
-}
+$conn = db_connect();
 
 $stmt = mysqli_prepare($conn, "UPDATE users SET profilePicture = ? WHERE userID = ?");
 if (!$stmt)
@@ -143,7 +135,7 @@ if (!$stmt)
 mysqli_stmt_bind_param($stmt, 'si', $publicPath, $userId);
 $ok = mysqli_stmt_execute($stmt);
 mysqli_stmt_close($stmt);
-mysqli_close($conn);
+$conn->close();
 
 if (!$ok)
 {
diff --git a/wunschliste.php b/wunschliste.php
index f63c2a0..7bfcb27 100644
--- a/wunschliste.php
+++ b/wunschliste.php
@@ -4,18 +4,7 @@
 require_once __DIR__ . '/lib/bootstrap.php';
 
 // 1) DB-Verbindung (einmal)
-$servername = "localhost";
-$port = 3306;
-$username = "FSST";
-$password = "L9wUNZZ9Qkbt";
-$db = "FSST";
-
-$conn = mysqli_connect($servername, $username, $password, $db, $port);
-if (!$conn)
-{
-    http_response_code(500);
-    die("Datenbankfehler");
-}
+$conn = db_connect();
 
 // Login-Check + Redirect MUSS vor jeglicher HTML-Ausgabe passieren
 if (!isset($_SESSION['user_id'])) {