Upload 5 files

src/Bootstrap.php

@@ -0,0 +1,513 @@
+<?php
+declare(strict_types=1);
+
+namespace SoftEdge;
+
+use PDO;
+use PDOException;
+use Throwable;
+
+// Try to load Composer autoload if not already loaded
+if (!class_exists(\Composer\Autoload\ClassLoader::class)) {
+    $autoload = __DIR__ . '/../vendor/autoload.php';
+    if (is_file($autoload)) {
+        require_once $autoload;
+    }
+}
+
+/**
+ * Env loader with Dotenv support and fallback parser
+ */
+final class Env
+{
+    private static bool $loaded = false;
+    private static array $cache = [];
+
+    public static function load(?string $dir = null): void
+    {
+        if (self::$loaded) return;
+        $dir = $dir ?? dirname(__DIR__);
+
+        // Load from $_ENV/$_SERVER first
+        self::$cache = array_merge($_SERVER, $_ENV);
+
+        // Prefer vlucas/phpdotenv when available
+        if (class_exists(\Dotenv\Dotenv::class)) {
+            try {
+                $dotenv = \Dotenv\Dotenv::createImmutable($dir, ['.env']);
+                $dotenv->safeLoad();
+                self::$cache = array_merge(self::$cache, $_ENV);
+            } catch (Throwable $e) {
+                // ignore, fallback to manual parse
+            }
+        } else {
+            // Fallback: manual parse basic .env
+            $envFile = $dir . DIRECTORY_SEPARATOR . '.env';
+            if (is_file($envFile)) {
+                $lines = @file($envFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES) ?: [];
+                foreach ($lines as $line) {
+                    if (preg_match('/^\s*#/',$line)) continue;
+                    if (!str_contains($line, '=')) continue;
+                    [$k,$v] = array_map('trim', explode('=', $line, 2));
+                    $v = trim($v, "\"' ");
+                    self::$cache[$k] = $v;
+                }
+            }
+        }
+
+        // Defaults
+        self::$cache['APP_ENV'] = self::$cache['APP_ENV'] ?? 'production';
+        self::$cache['TIMEZONE'] = self::$cache['TIMEZONE'] ?? 'Africa/Luanda';
+        self::$cache['JWT_SECRET'] = self::$cache['JWT_SECRET'] ?? base64_encode(random_bytes(32));
+        self::$cache['APP_KEY'] = self::$cache['APP_KEY'] ?? base64_encode(random_bytes(32));
+
+        self::$loaded = true;
+    }
+
+    public static function get(string $key, ?string $default = null): ?string
+    {
+        return self::$cache[$key] ?? $default;
+    }
+
+    public static function bool(string $key, bool $default = false): bool
+    {
+        $v = self::get($key);
+        if ($v === null) return $default;
+        $v = strtolower($v);
+        return in_array($v, ['1','true','yes','on'], true);
+    }
+
+    public static function int(string $key, int $default = 0): int
+    {
+        $v = self::get($key);
+        return $v !== null && is_numeric($v) ? (int)$v : $default;
+    }
+}
+
+/**
+ * Security headers
+ */
+final class SecurityHeaders
+{
+    public static function apply(): void
+    {
+        // Only add if headers not sent
+        if (headers_sent()) return;
+
+        $csp = "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https:; img-src 'self' data: https:; font-src 'self' data: https:; connect-src 'self' https:; frame-ancestors 'none'; base-uri 'self'; form-action 'self'";
+        header('Content-Security-Policy: ' . $csp);
+        header('X-Frame-Options: DENY');
+        header('X-Content-Type-Options: nosniff');
+        header('Referrer-Policy: strict-origin-when-cross-origin');
+        header('Permissions-Policy: geolocation=(), microphone=(), camera=()');
+
+        // HSTS only when HTTPS
+        if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
+            header('Strict-Transport-Security: max-age=31536000; includeSubDomains; preload');
+        }
+    }
+}
+
+/**
+ * Standardized JSON responses
+ */
+final class Response
+{
+    public static function json(array $data, int $status = 200): void
+    {
+        if (!headers_sent()) {
+            http_response_code($status);
+            header('Content-Type: application/json; charset=utf-8');
+        }
+        echo json_encode($data, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
+    }
+}
+
+/**
+ * Simple validation helpers
+ */
+final class Validation
+{
+    public static function required(array $data, array $fields): array
+    {
+        $errors = [];
+        foreach ($fields as $f) {
+            if (!isset($data[$f]) || $data[$f] === '') {
+                $errors[$f] = 'Campo obrigatório';
+            }
+        }
+        return $errors;
+    }
+
+    public static function email(string $email): bool
+    {
+        return (bool)filter_var($email, FILTER_VALIDATE_EMAIL);
+    }
+}
+
+/**
+ * Very light file/APCu based rate limiter
+ */
+final class RateLimiter
+{
+    public static function allow(string $key, int $maxRequests, int $windowSeconds): bool
+    {
+        $now = time();
+        $id = 'rate_' . sha1($key);
+
+        if (function_exists('apcu_fetch')) {
+            $entry = apcu_fetch($id, $success);
+            if (!$success || !is_array($entry) || $entry['reset'] <= $now) {
+                apcu_store($id, ['count' => 1, 'reset' => $now + $windowSeconds], $windowSeconds);
+                return true;
+            }
+            if ($entry['count'] < $maxRequests) {
+                $entry['count']++;
+                apcu_store($id, $entry, $entry['reset'] - $now);
+                return true;
+            }
+            return false;
+        }
+
+        // Fallback: file-based
