Merge branch 'local' into 'main'

initial commit

See merge request !1

.env

+MYSQL_ROOT_PASSWORD: password
+MYSQL_DATABASE: my_db
+MYSQL_USER: user
+MYSQL_PASSWORD: password
\ No newline at end of file

Dockerfile-db

+FROM mysql:8.0.40-debian
+
+# Set the desired directories
+ENV MYSQL_LOG_DIR /var/log/mysql
+ENV MYSQL_DATA_DIR /var/lib/mysql
+
+# Check if the log directory exists, and if not, create it
+RUN if [ ! -d "$MYSQL_LOG_DIR" ]; then mkdir -p "$MYSQL_LOG_DIR"; fi
+
+# Set the correct ownership and permissions for the log directory
+RUN chown -R mysql:mysql "$MYSQL_LOG_DIR" && chmod 755 "$MYSQL_LOG_DIR"
+
+# Check if the data directory exists, and if not, create it
+RUN if [ ! -d "$MYSQL_DATA_DIR" ]; then mkdir -p "$MYSQL_DATA_DIR"; fi
+
+# Set the correct ownership and permissions for the data directory
+RUN chown -R mysql:mysql "$MYSQL_DATA_DIR" && chmod 700 "$MYSQL_DATA_DIR"
+
+COPY my.cnf /etc/mysql/conf.d/
+RUN chmod 644 /etc/mysql/conf.d/my.cnf
+
+COPY ./scripts/ /docker-entrypoint-initdb.d/
+
+# Install additional packages (if needed)
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    bash \
+    percona-toolkit \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install mytop from CPAN
+RUN apt-get install -y --no-install-recommends \
+    libdbi-perl \
+    libdbd-mysql-perl \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN cpan App::mytop
+
+ENV TZ=America/Edmonton
+
+HEALTHCHECK CMD mysqladmin ping -h localhost
\ No newline at end of file

Dockerfile-web

+FROM php:8.3.13-apache
+WORKDIR /var/www/html
+RUN docker-php-ext-install pdo pdo_mysql
+
+# Update package manager, install git, unzip and composer
+RUN apt-get update && apt-get install -y git unzip \
+    && curl -sS https://getcomposer.org/installer \
+    | php -- --install-dir=/usr/local/bin --filename=composer
+
+# we'll mount the volume in docker-compose so don't need to copy
+# however, if you are using this for production then may want it
+# leaving it in doesn't hurt
+COPY src/ /var/www/html/
+
+# Install the symfony/yaml package via Composer
+RUN composer require symfony/yaml
\ No newline at end of file

docker-compose.yml

+services:
+  web:
+    build:
+      context: .
+      dockerfile: Dockerfile-web
+    container_name: web
+    ports:
+      - "8800:80"
+    volumes:
+      - ./src:/var/www/html
+    depends_on:
+      - db
+  db:
+    build:
+      context: .
+      dockerfile: Dockerfile-db
+    container_name: db
+    env_file:
+      - .env
+    ports:
+      - "3306:3306"
+    volumes:
+      - mysql_data:/var/lib/mysql
+
+volumes:
+  mysql_data: {}

my.cnf

+[mysqld]
+# General settings
+port = 3306
+bind-address = 0.0.0.0
+character-set-server = utf8mb4
+collation-server = utf8mb4_unicode_ci
+skip-character-set-client-handshake
+
+# Logging
+log-error = /var/log/mysql/error.log
+slow_query_log = 1
+long_query_time = 1
+slow_query_log_file = /var/log/mysql/slow.log
+
+# Performance tuning
+key_buffer_size = 64M
+max_allowed_packet = 16M
+thread_stack = 192K
+thread_cache_size = 8
+# query_cache_limit = 1M
+# query_cache_size = 16M
+innodb_buffer_pool_size = 128M
+innodb_log_file_size = 64M
+innodb_flush_log_at_trx_commit = 2
+innodb_flush_method = O_DIRECT

scripts/init.sql

+-- Create users table
+CREATE TABLE users (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    username VARCHAR(50) NOT NULL,
+    password VARCHAR(255) NOT NULL
+);
+
+-- Insert default admin user
+INSERT INTO users (username, password) VALUES ('admin', 'password');
+
+-- Create additional table and insert data
+CREATE TABLE other_table (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    name VARCHAR(50) NOT NULL
+);
+
+INSERT INTO other_table (name) VALUES ('Some Data');

src/admin.php

+<?php
+    session_start();
+
+    if (!isset($_SESSION['username']) || $_SESSION['username'] !== "admin") {
+        header("Location: index.php");
+        exit();
+    }
+
+    $username = $_SESSION['username'];
+
+    try{
+        $pdo = new PDO('mysql:host=db;dbname=my_db', 'user', 'password', [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
+
+        $query = "SELECT * FROM users WHERE username NOT IN (?)";
+        $result = $pdo->prepare($query);
+        $result->execute(['admin']);
+
+        $usernames = $result->fetchAll();
+
+        if($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST['delete'])){
+            $deleted = $_POST['user'];
+
+            $delete_query = $pdo->prepare('DELETE FROM users WHERE username = ?');
+            $delete_query->execute([$deleted]);
+
+            header("Location: admin.php");
+            exit();
+        }
+    }catch(PDOException $e){
+        echo "<script>alert(" . $e->getMessage(). ");</script>";
+    }
+?>
+
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="stylesheet" href="style.css">
+    <script>
+        function confirmAction() {
+            return confirm("Are you sure you want to proceed?");
+        }
+    </script>
+</head>
+<body>
+    <h1>Admin</h1>
+    <?php
+        try{
+            //using ai to determine method to display users and remove them also determined method to get confirmation before delete
+            foreach($usernames as $username){
+                echo "<ul>" . htmlspecialchars($username['username']) . "
+                    <form method='POST'> 
+                        <input type='hidden' name='user' value='" . htmlspecialchars($username['username']) . "'>
+                        <button type='submit' name='delete' onclick='return confirmAction();'>Delete</button>
+                    </form>
+                    </ul>";
+            }
+        }catch(PDOException $e){
+            echo "<script>alert(" . $e->getMessage(). ");</script>";
+        }
+    ?>
+<a href="logout.php" class="button">Logout</a>
+</body>
+</html>
\ No newline at end of file

