diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..87da24e
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,33 @@
+# if you don't want to set the value you can remove the line or comment it out with a hash (#)
+
+PATH_URL=/
+PATH_URL_IMG=public/upload/images/
+PATH_URL_IMG_PRODUCT=public/upload/products/
+
+DB_HOST=db_server
+DB_PORT=3306
+DB_USER=root
+DB_PASS=root
+DB_NAME=new_mvc_shop_db
+
+SMTP_HOST=smtp.gmail.com
+SMTP_PORT=465
+SMTP_UNAME
+SMTP_PWORD
+
+################### For docker ###################
+PHP_VERSION_SELECTED=8.2
+
+APP_NAME
+
+APP_PORT
+SSL_PORT
+
+MYSQL_PORT
+MYSQL_USER
+MYSQL_ROOT_PASS
+MYSQL_DB
+MYSQL_PASS
+
+PHPMYADMIN_PORT
+PHPMYADMIN_UPLOAD_LIMIT
diff --git a/.gitignore b/.gitignore
index 1569daf..fdb11c7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,4 @@ vendor
 docker/certs
 docker/logs
 .php-cs-fixer.cache
+.env
diff --git a/.php-cs-fixer.dist.php b/.php-cs-fixer.dist.php
index 58121af..bda1b6d 100644
--- a/.php-cs-fixer.dist.php
+++ b/.php-cs-fixer.dist.php
@@ -1,4 +1,5 @@
 <?php
+// this file is used by php-cs-fixer to format the code
 
 $finder = Symfony\Component\Finder\Finder::create()
     ->in([
diff --git a/README.md b/README.md
index af522bd..a8d72e8 100644
--- a/README.md
+++ b/README.md
@@ -12,9 +12,11 @@ Support this project :stuck_out_tongue_winking_eye: :pray:
 </p>
 
 # 1. Configuration requirements
-
-    - Version PHP 7.2 and above (-> 8.1)
+    - Web Server: Apache
+    - Version PHP >= 8.0
     - OpenSSL PHP Extension
+    - Composer (Please install composer before running this project)
+    - MySQL >= 8.0 (or MariaDB >= 10.0)
 
 # 2. Technology
 - Pure PHP language
@@ -55,59 +57,97 @@ This is the path to the database file for you to download: [`/admin/database/***
 
 Create a new database on **PHPMyAdmin** at your server, then import the .sql file that you just downloaded.
 
-# 5. Request appropriate edits
+# 5. Request configuration
 
-After a clone my repository to the local computer, you need to edit some code to be able to connect to the database and help the site works.
+Clone the project to your computer:
+
+```bash
+git clone https://github.com/tanhongit/new-mvc-shop.git
+```
 
-### 5.1 Edit Config
+Run composer install:
 
-You need to change the path in the '**config.php**' file to match the location of this source code on your server and must match the domain you registered.
+```bash
+composer install
+```
 
-Path: [`/lib/config/config.php`](https://github.com/TanHongIT/new-mvc-shop/tree/master/lib/config)
+Copy the .env.example file to .env:
 
-```php
-<?php
-define('BASE_URL', 'new-mvc-shop');
-define('PATH_URL', '/');
-define('PATH_URL_IMG', PATH_URL . 'public/upload/images/');
-define('PATH_URL_IMG_PRODUCT', PATH_URL . 'public/upload/products/');
+```bash
+cp .env.example .env
 ```
-### 5.2 Edit Connect Database
 
-You need to change the connection information to the database after you have cloned my repository so that the website can work.
+After a clone my repository to the local computer, you need to edit some code to be able to connect to the database and help the site works.
 
-Path: [`/lib/config/database.php`](https://github.com/TanHongIT/new-mvc-shop/tree/master/lib/config)
+## 5.1 Edit Config
 
-This is the path to the database file for you to download: [`/admin/database/***.sql`](https://github.com/TanHongIT/new-mvc-shop/tree/master/admin/database)
+You need to change the path in the '**.env**' file to match the location of this source code on your server and must match the domain you registered.
 
-```php
-define('DB_HOST', 'localhost');
-define('DB_USER', 'root');
-define('DB_PASS', '');
-define('DB_NAME', 'chikoi');
+```dotenv
+PATH_URL=/
+PATH_URL_IMG=public/upload/images/
+PATH_URL_IMG_PRODUCT=public/upload/products/
 ```
 
