A secure, feature-rich web-based clipboard application built with PHP and MySQL. Create boards, share snippets, and collaborate with your team.
- User registration and authentication
- Secure password hashing with
password_hash() - Session-based authentication
- Create unlimited boards with custom names
- Automatic URL-friendly suburl generation
- Three public access levels:
- Private: No public access
- Public View: Anyone can view clips
- Public Add: Anyone can view and add clips
- Optional password protection for boards
- Toggle clip editability (read-only mode)
- Owner: Full admin access to their boards
- Collaborators: Three permission levels
- View: Can only view clips
- Edit: Can view, add, edit, and delete clips
- Admin: Full access including board settings
- Smart permission system: checks user-specific roles first, then falls back to public access
- Temporary password access for protected boards
- Add, edit, and delete text-based clips
- Automatic timestamp tracking
- User attribution for clips
- Respects board editability settings
- Clean, readable presentation
- Backend: PHP 8.1+
- Database: MySQL with PDO (prepared statements)
- Frontend: HTML5, CSS3, JavaScript
- Framework: Bootstrap 5 (responsive design)
- Routing: Front-controller pattern with
.htaccess
CLIPBOARD/
├── config.php # Configuration and database credentials
├── index.php # Main router (front controller)
├── .htaccess # URL rewriting rules
├── src/
│ ├── db.php # PDO database connection
│ └── functions.php # Core business logic
├── templates/
│ ├── header.php # HTML header and navigation
│ ├── footer.php # HTML footer
│ ├── home.php # Homepage
│ ├── login.php # Login form
│ ├── register.php # Registration form
│ ├── board.php # Board view with clips
│ ├── board_settings.php # Board settings and collaborators
│ └── password_prompt.php # Password entry for protected boards
└── assets/
└── style.css # Custom CSS styles
- PHP 8.1 or higher
- MySQL 5.7 or higher
- Apache web server with mod_rewrite enabled
- XAMPP, WAMP, or similar local development environment
-
Clone or Download this repository to your web server directory
-
Create Database
- Open phpMyAdmin or MySQL command line
- Create a new database:
clipboard_db - Import the database schema from
database.sql
-
Configure Database Connection
- Open
config.php - Update the database credentials:
define('DB_HOST', 'localhost'); define('DB_NAME', 'clipboard_db'); define('DB_USER', 'root'); define('DB_PASS', '');
- Open
-
Update Site URL
- In
config.php, update theSITE_URLconstant to match your setup:define('SITE_URL', 'http://localhost/CLIPBOARD');
- In
-
Verify .htaccess
- Ensure
RewriteBasein.htaccessmatches your directory:RewriteBase /CLIPBOARD/
- Ensure
-
Set Permissions (Linux/Mac)
chmod 755 CLIPBOARD/ chmod 644 CLIPBOARD/*.php -
Enable mod_rewrite (Apache)
- Make sure
mod_rewriteis enabled in Apache - For XAMPP, it's usually enabled by default
- Make sure
-
Access the Application
- Open your browser and navigate to:
http://localhost/CLIPBOARD
- Open your browser and navigate to:
-
Register an Account
- Click "Register" in the navigation
- Enter username, email, and password (min 6 characters)
- You'll be redirected to login
-
Create a Board
- After logging in, use the "Create New Board" form
- Set a name, choose access level, and optionally add a password
- Click "Create Board"
-
Share Your Board
- Copy the board URL (e.g.,
http://localhost/CLIPBOARD/b/my-board) - Share with collaborators
- Copy the board URL (e.g.,
- Click "Board Settings" button on your board
- Update name, access level, editability, or password
- Add/remove collaborators with specific permissions
- Delete the board (danger zone)
- Private: Only you and invited collaborators can access
- Public View: Anyone with the link can view clips
- Public Add: Anyone with the link can view and add clips
- Set a Password: In board settings, enter a password to protect your board
- Change Password: Enter a new password to update the existing one
- Remove Password: Check the "Remove password protection" checkbox to disable password protection entirely
- How it Works: Visitors must enter the password to gain temporary view access
- Use Case: Great for sharing with non-registered users securely
- If you have edit permission, use the "Add New Clip" form
- Enter your text content
- Click "Add Clip"
- Click "Edit" button on any clip (if you have permission)
- Modify the content
- Click "Save"
- Click "Delete" button on any clip (if you have permission)
- Confirm the deletion
-
As Board Owner/Admin:
- Go to Board Settings
- Select a user from the dropdown
- Choose permission level (View, Edit, or Admin)
- Click "Add"
-
Permission Levels:
- View: Can see all clips but cannot add/edit/delete
- Edit: Can add new clips and edit/delete existing ones (respects board's editable flag)
- Admin: Can do everything including manage board settings
- SQL Injection Protection: All queries use PDO prepared statements
- XSS Prevention: All output is escaped with
htmlspecialchars() - Password Security: Passwords hashed with
password_hash()(bcrypt) - Session Security: HTTP-only cookies, secure session handling
- CSRF Protection: Consider adding CSRF tokens for production use
- Permission Checks: Every action validates user permissions
Before deploying to production:
-
Update Configuration
- Set proper database credentials
- Update
SITE_URLto your domain - Enable HTTPS and set
session.cookie_secureto 1
-
Disable Error Display
error_reporting(0); ini_set('display_errors', 0);
-
Enable Error Logging
- Configure PHP to log errors to a file
- Monitor logs regularly
-
Add CSRF Protection
- Implement CSRF tokens for all forms
- Validate tokens on POST requests
-
Set Up Backups
- Regular database backups
- File backups
-
Use HTTPS
- Install SSL certificate
- Force HTTPS in
.htaccess
-
Security Headers
- Add security headers in Apache config or PHP
- Content-Security-Policy, X-Frame-Options, etc.