+        $dir = dirname(__DIR__) . DIRECTORY_SEPARATOR . 'storage';
+        if (!is_dir($dir)) @mkdir($dir, 0775, true);
+        $file = $dir . DIRECTORY_SEPARATOR . $id . '.json';
+        $entry = ['count' => 0, 'reset' => $now + $windowSeconds];
+        if (is_file($file)) {
+            $content = json_decode((string)@file_get_contents($file), true) ?: [];
+            if (isset($content['reset']) && $content['reset'] > $now) {
+                $entry = $content;
+            }
+        }
+        if ($entry['reset'] <= $now) {
+            $entry = ['count' => 1, 'reset' => $now + $windowSeconds];
+            @file_put_contents($file, json_encode($entry));
+            return true;
+        }
+        if ($entry['count'] < $maxRequests) {
+            $entry['count']++;
+            @file_put_contents($file, json_encode($entry));
+            return true;
+        }
+        return false;
+    }
+}
+
+/**
+ * CSRF token utilities for forms and fetch requests
+ */
+final class Csrf
+{
+    private const KEY = '_csrf';
+
+    public static function ensure(): void
+    {
+        if (!isset($_SESSION[self::KEY])) {
+            $_SESSION[self::KEY] = bin2hex(random_bytes(32));
+        }
+    }
+
+    public static function token(): string
+    {
+        return (string)($_SESSION[self::KEY] ?? '');
+    }
+
+    public static function validate(?string $token): bool
+    {
+        return is_string($token) && hash_equals(self::token(), $token);
+    }
+}
+
+/**
+ * JWT service using firebase/php-jwt when available
+ */
+final class JwtService
+{
+    public static function sign(array $payload, ?int $ttlSeconds = 3600): string
+    {
+        $now = time();
+        $payload = array_merge([
+            'iat' => $now,
+            'nbf' => $now,
+            'exp' => $now + (int)$ttlSeconds,
+            'iss' => $_SERVER['HTTP_HOST'] ?? 'localhost',
+        ], $payload);
+
+        $secret = Env::get('JWT_SECRET');
+        if (class_exists(\Firebase\JWT\JWT::class)) {
+            return \Firebase\JWT\JWT::encode($payload, $secret, 'HS256');
+        }
+        // Minimal fallback: base64 signature (NOT recommended for production if library missing)
+        $header = base64_encode(json_encode(['alg' => 'HS256','typ' => 'JWT']));
+        $body = base64_encode(json_encode($payload));
+        $sig = rtrim(strtr(base64_encode(hash_hmac('sha256', "$header.$body", $secret, true)), '+/', '-_'), '=');
+        return "$header.$body.$sig";
+    }
+}
+
+/**
+ * PDO connection provider + migrations
+ */
+final class DB
+{
+    private static ?PDO $pdo = null;
+
+    public static function pdo(): PDO
+    {
+        if (self::$pdo) return self::$pdo;
+        $url = Env::get('DATABASE_URL');
+
+        try {
+            if ($url && str_starts_with($url, 'mysql://')) {
+                // mysql://user:pass@host:port/db
+                $parts = parse_url($url);
+                $user = $parts['user'] ?? '';
+                $pass = $parts['pass'] ?? '';
+                $host = $parts['host'] ?? '127.0.0.1';
+                $port = $parts['port'] ?? 3306;
+                $db   = ltrim($parts['path'] ?? '/softedge', '/');
+                $dsn  = "mysql:host=$host;port=$port;dbname=$db;charset=utf8mb4";
+                $pdo  = new PDO($dsn, $user, $pass, [
+                    PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
+                    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
+                    PDO::ATTR_EMULATE_PREPARES => false,
+                ]);
+                self::$pdo = $pdo;
+            } else {
+                // Default to SQLite file in /storage
+                $dir = dirname(__DIR__) . DIRECTORY_SEPARATOR . 'storage';
+                if (!is_dir($dir)) @mkdir($dir, 0775, true);
+                $path = $dir . DIRECTORY_SEPARATOR . 'softedge.sqlite';
+                $dsn  = 'sqlite:' . $path;
+                $pdo  = new PDO($dsn, null, null, [
+                    PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
+                    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
+                    PDO::ATTR_EMULATE_PREPARES => false,
+                ]);
+                // Ensures WAL for better concurrency
+                $pdo->exec('PRAGMA journal_mode = WAL');
+                $pdo->exec('PRAGMA foreign_keys = ON');
+                self::$pdo = $pdo;
+            }
+        } catch (PDOException $e) {
+            http_response_code(500);
+            die('Database connection error');
+        }
+        return self::$pdo;
+    }
+
+    public static function migrate(): void
+    {
+        $pdo = self::pdo();
+        $driver = $pdo->getAttribute(PDO::ATTR_DRIVER_NAME);
+
+        if ($driver === 'sqlite') {
+            $pdo->exec(<<<SQL
+            CREATE TABLE IF NOT EXISTS users (
+                id INTEGER PRIMARY KEY AUTOINCREMENT,
+                email TEXT NOT NULL UNIQUE,
+                password TEXT NOT NULL,
+                name TEXT,
+                role TEXT DEFAULT 'user',
+                status TEXT DEFAULT 'active',
+                last_login TEXT,
+                last_ip TEXT,
+                login_attempts INTEGER DEFAULT 0,
+                locked_until TEXT,
+                created_at TEXT DEFAULT (datetime('now'))
+            );
+            SQL);
+
+            $pdo->exec(<<<SQL
+            CREATE TABLE IF NOT EXISTS contact_submissions (
+                id INTEGER PRIMARY KEY AUTOINCREMENT,
+                name TEXT,
+                email TEXT,
+                phone TEXT,
