From 7fca85d1c12a9813f1b5f8994b8ee8e5fdd69c56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophile=20Gervreau-Mercier?= Date: Thu, 12 Feb 2026 12:12:58 +0100 Subject: [PATCH] =?UTF-8?q?refactor:=20rename=20database=20=E2=86=92=20sto?= =?UTF-8?q?rage?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit More semantically accurate: contains SQLite files, schema, fixtures, test data. Updated all references in code, scripts, docs. --- docs/COMPLETE_DEPLOYMENT_GUIDE.md | 6 +- docs/DATABASE_CONFIG.md | 10 ++-- docs/DEPLOYMENT_MIGRATION.md | 22 +++---- docs/DEPLOYMENT_STEPS.md | 8 +-- docs/DEVELOPMENT_GUIDE.md | 6 +- docs/MIGRATION_CHECKLIST.md | 22 +++---- docs/MIGRATION_COMPLETE.md | 14 ++--- docs/REPOSITORY_STRUCTURE_ANALYSIS.md | 8 +-- docs/SECURITY_ANALYSIS.md | 2 +- docs/SERVER_SETUP.md | 4 +- docs/SIMPLIFICATION.md | 2 +- docs/TEST_CENTRALIZATION.md | 2 +- justfile | 54 +++++++++--------- nginx/DEPLOYMENT_COMPLETE.md | 8 +-- nginx/DEPLOY_NOW.md | 4 +- nginx/PRODUCTION_DEPLOYMENT.md | 12 ++-- nginx/QUICK_REFERENCE.md | 4 +- nginx/README.md | 2 +- nginx/SETUP.md | 6 +- nginx/TEST_DATABASE_SETUP.md | 28 ++++----- nginx/deploy-production-new.sh | 8 +-- nginx/deploy-production.sh | 8 +-- scripts/deploy-production.sh | 8 +-- scripts/migrate-structure.sh | 2 +- scripts/setup-dev.sh | 4 +- .../ad921d60486366258809553a3db49a4a.json | 2 +- src/config.php | 4 +- {database => storage}/Database_TFE_test.csv | 0 {database => storage}/README.md | 0 .../docs/DATABASE_SPECIFICATION.md | 0 .../docs/QUICK_SCHEMA_REFERENCE.md | 0 {database => storage}/docs/SETUP.md | 0 .../docs/posterg_fiche-technique.md | 0 .../fixtures/CreateTestDatabase.php | 0 {database => storage}/posterg.db | Bin {database => storage}/schema.sql | 0 {database => storage}/test.db | Bin tests/README.md | 2 +- 38 files changed, 131 insertions(+), 131 deletions(-) rename {database => storage}/Database_TFE_test.csv (100%) rename {database => storage}/README.md (100%) rename {database => storage}/docs/DATABASE_SPECIFICATION.md (100%) rename {database => storage}/docs/QUICK_SCHEMA_REFERENCE.md (100%) rename {database => storage}/docs/SETUP.md (100%) rename {database => storage}/docs/posterg_fiche-technique.md (100%) rename {database => storage}/fixtures/CreateTestDatabase.php (100%) rename {database => storage}/posterg.db (100%) rename {database => storage}/schema.sql (100%) rename {database => storage}/test.db (100%) diff --git a/docs/COMPLETE_DEPLOYMENT_GUIDE.md b/docs/COMPLETE_DEPLOYMENT_GUIDE.md index 0bb8d77..8e5198f 100644 --- a/docs/COMPLETE_DEPLOYMENT_GUIDE.md +++ b/docs/COMPLETE_DEPLOYMENT_GUIDE.md @@ -188,7 +188,7 @@ curl -I https://posterg.erg.be/ curl -I https://posterg.erg.be/admin/ # Should be 404 (SECURITY - private files): -curl -I https://posterg.erg.be/database/test.db +curl -I https://posterg.erg.be/storage/test.db curl -I https://posterg.erg.be/config/bootstrap.php curl -I https://posterg.erg.be/includes/header.php curl -I https://posterg.erg.be/lib/Database.php @@ -320,8 +320,8 @@ sudo systemctl reload nginx **Fix:** ```bash ssh posterg -sudo chown www-data:posterg /var/www/posterg/database/test.db -sudo chmod 660 /var/www/posterg/database/test.db +sudo chown www-data:posterg /var/www/posterg/storage/test.db +sudo chmod 660 /var/www/posterg/storage/test.db ``` ### Admin upload errors diff --git a/docs/DATABASE_CONFIG.md b/docs/DATABASE_CONFIG.md index 61d0f8a..b1b7fca 100644 --- a/docs/DATABASE_CONFIG.md +++ b/docs/DATABASE_CONFIG.md @@ -23,10 +23,10 @@ The `shared/config.php` file defines: ```php // Test database (development) -DB_TEST_PATH = '/path/to/database/test.db' +DB_TEST_PATH = '/path/to/storage/test.db' // Production database (server) -DB_PROD_PATH = '/path/to/database/posterg.db' +DB_PROD_PATH = '/path/to/storage/posterg.db' ``` ## How It Works @@ -35,7 +35,7 @@ DB_PROD_PATH = '/path/to/database/posterg.db' By default, the system automatically determines which database to use: -1. **If `database/test.db` exists** → Use test database (development mode) +1. **If `storage/test.db` exists** → Use test database (development mode) 2. **Otherwise** → Use production database (production mode) This means: @@ -123,7 +123,7 @@ just deploy-database To test with production data locally: ```bash # Download production database (optional) -scp posterg:/var/www/html/database/posterg.db database/ +scp posterg:/var/www/html/storage/posterg.db database/ # Remove test database to force production mode rm database/test.db @@ -177,5 +177,5 @@ if (isTestMode()) { - **Explicit test deploy**: Use `just test-deploy` to explicitly deploy test.db when needed - **Git ignored**: Test database is in `.gitignore` and never committed - **Backups**: Production database should be backed up regularly -- **Schema**: Both databases use the same schema (`database/schema.sql`) +- **Schema**: Both databases use the same schema (`storage/schema.sql`) - **Verification**: Run `rsync --dry-run` to preview what will be deployed before deploying diff --git a/docs/DEPLOYMENT_MIGRATION.md b/docs/DEPLOYMENT_MIGRATION.md index 1442a4a..65a6e34 100644 --- a/docs/DEPLOYMENT_MIGRATION.md +++ b/docs/DEPLOYMENT_MIGRATION.md @@ -14,7 +14,7 @@ php -S 127.0.0.1:8000 **Problems:** - Serves from project root (all files accessible via web) -- Exposes sensitive files: `database/`, `tests/`, `vendor/`, config files +- Exposes sensitive files: `storage/`, `tests/`, `vendor/`, config files - Doesn't match production DocumentRoot configuration - Security risk: `.env`, database files, source code all accessible @@ -216,7 +216,7 @@ deploy-code: ```just test-deploy: ssh posterg "mkdir -p /var/www/html/database" - rsync -vur --progress ./database/test.db posterg:/var/www/html/database/test.db + rsync -vur --progress ./storage/test.db posterg:/var/www/html/storage/test.db ``` **New:** @@ -229,9 +229,9 @@ deploy-database: echo; \ if [[ $$REPLY =~ ^[Yy]$$ ]]; then \ ssh posterg "mkdir -p /var/www/posterg/database" && \ - rsync -vur --progress ./database/test.db posterg:/var/www/posterg/database/ && \ - ssh posterg "chown www-data:posterg /var/www/posterg/database/test.db && \ - chmod 660 /var/www/posterg/database/test.db" && \ + rsync -vur --progress ./storage/test.db posterg:/var/www/posterg/storage/ && \ + ssh posterg "chown www-data:posterg /var/www/posterg/storage/test.db && \ + chmod 660 /var/www/posterg/storage/test.db" && \ echo "✅ Database deployed"; \ else \ echo "❌ Cancelled"; \ @@ -241,7 +241,7 @@ deploy-database: [group('deploy')] backup-remote-db: @echo "💾 Backing up remote database..." - @ssh posterg "sqlite3 /var/www/posterg/database/test.db .dump" > database/remote_backup_$(date +%Y%m%d_%H%M%S).sql + @ssh posterg "sqlite3 /var/www/posterg/storage/test.db .dump" > database/remote_backup_$(date +%Y%m%d_%H%M%S).sql @echo "✅ Remote database backed up locally" ``` @@ -338,7 +338,7 @@ server { deny all; } - location ~ /database/ { + location ~ /storage/ { deny all; } @@ -400,7 +400,7 @@ mv lib src/lib just serve # Opens http://localhost:8000 # Verify that sensitive files return 404: -# http://localhost:8000/database/test.db → 404 +# http://localhost:8000/storage/test.db → 404 # http://localhost:8000/config/ → 404 # http://localhost:8000/src/ → 404 ``` @@ -461,7 +461,7 @@ just server-status - [ ] File uploads work (if applicable) - [ ] Logs written to `/var/www/posterg/var/logs/` - [ ] Sensitive URLs return 404: - - https://posterg.erg.be/database/test.db + - https://posterg.erg.be/storage/test.db - https://posterg.erg.be/config/ - https://posterg.erg.be/src/ - https://posterg.erg.be/vendor/ @@ -477,7 +477,7 @@ just server-status | Assets | `/assets/` | `/public/assets/` | | Config | `/inc/` | `/config/` or `/src/` | | Libraries | `/lib/` | `/src/lib/` | -| Database | `/database/` | `/database/` (stays) | +| Database | `/storage/` | `/storage/` (stays) | | Vendor | `/vendor/` | `/vendor/` (stays) | | Tests | `/tests/` | `/tests/` (stays) | @@ -554,7 +554,7 @@ require_once APP_ROOT . '/config/app.php'; ### Issue: Database connection fails **Cause:** Path to database file wrong -**Fix:** Update path from `database/test.db` to `../database/test.db` (from public/) +**Fix:** Update path from `storage/test.db` to `../storage/test.db` (from public/) ### Issue: Can't write to cache/logs **Cause:** Wrong permissions on var/ directory diff --git a/docs/DEPLOYMENT_STEPS.md b/docs/DEPLOYMENT_STEPS.md index a3f2a9e..02f2138 100644 --- a/docs/DEPLOYMENT_STEPS.md +++ b/docs/DEPLOYMENT_STEPS.md @@ -24,7 +24,7 @@ This deploys all files to `/var/www/posterg/`: - `public/` → `/var/www/posterg/public/` - `includes/` → `/var/www/posterg/includes/` - `config/` → `/var/www/posterg/config/` -- `database/` → `/var/www/posterg/database/` +- `storage/` → `/var/www/posterg/storage/` - `src/` → `/var/www/posterg/lib/` ### 3. Update Nginx