src/index.php

+<!DOCTYPE html>
+<html>
+<head>
+    <title>Welcome to my PHP Websie</title>
+    <meta charset="UTF-8">
+    <link rel="stylesheet" href="style.css">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+</head>
+<body>
+    <h1>Login</h1>
+    <form action="login.php" method="post">
+        <h2>Username:</h2>
+        <input name="username" required><br>
+        <h2>Password:</h2>
+        <input name="password" required><br>
+        <button type="submit">Login</button>
+</form>
+<a href="signup.php" class="button">Signup</a>
+</body>
+</html>
+

src/login.php

+<?php
+session_start();
+try{
+    $pdo = new PDO('mysql:host=db;dbname=my_db', 'user', 'password', [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
+
+    $username = $_POST['username'];
+    $password = $_POST['password'];
+    $query = "SELECT * FROM users WHERE username = :username";
+    $result = $pdo->prepare($query);
+
+    $result->execute([':username' => $username]);
+    $current_user = $result->fetch();
+
+    $result->execute([':username' => 'admin']);
+    $admin = $result->fetch();
+
+    if($current_user === $admin){
+        $_SESSION['loggedin'] = true;
+        $_SESSION['username'] = $username;
+        header("Location: admin.php");
+    }
+    else if($current_user && password_verify($password, $current_user['password'])){
+        $_SESSION['loggedin'] = true;
+        $_SESSION['username'] = $username;
+        header("Location: secure.php");
+    }
+    else{
+        echo "<script>alert('Login is invalid');window.location.href='index.php';</script>";
+    }
+
+}catch(PDOException $e){
+    echo "<script>alert(" . $e->getMessage(). ");</script>";
+}
+?>
\ No newline at end of file

src/logout.php

+<?php
+session_start();
+session_unset();
+session_destroy();
+
+header("Location: index.php");
+exit();
+?>
\ No newline at end of file

src/secure.php

+<?php
+session_start();
+if (!isset($_SESSION['username'])) {
+    header("Location: index.php");
+    exit();
+}
+
+$username = $_SESSION['username'];
+?>
+
+
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="stylesheet" href="style.css">
+</head>
+<body>
+    <h1>Welcome to Secure <?php echo htmlspecialchars($username); ?></h1>
+    <p>This page is for secure logged in users only</p>
+    <a href="logout.php" class="button">Logout</a>
+</body>
+</html>
\ No newline at end of file

src/signup.php

+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="stylesheet" href="style.css">
+</head>
+<body>
+    <h1>Signup</h1>
+    <form action="signup_handling.php" method="post">
+        <h2>New Username:</h2>
+        <input name="username" required><br>
+        <h2>New Password:</h2>
+        <input name="password" required><br>
+        <h2>Confirm Password:</h2>
+        <input name="confirm" required><br>
+        <button type="submit">Signup</button>
+</form>
+<a href="index.php" class="button">Return to Login</a>
+</body>
+</html>
\ No newline at end of file

src/signup_handling.php

+<?php
+session_start();
+try{
+    $pdo = new PDO('mysql:host=db;dbname=my_db', 'user', 'password', [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
+
+    $username = $_POST['username'];
+    $password = $_POST['password'];
+    $confirm = $_POST['confirm'];
+
+    if($password === $confirm){
+        $query = "SELECT * FROM users WHERE username = ?";
+        $result = $pdo->prepare($query);
+        $result->execute([$username]);
+        $user = $result->fetch();
+
+        if($user){
+            echo "<script>alert('User already exists');window.location.href='signup.php';</script>";
+        }
+        else{
+            $query2 = "INSERT INTO users (username,password) VALUES (?,?)";
+            $insert = $pdo->prepare($query2);
+
+            $password_hash = password_hash($password, PASSWORD_DEFAULT);
+            $insert->execute([$username, $password_hash]);
+            //using ai to determine way to alert and then move to another page
+            echo "<script>alert('Success');window.location.href='index.php';</script>";
+        }
+    }
+    else{
+        echo "<script>alert('Passwords do not match');window.location.href='signup.php';</script>";
+    }
+
+}catch(PDOException $e){
+    echo "<script>alert(" . $e->getMessage() . ")</script>";
+}
+?>
\ No newline at end of file

src/style.css

+body {
+    font-family: Arial, sans-serif;
+    margin: 0;
+    padding: 0;
+    text-align: center;
+    background-color: beige;
+}
+
+button {
+    margin: 20px;
+}
+
+
+ul {
+    padding-top: 10px;
+    display: grid;
+    list-style-position: inside;
+    padding-left: 0px;
+    gap: 10px;
+}
+
+button{
+    color: ghostwhite;
+    background-color: grey;
+}