-### 5.2 Edit .htaccess
+> **Note:**
+> 
+> The path of the config file that is using these environment variables is located at: [`/lib/config/config.php`](https://github.com/TanHongIT/new-mvc-shop/tree/master/lib/config/config.php)
 
-Change RewriteBase - Recommend the path that matches your host address.
+## 5.2 Edit Connect Database
 
------------------------------------------------
+You need to change the connection information and import sql file to the database after you have cloned my repository so that the website can work.
 
-so we will have:
+This is the path to the sql file for you to import to your database:
+[`/admin/database/***.sql`](https://github.com/TanHongIT/new-mvc-shop/tree/master/admin/database)
+
+And change the connection information to match your database in .env file:
+
+```dotenv
+DB_HOST=db_server
+DB_PORT=3306
+DB_USER=root
+DB_PASS=root
+DB_NAME=chikoi
+```
+
+> **Note:**
+>
+> The path of the database config file that is using these environment variables is located at: [`/lib/config/database.php`](https://github.com/TanHongIT/new-mvc-shop/tree/master/lib/config/database.php)
+
+## 5.3 Edit .htaccess
+
+Change RewriteBase - Recommend the path that matches your host address.
+
+So we will have:
 ```
 RewriteBase /
 ```
 
+-----------------------------------------------
+
+> **Note**: This applies to the case where your project is in a subfolder, and you want it accessible from a subpath URL.
+>
+>**EXAMPLE**:
+>```
+>http://localhost/new-mvc-shop/
+>``` 
+> So we will have:
+> ```
+> RewriteBase /new-mvc-shop/
+> ```
+
 ### 5.4 Edit SMTP Mail
 
 > The third thing: 
 You need to change the information about **SMTP Mail** to be able to use some functions about user account authentication, change passwords, notify users, ...
 
