From b05c1120f04879f4f1b1346839100acffdc753ac Mon Sep 17 00:00:00 2001 From: Agent Date: Sat, 13 Jun 2026 21:33:42 -0400 Subject: [PATCH] feat: add privacy policy, terms, and animated landing page --- database/migrations/014_privacy_terms.sql | 2 + routes/web.php | 8 +- src/Controllers/AdminController.php | 38 ++ src/Controllers/DashboardController.php | 47 ++ views/admin/policies.php | 38 ++ views/layouts/main.php | 6 + views/pages/landing.php | 613 ++++++++++++++++++++++ views/pages/privacy.php | 31 ++ views/pages/terms.php | 33 ++ 9 files changed, 815 insertions(+), 1 deletion(-) create mode 100644 database/migrations/014_privacy_terms.sql create mode 100644 views/admin/policies.php create mode 100644 views/pages/landing.php create mode 100644 views/pages/privacy.php create mode 100644 views/pages/terms.php diff --git a/database/migrations/014_privacy_terms.sql b/database/migrations/014_privacy_terms.sql new file mode 100644 index 0000000..39fb194 --- /dev/null +++ b/database/migrations/014_privacy_terms.sql @@ -0,0 +1,2 @@ +INSERT IGNORE INTO app_config (`key`, `value`) VALUES ('privacy_policy', 'PRIVACY POLICY\nLast updated: June 2026\n\n1. DATA CONTROLLER\nServerManager (hereinafter "the Platform") is a server management tool. The data controller is the organization or individual who deploys and operates the Platform.\n\n2. DATA WE COLLECT\nWe collect and process the following data:\n\na) Account Information: username, email address, password (hashed with Argon2id), and role assignment.\n\nb) Server Credentials: SSH hostnames, IP addresses, ports, usernames, and private keys or passwords. All credentials are encrypted at rest using AES-256-CBC with a master key stored outside the database.\n\nc) Monitoring Data: CPU usage, RAM usage, disk usage, network traffic, process lists, and system uptime collected from connected servers.\n\nd) Usage Logs: Audit logs recording actions performed on the Platform (login, server access, configuration changes, command execution), including IP address, timestamp, and action details.\n\ne) Session Data: Session identifiers stored in the sessions table to maintain authentication state.\n\nf) Device Tokens: FCM (Firebase Cloud Messaging) tokens for push notifications on mobile devices.\n\n3. LEGAL BASIS FOR PROCESSING\nData is processed based on:\n- Legitimate interest in managing and monitoring IT infrastructure\n- Contractual necessity to provide the server management service\n- Legal obligations for audit and security logging\n\n4. DATA STORAGE AND SECURITY\n- Passwords: hashed using Argon2id\n- SSH credentials: encrypted with AES-256-CBC\n- Sessions: stored server-side in the database with HTTP-only cookies and SameSite flags\n- Communications: HTTPS encryption is enforced\n- Audit logs: immutable records of all sensitive operations\n\n5. DATA RETENTION\n- Account data: retained while the account is active and up to 12 months after deletion\n- Audit logs: retained for a minimum of 12 months\n- Monitoring data: retained according to configured thresholds\n- Session data: deleted upon logout or expiry\n\n6. YOUR RIGHTS\nDepending on applicable law, you may have the right to:\n- Access your personal data\n- Rectify inaccurate data\n- Delete your account and associated data\n- Restrict or object to processing\n- Data portability\n\nTo exercise these rights, contact your Platform administrator.\n\n7. DATA SHARING\nWe do not sell personal data. Data may be shared with:\n- Third-party services explicitly configured by the administrator (e.g., Firebase for push notifications)\n- Law enforcement only when required by applicable law\n\n8. COOKIES AND TRACKING\nThe Platform uses session cookies for authentication. No tracking cookies or third-party analytics are used.\n\n9. CHANGES TO THIS POLICY\nUsers will be notified of material changes via the Platform notification system.\n\n10. CONTACT\nContact your Platform administrator for privacy-related inquiries.'); +INSERT IGNORE INTO app_config (`key`, `value`) VALUES ('terms_conditions', 'TERMS AND CONDITIONS\nLast updated: June 2026\n\n1. ACCEPTANCE OF TERMS\nBy accessing or using ServerManager (hereinafter "the Platform"), you agree to be bound by these Terms and Conditions. If you do not agree, do not use the Platform.