Upgraded to 1.1.0
1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
|
|
|
-- Domain Monitor v1.1.0 - Complete Initial Schema
|
|
|
|
|
-- This consolidated migration includes all features for fresh installations
|
|
|
|
|
|
|
|
|
|
-- =====================================================
|
2025-10-20 21:55:04 +03:00
|
|
|
-- USER MANAGEMENT & AUTHENTICATION (must be first)
|
Upgraded to 1.1.0
1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
|
|
|
-- =====================================================
|
|
|
|
|
|
2025-10-20 21:55:04 +03:00
|
|
|
-- Users table (must be created first - referenced by other tables)
|
Upgraded to 1.1.0
1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
|
|
|
CREATE TABLE IF NOT EXISTS users (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
username VARCHAR(100) NOT NULL UNIQUE,
|
|
|
|
|
password VARCHAR(255) NOT NULL,
|
|
|
|
|
email VARCHAR(255),
|
|
|
|
|
email_verified BOOLEAN DEFAULT FALSE,
|
|
|
|
|
email_verification_token VARCHAR(255) NULL,
|
|
|
|
|
email_verification_sent_at TIMESTAMP NULL,
|
2025-10-20 21:15:09 +03:00
|
|
|
two_factor_enabled BOOLEAN DEFAULT FALSE,
|
|
|
|
|
two_factor_secret VARCHAR(32) NULL,
|
|
|
|
|
two_factor_backup_codes TEXT NULL,
|
|
|
|
|
two_factor_setup_at TIMESTAMP NULL,
|
Upgraded to 1.1.0
1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
|
|
|
full_name VARCHAR(255),
|
|
|
|
|
role VARCHAR(50) DEFAULT 'user',
|
|
|
|
|
is_active BOOLEAN DEFAULT TRUE,
|
|
|
|
|
last_login TIMESTAMP NULL,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
|
|
|
|
INDEX idx_username (username),
|
|
|
|
|
INDEX idx_email (email),
|
|
|
|
|
INDEX idx_role (role)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
2025-10-09 18:34:09 +03:00
|
|
|
-- Insert default admin user (credentials will be set during installation)
|
Upgraded to 1.1.0
1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
|
|
|
INSERT INTO users (username, password, email, full_name, is_active, role, email_verified) VALUES
|
2025-10-09 18:34:09 +03:00
|
|
|
('{{ADMIN_USERNAME}}', '{{ADMIN_PASSWORD_HASH}}', '{{ADMIN_EMAIL}}', 'Administrator', 1, 'admin', 1)
|
Upgraded to 1.1.0
1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
|
|
|
ON DUPLICATE KEY UPDATE username=username;
|
|
|
|
|
|
|
|
|
|
-- Password reset tokens table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS password_reset_tokens (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
user_id INT NOT NULL,
|
|
|
|
|
token VARCHAR(255) NOT NULL UNIQUE,
|
|
|
|
|
expires_at TIMESTAMP NOT NULL,
|
|
|
|
|
used BOOLEAN DEFAULT FALSE,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
|
|
|
|
|
INDEX idx_token (token),
|
|
|
|
|
INDEX idx_user_id (user_id),
|
|
|
|
|
INDEX idx_expires_at (expires_at)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- Sessions table (database-backed sessions)
|
|
|
|
|
CREATE TABLE IF NOT EXISTS sessions (
|
|
|
|
|
id VARCHAR(128) NOT NULL PRIMARY KEY,
|
|
|
|
|
user_id INT DEFAULT NULL,
|
|
|
|
|
ip_address VARCHAR(45) NOT NULL,
|
|
|
|
|
user_agent TEXT,
|
|
|
|
|
country VARCHAR(100) DEFAULT NULL,
|
|
|
|
|
country_code VARCHAR(2) DEFAULT NULL,
|
|
|
|
|
region VARCHAR(100) DEFAULT NULL,
|
|
|
|
|
city VARCHAR(100) DEFAULT NULL,
|
|
|
|
|
isp VARCHAR(255) DEFAULT NULL,
|
|
|
|
|
timezone VARCHAR(50) DEFAULT NULL,
