PHP Terminal

A secure, modern, and feature-rich web-based terminal emulator built with PHP and JavaScript. Complete rewrite with enterprise-grade security, responsive design, and professional user experience.

✨ Features

🔒 Enterprise Security

Input Validation: Comprehensive command and path validation
Authentication: Secure session-based authentication system
File Security: Upload restrictions, type validation, size limits
Path Protection: Directory traversal and restricted path prevention
Command Whitelisting: Only allowed commands can be executed
XSS/SQL Injection Protection: Built-in attack prevention

🎨 Modern User Interface

Responsive Design: Mobile-friendly, touch-optimized interface
Multiple Themes: Dark, Light, Monokai, and Solarized themes
Customization: Font family, size, and feature toggles
Command History: Navigate with arrow keys, persistent storage
Auto-completion: Smart command suggestions with Tab key
Syntax Highlighting: Color-coded terminal output
File Explorer: Visual file tree with drag-and-drop support

⚡ Performance & Reliability

Modern Architecture: Object-oriented PHP with namespaces
Optimized JavaScript: ES6+ classes, efficient event handling
Async Operations: Non-blocking file operations
Caching: Local storage for settings and history
Memory Management: Proper resource cleanup
Error Handling: Comprehensive error recovery

🛠️ Developer Features

Modular Design: Clean separation of concerns
API Endpoints: RESTful AJAX communication
Configuration: Environment-based settings
Logging: Comprehensive logging system
Extensible: Plugin-ready architecture
Documentation: Complete API and user documentation

🚀 Quick Start

System Requirements

PHP 7.4 or higher
Web server (Apache/Nginx)
Required PHP extensions: json, mbstring, openssl
Write permissions for cache, logs, and uploads directories

Installation

Clone the repository:

git clone https://github.com/eggerco/phpterminal.git
cd phpterminal

Run the installation script:
```
php install.php
```
Deploy to production:
```
php deploy.php
```
Follow the guided setup process

Configure your environment:

# Edit .env file
PHPTERM_USERNAME=your_username
PHPTERM_PASSWORD=your_secure_password
PHPTERM_SESSION_TIMEOUT=3600

Access the terminal:
- Open your browser and navigate to http://your-domain.com/phpterminal.php
- Login with your credentials
- Start using the terminal!
Access admin dashboard:
- Navigate to http://your-domain.com/phpterminal/admin/dashboard.php
- Monitor system health, security, and performance

Default Credentials

Username: admin
Password: admin

📡 API Documentation

The PHP Terminal includes a comprehensive REST API for system management and monitoring.

Available Endpoints

Endpoint	Method	Description
`/api/health`	GET	System health check
`/api/security`	GET	Security report
`/api/performance`	GET	Performance metrics
`/api/backups`	GET/POST	List/create backups
`/api/backups/restore`	POST	Restore backup
`/api/maintenance`	POST	Run maintenance
`/api/status`	GET	System status
`/api/logs`	GET	System logs
`/api/config`	GET	Configuration
`/api/commands`	GET	Available commands
`/api/metrics`	GET	System metrics

Example API Usage

# Get system health
curl -X GET http://your-domain.com/phpterminal/api/health

# Get security report
curl -X GET http://your-domain.com/phpterminal/api/security?days=7

# Create backup
curl -X POST http://your-domain.com/phpterminal/api/backups \
  -H "Content-Type: application/json" \
  -d '{"description": "Manual backup"}'

# Run maintenance
curl -X POST http://your-domain.com/phpterminal/api/maintenance

⚠️ Change these immediately after installation!

📁 Project Structure

phpterminal/
├── 📁 config/                 # Configuration files
│   ├── config.php            # Main configuration
│   └── security.php          # Security settings
├── 📁 core/                  # Core application logic
│   ├── Application.php       # Main application class
│   └── SecureCommandExecutor.php
├── 📁 media/                 # Static assets
│   ├── 📁 fonts/            # Font files
│   ├── 📁 images/           # Images and icons
│   ├── 📁 scripts/          # JavaScript files
│   │   ├── terminal.js      # Terminal functionality
│   │   └── app.js          # Application management
│   └── 📁 styles/           # CSS files
│       └── phpterminal.css  # Main stylesheet
├── 📁 templates/             # HTML templates
│   └── terminal.html        # Main template
├── 📁 bin/                  # Command implementations
├── 📁 docs/                 # Documentation
├── 📁 licensing/            # License files
├── phpterminal.php         # Main entry point
├── install.php             # Installation script
├── IMPROVEMENTS.md         # Improvement documentation
└── README.md              # This file

🎯 Available Commands

File Operations

ls [OPTIONS] [PATH]     # List directory contents
cd [DIRECTORY]          # Change directory
pwd                     # Print working directory
cat [OPTIONS] FILE      # Display file contents
touch FILE              # Create empty file
mkdir [OPTIONS] DIR     # Create directory
cp SOURCE DEST          # Copy files
mv SOURCE DEST          # Move/rename files
rm [OPTIONS] FILE       # Remove files
chmod MODE FILE         # Change permissions