\n\n2. DESCRIPTION OF SERVICE\nThe Platform provides web-based remote server management including but not limited to:\n- SSH terminal access\n- System monitoring (CPU, RAM, disk, network)\n- Service management (start, stop, restart)\n- Nginx configuration management\n- SSL certificate management\n- Database management\n- Process management\n- System user management\n- Team collaboration\n- Mobile device notifications\n\n3. USER ACCOUNTS\n3.1 Account Creation: Users must provide accurate information when creating an account.\n3.2 Account Security: Users are responsible for maintaining the confidentiality of their credentials and for all activities under their account.\n3.3 Role-Based Access: Access is granted based on assigned roles (Operator, Admin, Super Admin). Privilege escalation is prohibited.\n\n4. ACCEPTABLE USE\nYou agree not to:\n- Use the Platform for any unlawful purpose\n- Attempt to access servers or data for which you lack authorization\n- Share your account credentials with unauthorized persons\n- Use the Platform to disrupt, damage, or compromise connected systems\n- Circumvent access controls, authentication mechanisms, or audit logging\n- Use automated tools to scrape, overload, or abuse the Platform\n\n5. INTELLECTUAL PROPERTY\nThe Platform software and its code are the property of the respective licensors. No ownership rights are transferred to users.\n\n6. LIMITATION OF LIABILITY\nThe Platform is provided "as is" without warranty of any kind. The operators shall not be liable for:\n- Damages resulting from server misconfiguration or command execution\n- Data loss resulting from system management actions\n- Unauthorized access due to compromised user credentials\n- Service interruptions or downtime\n- Indirect, incidental, or consequential damages\n\n7. INDEMNIFICATION\nUsers agree to indemnify and hold harmless the Platform operators from claims arising from their use of the service or violation of these terms.\n\n8. TERMINATION\nThe Platform administrator may suspend or terminate access:\n- For violation of these terms\n- At their sole discretion without prior notice\n- Upon user request\n\nUpon termination, access to the Platform and connected servers will be revoked.\n\n9. MODIFICATIONS\nThese terms may be updated at any time. Continued use after changes constitutes acceptance of the new terms. Users will be notified of material changes.\n\n10. GOVERNING LAW\nThese terms are governed by the laws of the jurisdiction where the Platform is deployed and operated.\n\n11. SEVERABILITY\nIf any provision of these terms is found to be unenforceable, the remaining provisions will remain in full force and effect.\n\n12. CONTACT\nFor questions regarding these terms, contact your Platform administrator.'); diff --git a/routes/web.php b/routes/web.php index 9af7e95..8a844d8 100755 --- a/routes/web.php +++ b/routes/web.php @@ -17,13 +17,16 @@ use ServerManager\Middleware\RoleMiddleware; $router = App::getInstance()->getRouter(); -$router->get('/', [DashboardController::class, 'index'], [AuthMiddleware::class]); +$router->get('/', [DashboardController::class, 'landing']); $router->get('/dashboard', [DashboardController::class, 'index'], [AuthMiddleware::class]); $router->get('/dashboard/stats', [DashboardController::class, 'stats'], [AuthMiddleware::class]); $router->get('/dashboard/refresh-metrics', [DashboardController::class, 'refreshMetrics'], [AuthMiddleware::class]); $router->get('/dashboard/chart-data', [DashboardController::class, 'chartData'], [AuthMiddleware::class]); $router->get('/notifications', [DashboardController::class, 'notifications'], [AuthMiddleware::class]); +$router->get('/privacy', [DashboardController::class, 'privacy']); +$router->get('/terms', [DashboardController::class, 'terms']); + $router->get('/login', [AuthController::class, 'loginForm']); $router->post('/login', [AuthController::class, 'login'], [CSRFMiddleware::class, RateLimitMiddleware::class]); $router->get('/register', [AuthController::class, 'registerForm']); @@ -99,6 +102,9 @@ $router->group(['prefix' => 'admin', 'middleware' => [AuthMiddleware::class, Rol $router->post('/app-version', [AdminController::class, 'appVersion'], [CSRFMiddleware::class]); $router->get('/notifications', [AdminController::class, 'notifications']); $router->post('/notifications/send', [AdminController::class, 'sendNotification'], [CSRFMiddleware::class]); + + $router->get('/policies', [AdminController::class, 