GShase is a PHP and MySQL web platform designed for the search, visualization, publication review, and validation of academic articles and research documents.
The project includes a public search interface, user access pages, administrator tools, PDF document visualization, database integration, and an AI chatbot assistant powered through Botpress.
Note
This project was developed as part of Hack Puebla 2024 focused on document discovery, research publication access, and institutional validation.
GShase is an academic/hackathon prototype developed for Hack Puebla 2024.
The current version includes the main interface, login flow, search filters, database structure, PDF visualization workflow, admin validation concept, and Botpress chatbot integration.
Warning
This project is not production-ready. Some backend workflows, security practices, database consistency issues, and UI details still need improvement.
GShase is a web application that helps users search for academic documents by title, author, publication year, and exclusion filters. It also includes an administrator panel where pending documents can be validated or deleted.
The platform includes:
- Home page with search access.
- User login page.
- User registration form.
- Search and filter page.
- Document visualization page.
- Admin dashboard.
- PDF document preview.
- Author information display.
- Document validation workflow.
- Document deletion workflow.
- Author deletion workflow.
- Botpress chatbot integration.
- MySQL database dump.
- Project documentation, mockups, and demo video.
Important
The project uses PHP with a MySQL/MariaDB database. It should be run through a local server environment such as XAMPP, WAMP, MAMP, or a configured Apache/PHP server.
The purpose of GShase is to create a platform for the diffusion of high-impact articles and investigations.
The system allows users to:
- Search for research documents.
- Filter results by author and publication year.
- Open and preview PDF documents.
- View author and institution information.
- Access an AI assistant.
- Submit or manage document-related information.
- Validate pending documents through an admin panel.
- PHP-based web application.
- MySQL/MariaDB database connection using PDO.
- Public document search engine.
- Search filters by:
- Document title.
- Author name.
- Publication year.
- Before / during / after year logic.
- Excluded keywords.
- PDF document visualization.
- Author profile information.
- Institution information.
- Login system with PHP sessions.
- Admin dashboard.
- Pending document validation.
- Document deletion.
- Author and document deletion.
- Botpress webchat integration.
- Responsive-style custom CSS.
- Project documentation.
- UI mockups.
- Database dump included.
- Demo video included.
GShase-main/
│
├── access.php
├── adminPagina.php
├── busqueda.php
├── create.php
├── inicio.php
├── visualizacion.php
├── LICENSE
│
├── css/
│ └── style.css
│
├── database/
│ ├── database.php
│ ├── deleteAutor.php
│ ├── deleteDocumento.php
│ ├── login.php
│ ├── logout.php
│ ├── validateDocumento.php
│ └── viewpdf.php
│
├── documentacion/
│ ├── Diagrama de flujo IA.pdf
│ ├── GShase - Diagramas Proyecto - 4+1 & Base de Datos.pdf
│ ├── Video de Hackhaton 2.mp4
│ └── mockups/
│ ├── Admin.pdf
│ ├── Login.pdf
│ ├── buscar.pdf
│ ├── createUser.pdf
│ ├── feed_usuario.pdf
│ ├── inicio.pdf
│ └── visualizacion.pdf
│
├── images/
│ ├── ask.png
│ ├── logo.png
│ ├── logo_letra.png
│ ├── test.png
│ ├── usuario_default.png
│ └── welcome_image.png
│
├── scripts/
│ ├── chatbot.js
│ └── create.js
│
└── sql/
└── hackaton_2024.sql
| File | Description |
|---|---|
inicio.php |
Main homepage with welcome message, login/register buttons, search bar, and chatbot button. |
access.php |
Login page for user access. |
create.php |
User creation / registration form. |
busqueda.php |
Search page with filters and document result listing. |
visualizacion.php |
Document visualization page with PDF preview and author information. |
adminPagina.php |
Admin panel for reviewing pending documents. |
database/database.php |
PDO database connection class. |
database/login.php |
Login validation logic. |
database/logout.php |
Session logout logic. |
database/validateDocumento.php |
Marks a document as validated. |
database/deleteDocumento.php |
Deletes a document from the database. |
database/deleteAutor.php |
Deletes an author and their associated documents. |
database/viewpdf.php |
Retrieves and displays a PDF stored as a BLOB in the database. |
scripts/chatbot.js |
Opens the Botpress webchat. |
scripts/create.js |
Handles registration-form validation and institution-selection behavior. |
css/style.css |
Main stylesheet for the platform. |
sql/hackaton_2024.sql |
MySQL/MariaDB database dump. |
LICENSE |
Project license file. |
To run this project locally, you need:
- PHP
- MySQL or MariaDB
- Apache or another PHP-compatible web server
- phpMyAdmin, recommended
- A browser
- Internet access for Botpress chatbot scripts
Recommended local environments:
- XAMPP
- WAMP
- MAMP
- Laragon
- Native Apache + PHP + MySQL setup
The SQL dump was generated with:
MariaDB 10.4.32
PHP 8.1.25
phpMyAdmin 5.2.1
Tip
XAMPP is probably the easiest way to run this project locally because it includes Apache, PHP, MySQL/MariaDB, and phpMyAdmin.