|
|
|
|
|
payload MEDIUMTEXT NOT NULL,
|
|
|
|
|
last_activity INT UNSIGNED NOT NULL,
|
|
|
|
|
created_at INT UNSIGNED NOT NULL,
|
|
|
|
|
INDEX idx_user_id (user_id),
|
|
|
|
|
INDEX idx_last_activity (last_activity),
|
|
|
|
|
INDEX idx_created_at (created_at),
|
|
|
|
|
CONSTRAINT fk_sessions_user FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- Remember me tokens table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS remember_tokens (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
user_id INT NOT NULL,
|
|
|
|
|
session_id VARCHAR(128) DEFAULT NULL,
|
|
|
|
|
token VARCHAR(255) NOT NULL UNIQUE,
|
|
|
|
|
expires_at TIMESTAMP NOT NULL,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
|
|
|
|
|
FOREIGN KEY (session_id) REFERENCES sessions(id) ON DELETE CASCADE,
|
|
|
|
|
INDEX idx_token (token),
|
|
|
|
|
INDEX idx_user_id (user_id),
|
|
|
|
|
INDEX idx_session_id (session_id),
|
|
|
|
|
INDEX idx_expires_at (expires_at)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
2025-10-20 21:15:09 +03:00
|
|
|
-- Two-factor authentication verification attempts table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS two_factor_verification_attempts (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
user_id INT NOT NULL,
|
|
|
|
|
ip_address VARCHAR(45) NOT NULL,
|
|
|
|
|
success BOOLEAN DEFAULT FALSE,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
|
|
|
|
|
INDEX idx_user_id (user_id),
|
|
|
|
|
INDEX idx_ip_address (ip_address),
|
|
|
|
|
INDEX idx_created_at (created_at)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- Two-factor authentication email codes table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS two_factor_email_codes (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
user_id INT NOT NULL,
|
|
|
|
|
code VARCHAR(6) NOT NULL,
|
|
|
|
|
expires_at TIMESTAMP NOT NULL,
|
|
|
|
|
used BOOLEAN DEFAULT FALSE,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
|
|
|
|
|
INDEX idx_user_id (user_id),
|
|
|
|
|
INDEX idx_code (code),
|
|
|
|
|
INDEX idx_expires_at (expires_at),
|
|
|
|
|
INDEX idx_used (used)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
2025-10-20 21:55:04 +03:00
|
|
|
-- =====================================================
|
|
|
|
|
-- CORE TABLES
|
|
|
|
|
-- =====================================================
|
|
|
|
|
|
|
|
|
|
-- Notification groups table (must be created first - referenced by domains)
|
|
|
|
|
CREATE TABLE IF NOT EXISTS notification_groups (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
name VARCHAR(255) NOT NULL,
|
|
|
|
|
description TEXT,
|
|
|
|
|
user_id INT NULL,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL,
|
|
|
|
|
INDEX idx_notification_groups_user_id (user_id)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- Domains table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS domains (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
domain_name VARCHAR(255) NOT NULL UNIQUE,
|
|
|
|
|
notification_group_id INT NULL,
|
|
|
|
|
registrar VARCHAR(255),
|
|
|
|
|
registrar_url VARCHAR(255),
|
|
|
|
|
expiration_date DATE,
|
|
|
|
|
updated_date DATE,
|
|
|
|
|
abuse_email VARCHAR(255),
|
|
|
|
|
last_checked TIMESTAMP NULL,
|
|
|
|
|
status ENUM('active', 'expiring_soon', 'expired', 'error', 'available') DEFAULT 'active',