'policies']); + $router->post('/policies', [AdminController::class, 'savePolicies'], [CSRFMiddleware::class]); }); $router->get('/api/status', [ApiController::class, 'status']); diff --git a/src/Controllers/AdminController.php b/src/Controllers/AdminController.php index dc6dcaa..61c5747 100755 --- a/src/Controllers/AdminController.php +++ b/src/Controllers/AdminController.php @@ -19,11 +19,14 @@ class AdminController private User $userModel; private AuditService $auditService; + private Database $db; + public function __construct() { $this->view = App::getInstance()->getView(); $this->userModel = new User(); $this->auditService = new AuditService(); + $this->db = Database::getInstance(); } private function requireSuperAdmin(): void @@ -325,4 +328,39 @@ class AdminController $this->view->json(['success' => true, 'message' => 'Notification sent successfully.' . $pushResult]); } + + public function policies(): void + { + $this->requireSuperAdmin(); + + $configs = $this->db->fetchAll('SELECT `key`, `value` FROM app_config WHERE `key` IN (?, ?)', ['privacy_policy', 'terms_conditions']); + $values = []; + foreach ($configs as $row) { + $values[$row['key']] = $row['value']; + } + + $this->view->display('admin.policies', [ + 'title' => 'Legal Policies - ServerManager', + 'privacy' => $values['privacy_policy'] ?? '', + 'terms' => $values['terms_conditions'] ?? '', + ]); + } + + public function savePolicies(): void + { + $this->requireSuperAdmin(); + + if (isset($_POST['privacy_policy'])) { + $this->db->update('app_config', ['value' => $_POST['privacy_policy']], '`key` = ?', ['privacy_policy']); + } + + if (isset($_POST['terms_conditions'])) { + $this->db->update('app_config', ['value' => $_POST['terms_conditions']], '`key` = ?', ['terms_conditions']); + } + + $this->auditService->log('policies_updated', 'config', null, ['details' => 'Legal policies updated']); + + Session::setFlash('success', 'Policies saved successfully.'); + $this->view->redirect('/admin/policies'); + } } diff --git a/src/Controllers/DashboardController.php b/src/Controllers/DashboardController.php index 1942e58..08923d6 100755 --- a/src/Controllers/DashboardController.php +++ b/src/Controllers/DashboardController.php @@ -5,6 +5,7 @@ declare(strict_types=1); namespace ServerManager\Controllers; use ServerManager\Core\App; +use ServerManager\Core\Database; use ServerManager\Core\Session; use ServerManager\Models\Server; use ServerManager\Models\Notification; @@ -24,6 +25,28 @@ class DashboardController $this->auditService = new AuditService(); } + public function landing(): void + { + if (Session::has('user_id')) { + $this->view->redirect('/dashboard'); + } + + $stats = []; + try { + $db = Database::getInstance(); + $stats['servers'] = $db->fetch('SELECT COUNT(*) as count FROM servers')['count'] ?? 0; + $stats['users'] = $db->fetch('SELECT COUNT(*) as count FROM users')['count'] ?? 0; + $stats['online_servers'] = $db->fetch("SELECT COUNT(*) as count FROM servers WHERE current_status = 'online'")['count'] ?? 0; + } catch (\Throwable) { + $stats = ['servers' => 0, 'users' => 0, 'online_servers' => 0]; + } + + $this->view->setLayout('auth')->display('pages.landing', [ + 'title' => 'ServerManager - Linux Server Management Platform', + 'stats' => $stats, + ]); + } + public function index(): void { $serverModel = new Server(); @@ -82,6 +105,30 @@ class DashboardController ]); } + public function privacy(): void + { + $db = Database::getInstance(); + $row = $db->fetch('SELECT `value` FROM app_config WHERE `key` = ?', ['privacy_policy']); + $content = $row ? $row['value'] : ''; + + $this->view->setLayout('auth')->display('pages.privacy', [ + 'title' => 'Privacy Policy - ServerManager', + 'content' => $content, + ]); + } + + public function terms(): void + { + $db = Database::getInstance(); + $row = $db->fetch('SELECT `value` FROM app_config WHERE `key` = ?', ['terms_conditions']); + $content = $row ? $row['value'] : ''; + + $this->view->setLayout('auth')->display('pages.terms', [ + 'title' => 'Terms & Conditions - ServerManager', + 'content' => $content, + ]); + } + public function notifications(): void { $userId = (int) Session::get('user_id'); diff --git a/views/admin/policies.php b/views/admin/policies.php new file mode 100644 index 0000000..bf76a72 --- /dev/null +++ b/views/admin/policies.php @@ -0,0 +1,38 @@ + + +
+ + +
+
+

