Anairo Chat -- self-hosted PHP/SQLite chat application
- PHP 90.6%
- CSS 9.4%
gdadkisson
0fc4df8402
Self-hosted PHP/SQLite chat app with Nginx. Excludes live config.php (see config.php.example) and user-uploaded content. |
||
|---|---|---|
| admin | ||
| api | ||
| assets/css | ||
| auth | ||
| data | ||
| layout | ||
| lib | ||
| uploads | ||
| .gitignore | ||
| avatar.php | ||
| config.php.example | ||
| db.php | ||
| helpers.php | ||
| index.php | ||
| profile.php | ||
| README.md | ||
| test_upload.php | ||
MyChat — Setup Guide
A self-hosted PHP chat application with SQLite storage, Mailgun email, and a full admin panel.
Requirements
- PHP 7.4+ with extensions:
pdo_sqlite,curl,openssl - A web server with
.htaccesssupport (Apache) or equivalent Nginx config - A Mailgun account (free tier works fine)
1. Upload Files
Upload the entire chatapp/ directory to your web server.
Rename the folder if you like (e.g., chat/).
2. Edit config.php
Open config.php and update every value:
define('APP_URL', 'https://yourdomain.com/chat'); // path to this app
define('SECRET_KEY', 'generate-32-random-chars-here');
define('ADMIN_USERNAME', 'admin');
// Generate a new hash: php -r "echo password_hash('yourpassword', PASSWORD_BCRYPT);"
define('ADMIN_PASSWORD_HASH', 'paste-bcrypt-hash-here');
define('MAILGUN_API_KEY', 'key-xxxx');
define('MAILGUN_DOMAIN', 'mg.yourdomain.com');
define('MAILGUN_FROM', 'noreply@yourdomain.com');
3. Set Permissions
The data/ directory must be writable by the web server.
It is created automatically, but if needed:
mkdir -p data
chmod 750 data
Important: Keep the data/ folder outside your webroot if possible.
If it must stay inside, the .htaccess blocks direct access to .db files.
4. Mailgun Setup
- Sign up at https://mailgun.com
- Add and verify your sending domain
- Copy your Private API Key into
config.php - Set
MAILGUN_DOMAINto your verified Mailgun domain (e.g.,mg.yourdomain.com)
5. First Login
- Visit
https://yourdomain.com/chat/auth/login.php - Log in with your admin username and password from
config.php - You'll be redirected to the Admin Dashboard
File Structure
chatapp/
├── config.php ← ⚠ Edit this first
├── db.php ← SQLite bootstrap
├── helpers.php ← Auth, CSRF, email helpers
├── index.php ← Chat room
├── .htaccess ← Security rules
├── data/ ← Auto-created; holds chat.db
├── auth/
│ ├── login.php
│ ├── register.php
│ ├── verify.php
│ ├── forgot.php
│ ├── reset.php
│ └── logout.php
├── admin/
│ └── dashboard.php ← User + message management
├── api/
│ └── messages.php ← JSON API (send/poll/delete)
├── assets/css/
│ └── main.css
└── layout/
├── header.php
└── footer.php
Security Notes
- Passwords are hashed with bcrypt (PHP
password_hash) - All forms are CSRF-protected
- Email tokens are stored as SHA-256 hashes (raw token only travels in email)
- SQL injection prevented via PDO prepared statements
- XSS prevented via
htmlspecialchars()on all output - Admin credentials are never stored in the database
- The
data/andlayout/directories are blocked from direct browser access
Nginx (if not using Apache)
Add to your server block:
location ~* /chatapp/(data|layout)/ { deny all; }
location ~* \.(db|sqlite)$ { deny all; }
location ~* ^/chatapp/(config|db|helpers)\.php$ { deny all; }
Customization
- App name: Change
APP_NAMEinconfig.php - Colors/fonts: Edit
assets/css/main.css(CSS variables at the top) - Poll interval: Change
POLL_INTERVALinconfig.php(milliseconds) - Message history: Change
MSG_HISTORYinconfig.php