updated EVERYTHING

.gitignore

@@ -0,0 +1 @@
+main/config.php 

README.txt

@@ -3,12 +3,39 @@ Text0Nly - Simple PGP-enabled messenger
 Installation:
 
 1. Database setup:
-   mysql -u root -p
-   CREATE DATABASE messenger;
-   USE messenger;
-   source main/db.sql
 
-2. Apache setup:
+   a. Start MySQL and set root password:
+      mysql_secure_installation
+      # Follow prompts to set root password and secure installation
+
+   b. Create database and user:
+      mysql -u root -p
+      # Enter your root password when prompted
+      
+      CREATE DATABASE messenger;
+      USE messenger;
+      source main/db.sql;
+      
+      # Create user with password
+      CREATE USER 'messenger'@'localhost' IDENTIFIED BY 'your_secure_password';
+      GRANT ALL PRIVILEGES ON messenger.* TO 'messenger'@'localhost';
+      FLUSH PRIVILEGES;
+      exit;
+
+   c. Test connection:
+      mysql -u messenger -p
+      # Enter your messenger user password
+      # If you can connect, the user is set up correctly
+
+2. Configuration:
+   Copy main/config.php.example to main/config.php
+   Edit main/config.php and set your database credentials:
+   - host: usually 'localhost'
+   - name: 'messenger'
+   - user: 'messenger'
+   - pass: your_secure_password from step 1b
+
+3. Apache setup:
 
 CentOS:
    yum install httpd php php-mysqlnd mariadb-server
@@ -51,6 +78,7 @@ Files:
    configs/apache.conf.centos - Apache config for CentOS
    configs/apache.conf.debian - Apache config for Debian/Alpine
    configs/php.ini - PHP configuration
+   main/config.php - Database configuration (create from config.php.example)
    main/db.sql - Database structure
    main/index.php - Main page
    main/register.php - Registration

main/api.php

@@ -5,7 +5,12 @@ header('X-Frame-Options: DENY');
 header('X-XSS-Protection: 1; mode=block');
 header('Content-Security-Policy: default-src \'self\'');
 
-$db = new PDO('mysql:host=localhost;dbname=messenger', 'root', '');
+$config = require 'config.php';
+$db = new PDO(
+    "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", 
+    $config['db']['user'], 
+    $config['db']['pass']
+);
 $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 
 if ($_SERVER['REQUEST_METHOD'] !== 'POST') {

main/config.php.example

@@ -0,0 +1,9 @@
+<?php
+return [
+    'db' => [
+        'host' => 'localhost',
+        'name' => 'messenger',
+        'user' => 'messenger',
+        'pass' => 'your_password'
+    ]
+]; 

main/index.php

@@ -4,8 +4,14 @@ header('X-Frame-Options: DENY');
 header('X-XSS-Protection: 1; mode=block');
 header('Content-Security-Policy: default-src \'self\'');
 
+$config = require 'config.php';
+
 try {
-    $db = new PDO('mysql:host=localhost;dbname=messenger', 'root', '');
+    $db = new PDO(
+        "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", 
+        $config['db']['user'], 
+        $config['db']['pass']
+    );
     $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 } catch (PDOException $e) {
     die('Connection failed: ' . $e->getMessage());

main/register.php

@@ -5,7 +5,12 @@ header('X-Frame-Options: DENY');
 header('X-XSS-Protection: 1; mode=block');
 header('Content-Security-Policy: default-src \'self\'');
 
-$db = new PDO('mysql:host=localhost;dbname=messenger', 'root', '');
+$config = require 'config.php';
+$db = new PDO(
+    "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", 
+    $config['db']['user'], 
+    $config['db']['pass']
+);
 $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 
 $error = '';