No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
application
assets
sql
system
tests
user_guide_src
.gitignore
.htaccess
DCO.txt
LICENSE
README.md
contributing.md
favicon.ico
humans.txt
index.php
license.txt
menteer.sql
phpdoc.dist.xml

README.md

menteer

installation instructions

  1. download latest copy of Menteer
  2. move to server root (if on localhost specify menteer.dev so the index.php defines this as a development install) see index.php for more info
  3. (linux) chmod 777 /application/cache and /application/logs
  4. rename /application/config/config_clean.php to config.php and set the encryption to something unique
  5. modify /application/config/database_clean.php and email_clean.php by removing "_clean" from filename
  6. configure database.php to point to your database after importing the /sql/menteer.sql file into your database
  7. modify /application/config/ion_auth.php file as needed for the authentication library
  8. configure index.php to use your local environment if thats the case
  9. chmod 777 /uploads folder and set "php_value upload_max_filesize 20M" & "php_value post_max_size 21M" in your htaccess
  10. default user - > create account and change in user table -> field active to 1 for new user / to make admin see users_groups and insert user with admin group

features

  • mobile friendly and responsive

  • database driven (extendable)

  • drop and go code-base (minimal setup required)

  • PHP 5.4+ and MySQL 5.1 required

technology stack / open source

security

  • XSS (Cross-Site Scripting) Filtering - This filter looks for commonly used techniques to embed malicious JavaScript into your data, or other types of code that attempt to hijack cookies or do other malicious things.

  • SQL Injection Protection

  • CSRF (Cross-Site Request Forgery) Protection - which is the process of an attacker tricking their victim into unknowingly submitting a request. Automatically triggered for every non-GET HTTP request.

  • Input Validation (All GET AND POST data Cleaned and Validated)

  • MySQLi Driver used

  • Encrypted URL used when doing sensitive tasks

  • Forced SSL/HTTPS

  • SMTP (Sendgrid) email ready (out-of-the-box)

  • Cloudflare tested and ready

optional services used

  • sendgrid (email STMP) - for sending email

  • uservoice - for feedback and user tracking

  • google analytics

road map

  • Extending admin to manage database driven questions/questionnaire

  • Extending admin control panel

  • ?