-```php
-define('SMTP_HOST','smtp.gmail.com');
-define('SMTP_PORT','465');
-define('SMTP_UNAME','add_your_mail');
-define('SMTP_PWORD','add_your_application_password_from_your_mail');
+Update the following information in the **.env** file:
+
+```dotenv
+SMTP_HOST=smtp.gmail.com
+SMTP_PORT=465
+SMTP_UNAME=add_your_mail
+SMTP_PWORD=add_your_application_password_from_your_mail
 ```
 
 Change the value of the constant **SMTP_UNAME** and **SMTP_PWORD** to match the configuration you added on your Gmail.
@@ -116,12 +156,15 @@ Tips: https://support.google.com/accounts/answer/185833?hl=en
 
 **Where SMTP_PWORD is the application password for your _gmail.com_ account.**
 
-Path: [`/lib/config/sendmail.php`](https://github.com/TanHongIT/new-mvc-shop/tree/master/lib/config)
+> **Note:**
+>
+> The path of the email config file that is using these environment variables is located at: [`/lib/config/sendmail.php`](https://github.com/TanHongIT/new-mvc-shop/tree/master/lib/config/sendmail.php)
+
 
 # 6. Demo
 
-1. Front-End: [http://tanhongit.epizy.com/new-mvc-shop/home](http://tanhongit.epizy.com/new-mvc-shop/home)
-2. Back-End: [http://tanhongit.epizy.com/new-mvc-shop/admin.php](http://tanhongit.epizy.com/new-mvc-shop/admin.php)
+1. Front-End: [https://chikoiquan.tanhongit.com](https://chikoiquan.tanhongit.com)
+2. Back-End: [https://chikoiquan.tanhongit.com/admin.php](https://chikoiquan.tanhongit.com/admin.php)
 
 > **_Account login on Backend_**
 
@@ -155,6 +198,8 @@ Admin:
 **Admin Manager Page**
 ![Image](https://imgur.com/xOpAmb4.png)
 
+![Image](https://imgur.com/u8lXnsz.png)
+
 ---------------------------------------------------------------------------------
 
 <p align="center">
diff --git a/admin.php b/admin.php
index ea8a87c..734adbe 100644
--- a/admin.php
+++ b/admin.php
@@ -1,5 +1,12 @@
 <?php
 
+use Dotenv\Dotenv;
+
+require __DIR__ . '/vendor/autoload.php';
+
+$dotenv = Dotenv::createImmutable(__DIR__);
+$dotenv->load();
+
 session_start();
 
 require_once('lib/model.php');
diff --git a/admin/models/feedbacks.php b/admin/models/feedbacks.php
index e760c2f..1711d88 100644
--- a/admin/models/feedbacks.php
+++ b/admin/models/feedbacks.php
@@ -60,7 +60,6 @@ function updateFeedback(): void
 function feedbackReplyMail($html, $email)
 {
     //sendmail
-    require 'vendor/autoload.php';
     include 'lib/config/sendmail.php';
     $mail = new PHPMailer(true);
 
diff --git a/admin/models/users.php b/admin/models/users.php
index 9e7c2f4..55595eb 100644
--- a/admin/models/users.php
+++ b/admin/models/users.php
@@ -69,7 +69,6 @@ function changePassword($id, $newpassword, $currentPassword)
         ];
         save('users', $options);
         //sendmail
-        require 'vendor/autoload.php';
         include 'lib/config/sendmail.php';
         $mail = new PHPMailer(true);
         $user = getRecord('users', $id);
@@ -169,7 +168,6 @@ function user_update()
         $user_edited = getRecord('users', $userId);
         if ($user_edited['user_email'] != $currentEmail) {
             //send mail
-            require 'vendor/autoload.php';
             include 'lib/config/sendmail.php';
             $email = $user_edited['user_email'];
             $mail = new PHPMailer(true);
@@ -271,7 +269,6 @@ function user_add()
             save('users', $user_add);
         }
         //send mail
-        require 'vendor/autoload.php';
         include 'lib/config/sendmail.php';
         $mail = new PHPMailer(true);
 
diff --git a/content/controllers/category/index.php b/content/controllers/category/index.php
index fdd8b2c..62c319b 100644
--- a/content/controllers/category/index.php
+++ b/content/controllers/category/index.php
@@ -1,14 +1,16 @@
 <?php
 
-if (isset($_GET['id'])) {
-    $categoryId = intval($_GET['id']);
-} else {
+if (!isset($_GET['id'])) {
     show404NotFound();
 }
+
+$categoryId = intval($_GET['id']);
+
 $category = getRecord('subcategory', $categoryId);
 if (!$category) {
     show404NotFound();
