A multi-restaurant food delivery marketplace with AI-powered WhatsApp ordering, real-time operations, and Stripe Connect payments.
Screenshots • Features • Tech Stack • Architecture • AI Engine • Security
"Get what you crave" — vibrant orange landing with restaurant cards, postcode search, cuisine filters (British, Indian, Seafood), stats counters, and WhatsApp AI ordering widget.
Full menu with category tabs, promo banners (Sunday Roast Club), popular items with TOP PICK / POPULAR badges, spice level indicators, delivery/collection toggle, min order & delivery fee display, and WhatsApp chat integration.
Per-restaurant staff portal with password authentication, dark navy UI, and address display. Each restaurant gets an isolated admin panel at
/{slug}/admin/with full order management, menu control, marketing, reports, bookings, and settings.
Split-screen login with email/password auth, forgot password flow, account creation, and Eitio branding panel with value propositions (fast delivery, support local, secure payments).
Dark-themed booking form with full name, email, phone, date/time pickers, party size stepper (1–10 guests), special requests field, and anti-spam protection.
Rider recruitment page with hero CTA, benefit cards (Flexible Hours, Weekly Pay, Be Your Own Boss, Stay Active), application form, requirements checklist, and FAQ section.
Platform-level super admin with password + IP whitelist authentication. Behind login: enterprise dashboard with live GMV, 14-page command center managing all restaurants, commission, earnings, WhatsApp AI, customer intelligence, analytics, and platform settings.
Fully responsive with fixed mobile header, bottom navigation (Home, Search, Orders, Account), postcode search, promo carousel, and native-app-like ordering experience.
- Multi-restaurant marketplace — platform supports unlimited restaurants, each with independent menus, settings, and admin panels
- Category-based menus — Mains, Starters, Sides, Desserts, Drinks with drag-and-drop ordering
- Item customization — modifiers (spice level, cooking preference) and extras (toppings, sides)
- Allergen management — per-item allergen tagging with visual indicators
- Delivery & Collection — toggle per order with zone-based delivery fee calculation
- Postcode validation — real-time delivery zone checking with geocache
- Real-time cart — live price calculation, minimum order enforcement, free delivery thresholds
- Order tracking — 4-stage progress: Placed → Preparing → Ready → Delivered/Collected
- Reorder — one-click reorder from order history
- Conversational ordering — natural language menu browsing and cart management via WhatsApp
- Multi-provider AI — Claude, Gemini, Groq, Kimi, OpenAI with automatic failover via ProviderFactory
- Function calling — AI autonomously executes menu queries, cart operations, and order placement
- Conversation persistence — ConversationManager maintains context across messages
- Customer memory — remembers preferences, dietary requirements, and past orders
- Order notifications — real-time WhatsApp status updates for order progress
- Upsell engine — AI suggests complementary items based on cart contents and popular pairings
- Live order management — real-time feed with New/Preparing/Ready status flow
- Pause controls — temporarily disable ordering with scheduled resume
- Menu control — full CRUD with images, categories, allergens, stock status
- Table bookings — reservation management with status, covers, and notes
- Marketing suite — email campaigns with open/click tracking, discount codes, WhatsApp broadcasts
- Reports — order analytics, revenue tracking, customer tiers, popular items
- Settings — opening hours, delivery zones, prep times, branding, Stripe Connect
- Multi-tenant architecture — each restaurant gets its own admin panel at
/{slug}/admin/
- Enterprise dashboard — live GMV, commission earnings, average order value, order activity chart (6am–11pm with peak detection), top 5 restaurants by revenue, auto-refresh every 30s
