Social Media Platform

A full-stack web application replicating core social media functionalities, built with a focus on secure user interactions, real-time content feeds, and a modular, scalable architecture.

Key Functionalities:

User Authentication & Session Management:

Secure login system using dual-hashed tokens stored in HTTP-only cookies.

Automatic token validation, renewal, and expiration handling based on IP and User-Agent.

Protected routes ensuring only authenticated users can access the platform.

Dynamic Content Feed:

Infinite scrolling feed that dynamically loads posts as the user scrolls.

Post Creation: Users can create text-based posts, or share multiple images (with automatic scaling and optimization) and documents (PDF, DOC, PPT, etc.).

Post Interactions: Like, comment, and share functionalities on posts.

Real-time Updates: Like counts and comment counters update instantly without page refresh via AJAX.

Post Management: Users with admin privileges can delete posts.

Interactive Commenting System:

Nested commenting system allowing users to reply to specific comments.

Ability to like both comments and replies.

User tagging within comment replies (@username functionality).

User Profiles:

Dedicated profile pages displaying user information, cover photo, and post statistics.

Profile Tabs: Separate sections for viewing a user's Posts, Followers, Following list, and About information.

Follow System: Functionality to follow and unfollow other users.

Routing & Navigation:

A custom RouteController handling clean URLs (e.g., index.php?target=profile&uid=123) for navigating to specific posts and user profiles.

Security & Data Integrity:

Input Validation & Sanitization: Robust server-side checks for all user inputs and file uploads.

Secure ID Obfuscation: Post and Comment IDs are encrypted using AES-256-CBC before being sent to the client to prevent tampering.

File Upload Security: Strict whitelists for allowed file extensions (images and documents) to prevent malicious uploads.

Technologies & Technical Stack:

Backend:

PHP: Core server-side language for application logic, database operations, and routing.

MySQL (with PDO): Database for storing users, posts, comments, likes, followers, and sessions. Uses prepared statements to prevent SQL injection.

Encryption: OpenSSL (AES-256-CBC) for securing client-side identifiers.

Frontend:

HTML5: For structuring the web pages.

CSS3: For styling, including responsive design principles for the feed and profile layouts.

Vanilla JavaScript (ES6+): For dynamic client-side interactivity. Uses modern features like fetch API for asynchronous communication (AJAX) to handle post creation, liking, commenting, and infinite scrolling without page reloads.

Modular JavaScript: Code is organized into modules (e.g., Feed.js, Profile.js) for maintainability.