Configuration @@ -59,7 +59,7 @@ just server-status Check: - https://posterg.erg.be/ (should work) - https://posterg.erg.be/admin/ (should work) -- https://posterg.erg.be/database/test.db (should 404 ✅) +- https://posterg.erg.be/storage/test.db (should 404 ✅) --- @@ -84,7 +84,7 @@ just deploy-database ``` This will: -1. Upload `database/test.db` to server +1. Upload `storage/test.db` to server 2. Set correct permissions 3. Warn before overwriting @@ -174,7 +174,7 @@ jj edit - [ ] SSH to server and apply nginx config - [ ] `sudo systemctl reload nginx` - [ ] Verify site works: https://posterg.erg.be/ -- [ ] Verify security: https://posterg.erg.be/database/test.db → 404 +- [ ] Verify security: https://posterg.erg.be/storage/test.db → 404 - [ ] Test admin: https://posterg.erg.be/admin/ - [ ] Deploy database (if needed): `just deploy-database` diff --git a/docs/DEVELOPMENT_GUIDE.md b/docs/DEVELOPMENT_GUIDE.md index ad38940..1d22d94 100644 --- a/docs/DEVELOPMENT_GUIDE.md +++ b/docs/DEVELOPMENT_GUIDE.md @@ -186,7 +186,7 @@ include 'inc/header.php'; ### Test Database -Development uses `database/test.db` (gitignored). +Development uses `storage/test.db` (gitignored). **Create test database:** ```bash @@ -360,7 +360,7 @@ All will auto-refresh when you save files! ✨ ### Using a Real Test Database -The test database (`database/test.db`) is gitignored. To share test data: +The test database (`storage/test.db`) is gitignored. To share test data: ```bash # Create fixtures @@ -479,7 +479,7 @@ just test ## 📚 Further Reading - [Test Documentation](../tests/README.md) -- [Database Specification](../database/DATABASE_SPECIFICATION.md) +- [Database Specification](../storage/DATABASE_SPECIFICATION.md) - [Migration Guide](../MIGRATION_GUIDE.md) - [Deployment Guide](../nginx/DEPLOYMENT_COMPLETE.md) diff --git a/docs/MIGRATION_CHECKLIST.md b/docs/MIGRATION_CHECKLIST.md index 8a9d1a5..18d0a82 100644 --- a/docs/MIGRATION_CHECKLIST.md +++ b/docs/MIGRATION_CHECKLIST.md @@ -52,7 +52,7 @@ sed -i 's/@php -S 127.0.0.1:8000/@php -S 127.0.0.1:8000 -t public\//' justfile # 2. Test new dev server just serve # Visit http://localhost:8000 -# Verify http://localhost:8000/database/test.db returns 404 +# Verify http://localhost:8000/storage/test.db returns 404 # 3. If it works, you're ready for production migration ``` @@ -118,13 +118,13 @@ location ^~ /admin/ { 3. **Remove/update deny rules** (lines 48-60) - These become redundant! ```nginx # BEFORE - needed because everything in DocumentRoot -location ^~ /database/ { deny all; } +location ^~ /storage/ { deny all; } location ^~ /shared/ { deny all; } location ^~ /data/ { deny all; } # AFTER - can remove! They're already outside public/ # But keep as defense-in-depth: -location ^~ /database/ { deny all; } # Will never match, but safe +location ^~ /storage/ { deny all; } # Will never match, but safe ``` ### In justfile: @@ -191,9 +191,9 @@ deploy: test-deploy: @echo "⚠️ Deploying test database" ssh posterg "mkdir -p /var/www/posterg/database" - rsync -vur --progress ./database/test.db posterg:/var/www/posterg/database/ - ssh posterg "chown www-data:posterg /var/www/posterg/database/test.db && \ - chmod 660 /var/www/posterg/database/test.db" + rsync -vur --progress ./storage/test.db posterg:/var/www/posterg/storage/ + ssh posterg "chown www-data:posterg /var/www/posterg/storage/test.db && \ + chmod 660 /var/www/posterg/storage/test.db" @echo "✅ Test database deployed" ``` @@ -209,7 +209,7 @@ just serve # In another terminal: curl http://localhost:8000/ # ✅ Should work curl http://localhost:8000/admin/ # ✅ Should work (after moving) -curl http://localhost:8000/database/test.db # ❌ Should 404 +curl http://localhost:8000/storage/test.db # ❌ Should 404 curl http://localhost:8000/config/ # ❌ Should 404 curl http://localhost:8000/vendor/ # ❌ Should 404 ``` @@ -226,7 +226,7 @@ curl http://localhost:8000/admin/ # ✅ works curl http://localhost:8000/assets/css/style.css # ✅ works # Verify old paths don't work -curl http://localhost:8000/../database/test.db # ❌ 404 +curl http://localhost:8000/../storage/test.db # ❌ 404 curl http://localhost:8000/../config/ # ❌ 404 ``` @@ -238,7 +238,7 @@ just server-status # Manual checks curl -I https://posterg.erg.be/ curl -I https://posterg.erg.be/admin/ -curl -I https://posterg.erg.be/database/test.db # Must be 404! +curl -I https://posterg.erg.be/storage/test.db # Must be 404! ``` --- @@ -260,7 +260,7 @@ require_once 'database/test.db'; /dev/null || true" + chmod -R 775 var/ storage/ && \ + chmod 660 storage/*.db 2>/dev/null || true" @echo "" @echo "✅ Deployment complete!" @echo "" @@ -114,9 +114,9 @@ deploy-database: @echo "⚠️ Deploying test database (will overwrite remote test.db)" @echo "Creating database directory if needed..." ssh posterg "mkdir -p /var/www/posterg/database" - rsync -vur --progress ./database/test.db posterg:/var/www/posterg/database/test.db + rsync -vur --progress ./storage/test.db posterg:/var/www/posterg/storage/test.db @echo "Setting correct permissions..." - ssh posterg "chown www-data:posterg /var/www/posterg/database /var/www/posterg/database/test.db && chmod 775 /var/www/posterg/database && chmod 660 /var/www/posterg/database/test.db" + ssh posterg "chown www-data:posterg /var/www/posterg/database /var/www/posterg/storage/test.db && chmod 775 /var/www/posterg/database && chmod 660 /var/www/posterg/storage/test.db" @echo "✅ Test database deployed and configured" # Legacy alias @@ -176,18 +176,18 @@ stats: @echo "📊 Database Statistics" @echo "======================" @echo "" - @sqlite3 database/test.db "SELECT COUNT(*) || ' total theses' FROM theses;" - @sqlite3 database/test.db "SELECT COUNT(*) || ' published theses' FROM theses WHERE is_published = 1;" - @sqlite3 database/test.db "SELECT COUNT(*) || ' authors' FROM authors;" - @sqlite3 database/test.db "SELECT COUNT(*) || ' supervisors' FROM supervisors;" - @sqlite3 database/test.db "SELECT COUNT(*) || ' keywords' FROM keywords;" - @sqlite3 database/test.db "SELECT COUNT(*) || ' files uploaded' FROM thesis_files;" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' total theses' FROM theses;" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' published theses' FROM theses WHERE is_published = 1;" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' authors' FROM authors;" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' supervisors' FROM supervisors;" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' keywords' FROM keywords;" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' files uploaded' FROM thesis_files;" [group('stats')] recent: @echo "📅 Recent Theses" @echo "================" - @sqlite3 -column -header database/test.db "SELECT id, title, year, authors FROM v_theses_public ORDER BY year DESC, title LIMIT 10;" + @sqlite3 -column -header storage/test.db "SELECT id, title, year, authors FROM v_theses_public ORDER BY year DESC, title LIMIT 10;" # ============================================================================ # Database Management @@ -196,50 +196,50 @@ recent: [group('database')] init-db: @echo "📊 Creating test database from schema..." - @sqlite3 database/test.db < database/schema.sql + @sqlite3 storage/test.db < storage/schema.sql @echo "✓ Test database created" - @sqlite3 database/test.db "SELECT COUNT(*) || ' tables created' FROM sqlite_master WHERE type='table';" - @sqlite3 database/test.db "SELECT COUNT(*) || ' orientations loaded' FROM orientations;" - @sqlite3 database/test.db "SELECT COUNT(*) || ' AP programs loaded' FROM ap_programs;" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' tables created' FROM sqlite_master WHERE type='table';" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' orientations loaded' FROM orientations;" + @sqlite3 storage/test.db "SELECT COUNT(*) || ' AP programs loaded' FROM ap_programs;" [group('database')] reset-db: @echo "⚠️ Resetting database (will delete all data)..." - @rm -f database/test.db + @rm -f storage/test.db @just init-db @echo "✓ Database reset complete" [group('database')] query: - @sqlite3 database/test.db + @sqlite3 storage/test.db [group('database')] show id: @echo "Thesis #{{id}}" @echo "==============" - @sqlite3 -column -header database/test.db "SELECT * FROM v_theses_full WHERE id = {{id}};" + @sqlite3 -column -header storage/test.db "SELECT * FROM v_theses_full WHERE id = {{id}};" [group('database')] backup: @echo "💾 Backing up database..." - @sqlite3 database/test.db .dump > database/backup_$(date +%Y%m%d_%H%M%S).sql - @echo "✓ Database dumped to database/backup_$(date +%Y%m%d_%H%M%S).sql" + @sqlite3 storage/test.db .dump > storage/backup_$(date +%Y%m%d_%H%M%S).sql + @echo "✓ Database dumped to storage/backup_$(date +%Y%m%d_%H%M%S).sql" [group('database')] fixtures: @echo "🎭 Creating test database with fixtures..." - @php