# Overview This is a complete WiseCP/WHMCS-style hosting and software management platform built with PHP 8.2+ and the Smarty template engine. The system provides a full-featured customer-facing website with product catalogs, shopping cart, checkout, and customer portal, alongside a comprehensive admin panel for managing products, orders, users, tickets, and site settings. The platform emphasizes security through CSRF protection, XSS sanitization, prepared statements, and role-based access control. # User Preferences Preferred communication style: Simple, everyday language. # System Architecture ## Core Technology Stack - **Backend**: PHP 8.2+ with PSR-4 autoloading - **Template Engine**: Smarty 4.3 (.tpl files) for separation of presentation and logic - **Database**: MySQL 5.7+/MariaDB 10.3+ with PDO prepared statements - **Dependency Management**: Composer for package management ## Application Structure The application follows a structured directory organization: - `app/` - Core application logic with PSR-4 autoloading - `templates/frontend/barajtheme/` - Customer-facing Smarty templates - `templates/admin/barajtheme/` - Admin panel Smarty templates - `public/` - Web-accessible files and entry point - `config/` - Database and application configuration - `lang/` - Multi-language support (TR/EN) - `uploads/` - User-uploaded content (sliders, images) ## Frontend Architecture **Customer Portal Features:** - Dynamic homepage with slider management, product showcases, and CTAs - Product catalog with filtering (category, price, tags), search, and pagination - Product detail pages with image galleries, pricing tiers, and demo links - Shopping cart and checkout flow with coupon support - Domain WHOIS lookup with availability checking and alternative suggestions - Customer dashboard for profile, services, orders, invoices, and support tickets - Support ticket system with real-time messaging - Multi-language support with SEO-optimized meta tags **Design Pattern:** - Responsive UI built with Tailwind CSS or custom CSS - Template inheritance for consistent layouts - Smarty-based component reuse ## Backend Architecture **Admin Panel Capabilities:** - Dashboard with statistics and quick actions - CRUD operations for products/packages with pricing tiers - Slider management with drag-and-drop ordering - Order and payment tracking - User management with role-based permissions (Super Admin, Admin, Support, Billing, Content Editor) - Ticket assignment and response system - SEO settings per page (meta tags, Open Graph) - Email template customization - Site settings (logo, colors, SMTP) **Data Flow:** - MVC-inspired separation with controllers in PHP, views in Smarty templates - Business logic encapsulated in classes under `app/` namespace - Database abstraction through PDO with prepared statements ## Security Implementation - **CSRF Protection**: Token validation on all forms - **XSS Prevention**: htmlspecialchars sanitization on output - **SQL Injection Protection**: PDO prepared statements throughout - **Authentication**: Bcrypt password hashing - **Session Management**: Secure session handling with appropriate flags - **Authorization**: Role-based access control system **Known Security Considerations:** - PHP 8.2 compatibility issue with phpwhois library (deprecated syntax warnings) - Database error handling uses die() in development (needs production-grade error handling) ## Payment Integration Architecture The system supports multiple payment gateways through an adapter pattern: - iyzico integration - PayTR support - Stripe (optional) - Papara adapter - Test mode capability for development Payment flow: Product selection → Cart → Checkout → Payment gateway → Order confirmation → Invoice PDF generation ## Domain Management - WHOIS lookup functionality via phpwhois library - Domain availability checking - Alternative domain suggestions (different TLDs) - Registrar API adapters (Namecheap, GoDaddy, Net4Satıcı support planned) # External Dependencies ## Core Libraries - **smarty/smarty (^4.3)**: Template engine for view layer separation - **vlucas/phpdotenv (^5.5)**: Environment configuration management ## Email & PDF - **phpmailer/phpmailer (^6.8)**: SMTP email sending for transactional emails - **tecnickcom/tcpdf (^6.6)**: PDF generation for invoices and documents ## Payment & Domain Services - **stripe/stripe-php (^13.0)**: Stripe payment gateway integration - **phpwhois/phpwhois (^4.2)**: WHOIS domain lookup (has PHP 8.2 deprecation warnings) ## Polyfills & Compatibility - **symfony/polyfill-ctype**: Character type checking compatibility - **symfony/polyfill-mbstring**: Multibyte string handling - **symfony/polyfill-php80**: PHP 8.0 feature backporting - **graham-campbell/result-type**: Type handling for phpdotenv - **phpoption/phpoption**: Optional type support ## External Service Integrations - SMTP servers for email delivery - Payment gateway APIs (iyzico, PayTR, Stripe, Papara) - Domain registrar APIs (planned/optional) - WHOIS servers for domain lookups ## Database - MySQL 5.7+ or MariaDB 10.3+ - PDO extension required for database operations