# Phase 2 Complete Deployment Checklist

## Overview
Phase 2 implementation is **100% complete** and **ready for production deployment**. This checklist ensures a smooth rollout.

---

## Pre-Deployment (Do Before Going Live)

### Code Review
- [ ] Review Phase 2 commits in git log
  ```bash
  git log --oneline feature/site-restructure | head -8
  ```
  You should see:
  - ✅ CsrfMiddleware + CSRF token implementation
  - ✅ RateLimitMiddleware + rate limiting integration
  - ✅ Session regeneration on login
  - ✅ AuditLogger + audit logging integration
  - ✅ PHASE2_COMPLETE.md documentation
  - ✅ Database migration script

### Database Backup
- [ ] **CRITICAL:** Backup your production database
  ```
  In phpMyAdmin:
  1. Select database "4wdcsa"
  2. Click "Export"
  3. Save to safe location with timestamp: 4wdcsa_backup_2025-12-02.sql
  ```

### Test Environment
- [ ] Deploy to test/staging server first (NOT production)
- [ ] Run migration on test database
- [ ] Test all critical paths on test server

---

## Deployment Steps (Production)

### Step 1: Database Migration (5 minutes)
- [ ] Login to phpMyAdmin
- [ ] Go to database: `4wdcsa`
- [ ] Click "Import" tab
- [ ] Choose file: `migrations/001_create_audit_logs_table.sql`
- [ ] Click "Go"
- [ ] **Verify success:** Should see "1 query executed successfully"

### Step 2: Verify Table Created (2 minutes)
- [ ] In phpMyAdmin, refresh the table list
- [ ] Look for `audit_logs` table in the left sidebar
- [ ] Click on it to verify columns exist:
  - [ ] log_id (INT, Primary Key)
  - [ ] user_id (INT, FK to users)
  - [ ] action (VARCHAR)
  - [ ] status (VARCHAR)
  - [ ] ip_address (VARCHAR)
  - [ ] details (JSON)
  - [ ] created_at (TIMESTAMP)

### Step 3: Code Deployment (5-10 minutes)
- [ ] Pull latest code from `feature/site-restructure` branch
  ```bash
  git pull origin feature/site-restructure
  # OR merge into main/master
  git checkout main
  git merge feature/site-restructure
  ```
- [ ] Verify no conflicts in merge
- [ ] Confirm all Phase 2 files present:
  - [ ] `src/Middleware/CsrfMiddleware.php`
  - [ ] `src/Middleware/RateLimitMiddleware.php`
  - [ ] `src/Services/AuditLogger.php`
  - [ ] Updated form files (trip-details.php, login.php, etc.)
  - [ ] Updated processor files (validate_login.php, etc.)

### Step 4: Clear Caches (If Applicable)
- [ ] Clear PHP opcache (if using)
- [ ] Clear any session cache
- [ ] Clear CDN cache (if using)

---

## Post-Deployment Testing (Critical!)

### Test 1: Login Flow (10 minutes)
**Test Normal Login:**
- [ ] Go to login page: `https://yourdomain.com/login.php`
- [ ] Enter valid email/password
- [ ] Click "Log In"
- [ ] **Expected:** Login succeeds, redirected to index.php
- [ ] Check phpMyAdmin → audit_logs table
  - [ ] Should have new row with action="login_success"
  - [ ] Should show your IP address
  - [ ] Should show your email in details JSON

**Test Failed Login:**
- [ ] Go to login page again
- [ ] Enter wrong password
- [ ] **Expected:** "Invalid password" error shows
- [ ] Check audit_logs table
  - [ ] Should have new row with action="login_failure"
  - [ ] Details should show reason="Invalid password"

**Test CSRF Protection:**
- [ ] Open browser developer tools (F12)
- [ ] Go to login page
- [ ] Check HTML for CSRF token:
  ```html
  <input type="hidden" name="csrf_token" value="...">
  ```
- [ ] Should be present in login form

**Test Rate Limiting:**
- [ ] Go to login page
- [ ] Enter wrong password 5 times in quick succession
- [ ] **Expected:** After 5th attempt, get "Too many attempts" error
- [ ] Wait 5-10 seconds, try again - should still be rate limited
- [ ] Wait 15+ minutes, try again - should be allowed

### Test 2: CSRF Token on Forms (10 minutes)
**Test Trip Booking Form:**
- [ ] Go to trip-details.php (any trip)
- [ ] Inspect the booking form (F12 → Elements)
- [ ] Look for: `<input type="hidden" name="csrf_token" value="...`
- [ ] **Expected:** CSRF token field present

**Test Camping Form:**
- [ ] Go to campsite_booking.php
- [ ] Inspect form
- [ ] **Expected:** CSRF token field present

**Test Membership Application:**
- [ ] Go to membership_application.php
- [ ] Inspect form
- [ ] **Expected:** CSRF token field present

### Test 3: Session Regeneration (5 minutes)
**Verify Session Handling:**
- [ ] Log in successfully
- [ ] Check browser cookies (F12 → Application → Cookies)
- [ ] Note the PHPSESSID value
- [ ] Refresh the page
- [ ] **Expected:** Same PHPSESSID (session maintained)
- [ ] Log out and log in again
- [ ] **Expected:** New PHPSESSID (session regenerated)