- Live orders — full-viewport command center with kanban board (8 status columns), order funnel, real-time activity ticker, urgent order highlighting, payment status tracking
- Restaurant management — create/edit/suspend/activate/delete restaurants, Stripe onboarding status, per-restaurant commission overrides, performance metrics
- Application pipeline — review pending restaurant applications, approve with auto-generated admin credentials and welcome emails, reject with reason
- Customer intelligence — platform-wide customer segmentation (New, At Risk, Churned, Loyal, VIP), order history, spending analytics, days since last order
- Commission & earnings — platform default and per-restaurant rate management, bulk rate updates, rate distribution visualization, daily/hourly/weekly/monthly revenue breakdowns, payout management
- WhatsApp AI control center — API configuration, AI provider selection, credential management, test connection, direct messaging, conversation viewer with history/search/clear/delete
- WhatsApp marketing — credit package pricing, cost per message config, marketing templates with variables (
{{name}},{{restaurant}},{{order_link}}) - Cross-restaurant bookings — all table reservations across restaurants with date/status filtering and search
- Platform analytics — period selection (7/30/90/365 days), daily revenue trends, hourly distribution, day-of-week patterns, restaurant rankings, customer segmentation, delivery vs collection breakdown
- Platform settings — branding (name, tagline, colors, logos), feature toggles (reviews, loyalty, promo codes, bookings, scheduled orders), delivery config, SMTP, tax, currency, super admin password
- Loyalty tier system — New → Regular (3+ orders) → VIP (10+ orders) → Legend (25+ orders)
- Personalized dashboard — greeting by time of day, tier progress, active orders, favorites
- Favorites — save items and restaurants for quick access
- Address management — saved delivery addresses with default selection
- Order history — filterable by status with expandable details
- Account management — profile editing, password reset, address book, delete account
- Stripe Connect — platform commission model with per-restaurant connected accounts
- Payment processing — secure card payments via Stripe Elements
- Discount codes — percentage and fixed-amount with usage limits, expiry dates, and minimum order requirements
- Commission ledger — automated platform fee tracking and payout management
- Postcode service — delivery zone validation with geocache and "Notify Me" for unsupported areas
- Rider recruitment — dedicated sign-up page with application form, benefits showcase, and FAQ
- SEO pages — About, Blog, Careers, Contact, FAQs, Help, Offers, Near Me, Top Rated
- Dark/light theme — system-aware with manual toggle and CSS custom properties
- Auto-deployment — GitHub webhook for automatic production deploys
- Backup system — automated backups with 30-day retention
| Technology | Purpose |
|---|---|
| PHP 8.2 | Server-side runtime |
| Firebase Firestore | Primary NoSQL database (multi-tenant) |
| JSON file fallback | Automatic failover when Firestore is unavailable |
| PHPMailer | SMTP email with campaign tracking |
| Stripe Connect SDK | Payment processing with platform commissions |
| Meta WhatsApp Cloud API | Conversational ordering and notifications |
| Composer | Dependency management |
| Provider | Model | Use Case |
|---|---|---|
| Claude (Anthropic) | Claude 3.5 | Primary conversational AI |
| Gemini (Google) | Gemini Pro | Fallback reasoning |
| Groq | Llama 3 70B | Fast inference |
| Kimi (Moonshot) | Kimi K2 | Long-context ordering |
| OpenAI | GPT-4 | General fallback |
| Technology | Purpose |
|---|---|
| Vanilla JavaScript | 10,926 lines — no framework overhead |
| Tailwind CSS | Utility-first styling |
| Custom CSS | 13,748 lines across 12 stylesheets |
| Font Awesome 6 | Icon library |
| Poppins + Roboto | Typography |
| Service | Purpose |