 }
+
 $categories = getAll('subcategory', [
     'select' => 'id, subcategory_name',
     'order_by' => 'id ASC',
diff --git a/content/controllers/comment/index.php b/content/controllers/comment/index.php
index bad6798..de29a9e 100644
--- a/content/controllers/comment/index.php
+++ b/content/controllers/comment/index.php
@@ -2,32 +2,26 @@
 
 if (!empty($_POST)) {
     global $userNav;
+
+    $commentData = [
+        'id' => 0,
+        'product_id' => intval($_POST['product_id']),
+        'email' => escape($_POST['email']),
+        'author' => escape($_POST['author']),
+        'content' => escape($_POST['content']),
+        'createDate' => gmdate('Y-m-d H:i:s', time() + 7 * 3600),
+        'user_id' => intval($_POST['user_id']),
+    ];
+    
     if (isset($userNav)) {
-        $comment_add = [
-            'id' => 0,
-            'product_id' => intval($_POST['product_id']),
-            'email' => escape($_POST['email']),
-            'author' => escape($_POST['author']),
-            'content' => escape($_POST['content']),
-            'createDate' => gmdate('Y-m-d H:i:s', time() + 7 * 3600),
-            'user_id' => intval($_POST['user_id']),
-            'link_image' => escape($_POST['link_image']),
-        ];
-    } else {
-        $comment_add = [
-            'id' => 0,
-            'product_id' => intval($_POST['product_id']),
-            'email' => escape($_POST['email']),
-            'author' => escape($_POST['author']),
-            'content' => escape($_POST['content']),
-            'createDate' => gmdate('Y-m-d H:i:s', time() + 7 * 3600),
-            'user_id' => intval($_POST['user_id']),
-        ];
+        $commentData['link_image'] = escape($_POST['link_image']);
     }
-    save('comments', $comment_add);
+    
+    save('comments', $commentData);
     echo "<div class='alert alert-success'><strong>Done!</strong> Bạn đã ghi lời bình luận của bạn lại thành công !! <br>Hãy <a href='javascript: history.go(-1)'>Trở lại sản phẩm</a> hoặc <a href='index.php'>Đến trang chủ</a></div>";
 }
 require('content/views/comment/index.php');
+
 // $input = json_decode(file_get_contents('php://input'), true);
 
 // $productID = $input['productID'];
@@ -37,7 +31,7 @@
 // $author = $input['author'];
 // $userID = $input['email'];
 
-// $comment_add = array(
+// $commentData = array(
 //     'id' => 0,
 //     'product_id' => intval($productID),
 //     'email' => escape($email),
@@ -47,7 +41,7 @@
 //     'user_id' => intval($userID),
 //     'link_image' => escape($link_image)
 // );
-// save('comments', $comment_add);
+// save('comments', $commentData);
 
 // $option = array('product_id' => intval($productID));
 
diff --git a/content/controllers/feedback/index.php b/content/controllers/feedback/index.php
index ac8776a..c27e9c9 100644
--- a/content/controllers/feedback/index.php
+++ b/content/controllers/feedback/index.php
@@ -4,11 +4,13 @@
 if (!empty($_POST)) {
     feedback_add();
 }
+
 if (isset($_GET['product_id'])) {
     $productId = intval($_GET['product_id']);
 } else {
     $productId = 0;
 }
+
 $product = getRecord('products', $productId);
 if (isset($userNav)) {
     $user_action = getRecord('users', $userNav);
diff --git a/content/controllers/forgot-password/index.php b/content/controllers/forgot-password/index.php
index afa687b..0613cde 100644
--- a/content/controllers/forgot-password/index.php
+++ b/content/controllers/forgot-password/index.php
@@ -1 +1,3 @@
-<?php require('content/views/forgot-password/index.php');
+<?php
+
+require('content/views/forgot-password/index.php');
diff --git a/content/controllers/forgot-password/request.php b/content/controllers/forgot-password/request.php
index f18a663..ef01652 100644
--- a/content/controllers/forgot-password/request.php
+++ b/content/controllers/forgot-password/request.php
@@ -26,7 +26,6 @@
                 $verification_Code = $user['verificationCode'];
             }
         }