database/fixtures/CreateTestDatabase.php + @php storage/fixtures/CreateTestDatabase.php [group('database')] deploy-test-db: @echo "⚠️ Deploying test database to server (will overwrite remote test.db)" @echo "Creating database directory if needed..." ssh posterg "mkdir -p /var/www/html/database" - rsync -vur --progress ./database/test.db posterg:/var/www/html/database/test.db + rsync -vur --progress ./storage/test.db posterg:/var/www/html/storage/test.db @echo "Setting correct permissions..." - ssh posterg "chgrp posterg /var/www/html/database /var/www/html/database/test.db && \ + ssh posterg "chgrp posterg /var/www/html/database /var/www/html/storage/test.db && \ chmod 775 /var/www/html/database && \ - chmod 660 /var/www/html/database/test.db" + chmod 660 /var/www/html/storage/test.db" @echo "✅ Test database deployed" # ============================================================================ diff --git a/nginx/DEPLOYMENT_COMPLETE.md b/nginx/DEPLOYMENT_COMPLETE.md index 7fb9e74..a19b36d 100644 --- a/nginx/DEPLOYMENT_COMPLETE.md +++ b/nginx/DEPLOYMENT_COMPLETE.md @@ -16,7 +16,7 @@ The Post-ERG website is now successfully deployed with production-ready nginx co | **Public Site** | ✅ Working | https://posterg.erg.be/ → 200 OK | | **SSL/TLS** | ✅ Working | HTTPS with valid certificate | | **Admin Panel** | ✅ Protected | /formulaire/ → 401 (requires password) | -| **Database Protection** | ✅ Blocked | /database/ → 403 Forbidden | +| **Database Protection** | ✅ Blocked | /storage/ → 403 Forbidden | | **Sensitive Files** | ✅ Blocked | .md, .sql files → 403 Forbidden | | **Shared Directory** | ✅ Blocked | /shared/ → 403 Forbidden | | **Security Headers** | ✅ Present | X-Frame-Options, CSP, etc. | @@ -96,7 +96,7 @@ find /var/www/html -type f -exec chmod 640 {} \; - Admin panel: 10 requests/minute (burst: 5) **Protected Paths:** -- `/database/` - Database files (403) +- `/storage/` - Database files (403) - `/shared/` - PHP libraries (403) - `/data/` - Upload directories (403) - `*.db` files - Database files (403) @@ -174,7 +174,7 @@ curl -I http://localhost/ # Should: 200 OK curl -I http://localhost/formulaire/ # Should: 401 Unauthorized # Test security -curl -I http://localhost/database/posterg.db # Should: 403 Forbidden +curl -I http://localhost/storage/posterg.db # Should: 403 Forbidden curl -I http://localhost/README.md # Should: 403 Forbidden curl -I http://localhost/shared/Database.php # Should: 403 Forbidden ``` @@ -345,7 +345,7 @@ ssh posterg "cd /var/www/html && sed -i \"s|__DIR__ . '/../../shared/|__DIR__ . - **Deployment Issues:** Check logs first - **Nginx Config:** `/etc/nginx/sites-available/posterg` - **PHP Config:** `/etc/php/8.4/fpm/pool.d/www.conf` -- **Database:** `/var/www/html/database/posterg.db` +- **Database:** `/var/www/html/storage/posterg.db` --- diff --git a/nginx/DEPLOY_NOW.md b/nginx/DEPLOY_NOW.md index 310a98d..194b97f 100644 --- a/nginx/DEPLOY_NOW.md +++ b/nginx/DEPLOY_NOW.md @@ -80,7 +80,7 @@ The new configuration adds: ✅ **File Protection** - Database files (`.db`) → 403 Forbidden - Sensitive files (`.md`, `.sql`, `.txt`) → 403 Forbidden -- `/database/` directory → 403 Forbidden +- `/storage/` directory → 403 Forbidden - `/shared/` directory → 403 Forbidden - `/data/` directory → 403 Forbidden - Hidden files (`.git`, `.env`) → 403 Forbidden @@ -119,7 +119,7 @@ curl http://localhost/index.php | head -n 20 curl -I http://localhost/formulaire/ # Database should be blocked (403) -curl -I http://localhost/database/posterg.db +curl -I http://localhost/storage/posterg.db # Sensitive files should be blocked (403) curl -I http://localhost/README.md diff --git a/nginx/PRODUCTION_DEPLOYMENT.md b/nginx/PRODUCTION_DEPLOYMENT.md index 9771c0b..6017072 100644 --- a/nginx/PRODUCTION_DEPLOYMENT.md +++ b/nginx/PRODUCTION_DEPLOYMENT.md @@ -88,8 +88,8 @@ sudo chmod 775 /var/www/html/formulaire/data/theses sudo chmod 775 /var/www/html/formulaire/data/covers # Protect database -sudo chmod 640 /var/www/html/database/posterg.db -sudo chown www-data:posterg /var/www/html/database/posterg.db +sudo chmod 640 /var/www/html/storage/posterg.db +sudo chown www-data:posterg /var/www/html/storage/posterg.db ``` ### Step 2: Deploy Nginx Config @@ -148,7 +148,7 @@ curl -u admin:your_password http://localhost/formulaire/ ```bash # These should all return 403 Forbidden -curl -I http://localhost/database/posterg.db +curl -I