blob: 2a80337a9b804d572c3cb798c2c2df2fbca4db3d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
# ch1p_io_web
This is complete code of ch1p.io website.
## Features
- it's not just blog, you can create any page with any address
- posts and pages are written in Markdown:
- supports syntax highlighting in code blocks
- supports embedding of uploaded files and image resizing
- tags
- rss feed
- dark theme
- ultra fast on backend:
- written from scratch
- no PSR BS
- no heavy frameworks
- no 157 abstraction layers
- no "classic" template engine
- vanilla php templates designed from scratch (because why not)
- thus, no overhead from templates "compilation"
- all strings are transparently escaped unless explicitly specified not to
- ultra fast on frontend:
- written from scratch
- simple readable ECMAScript 5.1 scripts
- no modern web bullshit like webpack or babel
- simple build system that just works
- secure:
- CSRF protection
- automatic XSS protection in templates
- see [this section](#bug-bounty) below
## Requirements
- PHP >= 8.1, with following extensions:
- mysqli
- gd
- MariaDB server
- Composer
- Node.JS
- SCSS compiler, e.g. sassc
## Configuration
Should be done by copying config.php to config-local.php and modifying config-local.php.
## Installation
It uses https://github.com/sixlive/parsedown-highlight which you'll need to install using Composer, but since that
package's manifest is a bit outdated you have to pass `--ignore-platform-reqs` to composer.
TODO
## Logging
TODO
## Deploying
```
make deploy
```
## Bug bounty
I take security very seriously. If you found an exploitable vulnerability in _my_ code, please contact me by email.
I'm willing to pay $50 to $500 in crypto (depending on severity) for every discovered vulnerability.
## License
BSD-2-Clause
|