File Management

upload                  # Upload file (opens file dialog)
download FILE           # Download file
edit FILE               # Open file editor

System Information

phpterm                 # Show terminal information
phpversion              # Show PHP version
ini_get OPTION          # Get PHP configuration
get_loaded_extensions   # List loaded PHP modules

Archive Operations

zip ZIPFILE FILE...     # Create ZIP archive
unzip ZIPFILE           # Extract ZIP archive

Utility Commands

clear                   # Clear terminal screen
help                    # Show help information
man COMMAND             # Show command manual

⚙️ Configuration

Environment Variables

# Security
PHPTERM_USERNAME=admin
PHPTERM_PASSWORD=secure_password
PHPTERM_SESSION_TIMEOUT=3600

# File Upload
PHPTERM_MAX_FILE_SIZE=10485760

# Debug
PHPTERM_DEBUG=false

Security Settings

// config/security.php
const MAX_FILE_SIZE = 10 * 1024 * 1024; // 10MB
const ALLOWED_FILE_TYPES = ['txt', 'php', 'js', 'css', 'html'];
const MAX_COMMAND_LENGTH = 1000;
const SESSION_TIMEOUT = 3600; // 1 hour

Feature Flags

const FEATURES = [
    'file_upload' => true,
    'file_download' => true,
    'file_edit' => true,
    'command_history' => true,
    'auto_complete' => true,
    'syntax_highlighting' => true,
    'themes' => true,
    'plugins' => false,
    'multi_user' => false,
    'real_time' => false
];

🎨 User Interface

Themes

Dark Theme (default)
Light Theme
Monokai Theme
Solarized Theme

Customization

Font family selection
Font size adjustment (10-24px)
Auto-completion toggle
Syntax highlighting toggle
Persistent settings
Keyboard shortcuts

Keyboard Shortcuts

Ctrl/Cmd + ,     - Open Settings
Ctrl/Cmd + Shift + F - Toggle Fullscreen
Ctrl/Cmd + \     - Toggle Sidebar
Escape           - Close Modals
Tab              - Auto-complete
Arrow Up/Down    - Command History

🔧 API Documentation

AJAX Endpoints

// Execute Command
POST /phpterminal.php
Content-Type: application/x-www-form-urlencoded

{
    "action": "phpterm_exec",
    "input": "command to execute",
    "path": "current working directory",
    "username": "authenticated user"
}

// Response
{
    "success": true|false,
    "output": "command output",
    "error": "error message",
    "path": "new working directory"
}

File Upload

// Upload File
POST /phpterminal.php
Content-Type: multipart/form-data

{
    "action": "phpterm_upload",
    "file": "uploaded file",
    "name": "filename",
    "path": "destination directory"
}

🛡️ Security Features

Input Validation

Command length limits (1000 characters)
SQL injection pattern detection
XSS attack prevention
Path traversal protection
Dangerous command blocking

File Security

File type validation
File size limits (10MB default)
Upload restrictions
Directory traversal prevention

Authentication

Session-based authentication
Configurable session timeout
Secure password hashing
Environment variable configuration
No hardcoded credentials

Access Control

Restricted path access (/etc/, /proc/, /sys/, etc.)
Command whitelist (only allowed commands)
Blocked dangerous commands (rm -rf /, etc.)
CSRF protection ready

🐛 Troubleshooting

Common Issues

Authentication Failed
- Check username/password in .env file
- Verify session configuration
- Clear browser cookies
Commands Not Working
- Check command is in whitelist
- Verify file permissions
- Check error logs
File Upload Issues
- Check file size limits
- Verify file type is allowed
- Check directory permissions
UI Issues
- Clear browser cache
- Check JavaScript console for errors
- Verify CSS files are loading

Debug Mode

# Enable debug mode
PHPTERM_DEBUG=true

Log Files

# Check these locations for logs:
/var/log/phpterminal.log
phpterminal/logs/
phpterminal/cache/

🤝 Contributing

Development Setup

Fork the repository
Create a feature branch
Make your changes
Test thoroughly
Submit a pull request

Code Standards

Follow PSR-12 coding standards
Use meaningful variable names
Add proper documentation
Include error handling
Write unit tests

Security Guidelines

Never commit credentials
Validate all inputs
Use prepared statements
Implement proper authentication
Follow OWASP guidelines

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
docs		docs
licensing		licensing
phpterminal		phpterminal
.gitignore		.gitignore
.htaccess		.htaccess
LICENSE		LICENSE
README.md		README.md
deploy.php		deploy.php
install.php		install.php
phpterminal.php		phpterminal.php

License

eggerco/phpterminal

Folders and files

Latest commit

History

Repository files navigation