A modern e-commerce web application for game distribution, built from scratch using Pure PHP (No Frameworks) following Object-Oriented Programming (OOP) principles, SOLID, and the MVC architecture. The project is fully containerized using Docker.
- Project Overview & Live Demo
- Key Features
- Technologies and Patterns
- Application Architecture
- Database Schema and Logic
- Getting Started (Installation)
- Test Scenarios
- Error Handling and Testing
- Project Requirements Checklist
GameNest is a comprehensive platform where users can discover, review, and manage their personal game libraries. It features a robust permission system, an administrative dashboard for inventory management, and a high-performance database layer.
Live Environment: The project has been deployed to a production environment.
- Live Demo: gamenest.com.pl
- Real File Distribution: Users can not only browse but actually download physical game files (
.exe,.zip) for titles they own, directly from the platform's secure storage. - Dynamic Store & Search: Real-time, asynchronous filtering (by category, price) and sorting capabilities powered by the Fetch API, delivering a seamless SPA-like (Single Page Application) experience.
- Interactive Review System: Users can write, edit, and rate games (1-5 stars). The system includes a community aspect where users can "like" helpful reviews.
- Personalized Library & Wishlist: Track purchased games and add upcoming or unowned titles to a personal wishlist for future reference.
- Role-Based Access Control (RBAC): Strict separation of privileges. Standard users manage their libraries, while Administrators have access to a dedicated dashboard.
- Administrative Dashboard: Full CRUD operations for managing the store's inventory, user accounts, and monitoring the system via an automated Audit Log.
- Secure Authentication: Robust registration and login system with BCRYPT password hashing and secure session management.
The project emphasizes technical excellence and adherence to modern software engineering standards:
| Layer/Category | Technologies & Tools |
|---|---|
| Backend | PHP 8.3 (Strictly OOP, PDO) |
| Frontend | HTML5, CSS3 (Custom Flexbox/Grid), Vanilla JS (Fetch API) |
| Database | PostgreSQL 16 (PL/pgSQL, Triggers, Views) |
| Infrastructure | Docker, Docker Compose, Nginx (Reverse Proxy) |
| Testing Tools | PHPUnit, Bash scripts (cURL integration) |
| Version Control | GIT, GitHub |
- Design Patterns:
- MVC (Model-View-Controller): Complete separation of business logic, data models, and UI templates.
- Repository Pattern: Abstraction layer for database operations to ensure code maintainability.
- Front Controller: Custom routing system managed via
Routing.php.
View implementation here
The application follows a layered architecture. Each request is intercepted by the Front Controller, authenticated by the Security Controller, and then dispatched to specific domain controllers.
The project enforces a strict separation of concerns, keeping core application logic inaccessible from the public web directory:
game-store/
├── docker/ # Container configurations (Nginx, PHP, DB)
├── public/ # Publicly accessible directory (Document Root)
│ ├── resources/ # Assets, images, and downloadable game files
│ ├── scripts/ # Vanilla JS files (Fetch API logic)
│ ├── styles/ # Modular CSS files
│ └── views/ # HTML templates (rendered by controllers)
├── src/ # Core application logic (Protected)
│ ├── controllers/ # Application flow & request handling
│ ├── models/ # Domain entities
│ └── repository/ # Database interaction (PDO)
├── tests/ # PHPUnit and Bash integration tests
└── Routing.php # Front Controller mapping URLs to Controllers
The database was designed according to the Third Normal Form (3NF) to eliminate data redundancy and anomalies. It utilizes relational integrity with foreign keys and cascaded deletions.
Relational Source: Link to draw.io source file
- Relationships:
- 1:1:
users<->user_details(User profile data). - 1:N:
users<->reviews,games<->reviews. - N:M:
users<->user_libraryandwishlist(Implemented via association tables).
- 1:1:
- Views (JOIN usage):
v_user_library_details: Merges user data with owned games and purchase dates.v_game_statistics: Dynamically calculates average ratings and review counts per game.
- Triggers and Functions:
log_user_deletion(): A PL/pgSQL function that captures user deletion metadata.after_user_delete: A trigger that automatically populates theaudit_logtable for security monitoring.
- Transactions: Critical operations use PDO transactions (
beginTransaction,commit,rollback) to ensure data consistency.
View example transaction implementation here
- Docker and Docker Compose installed on your machine.
git clone https://github.com/zephir-x/game-store.git
cd game-store- Create a .env file based on .env.example
cp .env.example .env- Create a .env file based on .env.example
docker compose up -d --build- Web: http://localhost:8080
- Database: Accessible via the port defined in your
.env
To verify the application's functionality, follow these steps:
Credentials:
- Admin:
admin@gmail.com| Password:admin123 - User 1:
user1@gmail.com| Password:user1 - User 2:
user2@gmail.com| Password:user2 - User 3:
user3@gmail.com| Password:user3
Steps:
- Security Check: Log in as a standard User. Manually navigate to
/admin. The system should block access and return a 403 Forbidden error.
View authorization logic here - Dynamic Store: Use the filter and sort controls on the Store page. Observe the content updates without a page refresh.
- Admin CRUD: Log in as an Admin. Create a new game, edit its price, and then delete it.
- Trigger Verification:
- Delete a test user account from the Admin panel.
- Navigate to the "System Audit Logs" section to confirm the automated entry generated by the database trigger.
- Responsiveness: Open the browser's developer tools and toggle device simulation (Mobile). Verify that buttons and cards adjust correctly.
- Global Error Handling: Custom templates for HTTP status codes 400, 403, 404, and 500.
View error handling pages here - Unit Testing: PHPUnit tests for core logic and models (
tests/UserTest.php). - Integration Testing: A bash/curl script (
tests/integration.sh) that verifies API endpoints and response codes. - How to run this tests:
- Install PHPUnit dependencies via Composer:
docker compose exec php composer install - Run PHPUnit tests (Unit/Integration for Models):
docker compose exec php ./vendor/bin/phpunit tests - Run Bash Integration Tests (API/Endpoints):
bash tests/integration.sh
| Development Area | Fulfilled Requirements |
|---|---|
| Architecture & Code | ✔️ Object-Oriented PHP 8.3 (No frameworks) ✔️ MVC Architecture Implementation ✔️ Adherence to SOLID principles |
| Database (PostgreSQL) | ✔️ 3NF Adherence & Data Integrity ✔️ Database Relations (1:1, 1:N, N:M) ✔️ SQL Views with multi-table JOINs ✔️ PL/pgSQL Function and Trigger ✔️ Transaction handling (PDO) |
| Security & Routing | ✔️ Secure Authentication & Sessions ✔️ RBAC (User and Admin roles) ✔️ Custom error pages (403, 404, 500) |
| Frontend Layer | ✔️ Modern UI (HTML5, CSS3, JavaScript) ✔️ Responsive Web Design (Media Queries) |
| DevOps & Quality | ✔️ Dockerization & Environment (.env) ✔️ Version Control (GIT) ✔️ Automated Tests (PHPUnit & Bash) ✔️ ERD and Architecture Diagrams |