|
|
|
|
|
whois_data JSON,
|
|
|
|
|
notes TEXT,
|
|
|
|
|
tags TEXT NULL COMMENT 'Comma-separated tags for organization',
|
|
|
|
|
is_active BOOLEAN DEFAULT TRUE,
|
|
|
|
|
user_id INT NULL,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
|
|
|
|
FOREIGN KEY (notification_group_id) REFERENCES notification_groups(id) ON DELETE SET NULL,
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL,
|
|
|
|
|
INDEX idx_notification_group_id (notification_group_id),
|
|
|
|
|
INDEX idx_domain_name (domain_name),
|
|
|
|
|
INDEX idx_expiration_date (expiration_date),
|
|
|
|
|
INDEX idx_status (status),
|
|
|
|
|
INDEX idx_is_active (is_active),
|
|
|
|
|
INDEX idx_tags (tags(255)),
|
|
|
|
|
INDEX idx_domains_user_id (user_id)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
2025-10-20 22:49:08 +03:00
|
|
|
-- User notifications table (in-app notifications)
|
|
|
|
|
CREATE TABLE IF NOT EXISTS user_notifications (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
user_id INT NOT NULL,
|
|
|
|
|
type VARCHAR(50) NOT NULL,
|
|
|
|
|
title VARCHAR(255) NOT NULL,
|
|
|
|
|
message TEXT NOT NULL,
|
|
|
|
|
domain_id INT NULL,
|
|
|
|
|
is_read BOOLEAN DEFAULT FALSE,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
read_at TIMESTAMP NULL,
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
|
|
|
|
|
FOREIGN KEY (domain_id) REFERENCES domains(id) ON DELETE SET NULL,
|
|
|
|
|
INDEX idx_user_id (user_id),
|
|
|
|
|
INDEX idx_is_read (is_read),
|
|
|
|
|
INDEX idx_created_at (created_at),
|
|
|
|
|
INDEX idx_type (type)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
2025-10-20 21:55:04 +03:00
|
|
|
-- Notification channels table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS notification_channels (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
notification_group_id INT NOT NULL,
|
2025-10-21 14:33:22 +03:00
|
|
|
channel_type ENUM('email', 'telegram', 'discord', 'slack', 'mattermost', 'webhook') NOT NULL,
|
2025-10-20 21:55:04 +03:00
|
|
|
channel_config JSON NOT NULL,
|
|
|
|
|
is_active BOOLEAN DEFAULT TRUE,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
|
|
|
|
FOREIGN KEY (notification_group_id) REFERENCES notification_groups(id) ON DELETE CASCADE,
|
|
|
|
|
INDEX idx_group_id (notification_group_id),
|
|
|
|
|
INDEX idx_channel_type (channel_type)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- Notification logs table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS notification_logs (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
domain_id INT NOT NULL,
|
|
|
|
|
notification_type VARCHAR(50) NOT NULL,
|
|
|
|
|
channel_type VARCHAR(50) NOT NULL,
|
|
|
|
|
message TEXT NOT NULL,
|
|
|
|
|
sent_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
status ENUM('sent', 'failed') DEFAULT 'sent',
|
|
|
|
|
error_message TEXT,
|
|
|
|
|
FOREIGN KEY (domain_id) REFERENCES domains(id) ON DELETE CASCADE,
|
|
|
|
|
INDEX idx_domain_id (domain_id),
|
|
|
|
|
INDEX idx_sent_at (sent_at)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
2025-10-20 21:15:09 +03:00
|
|
|
-- Error logs table for debugging and error tracking
|
|
|
|
|
CREATE TABLE IF NOT EXISTS error_logs (
|
|
|
|
|
id INT PRIMARY KEY AUTO_INCREMENT,
|
|
|
|
|
error_id VARCHAR(32) UNIQUE NOT NULL COMMENT 'Unique reference ID for user reporting',
|
|
|
|