The project uses a database named:
hackaton_2024
The database dump is located at:
sql/hackaton_2024.sql
The database includes tables such as:
| Table | Purpose |
|---|---|
admininstitucional |
Stores institutional admin credentials. |
adminpagina |
Stores page admin credentials. |
autor |
Stores author information. |
biblioteca |
Stores document metadata and PDF BLOB data. |
búsqueda |
Stores user search-related data. |
institucion |
Stores institution information. |
seguimiento |
Stores user-author follow relationships. |
usuario |
Stores user account information. |
Important
The PHP connection file expects the database name to be hackaton_2024.
The database connection is configured in:
database/database.php
Default configuration:
private static $dbName = 'hackaton_2024';
private static $dbHost = 'localhost';
private static $dbUsername = 'root';
private static $dbUserPassword = '';If your local server uses different credentials, update these values.
Example:
private static $dbName = 'hackaton_2024';
private static $dbHost = 'localhost';
private static $dbUsername = 'root';
private static $dbUserPassword = 'your_password';Warning
Do not use root credentials with an empty password in production. This configuration is only acceptable for local testing.
Clone the repository:
git clone https://github.com/iiRoy/GShase.gitMove the project folder into your local server directory.
For XAMPP on Windows, place it inside:
C:/xampp/htdocs/
For XAMPP on macOS, place it inside:
/Applications/XAMPP/htdocs/
Start Apache and MySQL from XAMPP.
Open phpMyAdmin:
http://localhost/phpmyadmin
Create a database named:
hackaton_2024
Import the SQL dump:
sql/hackaton_2024.sql
Open the project in your browser:
http://localhost/GShase-main/inicio.php
Tip
If your folder name is different, update the URL to match your local folder name.
- Start Apache.
- Start MySQL/MariaDB.
- Import
sql/hackaton_2024.sql. - Verify the database credentials in
database/database.php. - Open:
http://localhost/GShase-main/inicio.php
- Use the search bar or navigate through the platform.
inicio.php
The homepage includes:
- GShase header.
- Welcome section.
- Login button.
- Registration button.
- Search bar.
- Chatbot access button.
access.php
The login page includes:
- Username field.
- Password field.
- Login button.
- Link to create a new account.
The form sends data to:
database/login.php
create.php
The registration page includes fields for:
- Full name.
- Academic title.
- Specialty.
- Email.
- Institution.
- Password.
- Password confirmation.
- First document upload.
The form uses JavaScript validation from:
scripts/create.js
Warning
The current registration form validates input on the frontend, but the backend submission flow may need further implementation before it can fully create new users and upload documents into the database.
busqueda.php
The search page allows users to search and filter documents.
Available filters:
| Filter | Description |
|---|---|
| Search | Searches by document title. |
| Author | Filters by author full name. |
| Publication year | Filters by document year. |
| Before | Shows documents published before a selected year. |
| During | Shows documents published during a selected year. |
| After | Shows documents published after a selected year. |
| Exclude | Excludes documents containing a keyword in the title. |
visualizacion.php
The visualization page displays:
- Embedded PDF preview.
- Author full name.
- Author specialty.
- Institution.
- List of author articles.
- Button to return to search.
- AI chatbot button.
PDF files are loaded through:
database/viewpdf.php
adminPagina.php
The admin page displays pending documents.
Administrators can:
- View pending documents.
- Validate documents.
- Delete documents.
- Delete an author and their documents.
- Close session.
Document validation uses:
database/validateDocumento.php
Document deletion uses:
database/deleteDocumento.php
Author deletion uses:
database/deleteAutor.php
Important
The admin page is protected with PHP sessions. Users who are not logged in are redirected to access.php.
The project includes a Botpress webchat integration.
Used files:
scripts/chatbot.js
External scripts:
<script src="https://cdn.botpress.cloud/webchat/v1/inject.js"></script>
<script src="https://mediafiles.botpress.cloud/9ec69e47-15e3-4a90-bb27-6a418d01d343/webchat/config.js" defer></script>The chatbot can be opened using the fixed button:
¡Chatea conmigo!
Note
The chatbot requires internet access because it loads Botpress scripts from external URLs.
Note
These screenshots show the current prototype interface, including the homepage, user access page, search filters, and Botpress chatbot integration.
