Coder Social home page Coder Social logo

volkansah / minigrex-cms Goto Github PK

View Code? Open in Web Editor NEW
5.0 2.0 1.0 954 KB

MiniGreX will be designed with security in mind, and the code will be written to minimize the risk of SQL injection attacks and other security vulnerabilities. To ensure maximum security, we recommend keeping the CMS up-to-date with the latest security patches and using strong passwords for all user accounts.

PHP 68.86% CSS 7.00% JavaScript 3.05% HTML 21.09%
cms cms-backend cms-framework mariadb mysql php posgresql security security-audit security-tools user-interface usermanagement xss-filter content-management pod prepared-statements hacker content-management-system codeigniter authentication

minigrex-cms's Introduction

MiniGreX - Content Management Framework

MiniGreX Logo

Table of Contents

IMPORTANT
⚠️ MiniGreX is still in development. It works, but improvements are ongoing. Want to help? The smallest high-secure multi-CMS for DevOps 👮 Update 12.06.24 i kill it today. Later! not yet please!

Security

MiniGreX is designed with security in mind, minimizing the risk of SQL injection and other vulnerabilities. Keep MiniGreX up-to-date with the latest patches and use strong passwords for all accounts.

Introduction

MiniGreX is a lightweight and secure system "not only" for sharing links, images, videos, and comments. It supports MySQL, MariaDB, and PostgreSQL, and uses PHP PDO with prepared statements for security.

Documentation for this project

Installation

To install MiniGreX CMS, follow these steps:

  1. Install a web server (Apache or Nginx).
  2. Install PHP 7.4 or higher.
  3. Install MySQL, PostgreSQL, or MariaDB.
  4. Clone the repository from GitHub.
  5. Create a database for MiniGreX CMS.
  6. Import the SQL file sql.txt into your database.
  7. Update init.php with your database credentials.
  8. Upload the files to your server.
  9. Change file and folder permissions.
  10. Navigate to index.php to view the CMS.

Features

  • User authentication
  • Admin panel for managing site information and user accounts
  • Share links, images, and videos
  • Comment system
  • SQL injection prevention with prepared statements
  • Supports MySQL, MariaDB, and PostgreSQL
  • Force SSL
  • Role Manager
  • Caching
  • Some "Test tools"
  • Lazyload + Image Customizer
  • Image & Video Database
  • SEO Tools
  • Gateway Tools
  • Deep/Dark Web mode
  • Some admin stuff
  • Profile Manager
  • Some secrets 😃

Admin Panel

The admin panel allows admins to manage site information and user accounts, including:

  • Changing site title and description
  • Changing admin/user passwords
  • Viewing and deleting user accounts
  • Managing roles and permissions

User Panel

The user panel allows users to manage their accounts and content, including:

  • Changing user passwords
  • Creating posts, links, comments, and uploading images and videos
  • Update Profile

Public Files and Functions

  • login.php and register.php with prepared statements and CSRF protection

Security Enhancements

  • Content Security Policy (CSP) and other security headers
  • Enhanced SQL injection prevention with PDO and prepared statements
  • CSRF protection mechanisms
  • Session security with session regeneration to prevent session fixation

Modular Architecture

  • plugin_loader.php for modular plugin integration
  • theme_loader.php for modular theme integration

Role Manager

  • Manage roles and permissions
  • Admins can create, delete, and assign roles to users

Coming Soon

  • Lazyload + Image Customizer
  • Image & Video Database
  • SEO Tools
  • Gateway Tools
  • Deep/Dark Web mode for enhanced security and privacy (for DevOps)
  • Profile Manager

Changelog

Latest Updates

06/2024

  1. Role Manager:

    • New plugin for managing roles and permissions.
    • Admins can create, delete, and assign roles to users.

  2. Security Enhancements:

    • Added Content Security Policy (CSP) and other security headers.
    • Enhanced SQL injection prevention using PDO and prepared statements.
    • Implemented CSRF protection mechanisms.

  3. Session Security:

    • Added a function to regenerate session IDs to prevent session fixation.

  4. Modular Architecture:

    • Introduced plugin_loader.php for modular integration of plugins.

  5. Improvements in login.php and register.php:

    • Usage of PDO and prepared statements.
    • Integration of CSRF protection.

These changes and enhancements significantly improve the security, modularity, and administrative capabilities of the CMS.

Usage

Once installed, MiniGreX CMS allows you to share links, images, and videos. The main page shows all posts and comments. To add a new post, click "Add Post" and fill in the form.

To comment on a post, log in or register a new account. Admins can change site settings and passwords from the admin panel.

Contributing

We welcome contributions to MiniGreX CMS, including bug fixes, feature requests, and translations. To contribute, please create a new branch and submit a pull request.

Support

Your support is greatly appreciated. If you find MiniGreX CMS useful, consider ⭐ the project on GitHub or becoming a Sponsor.

Credits

MiniGreX CMS is developed and maintained by:

License

MiniGreX CMS is licensed under a "MIT" LICENSE. Feel free to use it for personal purposes and commercial purposes!

minigrex-cms's People

Contributors

volkansah avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

amishakov

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.