|---|---|
| Stripe Connect | Payments, commissions, payouts |
| Meta WhatsApp Business API | AI ordering, notifications, marketing |
| Firebase Firestore | Database with real-time capabilities |
| Firebase Auth | OAuth2 token management |
| Google Reviews | Restaurant reputation links |
| PHPMailer (SMTP) | Transactional + marketing emails |
| GitHub Webhooks | Auto-deployment pipeline |
| Postcode Geocache | Delivery zone validation |
| Technology | Purpose |
|---|---|
| Apache | Web server with .htaccess routing |
| PHP-FPM | Process management |
| Firebase | Serverless database + auth |
| JSON file store | Local fallback + caching layer |
| Automated backups | 30-day retention with scheduled runs |
┌─────────────────────────────────────────────────────────────────┐
│ CUSTOMER FRONTEND │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌───────────────┐ │
│ │ Homepage │ │Restaurant│ │ Account │ │ Book Table │ │
│ │ Browse │ │ Ordering │ │Dashboard │ │ Reservations │ │
│ │ Search │ │ Cart │ │ Loyalty │ │ │ │
│ │ Postcode │ │ Checkout │ │ History │ │ │ │
│ └────┬─────┘ └────┬─────┘ └────┬─────┘ └───────┬───────┘ │
│ └──────────────┼──────────────┼───────────────┘ │
│ │ REST API │
└──────────────────────┼───────────────────────────────────────────┘
│
┌──────────────────────┼───────────────────────────────────────────┐
│ PHP APPLICATION (29 Core Modules) │
│ │ │
│ ┌───────────────────┴────────────────────┐ │
│ │ Router + API Layer │ │
│ │ /api (14 endpoints) │ │
│ │ /admin/api (33 endpoints) │ │
│ │ /super-admin/api (11 endpoints) │ │
│ └──┬───────┬────────┬────────┬──────────┘ │
│ │ │ │ │ │
│ ┌──┴───┐ ┌─┴─────┐ ┌┴──────┐ ┌┴────────┐ │
│ │Order │ │ Menu │ │ AI │ │Marketing│ │
│ │Mgmt │ │Control│ │Brain │ │Campaign │ │
│ │Track │ │CRUD │ │Func. │ │Email │ │
│ │Status│ │Allerg.│ │Convo │ │Discount │ │
│ └──┬───┘ └──┬────┘ └──┬───┘ └──┬──────┘ │
│ │ │ │ │ │
│ ┌──┴────────┴─────────┴────────┴────────┐ │
│ │ Service Layer │ │
│ │ Auth · Security · Restaurant │ │
│ │ PostcodeService · UpsellEngine │ │
│ │ CommissionLedger · Analytics │ │
│ │ CustomerMemory · NotifyService │ │
│ │ AuditLog · Cache · Backup │ │
│ └──────────────────┬────────────────────┘ │
│ │ │
└─────────────────────┼────────────────────────────────────────────┘
│
┌──────────────┼──────────────┐
│ │ │
┌────┴────┐ ┌────┴────┐ ┌────┴────────┐
│ Firebase │ │ AI │ │ External │
│Firestore │ │Providers│ │ Services │
│ Auth │ │ Claude │ │ Stripe │
│ per-rest │ │ Gemini │ │ WhatsApp │
│ storage │ │ Groq │ │ PHPMailer │
│ │ │ Kimi │ │ GitHub │
│ │ │ OpenAI │ │ Geocache │
└─────────┘ └─────────┘ └─────────────┘
┌─────────────────────────────┐
│ SUPER ADMIN │
│ /super-admin/ │
│ Dashboard · Live Orders │
│ Restaurants · Applications │
│ Commission · Earnings │
│ WhatsApp AI · Analytics │
│ Customers · Bookings │
│ Settings · 11 API endpoints │
└──────────────┬──────────────┘
│ manages
┌──────────┴──────────┐
│ Platform Layer │
│ eitio.co.uk │
└──────────┬──────────┘
│
┌────────────────┼────────────────┐
▼ ▼ ▼
┌──────────────┐ ┌────────────┐ ┌────────────┐
│ Lion Hotel │ │ Golden │ │ Future │
│ │ │ Dragon │ │ Restaurant │
│ /lion-hotel/ │ │ /golden- │ │ /slug/ │
│ │ │ dragon/ │ │ │
├──────────────┤ ├────────────┤ ├────────────┤
│ Own admin │ │ Own admin │ │ Own admin │
│ Own menu │ │ Own menu │ │ Own menu │
│ Own orders │ │ Own orders │ │ Own orders │
│ Own settings │ │ Own sett. │ │ Own sett. │
│ Own Stripe │ │ Own Stripe │ │ Own Stripe │
│ Own bookings │ │ Own book. │ │ Own book. │
└──────────────┘ └────────────┘ └────────────┘
Each restaurant operates as an independent tenant with:
- Isolated admin panel at
/{slug}/admin/ - Separate Stripe Connect account for direct payouts
- Independent menu, orders, bookings, and settings
- Per-restaurant session validation and IP binding
The Super Admin at /super-admin/ provides platform-wide oversight — managing all restaurants, applications, commission rates, earnings, and WhatsApp AI configuration from a single command center.