+                company TEXT,
+                subject TEXT,
+                message TEXT NOT NULL,
+                status TEXT DEFAULT 'new',
+                created_at TEXT DEFAULT (datetime('now'))
+            );
+            SQL);
+        } else {
+            // Basic MySQL-compatible schema (minimal)
+            $pdo->exec(<<<SQL
+            CREATE TABLE IF NOT EXISTS users (
+                id INT AUTO_INCREMENT PRIMARY KEY,
+                email VARCHAR(255) NOT NULL UNIQUE,
+                password VARCHAR(255) NOT NULL,
+                name VARCHAR(255),
+                role VARCHAR(50) DEFAULT 'user',
+                status VARCHAR(50) DEFAULT 'active',
+                last_login DATETIME NULL,
+                last_ip VARCHAR(45) NULL,
+                login_attempts INT DEFAULT 0,
+                locked_until DATETIME NULL,
+                created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+            ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
+            SQL);
+
+            $pdo->exec(<<<SQL
+            CREATE TABLE IF NOT EXISTS contact_submissions (
+                id INT AUTO_INCREMENT PRIMARY KEY,
+                name VARCHAR(255),
+                email VARCHAR(255),
+                phone VARCHAR(20),
+                company VARCHAR(255),
+                subject VARCHAR(500),
+                message TEXT NOT NULL,
+                status VARCHAR(50) DEFAULT 'new',
+                created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+            ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
+            SQL);
+        }
+    }
+
+    public static function seedAdmin(): void
+    {
+        $pdo = self::pdo();
+        $email = Env::get('ADMIN_EMAIL', 'admin@softedge.com');
+        $name  = Env::get('ADMIN_NAME', 'Admin');
+        $pass  = Env::get('ADMIN_PASSWORD', 'Admin@123456');
+        $hash  = password_hash($pass, PASSWORD_BCRYPT, ['cost' => 10]);
+
+        $stmt = $pdo->prepare('SELECT id FROM users WHERE email = :email LIMIT 1');
+        $stmt->execute([':email' => $email]);
+        if (!$stmt->fetch()) {
+            $ins = $pdo->prepare('INSERT INTO users (email, password, name, role, status) VALUES (:email,:password,:name,\'super_admin\',\'active\')');
+            $ins->execute([':email' => $email, ':password' => $hash, ':name' => $name]);
+        }
+    }
+}
+
+/**
+ * Authentication service
+ */
+final class AuthService
+{
+    public static function login(string $email, string $password): array
+    {
+        $pdo = DB::pdo();
+        $ip = $_SERVER['REMOTE_ADDR'] ?? '';
+        $ua = $_SERVER['HTTP_USER_AGENT'] ?? '';
+
+        // Rate limit by IP & email
+        $key = 'login:' . $ip . ':' . strtolower($email);
+        if (!RateLimiter::allow($key, Env::int('RATE_LIMIT_LOGIN', 5), 60)) {
+            return ['ok' => false, 'status' => 429, 'error' => 'Muitas tentativas. Tente novamente mais tarde.'];
+        }
+
+        $stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email LIMIT 1');
+        $stmt->execute([':email' => $email]);
+        $user = $stmt->fetch();
+        if (!$user) {
+            return ['ok' => false, 'status' => 401, 'error' => 'Credenciais inválidas'];
+        }
+
+        // Check lockout
+        if (!empty($user['locked_until'])) {
+            $now = time();
+            $locked = strtotime((string)$user['locked_until']);
+            if ($locked && $locked > $now) {
+                return ['ok' => false, 'status' => 423, 'error' => 'Conta temporariamente bloqueada'];
+            }
+        }
+
+        if (!password_verify($password, (string)$user['password'])) {
+            // increment attempts
+            $attempts = (int)$user['login_attempts'] + 1;
+            $lockFor = 0;
+            $max = Env::int('MAX_LOGIN_ATTEMPTS', 5);
+            if ($attempts >= $max) {
+                $lockSeconds = Env::int('LOCKOUT_SECONDS', 900);
+                $lockFor = time() + $lockSeconds;
+            }
+            $pdo->prepare('UPDATE users SET login_attempts = :a, locked_until = :l WHERE id = :id')
+                ->execute([':a' => $attempts, ':l' => $lockFor ? date('Y-m-d H:i:s', $lockFor) : null, ':id' => $user['id']]);
+            return ['ok' => false, 'status' => 401, 'error' => 'Credenciais inválidas'];
+        }
+
+        // Reset attempts and update metadata
+        $pdo->prepare('UPDATE users SET login_attempts = 0, locked_until = NULL, last_login = :ll, last_ip = :ip WHERE id = :id')
+            ->execute([':ll' => date('Y-m-d H:i:s'), ':ip' => $ip, ':id' => $user['id']]);
+
+        // Session security
+        self::secureSession();
+        $_SESSION['uid'] = (int)$user['id'];
+        $_SESSION['role'] = (string)$user['role'];
+        session_regenerate_id(true);
+
+        // Optional JWT for API usage
+        $jwt = JwtService::sign(['sub' => $user['id'], 'email' => $user['email'], 'role' => $user['role']], Env::int('JWT_TTL', 3600));
+
+        return [
+            'ok' => true,
+            'status' => 200,
+            'user' => [
+                'id' => (int)$user['id'],
+                'email' => (string)$user['email'],
+                'name' => (string)($user['name'] ?? ''),
+                'role' => (string)$user['role'],
+            ],
+            'token' => $jwt,
+        ];
+    }
+
+    public static function logout(): void
+    {
+        if (session_status() === PHP_SESSION_ACTIVE) {
+            $_SESSION = [];
+            if (ini_get('session.use_cookies')) {
