🗒️ Tiny Notes

A single-file PHP 8+ + SQLite + Bootstrap 5 notes application.
Includes:

• User authentication (first registered user becomes admin)
• CSRF protection
• Secure sessions
• Create / edit / delete notes (per-user)
• Mobile-friendly Bootstrap UI
• Zero dependencies (just PHP & SQLite)

🚀 Quick start

1. Clone this repo:

   git clone https://github.com/yourname/tiny-notes.git
   cd tiny-notes

2. Run with PHP’s built-in server:

   php -S 127.0.0.1:8000 index.php

3. Open http://127.0.0.1:8000 in your browser.

4. The first visitor is prompted to create an admin account.
   After that, log in with those credentials.

📂 Project structure

index.php   # Entire app (PHP + HTML + Bootstrap)
data/       # Created at runtime; contains app.sqlite database
.gitignore  # Prevents committing database/session junk
README.md   # This file

🔒 Security notes

• Sessions use HttpOnly + SameSite=Lax; cookies are secure if HTTPS.
• CSRF tokens are required for all POST requests.
• Database file (data/app.sqlite) is in .gitignore — never commit it.
• For production on Apache or Nginx, block direct web access to /data/.

Example .htaccess for Apache:

# Prevent access to the database directory
RedirectMatch 403 ^/data/

🛠️ Requirements

• PHP 8.1 or higher
• SQLite 3
• A writable filesystem (for data/)

✨ Features roadmap (ideas)

• Multi-user roles (admin vs. normal users)
• Password reset / change password
• Markdown rendering for note bodies
• File attachments

📜 License

MIT — do whatever you like, just don’t remove attribution.