GSP/Panel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Panel/docs/modules/website.md

5.8 KiB
Raw Blame History

Website

Workspace reference: GSP-WORKSPACE.md

Purpose

Public Gameservers.World sales, documentation, and customer-entry website.

Runtime Location

  • Canonical public site: Panel/modules/website/
  • Billing catalog and order flow: Panel/modules/billing/
  • Legacy compatibility site: Website/

Design Rules

  • Public pages must load without fatal errors when billing config is missing
  • Path and URL handling must be centralized
  • Panel and login URLs must be configuration-driven
  • Documentation must be readable without depending on billing database access
  • Catalog pages may degrade gracefully when billing data is unavailable

Helpers

The website module centralizes these helpers in includes/bootstrap.php:

  • website_url()
  • website_asset()
  • panel_url()
  • login_url()
  • billing_url()
  • documentation_url()

Billing Interaction

The website does not include the billing config loader directly. It reads panel or billing DB values safely, uses them only when needed, and avoids public fatal errors tied to missing config files.

Shared Accounts and SSO

The website uses the Panel users table as the account source of truth. A customer has the same user_id on Gameservers.World, the GSP Panel, support, billing, and server orders.

Website login verifies credentials against the existing Panel password hash format. This preserves current Panel login behavior and avoids a second website password database.

gameservers.world and panel.iaregamer.com cannot share a normal PHP session cookie because they are unrelated parent domains. The bridge is a one-time SSO token:

  • website to Panel: Panel/modules/website/sso.php creates a token and redirects to Panel/sso.php
  • Panel to website: Panel/sso.php creates a token and redirects back to Panel/modules/website/sso.php
  • table: OGP_DB_PREFIXsso_tokens
  • lifetime: 30-60 seconds
  • storage: SHA-256 token hash only
  • reuse: rejected after used_at is set
  • URL contents: token only, never passwords, password hashes, API keys, or PHP session IDs
  • HTTPS is required in production

Expired tokens are cleaned opportunistically when SSO is used. The administration module also creates the table for fresh installs.

Ordering

The current public catalog route is serverlist.php. Customer-facing Order buttons must use:

  • order.php?service_id=...

The old billing/order.php route is obsolete in this repository layout and must not be used for active Gameservers.World links.

order.php validates the requested service_id server-side against enabled catalog records before allowing the customer to continue. Logged-out customers have the intended order path stored in the website session, are sent to login.php, and return to the same service after successful login.

The website owns catalog display, order intent, login-return behavior, checkout entry, and customer confirmation. The Panel owns final provisioning, server assignment to the shared user_id, game-home creation, agent handoff, and provisioning state. Public browser requests must not call private provisioning methods directly.

Checkout/payment handlers are not present in this repository checkout. Until the active payment runtime is connected, order.php validates the selected service and sends the customer to support instead of pretending payment or provisioning is available.

Navigation

Website footer account links are state-aware:

  • logged out: Account Login, Order a Server, Control Panel
  • logged in: My Account, Order a Server, Control Panel, My Servers, Log Out
  • staff-only links appear only for Panel admin users and still rely on Panel authorization server-side

The website Control Panel button sends logged-in users through website-to-Panel SSO. Logged-out users go through website login first. The Panel dashboard Order Another Server link sends logged-in Panel users through Panel-to-website SSO.

Deployment

Recommended:

  1. DocumentRoot -> Panel/modules/website
  2. Apache Alias /billing -> Panel/modules/billing
  3. Configure:
    • public_base_url
    • billing_base_url
    • panel_url
    • login_url

Key Public Pages

  • index.php
  • serverlist.php
  • docs.php
  • pricing.php
  • locations.php
  • support.php
  • login.php
  • account.php
  • order.php
  • sso.php

Pricing and Platform Reference

  • Internal workbook: pricing/gameservers_world_pricing_catalog.xlsx
  • Public summary config: Panel/modules/website/config/pricing.php
  • Optional overrides: Panel/modules/website/config/config.php and config.local.php

The website uses a compact public pricing summary instead of parsing the workbook at runtime. Pricing and platform wording should stay centralized so homepage, server catalog, and pricing pages remain consistent.

Public pricing rules:

  • standard hosting starts at $0.50 per slot
  • selected legacy servers can start around $4 per month
  • most standard plans use a 16-slot minimum
  • fixed-cap games may differ
  • custom development is quoted separately

Platform rules:

  • hardware details are secondary website information
  • customization, legacy-game support, backups, monitored capacity, and developer-backed help remain the main sales points
  • example host specifications should be updated in the central config rather than scattered across templates

Runlevel Systems Project Request Integration

  • Services config: Panel/modules/website/config/services.php
  • Shared footer branding: Panel/modules/website/includes/footer.php
  • Homepage CTA: Panel/modules/website/pages/home.php

Current project request URL:

  • https://runlevelsystems.com/start-project.php

Branding rules:

  • official company name: Runlevel Systems
  • official company URL: https://runlevelsystems.com/
  • website pages should distinguish ordinary support from separately scoped project work