v1.0.1 - Referral system, dynamic payments, full audit log, UI improvements

This commit is contained in:
2026-05-10 14:50:05 -05:00
parent c70027f8fc
commit 43c3416625
3 changed files with 115 additions and 172 deletions
+25 -169
View File
@@ -1,175 +1,31 @@
# 🎰 TomGames Platform — Setup Guide
# TomTomGames Platform
## Files Overview
Private gaming portal platform. Built on PHP/MySQL with LiteSpeed/CyberPanel hosting.
## Stack
- **Backend:** PHP 8.5, MySQL (CyberPanel/LiteSpeed)
- **Payments:** Square SDK (card) + manual (Venmo/Zelle/CashApp/Chime)
- **Email:** SendGrid HTTP API
- **Frontend:** Vanilla JS SPA
## Structure
```
tomgames/
├── includes/
│ ├── config.php ← ⚠️ EDIT THIS FIRST
│ ├── db.php ← Auto-creates tables
│ ├── auth.php ← Login/register helpers
│ └── square.php ← Square payment API
└── public_html/
├── index.php ← Main mobile app
├── .htaccess ← Security rules
├── create_admin.php ← Run once, then DELETE
└── api/
├── login.php
├── logout.php
├── register.php
├── me.php
├── purchase.php
├── cashout.php
└── admin.php
└── admin/
├── index.php ← Admin dashboard
└── login.php ← Admin login
includes/ PHP shared includes (config, db, auth, mailer, square)
public_html/ Web root
api/ REST API endpoints
admin/ Admin panel
assets/ Static assets
```
---
## Versioning
Each build increments via `bump_version.php` on the live server.
The `app_version` DB table tracks all versions. Footer shows current version.
## STEP 1 — Get Your Square Credentials
## Version History
| Version | Date | Notes |
|---------|------|-------|
| 1.0.0 | 2026-05-08 | Initial release |
| 1.0.1 | 2026-05-10 | Referral system, dynamic payments, full audit log |
1. Go to https://developer.squareup.com
2. Log in with your Square merchant account
3. Click **"My Apps"** → **"Create an App"** (name it TomGames)
4. From the app dashboard, copy:
- **Application ID** (starts with `sq0idp-`)
- **Access Token** (starts with `EAAAl` for production)
- **Location ID** (under Locations tab)
> For testing first, use the **Sandbox** tab — keys start with `sandbox-sq0idp-`
---
## STEP 2 — Create MySQL Database in cPanel
1. Log into cPanel → **MySQL Databases**
2. Create database: `tomgames_db`
3. Create user: `tomgames_user` with a strong password
4. Add user to database with **ALL PRIVILEGES**
5. Note your password — you'll need it in Step 3
---
## STEP 3 — Edit config.php
Open `includes/config.php` and fill in:
```php
define('DB_PASS', 'YOUR_DATABASE_PASSWORD');
define('SQUARE_APP_ID', 'sq0idp-YOUR_APP_ID');
define('SQUARE_ACCESS_TOKEN', 'EAAAl-YOUR_TOKEN');
define('SQUARE_LOCATION_ID', 'YOUR_LOCATION_ID');
define('SQUARE_ENV', 'production'); // or 'sandbox' for testing
define('SITE_URL', 'https://yourdomain.com');
define('ADMIN_EMAIL', 'your@email.com');
```
---
## STEP 4 — Upload Files via FTP
**FTP Details:**
- Host: `fiber18-r.iaasdns.com`
- Username: `tomgames`
- Password: *(your FTP password)*
- Port: `21`
**Upload structure:**
```
Upload includes/ folder → one level ABOVE public_html
Upload public_html/* content → INTO your server's public_html/
```
So your server should look like:
```
/home/tomgames/
├── includes/ ← outside web root (secure!)
└── public_html/
├── index.php
├── .htaccess
├── api/
└── admin/
```
> ⚠️ The `includes/` folder must be OUTSIDE `public_html` so it can't be accessed via browser.
---
## STEP 5 — Create Admin Account
1. In your browser, go to: `https://yourdomain.com/create_admin.php`
2. Enter secret key: `TomGames2024Admin`
3. Enter your desired admin username and password
4. Click **Create Admin**
5.**Immediately delete** `create_admin.php` from your server via FTP!
---
## STEP 6 — Test Everything
1. Visit `https://yourdomain.com` — you should see the login screen
2. Register a test user account
3. Try buying tokens (use Square sandbox first)
4. Submit a cashout request
5. Log into admin at `https://yourdomain.com/admin/` and approve it
---
## Payment Methods
| Method | How it works |
|--------|-------------|
| Credit/Debit Card | Square processes in real-time — tokens added immediately |
| Venmo | Manual — user sends payment, you verify and approve tokens via admin |
| Chime | Manual — same as Venmo |
| Cash App | Manual — same as Venmo |
> For Venmo/Chime/Cash App, users submit the request, you verify the payment in those apps, then go to Admin → Users → Adjust Tokens to credit them.
---
## Admin Panel
URL: `https://yourdomain.com/admin/`
| Feature | Description |
|---------|-------------|
| Dashboard | Stats + pending cashout requests |
| Users | View all users, adjust tokens, suspend accounts |
| Cashouts | Approve or reject cashout requests |
| Purchases | View all purchase history |
---
## Security Checklist
- [ ] Change FTP password after upload
- [ ] Change GitHub password (it was shared in chat)
- [ ] Delete `create_admin.php` from server
- [ ] Set `SQUARE_ENV` to `'production'` when ready
- [ ] Add your domain to Square's allowed domains in the developer dashboard
- [ ] Keep `includes/` folder OUTSIDE of `public_html`
---
## Troubleshooting
**Blank page or PHP errors:**
- Check that `DB_PASS` in config.php is correct
- Verify database name and user match what you created in cPanel
**Square payment not working:**
- Confirm `SQUARE_APP_ID` and `SQUARE_LOCATION_ID` match exactly
- Add your domain to Square's Web Payments SDK allowed domains
- Start with `sandbox` mode for testing
**Can't reach admin panel:**
- Make sure you ran `create_admin.php` and the admin was created
- Go to `/admin/login.php` directly
**FTP upload issues:**
- Make sure `includes/` lands at `/home/tomgames/includes/` (not inside public_html)
- Upload `public_html/` contents directly INTO your server's `public_html/`
## ⚠️ Private Repository
This repo contains API keys in `includes/config.php`. Keep private at all times.