+                $params = session_get_cookie_params();
+                setcookie(session_name(), '', time() - 42000, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
+            }
+            session_destroy();
+        }
+    }
+
+    public static function secureSession(): void
+    {
+        if (session_status() === PHP_SESSION_NONE) {
+            $secure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off');
+            session_set_cookie_params([
+                'lifetime' => Env::int('SESSION_LIFETIME', 86400),
+                'path' => '/',
+                'domain' => '',
+                'secure' => $secure,
+                'httponly' => true,
+                'samesite' => 'Lax',
+            ]);
+            session_start();
+        }
+    }
+}
+
+/**
+ * Application bootstrapper
+ */
+final class Bootstrap
+{
+    public static function init(): void
+    {
+        // Timezone
+        date_default_timezone_set(Env::get('TIMEZONE', 'Africa/Luanda'));
+
+        // Start secure session
+        AuthService::secureSession();
+
+        // CSRF token
+        Csrf::ensure();
+
+        // Security headers
+        SecurityHeaders::apply();
+
+        // Database and migrations
+        DB::migrate();
+
+        // Seed admin user if missing
+        DB::seedAdmin();
+    }
+}

src/EmailService.php

@@ -0,0 +1,168 @@
+<?php
+
+namespace SoftEdge;
+
+use PHPMailer\PHPMailer\PHPMailer;
+use PHPMailer\PHPMailer\Exception;
+
+/**
+ * Email Service for SoftEdge Corporation
+ * Handles contact form submissions and email sending
+ */
+class EmailService
+{
+    private PHPMailer $mailer;
+    private array $config;
+
+    public function __construct()
+    {
+        $this->config = $this->loadConfig();
+        $this->setupMailer();
+    }
+
+    /**
+     * Load email configuration from environment
+     */
+    private function loadConfig(): array
+    {
+        return [
+            'host' => $_ENV['SMTP_HOST'] ?? 'smtp.gmail.com',
+            'port' => (int)($_ENV['SMTP_PORT'] ?? 587),
+            'username' => $_ENV['SMTP_USERNAME'] ?? '',
+            'password' => $_ENV['SMTP_PASSWORD'] ?? '',
+            'encryption' => $_ENV['SMTP_ENCRYPTION'] ?? 'tls',
+            'from_email' => $_ENV['SMTP_FROM_EMAIL'] ?? 'softedgecorporation@gmail.com',
+            'from_name' => $_ENV['SMTP_FROM_NAME'] ?? 'SoftEdge Corporation'
+        ];
+    }
+
+    /**
+     * Setup PHPMailer instance
+     */
+    private function setupMailer(): void
+    {
+        $this->mailer = new PHPMailer(true);
+
+        // Server settings
+        $this->mailer->isSMTP();
+        $this->mailer->Host = $this->config['host'];
+        $this->mailer->SMTPAuth = true;
+        $this->mailer->Username = $this->config['username'];
+        $this->mailer->Password = $this->config['password'];
+        $this->mailer->SMTPSecure = $this->config['encryption'];
+        $this->mailer->Port = $this->config['port'];
+
+        // Sender
+        $this->mailer->setFrom($this->config['from_email'], $this->config['from_name']);
+
+        // Encoding and charset
+        $this->mailer->CharSet = 'UTF-8';
+        $this->mailer->Encoding = 'base64';
+    }
+
+    /**
+     * Send contact email
+     */
+    public function sendContactEmail(array $data): bool
+    {
+        try {
+            // Validate required fields
+            $this->validateContactData($data);
+
+            // Recipients
+            $this->mailer->addAddress('softedgecorporation@gmail.com', 'SoftEdge Corporation');
+
+            // Content
+            $this->mailer->isHTML(false);
+            $this->mailer->Subject = '🚀 Novo Contato do Site - ' . $data['nome'];
+            $this->mailer->Body = $this->buildContactEmailBody($data);
+
+            // Send email
+            $result = $this->mailer->send();
+
+            // Log success
+            error_log("Email sent successfully to: softedgecorporation@gmail.com from: {$data['email']}");
+
+            return $result;
+
+        } catch (Exception $e) {
+            error_log("Email sending failed: " . $this->mailer->ErrorInfo);
+            throw new \RuntimeException('Erro ao enviar email: ' . $e->getMessage());
+        }
+    }
+
+    /**
+     * Validate contact form data
+     */
+    private function validateContactData(array $data): void
+    {
+        $required = ['nome', 'email', 'mensagem'];
+        $missing = [];
+
+        foreach ($required as $field) {
+            if (empty(trim($data[$field] ?? ''))) {
+                $missing[] = $field;
+            }
+        }
+
+        if (!empty($missing)) {
+            throw new \InvalidArgumentException('Campos obrigatórios não preenchidos: ' . implode(', ', $missing));
+        }
+
+        if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
+            throw new \InvalidArgumentException('E-mail inválido');
+        }
+
+        // Additional validation
+        if (strlen($data['nome']) < 2) {
+            throw new \InvalidArgumentException('Nome deve ter pelo menos 2 caracteres');
+        }
+
+        if (strlen($data['mensagem']) < 10) {
+            throw new \InvalidArgumentException('Mensagem deve ter pelo menos 10 caracteres');
+        }
+    }
+
+    /**
+     * Build contact email body
+     */
+    private function buildContactEmailBody(array $data): string
+    {
+        $empresa = $data['empresa'] ?? '(não informado)';
+        $ip = $_SERVER['REMOTE_ADDR'] ?? 'unknown';
+        $timestamp = date('d/m/Y H:i:s');
+
+        return "═══════════════════════════════════════\n" .