|
error_type VARCHAR(100) NOT NULL COMMENT 'Exception class name',
|
|
|
|
|
error_message TEXT NOT NULL COMMENT 'Error message',
|
|
|
|
|
error_file VARCHAR(500) NOT NULL COMMENT 'File where error occurred',
|
|
|
|
|
error_line INT NOT NULL COMMENT 'Line number where error occurred',
|
|
|
|
|
stack_trace TEXT COMMENT 'Full stack trace',
|
|
|
|
|
|
|
|
|
|
-- Request context
|
|
|
|
|
request_method VARCHAR(10) COMMENT 'HTTP method (GET, POST, etc)',
|
|
|
|
|
request_uri VARCHAR(500) COMMENT 'Request URI',
|
|
|
|
|
request_data TEXT COMMENT 'JSON encoded POST/GET data (sanitized)',
|
|
|
|
|
|
|
|
|
|
-- User context
|
|
|
|
|
user_id INT NULL COMMENT 'User who encountered the error',
|
|
|
|
|
user_agent TEXT COMMENT 'Browser user agent string',
|
|
|
|
|
ip_address VARCHAR(45) COMMENT 'IP address (IPv4 or IPv6)',
|
|
|
|
|
session_data TEXT COMMENT 'Session data (sanitized, no passwords)',
|
|
|
|
|
|
|
|
|
|
-- System context
|
|
|
|
|
php_version VARCHAR(20) COMMENT 'PHP version at time of error',
|
|
|
|
|
memory_usage BIGINT COMMENT 'Memory usage in bytes',
|
|
|
|
|
|
|
|
|
|
-- Tracking
|
|
|
|
|
occurred_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP COMMENT 'First occurrence timestamp',
|
|
|
|
|
occurrences INT DEFAULT 1 COMMENT 'Number of times this error occurred',
|
|
|
|
|
last_occurred_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT 'Last occurrence timestamp',
|
|
|
|
|
|
|
|
|
|
-- Management
|
|
|
|
|
is_resolved BOOLEAN DEFAULT FALSE COMMENT 'Admin marked as resolved',
|
|
|
|
|
resolved_at TIMESTAMP NULL COMMENT 'When marked as resolved',
|
|
|
|
|
resolved_by INT NULL COMMENT 'Admin user who resolved it',
|
|
|
|
|
notes TEXT COMMENT 'Admin notes about resolution',
|
|
|
|
|
|
|
|
|
|
-- Foreign keys
|
|
|
|
|
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL,
|
|
|
|
|
FOREIGN KEY (resolved_by) REFERENCES users(id) ON DELETE SET NULL,
|
|
|
|
|
|
|
|
|
|
-- Indexes for performance
|
|
|
|
|
KEY idx_error_id (error_id),
|
|
|
|
|
KEY idx_error_type (error_type),
|
|
|
|
|
KEY idx_occurred_at (occurred_at),
|
|
|
|
|
KEY idx_user_id (user_id),
|
|
|
|
|
KEY idx_is_resolved (is_resolved),
|
|
|
|
|
KEY idx_occurrences (occurrences)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
Upgraded to 1.1.0
1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
|
|
|
-- =====================================================
|
|
|
|
|
-- TLD REGISTRY SYSTEM
|
|
|
|
|
-- =====================================================
|
|
|
|
|
|
|
|
|
|
-- TLD registry table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS tld_registry (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
tld VARCHAR(63) NOT NULL UNIQUE,
|
|
|
|
|
rdap_servers JSON,
|
|
|
|
|
whois_server VARCHAR(255),
|
|
|
|
|
registry_url VARCHAR(500),
|
|
|
|
|
iana_publication_date TIMESTAMP NULL,
|
|
|
|
|
iana_last_updated TIMESTAMP NULL,
|
|
|
|
|
record_last_updated TIMESTAMP NULL,
|
|
|
|
|
registration_date DATE NULL,
|
|
|
|
|
is_active BOOLEAN DEFAULT TRUE,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
|
|
|
|
|
INDEX idx_tld (tld),
|
|
|
|
|
INDEX idx_is_active (is_active),
|
|
|
|
|
INDEX idx_iana_publication_date (iana_publication_date)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- TLD import logs table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS tld_import_logs (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
