PurePHP WebKit

A modern, modular, user-friendly PurePHP WebKit with auto-discovered routing, authentication, API, admin features, and more.

Features

• Auto-discovered routing for pages and APIs
• SQLite/MySQL support with .env configuration
• Modular authentication with registration, login, password reset
• Role-based permissions (admin/user roles)
• Intended URL redirect after login/registration
• Dynamic layout system with admin-controlled theme selection
• CSRF protection on all forms
• Flash messages for user feedback
• Input validation and sanitization
• Rate limiting and security headers
• File upload with audit logging
• Admin audit log viewer for monitoring
• REST API with token authentication
• CLI utilities (database backup, migrations)
• Internationalization (i18n) support
• Caching and logging utilities
• Modern, accessible UI with dark mode support
• Responsive design for all devices
• Easy to extend and maintain

Quick Start

1. Clone or download the repository
2. Install dependencies:

   composer install

3. Configure environment:

   cp .env.example .env
   # Edit .env with your database and site settings

4. Set up the database:

   php system/migrate.php

5. Start development server:

   php -S localhost:8000 -t public/

6. Visit http://localhost:8000 in your browser

Project Structure

├── public/           # Web root (document root)
│   ├── assets/       # CSS, JS, images
│   ├── pages/        # Public pages (auto-routed)
│   └── api/          # API endpoints
├── app/              # Application code
│   ├── templates/    # Layouts and views
│   ├── Controllers/  # Business logic
│   └── data/         # SQLite DB and logs
├── system/           # Core framework
│   ├── auth.php      # Authentication helpers
│   ├── db.php        # Database abstraction
│   ├── router.php    # Auto-routing system
│   └── migrate.php   # Database migrations
├── api/              # API endpoints
├── cli/              # Command-line utilities
├── config/           # Configuration files
├── db_changes/       # Database migration scripts
├── tests/            # Test suite
└── vendor/           # Composer dependencies

Database Setup

PurePHP WebKit supports both SQLite (default) and MySQL:

SQLite (Recommended for development)

DB_DRIVER=sqlite
DB_PATH="app/data/app.db"

MySQL

DB_DRIVER=mysql
DB_HOST=localhost
DB_NAME=your_database
DB_USER=your_username
DB_PASS=your_password

Run migrations after configuring:

php system/migrate.php

Key Features

🔐 Authentication & Security

• User registration and login
• Password reset functionality
• Role-based access control (admin/user)
• CSRF protection on all forms
• Secure session management
• Password strength validation

🎨 Layout System

• 4 built-in layouts: Default, Sidebar, Centered, Full-width
• Admin-controlled: Only administrators can change layouts
• Responsive design: Works on all screen sizes
• Dynamic switching: Changes apply immediately

👥 Admin Features

• Admin dashboard with system overview
• Audit log viewer for monitoring user actions
• User management capabilities
• Layout customization controls
• System settings management

🔌 API & Integrations

• REST API with Bearer token authentication
• Health check endpoint for monitoring
• API documentation page
• File upload with security validation
• Rate limiting protection

🛠 Developer Experience

• Auto-routing: Just add PHP files, routes are created automatically
• PSR-4 autoloading with Composer
• Modular architecture: Easy to extend and customize
• Comprehensive testing suite
• Development/production modes
• Error logging and debugging tools

Usage Examples

Creating a New Page

Add public/pages/about.php:

<?php
$title = 'About Us';
ob_start();
?>
<h1>About Our Application</h1>
<p>Welcome to our PurePHP WebKit!</p>
<?php
$content = ob_get_clean();
include __DIR__ . '/../../app/templates/layout.php';

Visit /about - the page is automatically routed!

Creating a Protected Page

<?php
require_login(); // Require authentication
$title = 'Dashboard';
ob_start();
// Your page content here
$content = ob_get_clean();
include __DIR__ . '/../../app/templates/layout.php';

Creating an API Endpoint

Add api/endpoints/users.php:

<?php
require_once '../../../system/api_auth.php';
api_authenticate(); // Require API token

header('Content-Type: application/json');
echo json_encode(['users' => get_all_users()]);

Security Best Practices

• ✅ Never commit .env or database files
• ✅ Use HTTPS in production
• ✅ Set strong permissions on sensitive folders
• ✅ Change default tokens before deployment
• ✅ Enable production mode for live sites
• ✅ Regular security updates of dependencies

Requirements

• PHP 7.4+ (8.0+ recommended)
• Composer for dependency management
• SQLite or MySQL database
• Web server (Apache/Nginx) or PHP built-in server

Testing

Run the test suite:

php run_tests.php

Add tests for new features in the tests/ directory.

Documentation

• GUIDE.md - Complete technical documentation
• PRODUCTION_CHECKLIST.md - Deployment checklist
• CHANGELOG.md - Version history and changes
• CONTRIBUTING.md - Contribution guidelines
• API Documentation - Visit /api-docs.php in your application

Contributing

We welcome contributions! Please see our contributing guidelines for details.

License

MIT License - see composer.json for details.

Support

• 📖 Documentation: GUIDE.md
• 🐛 Issues: GitHub Issues
• 💬 Discussions: GitHub Discussions

---

Ready to build something amazing? 🚀

PurePHP WebKit provides a solid foundation for modern PHP applications with security, scalability, and developer experience in mind.