Loading repository data…
Loading repository data…
James-Rivera / repository
SoleSource — PHP/MySQL e-commerce storefront for premium sneakers with a voucher REST API, SMS integration, and an optional AI shopping assistant.
A transparent discovery signal based on current public GitHub metadata.
This score does not audit code, security, maintainers, documentation quality, or suitability. Verify the repository and its current documentation before adoption.
Live Demo: http://dev.art2cart.shop
SoleSource is a PHP/MySQL e-commerce web application focused on premium sneakers.
It delivers a complete storefront experience with user accounts, checkout, admin management, and an optional AI-powered shopping assistant.
SoleSource provides a full-featured sneaker e-commerce platform with a clean UI, structured backend, and modular architecture.
It supports both customer-facing shopping flows and administrative operations, making it suitable for real-world deployment and extension.
Backend
Frontend
Client-Side
Dependencies
/
├── index.php # Public entry point
├── pages/ # Shop, product, cart, checkout, profile, auth
├── includes/ # Layout, auth, products, cart, orders, AI, mail
├── admin/ # Admin dashboard and CRUD tools
├── assets/ # CSS, JS, images, SVGs, favicon
├── data/ # JSON seed data (brands/products)
├── sql/ # Database schemas and backups
├── scripts/ # Background and utility scripts
├── vendor/ # Composer dependencies
├── dev/ # Development helpers
What it does
add_to_cart) which are returned as JSON and audited.How it works (key files)
includes/ai-complete.php — assembles context (session, inventory matches), calls the model client, parses JSON actions and audits them.includes/ai-client.php — provider keys, prompts, retries, and strict JSON parsing.includes/ai-actions/apply-cart-add.php — authenticated server-only endpoint that applies low-risk actions (session cart adds) and writes audit entries.assets/js/ai-chat.js — user chat widget that posts messages to includes/ai-complete.php and renders replies.Security & safety
.env):
ALLOW_AI_DB_WRITE=0 — keep destructive DB writes disabled by default.ALLOW_AI_CART_WRITE=1 — optional whitelist to allow AI to add items to the user's session cart server-side.AI_ACTIONS_SECRET — internal secret required for the trusted apply endpoint.ALLOW_AI_DB_WRITE is explicitly enabled.How to enable (minimum)
.env:
AI_PROVIDER, AI_API_KEY, AI_MODEL (as needed)ALLOW_AI_CART_WRITE=1 to allow cart adds (session-only)ALLOW_AI_DB_WRITE=0 to keep full DB writes disabled.env changes take effect.includes/ai-complete.php directly.Testing & audit
includes/ai-complete.php with apply_actions=true — when allowed the server will call the trusted apply endpoint and return applied or preview statuses.logs/ai_actions.log for review.Recommended defaults
ALLOW_AI_DB_WRITE=0 in production.ALLOW_AI_CART_WRITE=1) if you want AI to help customers build carts, but review logs/ai_actions.log regularly.subtotal_amount, voucher_code, voucher_discount, and voucher_discount_typeALTER TABLE orders ADD COLUMN voucher_discount_type ENUM('percent', 'fixed') DEFAULT NULL;
ALTER TABLE orders ADD COLUMN voucher_discount DECIMAL(10,2) DEFAULT NULL;
ALTER TABLE orders ADD COLUMN subtotal_amount DECIMAL(10,2) DEFAULT NULL;
POST /api/vouchers/generate.php – Issue a new voucher to a student/userPOST /api/vouchers/preview.php – Validate and preview discount detailsPOST /api/vouchers/redeem.php – Mark a code as redeemed and notify collaborator[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12
$headers = @{ Authorization = 'Bearer <API_KEY>'; 'Content-Type' = 'application/json' }
$body = @{ 'student-id' = 'sandbox-checkout'; 'discount-type' = 'percent'; 'discount-value' = 12 } | ConvertTo-Json
Invoke-RestMethod -Uri 'https://dev.art2cart.shop/api/vouchers/generate.php' -Headers $headers -Method Post -Body $body
curl -X POST https://dev.art2cart.shop/api/vouchers/redeem.php \
-H "Authorization: Bearer <API_KEY>" \
-H "Content-Type: application/json" \
-d '{"voucher-code":"REWARD-1A2B","student-id":"course-42","order-number":"ORDER-9001"}'
For complete integration guide, examples in Node.js, and webhook handling, see docs/voucher-api.md.
previewVoucher(), generateVoucher(), and markRedeemed() functionsincludes/api/auth.php module for Bearer token validationcomposer install
cp .env.example .env
Create a MySQL database and import the schema (see Database Setup).
Configure the .env file with the following values:
Database
DB_HOSTDB_PORTDB_NAMEDB_USERDB_PASSPayPal
PAYPAL_CLIENT_IDPAYPAL_CLIENT_SECRETPAYPAL_BASE_URL (sandbox or live)MAIL_HOSTMAIL_PORTMAIL_USERMAIL_PASSMAIL_FROM_EMAILMAIL_FROM_NAMEAI
/sql directorymysql -u <user> -p <db_name> < sql/complete.sql
php -S localhost:8000 -t .
/admin/index.phpRun manually or schedule via cron / Task Scheduler:
php scripts/auto-advance-orders.php
php scripts/worker-email.php
.env or sensitive credentialsBlank pages
display_errors in developmentDatabase issues
PayPal
Email not sending
AI assistant issues
A practical guide for running SoleSource locally on Windows using XAMPP.
vendor/ is missing)git clone <repo-url> D:\xampp\htdocs\solesource
cd D:\xampp\htdocs\solesource
composer install
Import the database via phpMyAdmin and configure the environment variables.
Open in browser:
http://localhost/solesource/
.htaccessPlace this file in the pr