import_type ENUM('tld_list', 'rdap', 'whois', 'manual', 'complete_workflow', 'check_updates') NOT NULL,
|
|
|
|
|
total_tlds INT DEFAULT 0,
|
|
|
|
|
new_tlds INT DEFAULT 0,
|
|
|
|
|
updated_tlds INT DEFAULT 0,
|
|
|
|
|
failed_tlds INT DEFAULT 0,
|
|
|
|
|
iana_publication_date TIMESTAMP NULL,
|
|
|
|
|
version VARCHAR(50) NULL,
|
|
|
|
|
started_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
completed_at TIMESTAMP NULL,
|
|
|
|
|
status ENUM('running', 'completed', 'failed') DEFAULT 'running',
|
|
|
|
|
error_message TEXT,
|
|
|
|
|
details JSON,
|
|
|
|
|
INDEX idx_started_at (started_at),
|
|
|
|
|
INDEX idx_status (status)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- =====================================================
|
|
|
|
|
-- SYSTEM SETTINGS
|
|
|
|
|
-- =====================================================
|
|
|
|
|
|
|
|
|
|
-- Settings table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS settings (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
setting_key VARCHAR(255) NOT NULL UNIQUE,
|
|
|
|
|
setting_value TEXT,
|
|
|
|
|
`type` VARCHAR(50) DEFAULT 'string',
|
|
|
|
|
`description` TEXT,
|
|
|
|
|
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- Insert default settings
|
|
|
|
|
INSERT INTO settings (setting_key, setting_value, `type`, `description`) VALUES
|
|
|
|
|
-- Application settings
|
|
|
|
|
('app_name', 'Domain Monitor', 'string', 'Application name'),
|
|
|
|
|
('app_url', 'http://localhost:8000', 'string', 'Application URL'),
|
|
|
|
|
('app_timezone', 'UTC', 'string', 'Application timezone'),
|
|
|
|
|
('app_version', '1.1.0', 'string', 'Application version number'),
|
|
|
|
|
|
|
|
|
|
-- Email settings
|
|
|
|
|
('mail_host', 'smtp.mailtrap.io', 'string', 'SMTP server host'),
|
|
|
|
|
('mail_port', '2525', 'string', 'SMTP server port'),
|
|
|
|
|
('mail_username', '', 'string', 'SMTP username'),
|
|
|
|
|
('mail_password', '', 'encrypted', 'SMTP password (encrypted)'),
|
|
|
|
|
('mail_encryption', 'tls', 'string', 'SMTP encryption (tls/ssl)'),
|
|
|
|
|
('mail_from_address', 'noreply@domainmonitor.com', 'string', 'From email address'),
|
|
|
|
|
('mail_from_name', 'Domain Monitor', 'string', 'From name'),
|
|
|
|
|
|
|
|
|
|
-- Monitoring settings
|
|
|
|
|
('notification_days_before', '60,30,21,14,7,5,3,2,1', 'string', 'Notification days before expiration'),
|
|
|
|
|
('check_interval_hours', '24', 'string', 'Domain check interval in hours'),
|
|
|
|
|
('last_check_run', NULL, 'datetime', 'Last time cron job ran'),
|
|
|
|
|
|
|
|
|
|
-- Authentication settings
|
|
|
|
|
('registration_enabled', '0', 'boolean', 'Enable user registration'),
|
Add CSRF, CAPTCHA, and input validation improvements
Introduces CSRF protection to all sensitive controller actions, integrates configurable CAPTCHA (reCAPTCHA v2/v3, Turnstile) for authentication and registration flows, and centralizes input validation via a new InputValidator helper. Adds new helpers and services for CSRF and CAPTCHA, updates settings and migration for CAPTCHA configuration, and enhances logging and error handling in TLD registry import processes. Also improves validation for user, domain, group, and profile inputs throughout the application.
