public/index.php

<?php

require_once __DIR__ . '/../vendor/autoload.php';

use Core\Application;
use Core\Router;
use Dotenv\Dotenv;

define('PATH_ROOT', __DIR__ . '/../');

// Load environment variables
$dotenv = Dotenv::createImmutable(__DIR__ . '/..');
$dotenv->load();

// Configure database session handler
try {
    // Only use database sessions if sessions table exists
    $pdo = new PDO(
        "mysql:host={$_ENV['DB_HOST']};dbname={$_ENV['DB_DATABASE']}",
        $_ENV['DB_USERNAME'],
        $_ENV['DB_PASSWORD']
    );
    
    // Check if sessions table exists
    $stmt = $pdo->query("SHOW TABLES LIKE 'sessions'");
    if ($stmt->rowCount() > 0) {
        // Use database session handler
        $sessionLifetime = (int)($_ENV['SESSION_LIFETIME'] ?? 1440);
        $handler = new Core\DatabaseSessionHandler($sessionLifetime);
        session_set_save_handler($handler, true);
    }
} catch (\Exception $e) {
    // Fall back to default file-based sessions
    error_log("Database session handler not available, using file sessions: " . $e->getMessage());
}

// Start session
session_start();

// Validate session exists in database (for database-backed sessions)
// This ensures deleted sessions are immediately invalidated
Core\SessionValidator::validate();

// Check if system is installed (using flag file - no DB queries!)
$currentPath = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH);
$isInstallerPath = strpos($currentPath, '/install') === 0;
$installedFlagFile = __DIR__ . '/../.installed';

if (!$isInstallerPath) {
    // Check if .installed flag file exists
    if (!file_exists($installedFlagFile)) {
        header('Location: /install');
        exit;
    }
}

// Check remember me token if user is not logged in
if (!isset($_SESSION['user_id']) && isset($_COOKIE['remember_token']) && !$isInstallerPath) {
    $authController = new \App\Controllers\AuthController();
    $authController->checkRememberToken();
}

// Initialize application
$app = new Application();

// Load routes
require_once __DIR__ . '/../routes/web.php';

// Run application
$app->run();
Initial Commit 2025-10-08 14:23:07 +03:00			`<?php`

			`require_once __DIR__ . '/../vendor/autoload.php';`

			`use Core\Application;`
			`use Core\Router;`
			`use Dotenv\Dotenv;`

autodetect cron script path 2025-10-09 17:08:10 +05:30			`define('PATH_ROOT', __DIR__ . '/../');`

Initial Commit 2025-10-08 14:23:07 +03:00			`// Load environment variables`
			`$dotenv = Dotenv::createImmutable(__DIR__ . '/..');`
			`$dotenv->load();`

Upgraded to 1.1.0 1.1.0 (2025-10-09) - User Notifications System - In-app notification center with 7 notification types, filtering, pagination - Advanced Session Management - Database-backed sessions with geolocation (country, city, ISP) - Remote Session Control - Terminate any device instantly with immediate logout validation - Enhanced Profile Page - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions) - MVC Architecture Refactoring - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views - Geolocation Tracking - IP-based location detection using ip-api.com, country flags with flag-icons - Device Detection - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet) - Auto-Detected Cron Paths - Settings show actual installation paths (thanks @jadeops) - Welcome Notifications - Sent to new users on registration or fresh install - Upgrade Notifications - Admins notified on system updates with version & migration count - Web-Based Installer - Replaces CLI, auto-generates encryption key, one-time password display - Web-Based Updater - `/install/update` for running new migrations with smart detection - User Registration - Full signup flow with email verification, password reset, resend verification - User Management - CRUD for users with filtering, sorting, pagination (admin-only) - Remember Me - 30-day secure tokens linked to sessions, cascade deletion on logout - Session Validator - Middleware validates sessions on every request for instant remote logout - Consistent UI/UX - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry - Smart Migrations - Consolidated schema for fresh installs, incremental for upgrades - XSS Protection - htmlspecialchars() applied across all user-facing data (thanks @jadeops) 2025-10-09 18:02:46 +03:00			`// Configure database session handler`
			`try {`
			`// Only use database sessions if sessions table exists`
			`$pdo = new PDO(`
			`"mysql:host={$_ENV['DB_HOST']};dbname={$_ENV['DB_DATABASE']}",`
			`$_ENV['DB_USERNAME'],`
			`$_ENV['DB_PASSWORD']`
			`);`

