summaryrefslogtreecommitdiff
path: root/README
blob: bb81999fb6a5fc84505a5c15468af82b6901da69 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
This is complete code of ch1p.io website.

FEATURES
	- it's not just blog, you can create any page with any address
	- posts and pages are written in Markdown:
	 	- supports syntax highlighting in code blocks
	 	- supports embedding of uploaded files and image resizing
	 - tags
	 - rss feed
	 - dark theme
	 - ultra fast on backend:
	 	- written from scratch
	 	- no heavy frameworks
	 	- no "classic" template engine
	 		- vanilla php templates designed from scratch (because why not)
	 		- thus, no overhead from templates "compilation"
	 		- all strings are transparently escaped unless explicitly specified not to
	 - ultra fast on frontend:
	 	- written from scratch
	 	- simple readable ECMAScript 5.1 scripts
	 	- no modern web bullshit like webpack or babel
	 	- simple build system that just works
	 - secure:
	 	- CSRF protection
	 	- automatic XSS protection in templates
	 	- see the "BUG BOUNTY" section below

REQUIREMENTS

	- PHP >= 8.1, with following extensions:
		- mysqli
		- gd
	- MariaDB server
	- Composer
	- Node.JS
	- SCSS compiler, e.g. sassc

CONFIGURATION

	Should be done by copying config.php to config-local.php and modifying config-local.php.

INSTALLATION

	It uses https://github.com/sixlive/parsedown-highlight which you'll need to install using Composer, but since that
	package's manifest is a bit outdated you have to pass `--ignore-platform-reqs` to composer.

	TODO

LOGGING

	TODO

DEPLOYING

	make deploy

BUG BOUNTY

	I take security very seriously. If you found an exploitable vulnerability in _my_ code, please contact me by email.
	I'm willing to pay $50 to $500 in crypto (depending on severity) for every discovered vulnerability.

LICENSE

	GPLv3