2025-10-10 00:04:12 +03:00
|
|
|
('require_email_verification', '1', 'boolean', 'Require email verification for new users'),
|
|
|
|
|
|
|
|
|
|
-- CAPTCHA settings
|
|
|
|
|
('captcha_provider', 'disabled', 'string', 'CAPTCHA provider (disabled, recaptcha_v2, recaptcha_v3, turnstile)'),
|
|
|
|
|
('captcha_site_key', '', 'string', 'CAPTCHA site/public key'),
|
|
|
|
|
('captcha_secret_key', '', 'encrypted', 'CAPTCHA secret key (encrypted)'),
|
2025-10-20 17:04:13 +03:00
|
|
|
('recaptcha_v3_score_threshold', '0.5', 'string', 'reCAPTCHA v3 minimum score threshold (0.0 to 1.0)'),
|
|
|
|
|
|
2025-10-20 21:15:09 +03:00
|
|
|
-- Two-factor authentication settings
|
|
|
|
|
('two_factor_policy', 'optional', 'string', '2FA policy: disabled, optional, or required'),
|
|
|
|
|
('two_factor_rate_limit_minutes', '15', 'string', 'Rate limit for 2FA attempts in minutes'),
|
|
|
|
|
('two_factor_email_code_expiry_minutes', '10', 'string', 'Email code expiry time in minutes'),
|
|
|
|
|
|
2025-10-20 17:04:13 +03:00
|
|
|
-- User isolation settings
|
|
|
|
|
('user_isolation_mode', 'shared', 'string', 'User data visibility mode: shared (all users see all data) or isolated (users see only their own data)')
|
Upgraded to 1.1.0
1.1.0 (2025-10-09)
- **User Notifications System** - In-app notification center with 7 notification types, filtering, pagination
- **Advanced Session Management** - Database-backed sessions with geolocation (country, city, ISP)
- **Remote Session Control** - Terminate any device instantly with immediate logout validation
- **Enhanced Profile Page** - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions)
- **MVC Architecture Refactoring** - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views
- **Geolocation Tracking** - IP-based location detection using ip-api.com, country flags with flag-icons
- **Device Detection** - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet)
- **Auto-Detected Cron Paths** - Settings show actual installation paths (thanks @jadeops)
- **Welcome Notifications** - Sent to new users on registration or fresh install
- **Upgrade Notifications** - Admins notified on system updates with version & migration count
- **Web-Based Installer** - Replaces CLI, auto-generates encryption key, one-time password display
- **Web-Based Updater** - `/install/update` for running new migrations with smart detection
- **User Registration** - Full signup flow with email verification, password reset, resend verification
- **User Management** - CRUD for users with filtering, sorting, pagination (admin-only)
- **Remember Me** - 30-day secure tokens linked to sessions, cascade deletion on logout
- **Session Validator** - Middleware validates sessions on every request for instant remote logout
- **Consistent UI/UX** - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry
- **Smart Migrations** - Consolidated schema for fresh installs, incremental for upgrades
- **XSS Protection** - htmlspecialchars() applied across all user-facing data (thanks @jadeops)
2025-10-09 18:02:46 +03:00
|
|
|
|
|
|
|
|
ON DUPLICATE KEY UPDATE setting_key=setting_key;
|
|
|
|
|
|
|
|
|
|
-- =====================================================
|
|
|
|
|
-- MIGRATION TRACKING
|
|
|
|
|
-- =====================================================
|
|
|
|
|
|
|
|
|
|
-- Migrations tracking table
|
|
|
|
|
CREATE TABLE IF NOT EXISTS migrations (
|
|
|
|
|
id INT AUTO_INCREMENT PRIMARY KEY,
|
|
|
|
|
migration VARCHAR(255) NOT NULL UNIQUE,
|
|
|
|
|
executed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
|
|
|
|
|
INDEX idx_migration (migration)
|
|
|
|
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
|
|
|
|
|
|
|
|
|
|
-- Mark this consolidated migration as executed
|
|
|
|
|
INSERT INTO migrations (migration) VALUES ('000_initial_schema_v1.1.0.sql')
|
|
|
|
|
ON DUPLICATE KEY UPDATE migration=migration;
|
|
|
|
|
|