blob: bb81999fb6a5fc84505a5c15468af82b6901da69 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
This is complete code of ch1p.io website.
FEATURES
- it's not just blog, you can create any page with any address
- posts and pages are written in Markdown:
- supports syntax highlighting in code blocks
- supports embedding of uploaded files and image resizing
- tags
- rss feed
- dark theme
- ultra fast on backend:
- written from scratch
- no heavy frameworks
- no "classic" template engine
- vanilla php templates designed from scratch (because why not)
- thus, no overhead from templates "compilation"
- all strings are transparently escaped unless explicitly specified not to
- ultra fast on frontend:
- written from scratch
- simple readable ECMAScript 5.1 scripts
- no modern web bullshit like webpack or babel
- simple build system that just works
- secure:
- CSRF protection
- automatic XSS protection in templates
- see the "BUG BOUNTY" section below
REQUIREMENTS
- PHP >= 8.1, with following extensions:
- mysqli
- gd
- MariaDB server
- Composer
- Node.JS
- SCSS compiler, e.g. sassc
CONFIGURATION
Should be done by copying config.php to config-local.php and modifying config-local.php.
INSTALLATION
It uses https://github.com/sixlive/parsedown-highlight which you'll need to install using Composer, but since that
package's manifest is a bit outdated you have to pass `--ignore-platform-reqs` to composer.
TODO
LOGGING
TODO
DEPLOYING
make deploy
BUG BOUNTY
I take security very seriously. If you found an exploitable vulnerability in _my_ code, please contact me by email.
I'm willing to pay $50 to $500 in crypto (depending on severity) for every discovered vulnerability.
LICENSE
GPLv3
|