Personal Website

Open-source content management system, used for this website. It's written in PHP 7, MySQL and jQuery, with the libraries Klein.php and Mailer. Repository at Gitea, GitHub or GitLab.

Features:

  • PHP 7
  • Composer
  • MVC design pattern
  • MySQL database for storing data
  • CMS with CRUD functions for managing data
  • ORM for mapping between PHP classes and data
  • Login system
    • Stay logged in using cookies
    • Forget password with a generated link send using mail
  • Security mitigations
    • Password hashing using BCrypt
    • Per-user cryptographically secure generated salt
    • SQL injection protection using prepared statements
    • XSS
      • Cookies set to 'HttpOnly'
      • Escape rendered user input using: htmlentities(ENT_QUOTES | ENT_HTML5, 'UTF-8');
    • CSRF
      • Cookies 'SameSite' set to 'Strict'
      • Token for each session used in POST/PUT/DELETE requests
  • Bootstrap
  • jQuery

Directory structure: 

.
├── app
│   ├── classes
│   │   └── <classes>
│   ├── controllers
│   │   └── <controllers>
│   ├── helper.php
│   ├── model
│   │   └── <models>
│   ├── seed.php
│   ├── traits
│   │   └── Log.php
│   └── views
│       └── <views>
├── composer.json
├── config.php
├── config.php.example
├── public
│   ├── index.php
│   └── <files>
├── route.php
├── syncconfig.sh
├── syncconfig.sh.example
└── sync.sh

Pictured below is the EER (Enhanced entity-relationship) diagram of the MySQL database:


Some of the pages of the CMS.

Admin menu.
CRUD index page, displaying all the entries of this table, including pagination.

CRUD edit page, editing an entry.
CRUD show page, show all values of an entry.

Login page.
Password reset page, showing a flash message.
© 2024 Rick van Vonderen