+               "  NOVO CONTATO DO SITE SOFTEDGE\n" .
+               "═══════════════════════════════════════\n\n" .
+               "👤 NOME:\n   {$data['nome']}\n\n" .
+               "📧 E-MAIL:\n   {$data['email']}\n\n" .
+               "🏢 EMPRESA/PROJETO:\n   {$empresa}\n\n" .
+               "💬 MENSAGEM:\n   " . str_replace("\n", "\n   ", $data['mensagem']) . "\n\n" .
+               "═══════════════════════════════════════\n" .
+               "📅 Data: {$timestamp}\n" .
+               "🌐 IP: {$ip}\n" .
+               "═══════════════════════════════════════\n";
+    }
+
+    /**
+     * Send notification email (for internal use)
+     */
+    public function sendNotification(string $subject, string $message): bool
+    {
+        try {
+            $this->mailer->clearAddresses();
+            $this->mailer->addAddress('softedgecorporation@gmail.com', 'SoftEdge Corporation');
+
+            $this->mailer->isHTML(false);
+            $this->mailer->Subject = '🔔 ' . $subject;
+            $this->mailer->Body = $message;
+
+            return $this->mailer->send();
+
+        } catch (Exception $e) {
+            error_log("Notification email failed: " . $this->mailer->ErrorInfo);
+            return false;
+        }
+    }
+}

src/User.php

@@ -0,0 +1,458 @@
+<?php
+
+namespace SoftEdge;
+
+use PDO;
+use PDOException;
+
+/**
+ * User Management Class
+ * Handles user registration, authentication, and profile management
+ */
+class User
+{
+    private PDO $db;
+    private array $config;
+
+    public function __construct(PDO $db = null)
+    {
+        $this->config = $this->loadConfig();
+        $this->db = $db ?? $this->getDatabaseConnection();
+    }
+
+    /**
+     * Load configuration
+     */
+    private function loadConfig(): array
+    {
+        return [
+            'db_host' => $_ENV['DB_HOST'] ?? 'localhost',
+            'db_name' => $_ENV['DB_NAME'] ?? 'softedge_db',
+            'db_user' => $_ENV['DB_USER'] ?? 'root',
+            'db_pass' => $_ENV['DB_PASS'] ?? '',
+            'jwt_secret' => $_ENV['JWT_SECRET'] ?? 'your-jwt-secret-key',
+            'google_client_id' => $_ENV['GOOGLE_CLIENT_ID'] ?? '',
+            'google_client_secret' => $_ENV['GOOGLE_CLIENT_SECRET'] ?? '',
+            'github_client_id' => $_ENV['GITHUB_CLIENT_ID'] ?? '',
+            'github_client_secret' => $_ENV['GITHUB_CLIENT_SECRET'] ?? ''
+        ];
+    }
+
+    /**
+     * Get database connection
+     */
+    private function getDatabaseConnection(): PDO
+    {
+        try {
+            $dsn = "mysql:host={$this->config['db_host']};dbname={$this->config['db_name']};charset=utf8mb4";
+            $pdo = new PDO($dsn, $this->config['db_user'], $this->config['db_pass']);
+            $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+            $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
+            return $pdo;
+        } catch (PDOException $e) {
+            error_log("Database connection failed: " . $e->getMessage());
+            throw new \RuntimeException('Database connection failed');
+        }
+    }
+
+    /**
+     * Create users table if it doesn't exist
+     */
+    public function createTables(): void
+    {
+        try {
+            // Users table
+            $this->db->exec("
+                CREATE TABLE IF NOT EXISTS users (
+                    id INT AUTO_INCREMENT PRIMARY KEY,
+                    name VARCHAR(255) NOT NULL,
+                    email VARCHAR(255) UNIQUE NOT NULL,
+                    password VARCHAR(255),
+                    avatar VARCHAR(500),
+                    provider VARCHAR(50) DEFAULT 'local',
+                    provider_id VARCHAR(255),
+                    role ENUM('user', 'admin') DEFAULT 'user',
+                    email_verified BOOLEAN DEFAULT FALSE,
+                    verification_token VARCHAR(255),
+                    reset_token VARCHAR(255),
+                    reset_expires DATETIME,
+                    last_login DATETIME,
+                    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
+                ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+            ");
+
+            // Page visits table
+            $this->db->exec("
+                CREATE TABLE IF NOT EXISTS page_visits (
+                    id INT AUTO_INCREMENT PRIMARY KEY,
+                    user_id INT,
+                    page VARCHAR(255) NOT NULL,
+                    ip_address VARCHAR(45),
+                    user_agent TEXT,
+                    referrer VARCHAR(500),
+                    session_id VARCHAR(255),
+                    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL
+                ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+            ");
