From 43c3416625c4808f0ab049bfa6bd3afc1cc06a24 Mon Sep 17 00:00:00 2001 From: TomTomGames Date: Sun, 10 May 2026 14:50:05 -0500 Subject: [PATCH] v1.0.1 - Referral system, dynamic payments, full audit log, UI improvements --- .gitignore | 25 +++++- README.md | 194 ++++++-------------------------------------- includes/config.php | 68 ++++++++++++++++ 3 files changed, 115 insertions(+), 172 deletions(-) create mode 100644 includes/config.php diff --git a/.gitignore b/.gitignore index 52e3ca9..dffcb77 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,24 @@ -includes/config.php -public_html/create_admin.php -*.log +# OS .DS_Store Thumbs.db + +# Build artifacts +*.zip + +# Test/debug files (never commit these) +public_html/test*.php +public_html/test_login.php +public_html/sgtest.php + +# PHP vendor (too large, install via composer) +vendor/ + +# Sensitive - config has real keys, never commit to public repo +# includes/config.php # Keep commented - it IS committed (private repo only) + +# Logs +*.log + +# Editor +.vscode/ +.idea/ diff --git a/README.md b/README.md index 583dca6..b649688 100644 --- a/README.md +++ b/README.md @@ -1,175 +1,31 @@ -# 🎰 TomGames Platform — Setup Guide +# TomTomGames Platform -## Files Overview +Private gaming portal platform. Built on PHP/MySQL with LiteSpeed/CyberPanel hosting. + +## Stack +- **Backend:** PHP 8.5, MySQL (CyberPanel/LiteSpeed) +- **Payments:** Square SDK (card) + manual (Venmo/Zelle/CashApp/Chime) +- **Email:** SendGrid HTTP API +- **Frontend:** Vanilla JS SPA + +## Structure ``` -tomgames/ -├── includes/ -│ ├── config.php ← ⚠️ EDIT THIS FIRST -│ ├── db.php ← Auto-creates tables -│ ├── auth.php ← Login/register helpers -│ └── square.php ← Square payment API -└── public_html/ - ├── index.php ← Main mobile app - ├── .htaccess ← Security rules - ├── create_admin.php ← Run once, then DELETE - └── api/ - ├── login.php - ├── logout.php - ├── register.php - ├── me.php - ├── purchase.php - ├── cashout.php - └── admin.php - └── admin/ - ├── index.php ← Admin dashboard - └── login.php ← Admin login +includes/ PHP shared includes (config, db, auth, mailer, square) +public_html/ Web root + api/ REST API endpoints + admin/ Admin panel + assets/ Static assets ``` ---- +## Versioning +Each build increments via `bump_version.php` on the live server. +The `app_version` DB table tracks all versions. Footer shows current version. -## STEP 1 — Get Your Square Credentials +## Version History +| Version | Date | Notes | +|---------|------|-------| +| 1.0.0 | 2026-05-08 | Initial release | +| 1.0.1 | 2026-05-10 | Referral system, dynamic payments, full audit log | -1. Go to https://developer.squareup.com -2. Log in with your Square merchant account -3. Click **"My Apps"** → **"Create an App"** (name it TomGames) -4. From the app dashboard, copy: - - **Application ID** (starts with `sq0idp-`) - - **Access Token** (starts with `EAAAl` for production) - - **Location ID** (under Locations tab) - -> For testing first, use the **Sandbox** tab — keys start with `sandbox-sq0idp-` - ---- - -## STEP 2 — Create MySQL Database in cPanel - -1. Log into cPanel → **MySQL Databases** -2. Create database: `tomgames_db` -3. Create user: `tomgames_user` with a strong password -4. Add user to database with **ALL PRIVILEGES** -5. Note your password — you'll need it in Step 3 - ---- - -## STEP 3 — Edit config.php - -Open `includes/config.php` and fill in: - -```php -define('DB_PASS', 'YOUR_DATABASE_PASSWORD'); - -define('SQUARE_APP_ID', 'sq0idp-YOUR_APP_ID'); -define('SQUARE_ACCESS_TOKEN', 'EAAAl-YOUR_TOKEN'); -define('SQUARE_LOCATION_ID', 'YOUR_LOCATION_ID'); -define('SQUARE_ENV', 'production'); // or 'sandbox' for testing - -define('SITE_URL', 'https://yourdomain.com'); -define('ADMIN_EMAIL', 'your@email.com'); -``` - ---- - -## STEP 4 — Upload Files via FTP - -**FTP Details:** -- Host: `fiber18-r.iaasdns.com` -- Username: `tomgames` -- Password: *(your FTP password)* -- Port: `21` - -**Upload structure:** -``` -Upload includes/ folder → one level ABOVE public_html -Upload public_html/* content → INTO your server's public_html/ -``` - -So your server should look like: -``` -/home/tomgames/ -├── includes/ ← outside web root (secure!) -└── public_html/ - ├── index.php - ├── .htaccess - ├── api/ - └── admin/ -``` - -> ⚠️ The `includes/` folder