myron/tomtomgames-app
1
0
Fork 0
mirror of https://github.com/myronblair/tomtomgames-app synced 2026-06-30 17:49:57 -05:00
Code Issues Packages Projects Releases Wiki Activity

v1.0.1 - Referral system, dynamic payments, full audit log, UI improvements

Browse Source
This commit is contained in:
TomTomGames
2026-05-10 14:50:05 -05:00
parent c70027f8fc
commit 43c3416625
3 changed files with 115 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+22 -3
View File
@@ -1,5 +1,24 @@
includes/config.php
public_html/create_admin.php
*.log
# OS
.DS_Store
Thumbs.db
# Build artifacts
*.zip
# Test/debug files (never commit these)
public_html/test*.php
public_html/test_login.php
public_html/sgtest.php
# PHP vendor (too large, install via composer)
vendor/
# Sensitive - config has real keys, never commit to public repo
# includes/config.php # Keep commented - it IS committed (private repo only)
# Logs
*.log
# Editor
.vscode/
.idea/
README.md
+25 -169
View File
@@ -1,175 +1,31 @@
# 🎰 TomGames Platform — Setup Guide
# TomTomGames Platform
## Files Overview
Private gaming portal platform. Built on PHP/MySQL with LiteSpeed/CyberPanel hosting.
## Stack
- **Backend:** PHP 8.5, MySQL (CyberPanel/LiteSpeed)
- **Payments:** Square SDK (card) + manual (Venmo/Zelle/CashApp/Chime)
- **Email:** SendGrid HTTP API
- **Frontend:** Vanilla JS SPA
## Structure
```
tomgames/
├── includes/
│ ├── config.php ← ⚠️ EDIT THIS FIRST
│ ├── db.php ← Auto-creates tables
│ ├── auth.php ← Login/register helpers
│ └── square.php ← Square payment API
└── public_html/
├── index.php ← Main mobile app
├── .htaccess ← Security rules
├── create_admin.php ← Run once, then DELETE
└── api/
├── login.php
├── logout.php
├── register.php
├── me.php
├── purchase.php
├── cashout.php
└── admin.php
└── admin/
├── index.php ← Admin dashboard
└── login.php ← Admin login
includes/ PHP shared includes (config, db, auth, mailer, square)
public_html/ Web root
api/ REST API endpoints
admin/ Admin panel
assets/ Static assets
```
---
## Versioning
Each build increments via `bump_version.php` on the live server.
The `app_version` DB table tracks all versions. Footer shows current version.
## STEP 1 — Get Your Square Credentials
## Version History
| Version | Date | Notes |
|---------|------|-------|
| 1.0.0 | 2026-05-08 | Initial release |
| 1.0.1 | 2026-05-10 | Referral system, dynamic payments, full audit log |
1. Go to https://developer.squareup.com
2. Log in with your Square merchant account
3. Click **"My Apps"** → **"Create an App"** (name it TomGames)
4. From the app dashboard, copy:
- **Application ID** (starts with `sq0idp-`)
- **Access Token** (starts with `EAAAl` for production)
- **Location ID** (under Locations tab)
> For testing first, use the **Sandbox** tab — keys start with `sandbox-sq0idp-`
---
## STEP 2 — Create MySQL Database in cPanel
1. Log into cPanel → **MySQL Databases**
2. Create database: `tomgames_db`
3. Create user: `tomgames_user` with a strong password
4. Add user to database with **ALL PRIVILEGES**
5. Note your password — you'll need it in Step 3
---
## STEP 3 — Edit config.php
Open `includes/config.php` and fill in:
```php
define('DB_PASS', 'YOUR_DATABASE_PASSWORD');
define('SQUARE_APP_ID', 'sq0idp-YOUR_APP_ID');
define('SQUARE_ACCESS_TOKEN', 'EAAAl-YOUR_TOKEN');
define('SQUARE_LOCATION_ID', 'YOUR_LOCATION_ID');
define('SQUARE_ENV', 'production'); // or 'sandbox' for testing
define('SITE_URL', 'https://yourdomain.com');
define('ADMIN_EMAIL', 'your@email.com');
```
---
## STEP 4 — Upload Files via FTP
**FTP Details:**
- Host: `fiber18-r.iaasdns.com`
- Username: `tomgames`
- Password: *(your FTP password)*
- Port: `21`
**Upload structure:**
```
Upload includes/ folder → one level ABOVE public_html
Upload public_html/* content → INTO your server's public_html/
```
So your server should look like:
```
/home/tomgames/
├── includes/ ← outside web root (secure!)
└── public_html/
├── index.php
├── .htaccess
├── api/
└── admin/
```
> ⚠️ The `includes/` folder must be OUTSIDE `public_html` so it can't be accessed via browser.
---
## STEP 5 — Create Admin Account
1. In your browser, go to: `https://yourdomain.com/create_admin.php`
2. Enter secret key: `TomGames2024Admin`
3. Enter your desired admin username and password
4. Click **Create Admin**
5.**Immediately delete** `create_admin.php` from your server via FTP!
---
## STEP 6 — Test Everything
1. Visit `https://yourdomain.com` — you should see the login screen
2. Register a test user account
3. Try buying tokens (use Square sandbox first)
4. Submit a cashout request
5. Log into admin at `https://yourdomain.com/admin/` and approve it
---
## Payment Methods
| Method | How it works |
|--------|-------------|
| Credit/Debit Card | Square processes in real-time — tokens added immediately |
| Venmo | Manual — user sends payment, you verify and approve tokens via admin |
| Chime | Manual — same as Venmo |
| Cash App | Manual — same as Venmo |
> For Venmo/Chime/Cash App, users submit the request, you verify the payment in those apps, then go to Admin → Users → Adjust Tokens to credit them.