+
+            // User sessions table
+            $this->db->exec("
+                CREATE TABLE IF NOT EXISTS user_sessions (
+                    id INT AUTO_INCREMENT PRIMARY KEY,
+                    user_id INT NOT NULL,
+                    session_token VARCHAR(255) UNIQUE NOT NULL,
+                    ip_address VARCHAR(45),
+                    user_agent TEXT,
+                    expires_at DATETIME NOT NULL,
+                    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+                    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE
+                ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci
+            ");
+
+        } catch (PDOException $e) {
+            error_log("Table creation failed: " . $e->getMessage());
+            throw new \RuntimeException('Failed to create database tables');
+        }
+    }
+
+    /**
+     * Register a new user
+     */
+    public function register(array $data): array
+    {
+        $this->validateRegistrationData($data);
+
+        try {
+            $this->db->beginTransaction();
+
+            // Check if email already exists
+            $stmt = $this->db->prepare("SELECT id FROM users WHERE email = ?");
+            $stmt->execute([$data['email']]);
+            if ($stmt->fetch()) {
+                throw new \InvalidArgumentException('Email já cadastrado');
+            }
+
+            // Hash password
+            $hashedPassword = password_hash($data['password'], PASSWORD_ARGON2ID);
+
+            // Generate verification token
+            $verificationToken = bin2hex(random_bytes(32));
+
+            // Insert user
+            $stmt = $this->db->prepare("
+                INSERT INTO users (name, email, password, verification_token, created_at)
+                VALUES (?, ?, ?, ?, NOW())
+            ");
+            $stmt->execute([
+                $data['name'],
+                $data['email'],
+                $hashedPassword,
+                $verificationToken
+            ]);
+
+            $userId = $this->db->lastInsertId();
+
+            $this->db->commit();
+
+            return [
+                'success' => true,
+                'user_id' => $userId,
+                'verification_token' => $verificationToken,
+                'message' => 'Usuário registrado com sucesso. Verifique seu email.'
+            ];
+
+        } catch (PDOException $e) {
+            $this->db->rollBack();
+            error_log("Registration failed: " . $e->getMessage());
+            throw new \RuntimeException('Erro ao registrar usuário');
+        }
+    }
+
+    /**
+     * Authenticate user
+     */
+    public function login(string $email, string $password): array
+    {
+        try {
+            $stmt = $this->db->prepare("
+                SELECT id, name, email, password, role, email_verified
+                FROM users
+                WHERE email = ? AND provider = 'local'
+            ");
+            $stmt->execute([$email]);
+            $user = $stmt->fetch();
+
+            if (!$user || !password_verify($password, $user['password'])) {
+                throw new \InvalidArgumentException('Email ou senha incorretos');
+            }
+
+            if (!$user['email_verified']) {
+                throw new \InvalidArgumentException('Email não verificado. Verifique sua caixa de entrada.');
+            }
+
+            // Update last login
+            $stmt = $this->db->prepare("UPDATE users SET last_login = NOW() WHERE id = ?");
+            $stmt->execute([$user['id']]);
+
+            // Create session
+            $sessionToken = $this->createSession($user['id']);
+
+            // Log page visit
+            $this->logPageVisit($user['id'], 'login', $_SERVER['HTTP_USER_AGENT'] ?? '');
+
+            return [
+                'success' => true,
+                'user' => [
+                    'id' => $user['id'],
+                    'name' => $user['name'],
+                    'email' => $user['email'],
+                    'role' => $user['role']
+                ],
+                'session_token' => $sessionToken
+            ];
+
+        } catch (PDOException $e) {
+            error_log("Login failed: " . $e->getMessage());
+            throw new \RuntimeException('Erro ao fazer login');
+        }
+    }
+
+    /**
+     * Social login (Google, GitHub)
+     */
+    public function socialLogin(string $provider, array $profile): array
+    {
+        try {
+            $this->db->beginTransaction();
+
+            // Check if user exists
+            $stmt = $this->db->prepare("
+                SELECT id, name, email, role, email_verified
+                FROM users
+                WHERE provider = ? AND provider_id = ?
