diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..dfd38ca --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +main/config.php \ No newline at end of file diff --git a/README.txt b/README.txt index fd9f4f6..5e349dc 100644 --- a/README.txt +++ b/README.txt @@ -3,12 +3,39 @@ Text0Nly - Simple PGP-enabled messenger Installation: 1. Database setup: - mysql -u root -p - CREATE DATABASE messenger; - USE messenger; - source main/db.sql -2. Apache setup: + a. Start MySQL and set root password: + mysql_secure_installation + # Follow prompts to set root password and secure installation + + b. Create database and user: + mysql -u root -p + # Enter your root password when prompted + + CREATE DATABASE messenger; + USE messenger; + source main/db.sql; + + # Create user with password + CREATE USER 'messenger'@'localhost' IDENTIFIED BY 'your_secure_password'; + GRANT ALL PRIVILEGES ON messenger.* TO 'messenger'@'localhost'; + FLUSH PRIVILEGES; + exit; + + c. Test connection: + mysql -u messenger -p + # Enter your messenger user password + # If you can connect, the user is set up correctly + +2. Configuration: + Copy main/config.php.example to main/config.php + Edit main/config.php and set your database credentials: + - host: usually 'localhost' + - name: 'messenger' + - user: 'messenger' + - pass: your_secure_password from step 1b + +3. Apache setup: CentOS: yum install httpd php php-mysqlnd mariadb-server @@ -51,6 +78,7 @@ Files: configs/apache.conf.centos - Apache config for CentOS configs/apache.conf.debian - Apache config for Debian/Alpine configs/php.ini - PHP configuration + main/config.php - Database configuration (create from config.php.example) main/db.sql - Database structure main/index.php - Main page main/register.php - Registration diff --git a/main/api.php b/main/api.php index d31f6bf..ceb36d8 100644 --- a/main/api.php +++ b/main/api.php @@ -5,7 +5,12 @@ header('X-Frame-Options: DENY'); header('X-XSS-Protection: 1; mode=block'); header('Content-Security-Policy: default-src \'self\''); -$db = new PDO('mysql:host=localhost;dbname=messenger', 'root', ''); +$config = require 'config.php'; +$db = new PDO( + "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", + $config['db']['user'], + $config['db']['pass'] +); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); if ($_SERVER['REQUEST_METHOD'] !== 'POST') { diff --git a/main/config.php.example b/main/config.php.example new file mode 100644 index 0000000..9083de1 --- /dev/null +++ b/main/config.php.example @@ -0,0 +1,9 @@ + [ + 'host' => 'localhost', + 'name' => 'messenger', + 'user' => 'messenger', + 'pass' => 'your_password' + ] +]; \ No newline at end of file diff --git a/main/index.php b/main/index.php index cad5fc9..5bf3fe7 100644 --- a/main/index.php +++ b/main/index.php @@ -4,8 +4,14 @@ header('X-Frame-Options: DENY'); header('X-XSS-Protection: 1; mode=block'); header('Content-Security-Policy: default-src \'self\''); +$config = require 'config.php'; + try { - $db = new PDO('mysql:host=localhost;dbname=messenger', 'root', ''); + $db = new PDO( + "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", + $config['db']['user'], + $config['db']['pass'] + ); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { die('Connection failed: ' . $e->getMessage()); diff --git a/main/register.php b/main/register.php index cb22070..060ca94 100644 --- a/main/register.php +++ b/main/register.php @@ -5,7 +5,12 @@ header('X-Frame-Options: DENY'); header('X-XSS-Protection: 1; mode=block'); header('Content-Security-Policy: default-src \'self\''); -$db = new PDO('mysql:host=localhost;dbname=messenger', 'root', ''); +$config = require 'config.php'; +$db = new PDO( + "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", + $config['db']['user'], + $config['db']['pass'] +); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $error = '';