---
## Admin Panel
URL: `https://yourdomain.com/admin/`
| Feature | Description |
|---------|-------------|
| Dashboard | Stats + pending cashout requests |
| Users | View all users, adjust tokens, suspend accounts |
| Cashouts | Approve or reject cashout requests |
| Purchases | View all purchase history |
---
## Security Checklist
- [ ] Change FTP password after upload
- [ ] Change GitHub password (it was shared in chat)
- [ ] Delete `create_admin.php` from server
- [ ] Set `SQUARE_ENV` to `'production'` when ready
- [ ] Add your domain to Square's allowed domains in the developer dashboard
- [ ] Keep `includes/` folder OUTSIDE of `public_html`
---
## Troubleshooting
**Blank page or PHP errors:**
- Check that `DB_PASS` in config.php is correct
- Verify database name and user match what you created in cPanel
**Square payment not working:**
- Confirm `SQUARE_APP_ID` and `SQUARE_LOCATION_ID` match exactly
- Add your domain to Square's Web Payments SDK allowed domains
- Start with `sandbox` mode for testing
**Can't reach admin panel:**
- Make sure you ran `create_admin.php` and the admin was created
- Go to `/admin/login.php` directly
**FTP upload issues:**
- Make sure `includes/` lands at `/home/tomgames/includes/` (not inside public_html)
- Upload `public_html/` contents directly INTO your server's `public_html/`
## ⚠️ Private Repository
This repo contains API keys in `includes/config.php`. Keep private at all times.
includes/config.php
+68
View File
@@ -0,0 +1,68 @@
<?php
// ============================================================
// TomTomGames — Configuration (fully embedded)
// ============================================================
// ─── Database ─────────────────────────────────────────────
define('DB_HOST', 'localhost');
define('DB_NAME', 'tomt_tomgames');
define('DB_USER', 'tomt_tomgames');
define('DB_PASS', 'It0Dmy2BlHP8GP1E');
// ─── Square ───────────────────────────────────────────────
define('SQUARE_ENV', 'production');
define('SQUARE_APP_ID', 'sq0idp-dDlIA_J_-EmtWCDraB4atA');
define('SQUARE_ACCESS_TOKEN', 'EAAAl1ECweOVgNiwhC2SuA56QFjlfRLkYxo4xe4r2fMLvqwLT0IKGUZNNOYy1NXn');
define('SQUARE_LOCATION_ID', 'LMXTF88841SBY');
// ─── Master Admin (locked — can never lose admin or be deleted) ───
define('MASTER_ADMIN_ID', 1); // User ID 1 is always admin, cannot be changed
// ─── Site ─────────────────────────────────────────────────
define('SITE_NAME', 'TomTomGames');
define('SITE_URL', 'https://tomtomgames.com');
// ─── Email ────────────────────────────────────────────────
define('MAIL_FROM', 'noreply@tomtomgames.com');
define('MAIL_FROM_NAME', 'TomTomGames');
// ─── Email / SendGrid ──────────────────────────────────────
define('SENDGRID_API_KEY', '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');
define('SMTP_FROM', 'noreply@tomtomgames.com');
define('SMTP_FROM_NAME', 'TomTomGames');
define('MAIL_REPLY_TO', 'support@tomtomgames.com');
define('VERIFY_TTL', 86400);
// ─── Manual Payment Handles ───────────────────────────────
define('PAY_VENMO', '@TomGames');
define('PAY_CHIME', 'tomgames@email.com');
define('PAY_CASHAPP', '$TomGames');
define('PAY_ZELLE', 'tomgames@email.com');
// ─── Token Packages ───────────────────────────────────────
define('TOKEN_PACKAGES', json_encode([
['tokens' => 5, 'price' => 5, 'label' => '5 Tokens', 'popular' => false],
['tokens' => 10, 'price' => 10, 'label' => '10 Tokens', 'popular' => false],
['tokens' => 25, 'price' => 25, 'label' => '25 Tokens', 'popular' => false],
['tokens' => 50, 'price' => 50, 'label' => '50 Tokens', 'popular' => true],
['tokens' => 75, 'price' => 75, 'label' => '75 Tokens', 'popular' => false],
['tokens' => 100, 'price' => 100, 'label' => '100 Tokens', 'popular' => false],
]));
// ─── Gaming Platforms ─────────────────────────────────────
define('PLATFORMS', json_encode([
['id' => 'vblink777', 'name' => 'VBlink 777', 'url' => 'https://www.vblink777.club', 'color' => '#FF6B35'],
['id' => 'milkyway', 'name' => 'Milky Way', 'url' => 'https://play.milkywayapp.xyz/webgo/milkyway777/index.html', 'color' => '#7B2FBE'],
['id' => 'firekirin', 'name' => 'Fire Kirin', 'url' => 'https://play.firekirin.in/web_mobile/firekirin/', 'color' => '#E63946'],
['id' => 'egame99', 'name' => 'eGame99', 'url' => 'https://egame99.club', 'color' => '#2EC4B6'],
['id' => 'ultrapanda', 'name' => 'Ultra Panda', 'url' => 'https://www.ultrapanda.club', 'color' => '#F4A261'],
['id' => 'pandamaster', 'name' => 'Panda Master', 'url' => 'https://pandamaster.vip:8888', 'color' => '#457B9D'],
['id' => 'noble777', 'name' => 'Noble 777', 'url' => 'https://product.noble777.com', 'color' => '#FFD700'],
]));
error_reporting(0);
ini_set('display_errors', 0);
if (session_status() === PHP_SESSION_NONE) {
@session_start();
}