- Project name: Forever Home
- Short description: A website for posting and adopting pets
- Environment: Apache2 and PHP built-in server (Unix)
- Tools: HTML/CSS, Javascript, PHP, SQL
- Institution: FEUP
- Course: LTW (Web Languages and Technologies)
- Group members:
To clone all dependencies (namely PHP libraries), please run
git submodule update --init --recursive
To build the database, run
./deploy-server.sh
It may be necessary to change the script's permissions.
The REST API component of the server sends requests through index.php
which are then routed to the correct functions/files. This is unlike what web servers typically do: route the request to the corresponding file in the file system.
To correctly route the requests, the apache2 application must be able to read rest/.htaccess
. To do that, you will probably have to change your apache2 configuration file (usually under /etc/apache2/apache2.conf
), and replace AllowOverride None
with AllowOverride All
in the section where apache2 is configured for the directory where you put this repository; usually you put this repository somewhere under /var/www
or any subfolder of it, so you must change section
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
to
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
You also need to enable some modules with the following commands:
sudo a2enmod rewrite
sudo a2enmod expires
After changing the apache2 configuration and enabling the modules, restart apache2 by running sudo service apache2 restart
.
For the PHP built-in server, if you set index.php
as request router then you're fine, since all requests will be properly routed by index.php
(this script returns false to signal the PHP built-in server to serve the actual file in the file system instead of proceeding in running PHP code).
To enable email service, you have to provide valid credentials in file rest/email.cred
, following the template:
<email address>
<password>
For instance:
[email protected]
password
The actual Gmail email we will use is [email protected]. The corresponding password is to be kept secret, and as such only available on request to our team.
To run this project with the built-in PHP server, you have to run it with the proper arguments so that requests are routed to index.php
:
php -S localhost:4000 index.php
Username/password (role):
- dmfr/dmfr (user)
- BrenoAccioly/BrenoAccioly (user)
- 2dukes/2dukes (user)
- TiagooGomess/TiagooGomess (user)
- Asdrubal007/Asdrubal007 (user)
- balves/balves (user)
- harold/harold (user)
- Romanoff123/Romanoff123 (user)
- AAOrg/AAOrg (shelter)
- Google font Inter
- PHPMailer to interact with remote email (SMTP) servers and send password reset emails
-
Security
- XSS: yes
- Filtering and encoding inputs: yes
- CSP: yes
- CSRF: yes
- SQL using prepare/execute: yes
- Passwords:
- bcrypt with salt algorithm: yes
- at least 7 characters: yes
- include at least 1 uppercase letter: yes
- include at least 1 special character: yes
- Data Validation: regex, php, html, javascript
- Other:
- Regenerate session: yes
- Usernames are case insensitive: yes
- Password reset with randomly-generated token
- XSS: yes
-
Technologies
- Separated logic/database/presentation: yes
- Semantic HTML tags: yes
- Responsive CSS: yes
- Javascript: yes
- Ajax: yes
- REST API: yes
- Other:
-
Usability:
- Error/success messages: yes
- Forms don't lose data on error: no
-
Minimum requirements: yes
-
Extra requirements:
- See adopted pets.
- Add and view pet photos.
- Pet comment section.
- Private chat between users regarding pet adopted proposals.
- Animal shelters are also able to register as users.
- Shelters have a dedicated page with all pets available for adoption.
- Users can be collaborators of a certain shelter and have permission to edit information about the shelter and any pets for adoption.
- Users that adopt a pet are able to still post photos of that animal after the adoption.
- Users should receive a notification anytime something important happens.
- Develop a REST API (available at URL
rest/rest/
). - Reset password system using emails and random tokens (implemented after demo and before delivery)
Shelter(username→User, location, description)
User(username, password, name, registeredOn, shelter→Shelter)
ShelterInvite(user→User, shelter→Shelter, text, requestDate)
Notification(id, read, subject, text, user→User)
Pet(id, name, species, age, sex, size, color, location, description, status, postedBy→User)
FavoritePet(username→User, petId→Pet)
Comment(id, pet→Pet, user→User, postedOn, text, answerTo→Comment)
CommentPhoto(id, commentId→Comment, url)
AdoptionRequest(id, user→User, pet→Pet, text, outcome)
AdoptionRequestMessage(id, request→AdoptionRequest, text)
© 2020 Breno Pimentel, Diogo Rodrigues, Rui Pinto, Tiago Gomes
All files are licensed under GNU General Public License v3 by © 2020 Breno Pimentel, Diogo Rodrigues, Rui Pinto, Tiago Gomes.
The files not authored by us (if any) are presented as a fundamental complement to this project, and are made available under fair use for education.