http://localhost/storage/posterg.db curl -I http://localhost/README.md curl -I http://localhost/shared/Database.php curl -I http://localhost/.git/config @@ -217,9 +217,9 @@ ls -la /etc/nginx/.htpasswd-posterg **Fix database permissions:** ```bash -sudo chown www-data:posterg /var/www/html/database/posterg.db -sudo chmod 640 /var/www/html/database/posterg.db -sudo chmod 755 /var/www/html/database/ +sudo chown www-data:posterg /var/www/html/storage/posterg.db +sudo chmod 640 /var/www/html/storage/posterg.db +sudo chmod 755 /var/www/html/storage/ ``` ### Can't Write Uploaded Files diff --git a/nginx/QUICK_REFERENCE.md b/nginx/QUICK_REFERENCE.md index 6a93ca6..d94689a 100644 --- a/nginx/QUICK_REFERENCE.md +++ b/nginx/QUICK_REFERENCE.md @@ -122,7 +122,7 @@ done ```bash # Should return 403 -curl -I https://posterg.erg.be/database/posterg.db +curl -I https://posterg.erg.be/storage/posterg.db curl -I https://posterg.erg.be/shared/Database.php curl -I https://posterg.erg.be/.env ``` @@ -217,7 +217,7 @@ sudo cp /etc/nginx/.htpasswd-posterg /etc/nginx/.htpasswd-posterg.backup.$(date - [ ] Admin password set: `sudo ls -l /etc/nginx/.htpasswd-posterg` - [ ] SSL enabled: `curl -I https://posterg.erg.be/` -- [ ] Database blocked: `curl -I https://posterg.erg.be/database/posterg.db` +- [ ] Database blocked: `curl -I https://posterg.erg.be/storage/posterg.db` - [ ] Shared directory blocked: `curl -I https://posterg.erg.be/shared/Database.php` - [ ] Rate limiting working: Test with curl loop - [ ] Security headers present: `curl -I https://posterg.erg.be/ | grep X-` diff --git a/nginx/README.md b/nginx/README.md index b992b47..33af608 100644 --- a/nginx/README.md +++ b/nginx/README.md @@ -95,7 +95,7 @@ Test your configuration: curl -I https://posterg.erg.be/formulaire/ # Test file protection -curl -I https://posterg.erg.be/database/posterg.db +curl -I https://posterg.erg.be/storage/posterg.db # Test security headers curl -I https://posterg.erg.be/ | grep -E "X-|Strict-Transport" diff --git a/nginx/SETUP.md b/nginx/SETUP.md index 27aaac2..72c40c6 100644 --- a/nginx/SETUP.md +++ b/nginx/SETUP.md @@ -150,8 +150,8 @@ sudo chmod 775 /var/www/html/formulaire/data/theses sudo chmod 775 /var/www/html/formulaire/data/covers # Protect database -sudo chmod 600 /var/www/html/database/posterg.db -sudo chown www-data:www-data /var/www/html/database/posterg.db +sudo chmod 600 /var/www/html/storage/posterg.db +sudo chown www-data:www-data /var/www/html/storage/posterg.db ``` ## Security Features Implemented @@ -216,7 +216,7 @@ for i in {1..50}; do curl -I https://posterg.erg.be/ 2>&1 | grep HTTP; done ```bash # Should return 403 Forbidden -curl -I https://posterg.erg.be/database/posterg.db +curl -I https://posterg.erg.be/storage/posterg.db curl -I https://posterg.erg.be/shared/Database.php curl -I https://posterg.erg.be/README.md ``` diff --git a/nginx/TEST_DATABASE_SETUP.md b/nginx/TEST_DATABASE_SETUP.md index da9f711..427e2f5 100644 --- a/nginx/TEST_DATABASE_SETUP.md +++ b/nginx/TEST_DATABASE_SETUP.md @@ -11,7 +11,7 @@ just test-deploy ``` This automatically: -1. ✅ Creates `/var/www/html/database/` directory +1. ✅ Creates `/var/www/html/storage/` directory 2. ✅ Uploads `test.db` to the server 3. ✅ Sets correct group ownership (`posterg`) 4. ✅ Sets correct permissions (775 for dir, 660 for file) @@ -100,8 +100,8 @@ php -r "require_once '/var/www/html/shared/Database.php'; echo 'Using: ' . Datab ``` Output will be: -- `/var/www/html/database/test.db` (test mode) -- `/var/www/html/database/posterg.db` (production mode) +- `/var/www/html/storage/test.db` (test mode) +- `/var/www/html/storage/posterg.db` (production mode) ### 5. Switch Back to Production @@ -109,7 +109,7 @@ Simply remove the test database: ```bash ssh posterg -rm /var/www/html/database/test.db +rm /var/www/html/storage/test.db ``` The site automatically switches to production database. @@ -121,7 +121,7 @@ The site automatically switches to production database. ### Directory Permissions ``` -drwxrwxr-x theophile posterg /var/www/html/database/ +drwxrwxr-x theophile posterg /var/www/html/storage/ ``` - **775**: Owner and group can read/write/execute, others can read/execute @@ -165,11 +165,11 @@ sudo systemctl restart php8.4-fpm ```bash ssh posterg # Fix group ownership -chgrp posterg /var/www/html/database /var/www/html/database/test.db +chgrp posterg /var/www/html/database /var/www/html/storage/test.db # Fix permissions chmod 775 /var/www/html/database -chmod 660 /var/www/html/database/test.db +chmod 660 /var/www/html/storage/test.db ``` ### "SQLSTATE[HY000]: General error: 8 attempt to write a readonly database" @@ -185,9 +185,9 @@ chmod 775 /var/www/html/database **Clear SQLite cache:** ```bash ssh posterg -rm -f /var/www/html/database/test.db-journal -rm -f /var/www/html/database/test.db-shm -rm -f /var/www/html/database/test.db-wal +rm -f /var/www/html/storage/test.db-journal +rm -f /var/www/html/storage/test.db-shm +rm -f /var/www/html/storage/test.db-wal ``` Then redeploy: @@ -239,7 +239,7 @@ just test-deploy ```bash ssh posterg -sqlite3 /var/www/html/database/test.db +sqlite3 /var/www/html/storage/test.db # ... make changes ... ``` @@ -281,7 +281,7 @@ Before deploying test database, backup production if needed: ```bash ssh posterg -cp /var/www/html/database/posterg.db /var/www/html/database/posterg.db.backup.$(date +%Y%m%d) +cp /var/www/html/storage/posterg.db /var/www/html/storage/posterg.db.backup.$(date +%Y%m%d) ``` --- @@ -325,7 +325,7 @@ cp /var/www/html/database/posterg.db /var/www/html/database/posterg.db.backup.$( After running `just test-deploy`, verify: -- [ ] Database file exists: `ssh posterg "ls -la /var/www/html/database/test.db"` +- [ ] Database file exists: `ssh posterg "ls -la /var/www/html/storage/test.db"` - [ ] Correct permissions: `-rw-rw---- theophile posterg` - [ ] Directory writable: `drwxrwxr-x theophile posterg` - [ ] Site loads: Visit https://posterg.erg.be/ @@ -346,7 +346,7 @@ When working correctly: To switch back to production, just: ```bash -ssh posterg "rm /var/www/html/database/test.db" +ssh posterg "rm /var/www/html/storage/test.db" ``` Site automatically uses `posterg.db` again! 🚀 diff --git a/nginx/deploy-production-new.sh b/nginx/deploy-production-new.sh index 75e7d8d..314ec28 100755 --- a/nginx/deploy-production-new.sh +++ b/nginx/deploy-production-new.sh @@ -42,9 +42,9 @@ if [ -d "/var/www/posterg/database" ]; then fi # Fix database file permissions -if [ -f "/var/www/posterg/database/test.db" ]; then - chmod 660 /var/www/posterg/database/test.db - chown www-data:posterg /var/www/posterg/database/test.db +if [ -f "/var/www/posterg/storage/test.db" ]; then + chmod 660 /var/www/posterg/storage/test.db + chown www-data:posterg /var/www/posterg/storage/test.db echo "✓ Fixed database file permissions (660)" fi @@ -102,4 +102,4 @@ echo "" echo "After reload, verify:" echo " • https://posterg.erg.be/" echo " • https://posterg.erg.be/admin/" -echo " • https://posterg.erg.be/database/test.db (should 404)" +echo " • https://posterg.erg.be/storage/test.db (should 404)" diff --git a/nginx/deploy-production.sh b/nginx/deploy-production.sh index 561a7c9..8328718 100755 --- a/nginx/deploy-production.sh +++ b/nginx/deploy-production.sh @@ -42,9 +42,9 @@ if [ -d "/var/www/html/formulaire/data/theses" ]; then fi # Protect database if it exists -if [ -f "/var/www/html/database/posterg.db" ]; then - chmod 660 /var/www/html/database/posterg.db - chown www-data:posterg /var/www/html/database/posterg.db +if [ -f "/var/www/html/storage/posterg.db" ]; then + chmod 660 /var/www/html/storage/posterg.db + chown www-data:posterg /var/www/html/storage/posterg.db echo "✓ Protected database file" fi @@ -174,7 +174,7 @@ echo " • Access log: tail -f /var/log/nginx/posterg_access.log" echo " • Error log: tail -f /var/log/nginx/posterg_error.log" echo "" echo "🔒 Security Checks:" -echo " • Database blocked: curl -I http://localhost/database/posterg.db" +echo " • Database blocked: curl -I http://localhost/storage/posterg.db" echo " • MD files blocked: curl -I http://localhost/README.md" echo " • Shared blocked: curl -I http://localhost/shared/Database.php" echo "" diff --git a/scripts/deploy-production.sh b/scripts/deploy-production.sh index 0a5b6aa..83df651 100644 --- a/scripts/deploy-production.sh +++ b/scripts/deploy-production.sh @@ -42,9 +42,9 @@ if [ -d "/var/www/html/formulaire/data/theses" ]; then fi # Protect database if it exists -if [ -f "/var/www/html/database/posterg.db" ]; then - chmod 660 /var/www/html/database/posterg.db - chown www-data:posterg /var/www/html/database/posterg.db +if [ -f "/var/www/html/storage/posterg.db" ]; then + chmod 660 /var/www/html/storage/posterg.db + chown www-data:posterg /var/www/html/storage/posterg.db echo "✓ Protected database file" fi @@ -174,7 +174,7 @@ echo " • Access log: tail -f /var/log/nginx/posterg_access.log" echo " • Error log: tail -f /var/log/nginx/posterg_error.log" echo "" echo "🔒 Security Checks:" -echo " • Database blocked: curl -I http://localhost/database/posterg.db" +echo " • Database blocked: curl -I http://localhost/storage/posterg.db" echo " • MD files blocked: curl -I http://localhost/README.md" echo " • Shared blocked: curl -I http://localhost/shared/Database.php" echo "" diff --git a/scripts/migrate-structure.sh b/scripts/migrate-structure.sh index 3e4fc99..af3d8bc 100755 --- a/scripts/migrate-structure.sh +++ b/scripts/migrate-structure.sh @@ -164,6 +164,6 @@ echo " admin/ - Admin panel" echo " lib/ - Shared libraries" echo " assets/ - Static files" echo " inc/ - Templates" -echo " database/ - Database files" +echo " storage/ - Database files" echo " vendor/ - Third-party (gitignored)" echo "" diff --git a/scripts/setup-dev.sh b/scripts/setup-dev.sh index 8f5d6dd..bff8d8a 100755 --- a/scripts/setup-dev.sh +++ b/scripts/setup-dev.sh @@ -35,10 +35,10 @@ else fi # Create test database if needed -if [ ! -f "database/test.db" ]; then +if [ ! -f "storage/test.db" ]; then echo "" echo "📊 Creating test database..." - sqlite3 database/test.db < database/schema.sql + sqlite3 storage/test.db < storage/schema.sql echo "✓ Created test database" fi diff --git a/src/cache/rate_limit/ad921d60486366258809553a3db49a4a.json b/src/cache/rate_limit/ad921d60486366258809553a3db49a4a.json index fe2ae9f..27f9126 100644 --- a/src/cache/rate_limit/ad921d60486366258809553a3db49a4a.json +++ b/src/cache/rate_limit/ad921d60486366258809553a3db49a4a.json @@ -1 +1 @@ -[1770894664] \ No newline at end of file +[1770894771] \ No newline at end of file diff --git a/src/config.php b/src/config.php index 12e9e6a..70fbda4 100644 --- a/src/config.php +++ b/src/config.php @@ -9,10 +9,10 @@ define('DB_ROOT', __DIR__ . '/..'); // Test database (used in development) -define('DB_TEST_PATH', DB_ROOT . '/database/test.db'); +define('DB_TEST_PATH', DB_ROOT . '/storage/test.db'); // Production database (used on server) -define('DB_PROD_PATH', DB_ROOT . '/database/posterg.db'); +define('DB_PROD_PATH', DB_ROOT . '/storage/posterg.db'); /** * Determine which database to use diff --git a/database/Database_TFE_test.csv b/storage/Database_TFE_test.csv similarity index 100% rename from database/Database_TFE_test.csv rename to storage/Database_TFE_test.csv diff --git a/database/README.md b/storage/README.md similarity index 100% rename from database/README.md rename to storage/README.md diff --git a/database/docs/DATABASE_SPECIFICATION.md b/storage/docs/DATABASE_SPECIFICATION.md similarity index 100% rename from database/docs/DATABASE_SPECIFICATION.md rename to storage/docs/DATABASE_SPECIFICATION.md diff --git a/database/docs/QUICK_SCHEMA_REFERENCE.md b/storage/docs/QUICK_SCHEMA_REFERENCE.md similarity index 100% rename from database/docs/QUICK_SCHEMA_REFERENCE.md rename to storage/docs/QUICK_SCHEMA_REFERENCE.md diff --git a/database/docs/SETUP.md b/storage/docs/SETUP.md similarity index 100% rename from database/docs/SETUP.md rename to storage/docs/SETUP.md diff --git a/database/docs/posterg_fiche-technique.md b/storage/docs/posterg_fiche-technique.md similarity index 100% rename from database/docs/posterg_fiche-technique.md rename to storage/docs/posterg_fiche-technique.md diff --git a/database/fixtures/CreateTestDatabase.php b/storage/fixtures/CreateTestDatabase.php similarity index 100% rename from database/fixtures/CreateTestDatabase.php rename to storage/fixtures/CreateTestDatabase.php diff --git a/database/posterg.db b/storage/posterg.db similarity index 100% rename from database/posterg.db rename to storage/posterg.db diff --git a/database/schema.sql b/storage/schema.sql similarity index 100% rename from database/schema.sql rename to storage/schema.sql diff --git a/database/test.db b/storage/test.db similarity index 100% rename from database/test.db rename to storage/test.db diff --git a/tests/README.md b/tests/README.md index 41d4e22..05ce1e6 100644 --- a/tests/README.md +++ b/tests/README.md @@ -225,7 +225,7 @@ php tests/run-tests.php ## 📚 Related Documentation -- [Database Specification](../database/DATABASE_SPECIFICATION.md) +- [Database Specification](../storage/DATABASE_SPECIFICATION.md) - [Security Documentation](../docs/SECURITY.md) - [Development Guide](../MIGRATION_GUIDE.md)