Link to website deployment

• Project name: Forever Home
• Short description: A website for posting and adopting pets
• Environment: Apache2 and PHP built-in server (Unix)
• Tools: HTML/CSS, Javascript, PHP, SQL
• Institution: FEUP
• Course: LTW (Web Languages and Technologies)

• Group members:
  • Breno Accioly de Barros Pimentel ([email protected])
  • Diogo Miguel Ferreira Rodrigues ([email protected])
  • Rui Filipe Mendes Pinto ([email protected])
  • Tiago Gonçalves Gomes ([email protected])

To clone all dependencies (namely PHP libraries), please run

git submodule update --init --recursive

To build the database, run

./deploy-server.sh

It may be necessary to change the script's permissions.

The REST API component of the server sends requests through index.php which are then routed to the correct functions/files. This is unlike what web servers typically do: route the request to the corresponding file in the file system.

To correctly route the requests, the apache2 application must be able to read rest/.htaccess. To do that, you will probably have to change your apache2 configuration file (usually under /etc/apache2/apache2.conf), and replace AllowOverride None with AllowOverride All in the section where apache2 is configured for the directory where you put this repository; usually you put this repository somewhere under /var/www or any subfolder of it, so you must change section

<Directory /var/www/>
	Options Indexes FollowSymLinks
	AllowOverride None
	Require all granted
</Directory>

to

<Directory /var/www/>
	Options Indexes FollowSymLinks
	AllowOverride All
	Require all granted
</Directory>

You also need to enable some modules with the following commands:

sudo a2enmod rewrite
sudo a2enmod expires

After changing the apache2 configuration and enabling the modules, restart apache2 by running sudo service apache2 restart.

For the PHP built-in server, if you set index.php as request router then you're fine, since all requests will be properly routed by index.php (this script returns false to signal the PHP built-in server to serve the actual file in the file system instead of proceeding in running PHP code).

To enable email service, you have to provide valid credentials in file rest/email.cred, following the template:

<email address>
<password>

For instance:

[email protected]
password

The actual Gmail email we will use is [email protected]. The corresponding password is to be kept secret, and as such only available on request to our team.

To run this project with the built-in PHP server, you have to run it with the proper arguments so that requests are routed to index.php:

php -S localhost:4000 index.php

Username/password (role):

• dmfr/dmfr (user)
• BrenoAccioly/BrenoAccioly (user)
• 2dukes/2dukes (user)
• TiagooGomess/TiagooGomess (user)
• Asdrubal007/Asdrubal007 (user)
• balves/balves (user)
• harold/harold (user)
• Romanoff123/Romanoff123 (user)
• AAOrg/AAOrg (shelter)

• Google font Inter
• PHPMailer to interact with remote email (SMTP) servers and send password reset emails

• Security

  • XSS: yes
    • Filtering and encoding inputs: yes
    • CSP: yes
  • CSRF: yes
  • SQL using prepare/execute: yes
  • Passwords:
    • bcrypt with salt algorithm: yes
    • at least 7 characters: yes
    • include at least 1 uppercase letter: yes
    • include at least 1 special character: yes
  • Data Validation: regex, php, html, javascript
  • Other:
    • Regenerate session: yes
    • Usernames are case insensitive: yes
    • Password reset with randomly-generated token

• Technologies

  • Separated logic/database/presentation: yes
  • Semantic HTML tags: yes
  • Responsive CSS: yes
  • Javascript: yes
  • Ajax: yes
  • REST API: yes
  • Other:

• Usability:

  • Error/success messages: yes
  • Forms don't lose data on error: no

• Minimum requirements: yes

• Extra requirements:

  • See adopted pets.
  • Add and view pet photos.
  • Pet comment section.
  • Private chat between users regarding pet adopted proposals.
  • Animal shelters are also able to register as users.
  • Shelters have a dedicated page with all pets available for adoption.
  • Users can be collaborators of a certain shelter and have permission to edit information about the shelter and any pets for adoption.
  • Users that adopt a pet are able to still post photos of that animal after the adoption.
  • Users should receive a notification anytime something important happens.
  • Develop a REST API (available at URL rest/rest/).
  • Reset password system using emails and random tokens (implemented after demo and before delivery)

Shelter(username→User, location, description)
User(username, password, name, registeredOn, shelter→Shelter)
ShelterInvite(user→User, shelter→Shelter, text, requestDate)
Notification(id, read, subject, text, user→User)
Pet(id, name, species, age, sex, size, color, location, description, status, postedBy→User)
FavoritePet(username→User, petId→Pet)
Comment(id, pet→Pet, user→User, postedOn, text, answerTo→Comment)
CommentPhoto(id, commentId→Comment, url)
AdoptionRequest(id, user→User, pet→Pet, text, outcome)
AdoptionRequestMessage(id, request→AdoptionRequest, text)

© 2020 Breno Pimentel, Diogo Rodrigues, Rui Pinto, Tiago Gomes

All files are licensed under GNU General Public License v3 by © 2020 Breno Pimentel, Diogo Rodrigues, Rui Pinto, Tiago Gomes.

The files not authored by us (if any) are presented as a fundamental complement to this project, and are made available under fair use for education.