### Test 4: Audit Logging (5 minutes)
**Check Audit Trail:**
- [ ] Make 2-3 successful logins (as test user)
- [ ] Make 2-3 failed login attempts
- [ ] Make a booking
- [ ] In phpMyAdmin, run query:
  ```sql
  SELECT * FROM audit_logs ORDER BY created_at DESC LIMIT 10;
  ```
- [ ] **Expected:** Should see your login attempts and booking action
- [ ] Check details JSON column - should have metadata

### Test 5: Critical Workflows (15 minutes)
- [ ] **Complete a booking:**
  - [ ] Log in
  - [ ] Go to trip-details.php
  - [ ] Fill booking form
  - [ ] Submit
  - [ ] Should work normally (CSRF token validated)
  
- [ ] **Reset password:**
  - [ ] Go to forgot_password.php
  - [ ] Request password reset
  - [ ] **Expected:** Rate limited after 3 requests in 30 minutes
  
- [ ] **Google OAuth:**
  - [ ] Try Google login (if configured)
  - [ ] **Expected:** Should work, session regenerated, audit log created

---

## Monitoring Post-Deployment (First 24 Hours)

### Check Error Logs
- [ ] Review PHP error logs for any CsrfMiddleware errors
- [ ] Check AuditLogger database errors
- [ ] Look for RateLimitMiddleware issues
- [ ] **Expected:** No errors related to Phase 2

### Monitor Audit Logs
- [ ] Run query to see login attempts:
  ```sql
  SELECT COUNT(*) as total_logins FROM audit_logs 
  WHERE action = 'login_success' 
  AND created_at > DATE_SUB(NOW(), INTERVAL 1 HOUR);
  ```
- [ ] Should see normal login activity

### Check for Brute Force
- [ ] Run query to detect suspicious activity:
  ```sql
  SELECT ip_address, COUNT(*) as attempts, 
         MAX(created_at) as latest_attempt
  FROM audit_logs 
  WHERE action = 'login_failure' 
  AND created_at > DATE_SUB(NOW(), INTERVAL 1 HOUR)
  GROUP BY ip_address 
  HAVING attempts > 5
  ORDER BY attempts DESC;
  ```
- [ ] **Expected:** Either no results or legitimate users (no malicious IPs)

### Database Performance
- [ ] Check audit_logs table size:
  ```sql
  SELECT 
    table_name, 
    ROUND(((data_length + index_length) / 1024 / 1024), 2) AS size_mb
  FROM information_schema.TABLES 
  WHERE table_schema = '4wdcsa' AND table_name = 'audit_logs';
  ```
- [ ] **Expected:** Should be very small (< 5MB even with 1000 logs)

---

## Rollback Procedures (If Needed)

### Option 1: Drop Audit Logs Table Only
```sql
DROP TABLE audit_logs;
```
**Impact:** Site continues working, audit logging stops. Can redeploy migration later.

### Option 2: Restore Full Database from Backup
```
In phpMyAdmin:
1. Click "Import"
2. Select your backup file (4wdcsa_backup_2025-12-02.sql)
3. Click "Go"
```
**Impact:** Database reverts to pre-deployment state. Code remains updated.

### Option 3: Revert Code Changes
```bash
git checkout feature/site-restructure^  # Go back 1 commit
# OR
git revert -n <commit-hash>             # Revert specific commits
```
**Impact:** Code reverts, database stays updated. Audit logging still works.

---

## Success Criteria (Must All Be True)

- [ ] ✅ Database migration completed without errors
- [ ] ✅ audit_logs table visible in phpMyAdmin with 7 columns
- [ ] ✅ Successful login creates audit_logs entry
- [ ] ✅ Failed login creates audit_logs entry with failure reason
- [ ] ✅ CSRF tokens present in all forms
- [ ] ✅ Rate limiting prevents >5 login attempts per 15 mins
- [ ] ✅ Session regenerates on successful login
- [ ] ✅ Bookings/payments work normally
- [ ] ✅ No error logs from CsrfMiddleware, RateLimitMiddleware, or AuditLogger
- [ ] ✅ Database performance unaffected (audit_logs table < 5MB)

---

## Documentation Generated

All the following have been created and are ready for reference:

- [x] `PHASE2_COMPLETE.md` - Comprehensive Phase 2 documentation
- [x] `DATABASE_MIGRATION_GUIDE.md` - Database deployment guide
- [x] `migrations/001_create_audit_logs_table.sql` - Migration script
- [x] This checklist file

---

## Sign-Off

**Deployment Date:** ________________
**Deployed By:** ________________
**Verified By:** ________________
**Database Backup Location:** ________________

### Final Confirmation
- [ ] All tests passed
- [ ] All monitoring checks passed
- [ ] Database backed up
- [ ] Team notified
- [ ] Documentation updated

**Status:** ✅ **Ready for Production Deployment**

---

## Contact & Support

If issues arise:
1. Check `DATABASE_MIGRATION_GUIDE.md` troubleshooting section
2. Review error logs (php error_log)
3. Check phpMyAdmin → audit_logs for unusual patterns
4. Use rollback procedures above if needed

Phase 2 is production-ready! 🚀