			`// Check if sessions table exists`
			`$stmt = $pdo->query("SHOW TABLES LIKE 'sessions'");`
			`if ($stmt->rowCount() > 0) {`
			`// Use database session handler`
			`$sessionLifetime = (int)($_ENV['SESSION_LIFETIME'] ?? 1440);`
			`$handler = new Core\DatabaseSessionHandler($sessionLifetime);`
			`session_set_save_handler($handler, true);`
			`}`
			`} catch (\Exception $e) {`
			`// Fall back to default file-based sessions`
			`error_log("Database session handler not available, using file sessions: " . $e->getMessage());`
			`}`

Initial Commit 2025-10-08 14:23:07 +03:00			`// Start session`
			`session_start();`

Upgraded to 1.1.0 1.1.0 (2025-10-09) - User Notifications System - In-app notification center with 7 notification types, filtering, pagination - Advanced Session Management - Database-backed sessions with geolocation (country, city, ISP) - Remote Session Control - Terminate any device instantly with immediate logout validation - Enhanced Profile Page - Sidebar navigation with 4 tabs, hash-based routing (#profile, #security, #sessions) - MVC Architecture Refactoring - 3 new Helpers (Layout, Domain, Session), ~265 lines cleaned from views - Geolocation Tracking - IP-based location detection using ip-api.com, country flags with flag-icons - Device Detection - Browser & device type parsing (Chrome/Firefox/Safari, Desktop/Mobile/Tablet) - Auto-Detected Cron Paths - Settings show actual installation paths (thanks @jadeops) - Welcome Notifications - Sent to new users on registration or fresh install - Upgrade Notifications - Admins notified on system updates with version & migration count - Web-Based Installer - Replaces CLI, auto-generates encryption key, one-time password display - Web-Based Updater - `/install/update` for running new migrations with smart detection - User Registration - Full signup flow with email verification, password reset, resend verification - User Management - CRUD for users with filtering, sorting, pagination (admin-only) - Remember Me - 30-day secure tokens linked to sessions, cascade deletion on logout - Session Validator - Middleware validates sessions on every request for instant remote logout - Consistent UI/UX - Unified filtering, sorting, pagination across Domains, Users, Notifications, TLD Registry - Smart Migrations - Consolidated schema for fresh installs, incremental for upgrades - XSS Protection - htmlspecialchars() applied across all user-facing data (thanks @jadeops) 2025-10-09 18:02:46 +03:00			`// Validate session exists in database (for database-backed sessions)`
			`// This ensures deleted sessions are immediately invalidated`
			`Core\SessionValidator::validate();`

			`// Check if system is installed (using flag file - no DB queries!)`
			`$currentPath = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH);`
			`$isInstallerPath = strpos($currentPath, '/install') === 0;`
			`$installedFlagFile = __DIR__ . '/../.installed';`

			`if (!$isInstallerPath) {`
			`// Check if .installed flag file exists`
			`if (!file_exists($installedFlagFile)) {`
			`header('Location: /install');`
			`exit;`
			`}`
			`}`

			`// Check remember me token if user is not logged in`
			`if (!isset($_SESSION['user_id']) && isset($_COOKIE['remember_token']) && !$isInstallerPath) {`
			`$authController = new \App\Controllers\AuthController();`
			`$authController->checkRememberToken();`
			`}`

Initial Commit 2025-10-08 14:23:07 +03:00			`// Initialize application`
			`$app = new Application();`

			`// Load routes`
			`require_once __DIR__ . '/../routes/web.php';`

			`// Run application`
			`$app->run();`