changes to codebase

README.md

@@ -1,3 +1,71 @@
+Here are list of changes made to original code base:
+
+# Functionality & Features
+
+- **Multi-file Upload:**  
+  Allows users to upload multiple files at once, which improves efficiency and user experience.
+
+- **File Editing:**  
+  Built-in editing functionality for text-based files enables quick modifications without leaving the interface.
+
+- **Batch Deleting:**  
+  The ability to select multiple files and delete them in one action streamlines file management.
+
+- **Sorting & Filtering:**  
+  Users can sort files by various attributes (name, date modified, uploaded date, size, uploader), making navigation easier.
+
+- **User Management:**  
+  Incorporates secure authentication (with hashed passwords) and admin-only controls for adding new users.
+
+# Security
+
+- **Password Hashing:**  
+  Using PHP's `password_hash()` and `password_verify()` ensures that user credentials are securely stored and verified.
+
+- **Session-based Authentication:**  
+  Leveraging PHP sessions to maintain secure user state across the application.
+
+- **Access Control:**  
+  Admins have extra privileges (such as creating new users), which is properly enforced via session checks and restricted endpoints.
+
+- **Safe File Operations:**  
+  File metadata (including uploader info) is stored securely in JSON, helping avoid direct exposure of sensitive details.
+
+# User Experience & Interface
+
+- **Responsive Design:**  
+  The layout adapts to different screen sizes, ensuring a good experience on both desktop and mobile devices.
+
+- **Dynamic UI Updates:**  
+  Uses modern JavaScript (Fetch API, asynchronous calls) to update the file list and authentication state without full page reloads.
+
+- **Clear Feedback:**  
+  Users receive immediate alerts and visual feedback for actions like login, file upload, and deletion.
+
+# Extensibility & Maintainability
+
+- **Modular Code Structure:**  
+  The project is divided into distinct files (`auth.js`, `upload.js`, `displayFileList.js`, etc.), which makes it easier to manage and extend.
+
+- **Customization Options:**  
+  The codebase is flexible enough to allow the addition of more file types, new features (e.g., versioning, file previews), or integration with other systems.
+
+- **Good Practices Demonstrated:**  
+  The project illustrates the use of best practices in PHP (such as session management and secure password handling) and modern front-end JavaScript, making it a valuable learning resource.
+
+# Deployment & Real-world Use
+
+- **Reverse Proxy Compatibility:**  
+  With proper server configuration and security measures, this project can be deployed behind a reverse proxy, offering an extra layer of security.
+
+- **Real-world Scenario:**  
+  A multi-file uploader with editing and user management is useful in many environments—whether for managing firmware, documents, images, or any files—making this a practical solution.
+
+      
+
+
+
+Original readme:
 # File Uploader
 
 A simple file uploader web app that allows authenticated users to upload, list, and delete files. 
@@ -16,95 +84,6 @@ sudo apt install apache2
 sudo apt install php libapache2-mod-php
 ```
 
-## Installation
-
-  ### Clone 
-   ```
-   git clone https://github.com/sensboston/uploader.git
-   cd uploader
-   ```
-   ### or download this repository
-   ```
-   wget https://github.com/sensboston/uploader/archive/refs/heads/master.zip
-   unzip master.zip -d uploader
-   mv uploader/uploader-master/* uploader/
-   rm -r uploader/uploader-master
-   rm master.zip
-   ```
-
-  ### Configure PHP
-  Note: adjust PHP version in paths
-
-  Ensure the following PHP settings are in your **/etc/php/8.1/apache2/php.ini**:
-  ```
-  log_errors = On
-  error_log = /var/log/php_errors.log
-  ```
-  
-  Also check for max upload file/post size limits in **/etc/php/8.1/apache2/php.ini** (adjust to your needs, like 10G):
-  ```
-  upload_max_filesize = 10M
-  post_max_size = 10M
-  ```
-
-  ### Create the upload directory and set the necessary permissions:
-
-  ```
-  sudo mkdir -p /var/www/html/upload
-  sudo chown -R www-data:www-data /var/www/html/upload
-  sudo chmod -R 755 /var/www/html/upload
-  ```
-
-  ### Do not forget to add proper permissions to www-data (used by apache & php)
-  ```
-  sudo chown -R www-data:www-data /var/www/html/upload
-  sudo chmod -R 775 /var/www/html/upload
-  ```
-
-  ### Create application directory at webroot (or configure app/site):
-  (note: with my Apache configuration, I just need to create a subdirectory)
-  ```
-  sudo mkdir -p /var/www/html/uploader
-  ```
-
-  ### Edit file config.php and adjust variables
-  (website name, time zone etc.)
-  ```
-  sudo nano /home/ubuntu/uploader/config.php
-  ```
-  ### Edit file users.txt:
-  This file lists pseudo-users for upload access authentication, in the format **username:password**. 
-  These pseudo-users have **nothing to do** with Linux users and only serve as **an additional layer** of protection! 
-  Please **do not use your real login credentials** for this file!
-  Also, be sure to check if you copied the **.htaccess** file with content (that denies access to **users.txt** file)
-  ```
-  <Files "users.txt">
-    Order Allow,Deny
-    Deny from all
-  </Files>
-  ```
-
-  ### Copy all app files (html, php & js) to the app folder:
-  ```
-  sudo cp /home/ubuntu/uploader/*.* /var/www/html/uploader/
-  ```
-
-  ### Restart Apache to apply changes:
-
-  ```
-  sudo systemctl restart apache2
-  ```
-
-## Usage
-Open your web browser and navigate to https://yourserveraddress/uploader
-
-Enter username and password, stored in **user.txt** to authenticate.
-
-Choose a file to upload and click the "Upload" button.
-
-The uploaded files will be listed on the page, and you can delete them using the "Delete" button.
 
 ![screenshot](https://github.com/sensboston/uploader/assets/1036158/5428672d-7dcc-4d7a-a96f-dfe578618c75)
 
-## Issues / TODO
-  - Add JS check for upload file size, before starting actual upload.