+            ");
+            $stmt->execute([$provider, $profile['id']]);
+            $user = $stmt->fetch();
+
+            if (!$user) {
+                // Create new user
+                $stmt = $this->db->prepare("
+                    INSERT INTO users (name, email, avatar, provider, provider_id, email_verified, created_at)
+                    VALUES (?, ?, ?, ?, ?, TRUE, NOW())
+                ");
+                $stmt->execute([
+                    $profile['name'],
+                    $profile['email'],
+                    $profile['avatar'] ?? null,
+                    $provider,
+                    $profile['id']
+                ]);
+
+                $userId = $this->db->lastInsertId();
+
+                $user = [
+                    'id' => $userId,
+                    'name' => $profile['name'],
+                    'email' => $profile['email'],
+                    'role' => 'user',
+                    'email_verified' => true
+                ];
+            }
+
+            // Update last login
+            $stmt = $this->db->prepare("UPDATE users SET last_login = NOW() WHERE id = ?");
+            $stmt->execute([$user['id']]);
+
+            // Create session
+            $sessionToken = $this->createSession($user['id']);
+
+            // Log page visit
+            $this->logPageVisit($user['id'], 'social_login', $_SERVER['HTTP_USER_AGENT'] ?? '');
+
+            $this->db->commit();
+
+            return [
+                'success' => true,
+                'user' => $user,
+                'session_token' => $sessionToken
+            ];
+
+        } catch (PDOException $e) {
+            $this->db->rollBack();
+            error_log("Social login failed: " . $e->getMessage());
+            throw new \RuntimeException('Erro ao fazer login social');
+        }
+    }
+
+    /**
+     * Create user session
+     */
+    private function createSession(int $userId): string
+    {
+        $sessionToken = bin2hex(random_bytes(32));
+        $expiresAt = date('Y-m-d H:i:s', strtotime('+24 hours'));
+
+        $stmt = $this->db->prepare("
+            INSERT INTO user_sessions (user_id, session_token, ip_address, user_agent, expires_at, created_at)
+            VALUES (?, ?, ?, ?, ?, NOW())
+        ");
+        $stmt->execute([
+            $userId,
+            $sessionToken,
+            $_SERVER['REMOTE_ADDR'] ?? '',
+            $_SERVER['HTTP_USER_AGENT'] ?? '',
+            $expiresAt
+        ]);
+
+        return $sessionToken;
+    }
+
+    /**
+     * Validate session
+     */
+    public function validateSession(string $sessionToken): ?array
+    {
+        try {
+            $stmt = $this->db->prepare("
+                SELECT u.id, u.name, u.email, u.role, u.email_verified, s.expires_at
+                FROM user_sessions s
+                JOIN users u ON s.user_id = u.id
+                WHERE s.session_token = ? AND s.expires_at > NOW()
+            ");
+            $stmt->execute([$sessionToken]);
+            $result = $stmt->fetch();
+
+            return $result ?: null;
+
+        } catch (PDOException $e) {
+            error_log("Session validation failed: " . $e->getMessage());
+            return null;
+        }
+    }
+
+    /**
+     * Log page visit
+     */
+    public function logPageVisit(?int $userId, string $page, string $userAgent = ''): void
+    {
+        try {
+            $stmt = $this->db->prepare("
+                INSERT INTO page_visits (user_id, page, ip_address, user_agent, referrer, session_id, created_at)
+                VALUES (?, ?, ?, ?, ?, ?, NOW())
+            ");
+            $stmt->execute([
+                $userId,
+                $page,
+                $_SERVER['REMOTE_ADDR'] ?? '',
+                $userAgent,
+                $_SERVER['HTTP_REFERER'] ?? '',
+                session_id()
+            ]);
+        } catch (PDOException $e) {
+            error_log("Page visit logging failed: " . $e->getMessage());
+        }
+    }
+
+    /**
+     * Get admin statistics
+     */
+    public function getAdminStats(): array
+    {
+        try {
+            // Total users
+            $stmt = $this->db->query("SELECT COUNT(*) as total FROM users");
+            $totalUsers = $stmt->fetch()['total'];
+
+            // Total page visits
+            $stmt = $this->db->query("SELECT COUNT(*) as total FROM page_visits");
+            $totalVisits = $stmt->fetch()['total'];
+
+            // Recent visits (last 30 days)
+            $stmt = $this->db->prepare("
+                SELECT COUNT(*) as total
+                FROM page_visits
+                WHERE created_at >= DATE_SUB(NOW(), INTERVAL 30 DAY)
+            ");
+            $stmt->execute();
+            $recentVisits = $stmt->fetch()['total'];
+
+            // Top pages
+            $stmt = $this->db->prepare("
+                SELECT page, COUNT(*) as visits
+                FROM page_visits
+                GROUP BY page
+                ORDER BY visits DESC
+                LIMIT 10
+            ");
+            $stmt->execute();
+            $topPages = $stmt->fetchAll();
+
+            // Recent users
+            $stmt = $this->db->prepare("
+                SELECT id, name, email, created_at
+                FROM users
+                ORDER BY created_at DESC
+                LIMIT 10
+            ");
+            $stmt->execute();
+            $recentUsers = $stmt->fetchAll();
+
+            return [
+                'total_users' => $totalUsers,
+                'total_visits' => $totalVisits,
+                'recent_visits' => $recentVisits,
+                'top_pages' => $topPages,
+                'recent_users' => $recentUsers
+            ];
+
+        } catch (PDOException $e) {
+            error_log("Admin stats failed: " . $e->getMessage());
+            return [];
+        }
+    }
+
+    /**
+     * Validate registration data