must be OUTSIDE `public_html` so it can't be accessed via browser. - ---- - -## STEP 5 — Create Admin Account - -1. In your browser, go to: `https://yourdomain.com/create_admin.php` -2. Enter secret key: `TomGames2024Admin` -3. Enter your desired admin username and password -4. Click **Create Admin** -5. ✅ **Immediately delete** `create_admin.php` from your server via FTP! - ---- - -## STEP 6 — Test Everything - -1. Visit `https://yourdomain.com` — you should see the login screen -2. Register a test user account -3. Try buying tokens (use Square sandbox first) -4. Submit a cashout request -5. Log into admin at `https://yourdomain.com/admin/` and approve it - ---- - -## Payment Methods - -| Method | How it works | -|--------|-------------| -| Credit/Debit Card | Square processes in real-time — tokens added immediately | -| Venmo | Manual — user sends payment, you verify and approve tokens via admin | -| Chime | Manual — same as Venmo | -| Cash App | Manual — same as Venmo | - -> For Venmo/Chime/Cash App, users submit the request, you verify the payment in those apps, then go to Admin → Users → Adjust Tokens to credit them. - ---- - -## Admin Panel - -URL: `https://yourdomain.com/admin/` - -| Feature | Description | -|---------|-------------| -| Dashboard | Stats + pending cashout requests | -| Users | View all users, adjust tokens, suspend accounts | -| Cashouts | Approve or reject cashout requests | -| Purchases | View all purchase history | - ---- - -## Security Checklist - -- [ ] Change FTP password after upload -- [ ] Change GitHub password (it was shared in chat) -- [ ] Delete `create_admin.php` from server -- [ ] Set `SQUARE_ENV` to `'production'` when ready -- [ ] Add your domain to Square's allowed domains in the developer dashboard -- [ ] Keep `includes/` folder OUTSIDE of `public_html` - ---- - -## Troubleshooting - -**Blank page or PHP errors:** -- Check that `DB_PASS` in config.php is correct -- Verify database name and user match what you created in cPanel - -**Square payment not working:** -- Confirm `SQUARE_APP_ID` and `SQUARE_LOCATION_ID` match exactly -- Add your domain to Square's Web Payments SDK allowed domains -- Start with `sandbox` mode for testing - -**Can't reach admin panel:** -- Make sure you ran `create_admin.php` and the admin was created -- Go to `/admin/login.php` directly - -**FTP upload issues:** -- Make sure `includes/` lands at `/home/tomgames/includes/` (not inside public_html) -- Upload `public_html/` contents directly INTO your server's `public_html/` +## ⚠️ Private Repository +This repo contains API keys in `includes/config.php`. Keep private at all times. diff --git a/includes/config.php b/includes/config.php new file mode 100644 index 0000000..adee4af --- /dev/null +++ b/includes/config.php @@ -0,0 +1,68 @@ + 5, 'price' => 5, 'label' => '5 Tokens', 'popular' => false], + ['tokens' => 10, 'price' => 10, 'label' => '10 Tokens', 'popular' => false], + ['tokens' => 25, 'price' => 25, 'label' => '25 Tokens', 'popular' => false], + ['tokens' => 50, 'price' => 50, 'label' => '50 Tokens', 'popular' => true], + ['tokens' => 75, 'price' => 75, 'label' => '75 Tokens', 'popular' => false], + ['tokens' => 100, 'price' => 100, 'label' => '100 Tokens', 'popular' => false], +])); + +// ─── Gaming Platforms ───────────────────────────────────── +define('PLATFORMS', json_encode([ + ['id' => 'vblink777', 'name' => 'VBlink 777', 'url' => 'https://www.vblink777.club', 'color' => '#FF6B35'], + ['id' => 'milkyway', 'name' => 'Milky Way', 'url' => 'https://play.milkywayapp.xyz/webgo/milkyway777/index.html', 'color' => '#7B2FBE'], + ['id' => 'firekirin', 'name' => 'Fire Kirin', 'url' => 'https://play.firekirin.in/web_mobile/firekirin/', 'color' => '#E63946'], + ['id' => 'egame99', 'name' => 'eGame99', 'url' => 'https://egame99.club', 'color' => '#2EC4B6'], + ['id' => 'ultrapanda', 'name' => 'Ultra Panda', 'url' => 'https://www.ultrapanda.club', 'color' => '#F4A261'], + ['id' => 'pandamaster', 'name' => 'Panda Master', 'url' => 'https://pandamaster.vip:8888', 'color' => '#457B9D'], + ['id' => 'noble777', 'name' => 'Noble 777', 'url' => 'https://product.noble777.com', 'color' => '#FFD700'], +])); + +error_reporting(0); +ini_set('display_errors', 0); + +if (session_status() === PHP_SESSION_NONE) { + @session_start(); +}