-        require 'vendor/autoload.php';
         include 'lib/config/sendmail.php';
         $mail = new PHPMailer(true);
 
diff --git a/content/controllers/forgot-password/result-change-password.php b/content/controllers/forgot-password/result-change-password.php
index a2b15a5..9de73f6 100644
--- a/content/controllers/forgot-password/result-change-password.php
+++ b/content/controllers/forgot-password/result-change-password.php
@@ -25,7 +25,6 @@
         save('users', $options);
 
         //send mail
-        require 'vendor/autoload.php';
         include 'lib/config/sendmail.php';
         $mail = new PHPMailer(true);
 
diff --git a/content/controllers/register/index.php b/content/controllers/register/index.php
index 184a6ce..0301b46 100644
--- a/content/controllers/register/index.php
+++ b/content/controllers/register/index.php
@@ -43,7 +43,6 @@
         // Load Composer's autoloader
         $userId = save('users', $user_add);
         //send mail
-        require 'vendor/autoload.php';
         include 'lib/config/sendmail.php';
         $mail = new PHPMailer(true);
 
diff --git a/content/controllers/register/resend.php b/content/controllers/register/resend.php
index 72f1f97..f8bdf96 100644
--- a/content/controllers/register/resend.php
+++ b/content/controllers/register/resend.php
@@ -18,7 +18,6 @@
         }
     }
     //send mail
-    require 'vendor/autoload.php';
     include 'lib/config/sendmail.php';
     $mail = new PHPMailer(true);
 
diff --git a/content/views/comment/index.php b/content/views/comment/index.php
index 380d8a5..b3023b9 100644
--- a/content/views/comment/index.php
+++ b/content/views/comment/index.php
@@ -1 +1,3 @@
-<?php require('admin/views/shared/header.php');
+<?php
+
+require('admin/views/shared/header.php');
diff --git a/content/views/feedback/result.php b/content/views/feedback/result.php
index 380d8a5..b3023b9 100644
--- a/content/views/feedback/result.php
+++ b/content/views/feedback/result.php
@@ -1 +1,3 @@
-<?php require('admin/views/shared/header.php');
+<?php
+
+require('admin/views/shared/header.php');
diff --git a/docker-compose.yml b/docker-compose.yml
index b154b02..8952f5c 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -34,7 +34,7 @@ services:
     container_name: '${APP_NAME:-new_mvc_shop}-db'
     restart: always
     ports:
-      - '${DB_PORT:-13306}:3306'
+      - '${MYSQL_PORT:-13306}:3306'
     environment:
       MYSQL_ROOT_PASSWORD: '${MYSQL_ROOT_PASS:-root}'
       MYSQL_USER: '${MYSQL_USER:-root}'
diff --git a/index.php b/index.php
index 361a8ba..7fbc9d3 100644
--- a/index.php
+++ b/index.php
@@ -5,6 +5,13 @@
  * Github: https://github.com/TanHongIT
  */
 
+use Dotenv\Dotenv;
+
+require __DIR__ . '/vendor/autoload.php';
+
+$dotenv = Dotenv::createImmutable(__DIR__);
+$dotenv->load();
+
 session_start();
 
 require_once('lib/model.php');
diff --git a/lib/config/config.php b/lib/config/config.php
index f67558c..b016cc6 100644
--- a/lib/config/config.php
+++ b/lib/config/config.php
@@ -1,6 +1,7 @@
 <?php
 
-const BASE_URL = 'new-mvc-shop';
-const PATH_URL = '/';
-const PATH_URL_IMG = PATH_URL.'/public/upload/images/';
-const PATH_URL_IMG_PRODUCT = PATH_URL.'/public/upload/products/';
+define("PATH_URL", $_ENV['PATH_URL'] ?? '/');
+
+define("PATH_URL_IMG", PATH_URL . ($_ENV['PATH_URL_IMG'] ?? 'public/upload/images/'));
+
+define("PATH_URL_IMG_PRODUCT", PATH_URL . ($_ENV['PATH_URL_IMG_PRODUCT'] ?? 'public/upload/product/'));
diff --git a/lib/config/database.php b/lib/config/database.php
index ec6c12b..bc8b5eb 100644
--- a/lib/config/database.php
+++ b/lib/config/database.php
@@ -1,10 +1,10 @@
 <?php
 
-const DB_HOST = 'db_server';
-const DB_PORT = 3306;
-const DB_USER = 'root';
-const DB_PASS = 'root';
-const DB_NAME = 'chikoi';
+define("DB_HOST", $_ENV['DB_HOST'] ?? 'db_server');
+define("DB_PORT", $_ENV['DB_PORT'] ?? '3306');
+define("DB_USER", $_ENV['DB_USER'] ?? 'root');
+define("DB_PASS", $_ENV['DB_PASS'] ?? 'root');