+     */
+    private function validateRegistrationData(array $data): void
+    {
+        $required = ['name', 'email', 'password'];
+        foreach ($required as $field) {
+            if (empty($data[$field])) {
+                throw new \InvalidArgumentException("Campo {$field} é obrigatório");
+            }
+        }
+
+        if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
+            throw new \InvalidArgumentException('Email inválido');
+        }
+
+        if (strlen($data['name']) < 2) {
+            throw new \InvalidArgumentException('Nome deve ter pelo menos 2 caracteres');
+        }
+
+        if (strlen($data['password']) < 8) {
+            throw new \InvalidArgumentException('Senha deve ter pelo menos 8 caracteres');
+        }
+    }
+
+    /**
+     * Check if user is admin
+     */
+    public function isAdmin(int $userId): bool
+    {
+        try {
+            $stmt = $this->db->prepare("SELECT role FROM users WHERE id = ?");
+            $stmt->execute([$userId]);
+            $user = $stmt->fetch();
+
+            return $user && $user['role'] === 'admin';
+
+        } catch (PDOException $e) {
+            error_log("Admin check failed: " . $e->getMessage());
+            return false;
+        }
+    }
+}

src/_init_.php

@@ -0,0 +1,153 @@
+<?php
+
+/**
+ * SoftEdge Corporation - Initialization File
+ * Sets up the application environment and autoloading
+ */
+
+// Start session if not already started
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
+// Set timezone
+date_default_timezone_set('Africa/Luanda');
+
+// Error handling for production
+if (getenv('APP_ENV') === 'production') {
+    ini_set('display_errors', 0);
+    ini_set('display_startup_errors', 0);
+    error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT);
+} else {
+    ini_set('display_errors', 1);
+    ini_set('display_startup_errors', 1);
+    error_reporting(E_ALL);
+}
+
+// Load environment variables if .env exists
+if (file_exists(__DIR__ . '/../.env')) {
+    $dotenv = \Dotenv\Dotenv::createImmutable(__DIR__ . '/..');
+    $dotenv->load();
+}
+
+// Set default environment variables
+$_ENV['APP_NAME'] = $_ENV['APP_NAME'] ?? 'SoftEdge Corporation';
+$_ENV['APP_URL'] = $_ENV['APP_URL'] ?? 'https://softedge-corporation.up.railway.app';
+$_ENV['APP_ENV'] = $_ENV['APP_ENV'] ?? 'production';
+
+// Security headers
+header('X-Content-Type-Options: nosniff');
+header('X-Frame-Options: DENY');
+header('X-XSS-Protection: 1; mode=block');
+header('Referrer-Policy: strict-origin-when-cross-origin');
+
+// Content Security Policy
+header("Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://unpkg.com https://cdn.tailwindcss.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self'");
+
+// Create logs directory if it doesn't exist
+$logsDir = __DIR__ . '/../logs';
+if (!is_dir($logsDir)) {
+    mkdir($logsDir, 0755, true);
+}
+
+// Set custom error log
+ini_set('error_log', $logsDir . '/php_errors.log');
+
+// Function to get base URL
+function getBaseUrl(): string
+{
+    $protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http';
+    $host = $_SERVER['HTTP_HOST'] ?? 'localhost';
+    $port = $_SERVER['SERVER_PORT'] ?? 80;
+
+    // Don't include port if it's the default for the protocol
+    if (($protocol === 'http' && $port == 80) || ($protocol === 'https' && $port == 443)) {
+        return $protocol . '://' . $host;
+    }
+
+    return $protocol . '://' . $host . ':' . $port;
+}
+
+// Function to get current URL
+function getCurrentUrl(): string
+{
+    return getBaseUrl() . $_SERVER['REQUEST_URI'];
+}
+
+// Function to redirect
+function redirect(string $url, int $statusCode = 302): void
+{
+    header('Location: ' . $url, true, $statusCode);
+    exit;
+}
+
+// Function to sanitize input
+function sanitizeInput(string $input): string
+{
+    return htmlspecialchars(trim($input), ENT_QUOTES, 'UTF-8');
+}
+
+// Function to generate CSRF token
+function generateCsrfToken(): string
+{
+    if (empty($_SESSION['csrf_token'])) {
+        $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
+    }
+    return $_SESSION['csrf_token'];
+}
+
+// Function to validate CSRF token
+function validateCsrfToken(string $token): bool
+{
+    return isset($_SESSION['csrf_token']) && hash_equals($_SESSION['csrf_token'], $token);
+}
+
+// Function to log activity
+function logActivity(string $message, string $level = 'INFO'): void
+{
+    $logFile = __DIR__ . '/../logs/activity.log';
+    $timestamp = date('Y-m-d H:i:s');
+    $ip = $_SERVER['REMOTE_ADDR'] ?? 'unknown';
+    $userAgent = $_SERVER['HTTP_USER_AGENT'] ?? 'unknown';
+
+    $logEntry = "[$timestamp] [$level] [$ip] [$userAgent] $message" . PHP_EOL;
+
+    file_put_contents($logFile, $logEntry, FILE_APPEND | LOCK_EX);
+}
+
+// Function to check if user is rate limited
+function isRateLimited(string $identifier, int $maxRequests = 5, int $timeWindow = 300): bool
+{
+    $rateLimitFile = __DIR__ . "/../logs/rate_limit_{$identifier}.txt";
+    $currentTime = time();
+
+    // Read existing requests
+    $requests = [];
+    if (file_exists($rateLimitFile)) {
+        $requests = json_decode(file_get_contents($rateLimitFile), true) ?? [];
+    }
+
+    // Filter out old requests
+    $requests = array_filter($requests, function($timestamp) use ($currentTime, $timeWindow) {
+        return ($currentTime - $timestamp) < $timeWindow;
+    });
+
+    // Check if rate limit exceeded
+    if (count($requests) >= $maxRequests) {
+        return true;
+    }
+
+    // Add current request
+    $requests[] = $currentTime;
+
+    // Save updated requests
+    file_put_contents($rateLimitFile, json_encode($requests));
+
+    return false;
+}
+
+// Initialize application
+logActivity("Application initialized");
+
+// Autoload classes (Composer will handle this)
+require_once __DIR__ . '/../vendor/autoload.php';