The project includes several visual assets:
| Asset | Description |
|---|---|
images/logo.png |
Main icon used for the search bar and chatbot button. |
images/logo_letra.png |
Full GShase logo with text. |
images/welcome_image.png |
Homepage welcome illustration. |
images/usuario_default.png |
Default user profile image. |
images/ask.png |
Chatbot or assistant-related visual asset. |
images/test.png |
Large visual test asset included in the repository. |
The project includes documentation and design materials inside:
documentacion/
Files included:
| File | Description |
|---|---|
Diagrama de flujo IA.pdf |
AI flow diagram. |
GShase - Diagramas Proyecto - 4+1 & Base de Datos.pdf |
Project architecture and database diagrams. |
Video de Hackhaton 2.mp4 |
Demo or presentation video for the hackathon project. |
Mockups included:
documentacion/mockups/
| Mockup | Description |
|---|---|
Admin.pdf |
Admin page mockup. |
Login.pdf |
Login page mockup. |
buscar.pdf |
Search page mockup. |
createUser.pdf |
User creation page mockup. |
feed_usuario.pdf |
User feed mockup. |
inicio.pdf |
Homepage mockup. |
visualizacion.pdf |
Document visualization page mockup. |
Tip
These documents are useful for understanding the intended system architecture, database model, UI flow, and design process.
The system follows this basic workflow:
User searches for a document
↓
busqueda.php queries the database
↓
Matching documents are displayed
↓
User opens a document result
↓
visualizacion.php loads metadata
↓
viewpdf.php displays the PDF BLOB
Admin workflow:
Admin logs in
↓
adminPagina.php loads pending documents
↓
Admin validates or deletes documents
↓
Database is updated
This project is suitable for local academic demonstration, but it should be improved before production use.
Important security concerns:
- Passwords appear to be stored without hashing.
- Database credentials are hardcoded.
- User registration backend needs further implementation.
- File upload handling should be validated and secured.
- Admin and user roles should be separated more clearly.
- External chatbot scripts should be reviewed.
- PDF BLOB output should be carefully validated.
- Session management should be hardened.
- Input sanitization should be reviewed across all forms.
Caution
Do not deploy this project publicly without improving authentication, password hashing, upload validation, authorization checks, and database security.
The SQL dump defines the usuario table with columns such as:
idUsuario
Usuario
Contrasenia
Nombre
email
However, database/login.php expects fields such as:
user_name
password
name
id
This may cause login errors unless the database schema or PHP code is adjusted.
Recommended fix:
Either update login.php to match the SQL dump, or update the SQL table column names to match login.php.
The registration page includes frontend validation, but the form action currently points to:
database/login.php
This means the registration page may not actually insert new user or document records into the database.
Recommended improvement:
Create a dedicated database/createUser.php or database/register.php file to handle new user registration and document upload.
The chatbot will not load if:
- There is no internet connection.
- Botpress services are unavailable.
- The configured Botpress bot is removed or disabled.
The project displays PDFs from the database.
This works for demonstration, but for larger production systems, it may be better to store PDF files on the server filesystem or cloud storage and save only metadata and file paths in the database.
Check the configuration in:
database/database.php
Make sure:
- MySQL/MariaDB is running.
- The database
hackaton_2024exists. - The username and password are correct.
- The SQL dump was imported successfully.
Enable PHP errors during local development.
In php.ini, check:
display_errors = On
error_reporting = E_ALLRestart Apache after editing php.ini.
Check the database column mismatch described in Known Issues.
Also verify:
- The correct database is imported.
- The
usuariotable has valid users. - The PHP code uses the same column names as the SQL schema.
- Sessions are enabled in PHP.
Check that:
- The
bibliotecatable contains records. - The
autortable contains matching authors. biblioteca.idAutorcorrectly referencesautor.idAutor.- The search terms match document titles.
- Filters are not too restrictive.
Check that:
- The selected document exists.
- The
Documentocolumn contains valid PDF BLOB data. database/viewpdf.phpreceives a validid.- The browser supports embedded PDF preview.
Check that:
- You have internet access.
- Botpress scripts load correctly.
- The browser console does not show Botpress-related errors.
scripts/chatbot.jsis loaded correctly.
Make sure the project is being accessed through a local server, not opened directly as a file.
Correct:
http://localhost/GShase-main/inicio.php
Incorrect:
file:///C:/xampp/htdocs/GShase-main/inicio.php
Future versions could include:
- Dedicated registration backend.
- Password hashing with
password_hash(). - Password verification with
password_verify(). - Cleaner role system for users, authors, institutions, and admins.
- Better login schema consistency.
- PDF upload validation.
- File-size limits.
- CSRF protection.
- More robust session management.
- Pagination for search results.
- Better responsive design.
- Search by article category or research field.
- Full-text search.
- Better document approval workflow.
- Admin audit logs.
- User profile page.
- Author profile page.
- Institution dashboard.
- Improved chatbot training and flow.
- Environment-based database configuration.
- Docker setup.
- Deployment guide.
This project is publicly available for educational and portfolio review purposes only.
The source code, visual assets, audio, videos, logos, screenshots, documentation, and other project materials may not be used, copied, modified, redistributed, sublicensed, or used commercially without explicit permission from the project authors.
All rights reserved unless otherwise stated.
Important
Some third-party assets, music, libraries, or references may be subject to their own licenses. Those materials remain owned by their original creators and are not covered by this project license.
This project is an academic and hackathon-style prototype.
It is not production-ready without additional improvements to authentication, database design, security, file upload handling, and deployment configuration.
Caution
Do not use this project with real user data, private documents, or production credentials without a full security review.