+define("DB_NAME", $_ENV['DB_NAME'] ?? 'new_mvc_shop_db');
 
 if (isset($_SESSION['user'])) {
     $userNav = $_SESSION['user']['id'];
diff --git a/lib/config/sendmail.php b/lib/config/sendmail.php
index f9caeb3..2028a97 100644
--- a/lib/config/sendmail.php
+++ b/lib/config/sendmail.php
@@ -1,7 +1,10 @@
 <?php
 error_reporting(0);
 
-const SMTP_HOST = 'smtp.gmail.com';
-const SMTP_PORT = '465';
-const SMTP_UNAME = 'tanhongitverifi@gmail.com';
-const SMTP_PWORD = 'kkgdqneidrcgvqmt';
+define("SMTP_HOST", $_ENV['SMTP_HOST'] ?? 'smtp.gmail.com');
+
+define("SMTP_PORT", $_ENV['SMTP_PORT'] ?? '465');
+
+define("SMTP_UNAME", $_ENV['SMTP_UNAME'] ?? 'test@gmail.com');
+
+define("SMTP_PWORD", $_ENV['SMTP_PWORD'] ?? 'xxxxxxxxxxxxx');
diff --git a/lib/counter.php b/lib/counter.php
index 47a39e8..9cb448a 100644
--- a/lib/counter.php
+++ b/lib/counter.php
@@ -6,7 +6,7 @@
 
 //$time_check = $time - 30; //Ấn định thời gian là 10 phút
 
-// function get_client_ip_env()
+// function getClientIpEnv()
 // {
 // if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
 //     $ip = $_SERVER['HTTP_CLIENT_IP'];
@@ -19,8 +19,13 @@
 // }
 
 //https://www.virendrachandak.com/techtalk/getting-real-client-ip-address-in-php-2/  http://tanvietblog.com/2013/09/15/php-lay-dia-chi-ip-cua-khach-vieng-tham
-// Function to get the client ip address
-function get_client_ip_env()
+
+/**
+ * Function to get the client ip address
+ *
+ * @return bool|array|string
+ */
+function getClientIpEnv(): bool|array|string
 {
     if (getenv('HTTP_CLIENT_IP'))
         $ipaddress = getenv('HTTP_CLIENT_IP');
@@ -59,7 +64,8 @@ function get_client_ip_env()
 
 //     return $ipaddress;
 // }
-$ip = get_client_ip_env();
+
+$ip = getClientIpEnv();
 $browser = $_SERVER['HTTP_USER_AGENT'];
 $date = gmdate('Y-m-d H:i:s', time() + 7 * 3600);
 
@@ -68,10 +74,14 @@ function get_client_ip_env()
 ];
 $count = getTotal('users_online', $options);
 
-if ($count == 0) { //Truy cập lần đầu
-    insert_user_online($session, $time, $ip, $browser, $date);
-} else { //Truy cập lần 2
-    update_user_online($session, $time, $ip, $browser, $date);
+try {
+    if ($count == 0) { //Truy cập lần đầu
+        insert_user_online($session, $time, $ip, $browser, $date);
+    } else { //Truy cập lần 2
+        update_user_online($session, $time, $ip, $browser, $date);
+    }
+} catch (Exception $e) {
+    echo $e->getMessage();
 }
 
 // $sql3 = "SELECT * FROM users_online";
diff --git a/lib/statistics.php b/lib/statistics.php
index cf4e67f..7af5beb 100644
--- a/lib/statistics.php
+++ b/lib/statistics.php
@@ -1,13 +1,35 @@
 <?php
-function insert_user_online($session, $time, $ip, $browser, $date)
+
+/**
+ * @param $session
+ * @param $time
+ * @param $ip
+ * @param $browser
+ * @param $date
+ *
+ * @return void
+ * @throws Exception
+ */
+function insert_user_online($session, $time, $ip, $browser, $date): void
 {
-    global $linkConnectDB;
-    $sql = "INSERT INTO users_online(session, time, ip, browser, dateonline)VALUES('$session', '$time','$ip','$browser', '$date')";
-    return mysqli_query($linkConnectDB, $sql);
+    $sql = "INSERT INTO users_online(session, time, ip, browser, dateonline) VALUES ('$session', '$time', '$ip', '$browser', '$date')";
+    $query = executeQuery($sql);
+    $query->close();
 }
-function update_user_online($session, $time, $ip, $browser, $date)
+
+/**
+ * @param $session
+ * @param $time
+ * @param $ip
+ * @param $browser
+ * @param $date
+ *
+ * @return void
+ * @throws Exception
+ */
+function update_user_online($session, $time, $ip, $browser, $date): void
 {
-    global $linkConnectDB;
-    $sql = "UPDATE users_online SET time='$time' ,ip='$ip', browser ='$browser', dateonline ='$date' WHERE session = '$session'";
-    return mysqli_query($linkConnectDB, $sql);
+    $sql = "UPDATE users_online SET time='$time' , ip='$ip', browser ='$browser', dateonline ='$date' WHERE session = '$session'";
+    $query = executeQuery($sql);
+    $query->close();
 }