Privacy Policy

+
+
+
+ + +
+
+
+ +
+
+

Terms & Conditions

+
+
+
+ + +
+
+
+ +
+ +
+
diff --git a/views/layouts/main.php b/views/layouts/main.php index 36010d4..70a16a2 100755 --- a/views/layouts/main.php +++ b/views/layouts/main.php @@ -95,6 +95,12 @@ Notifications + diff --git a/views/pages/landing.php b/views/pages/landing.php new file mode 100644 index 0000000..1dbf77a --- /dev/null +++ b/views/pages/landing.php @@ -0,0 +1,613 @@ + + +
+
+
+
+
+
+
+
+
+
+
+
+ +
+
+ +
+
+ +

+ Manage Your Servers
+ From One Place +

+ +

+ ServerManager is a powerful, web-based platform for managing Linux servers. + Monitor, control, and deploy across your entire infrastructure from a single dashboard. +

+ + + +
+
+
+
+
+ servermanager — ssh-session +
+
+
+ admin@servermanager:~$ + systemctl status --all +
+
+ ✔ nginx active (running) +
+
+ ✔ mysql active (running) +
+
+ ✔ sshd active (running) +
+
+ ○ redis inactive (dead) +
+
+ admin@servermanager:~$ + systemctl start redis +
+
+ ✔ redis active (running) +
+
+ All services operational. + +
+
+
+ +
+
+ Scroll to explore +
+
+ +
+
+

Everything You Need

+

Complete server management toolkit at your fingertips

+
+
+
+
+

SSH Terminal

+

Browser-based SSH terminal with real-time output, command history, and multi-session support.

+
+
+
+

Real-Time Monitoring

+

Monitor CPU, memory, disk usage, and network traffic with live metrics and historical charts.

+
+
+
+

SSL Management

+

Automate SSL certificate issuance and renewal via Let's Encrypt with full control.

+
+
+
+

Nginx Manager

+

Create, edit, and manage Nginx server blocks with syntax checking and site toggling.

+
+
+
+

Service Control

+

Start, stop, restart, and monitor system services across all your servers.

+
+
+
+

Team Collaboration

+

Assign role-based access to team members and delegate server management securely.

+
+
+
+ +
+
+
+
+
Servers Managed
+
+
+
+
Active Users
+
+
+
+
Servers Online
+
+
+
+ + +
+ + diff --git a/views/pages/privacy.php b/views/pages/privacy.php new file mode 100644 index 0000000..bc2f31b --- /dev/null +++ b/views/pages/privacy.php @@ -0,0 +1,31 @@ + diff --git a/views/pages/terms.php b/views/pages/terms.php new file mode 100644 index 0000000..f2034bc --- /dev/null +++ b/views/pages/terms.php @@ -0,0 +1,33 @@ +