Customer sends WhatsApp message
│
▼
┌──────────┐ ┌──────────────┐ ┌─────────────────┐
│ Meta API │───▶│ Webhook │───▶│ ConversationMgr │
│ Webhook │ │ Validates │ │ Load Context │
└──────────┘ └──────────────┘ └────────┬────────┘
│
▼
┌─────────────────┐
│ AI Brain │
│ ProviderFactory│
│ Function Calls │
└────────┬────────┘
│
┌────────────────┼────────────────┐
▼ ▼ ▼
┌───────────┐ ┌───────────┐ ┌──────────┐
│ Browse │ │ Manage │ │ Place │
│ Menu │ │ Cart │ │ Order │
│ Items │ │ + Upsell │ │ + Pay │
└───────────┘ └───────────┘ └──────────┘
│
▼
┌─────────────────┐
│ WhatsApp Reply │
│ + Notifications │
└─────────────────┘
Multi-Tenant Isolation — Each restaurant gets a dedicated data directory, admin panel, and Stripe Connect account. Session validation enforces restaurant-level boundaries with IP binding to prevent cross-tenant access.
AI Provider Factory — ProviderFactory pattern enables hot-swapping between Claude, Gemini, Groq, Kimi, and OpenAI without code changes. A single environment variable (AI_PROVIDER) controls the active provider.
Database Failover — FirebaseDatabase is the primary store; JsonDatabase provides automatic file-based fallback. The Cache layer uses TTL files for rate limiting and geocache without hitting Firestore.
Commission Ledger — Stripe Connect webhooks trigger CommissionLedger entries, tracking platform fees per order with automated reconciliation.
Postcode Geocaching — First-time postcode lookups are geocoded and cached locally, eliminating repeated API calls. "Notify Me" captures demand signals for unserved areas.
Session Security — Per-restaurant session scoping with IP binding, 2-hour timeout, session regeneration on login, and rate limiting (10 attempts per 15 minutes per IP per restaurant).
Eitio's AI powers conversational ordering through WhatsApp with a multi-provider architecture:
┌───────────────────────────────────┐
│ ProviderFactory │
│ Selects provider from .env │
│ AI_PROVIDER = kimi | claude ... │
└──────────┬────────────────────────┘
│
┌──────┼──────┬──────┬──────┐
▼ ▼ ▼ ▼ ▼
┌───────┐┌──────┐┌─────┐┌─────┐┌──────┐
│Claude ││Gemini││Groq ││Kimi ││OpenAI│
│Anthro.││Google││Llama││K2 ││GPT-4 │
└───────┘└──────┘└─────┘└─────┘└──────┘
All providers implement ProviderInterface with:
chat()— conversational response generationfunctionCall()— structured tool executionclassify()— intent detection and routing
| Function | Description |
|---|---|
browse_menu |
List categories and items with prices |
search_items |
Fuzzy search across menu |
add_to_cart |
Add item with quantity and modifiers |
remove_from_cart |
Remove item from active cart |
view_cart |
Show current cart with totals |
apply_discount |
Validate and apply discount code |
place_order |
Finalize order with delivery/collection |
check_status |
Query active order status |
get_hours |
Return restaurant opening hours |
upsell_suggest |
Recommend complementary items |
The CustomerMemory module persists:
- Dietary preferences and allergen restrictions
- Favorite items and past orders
- Delivery addresses
- Communication preferences
- Loyalty tier context
| Layer | Implementation |
|---|---|
| Authentication | Firebase Auth + per-restaurant admin passwords + super admin with IP whitelist |
| Session Security | IP binding, 2h timeout, regeneration on login, restaurant-scoped |
| Rate Limiting | 10 login attempts / 15min per IP per restaurant (file-based) |
| CSRF | Token validation on all state-changing requests |
| Input Validation | Server-side sanitization on all user inputs |
| File Upload | Type validation, size limits, safe filename generation |
| Stripe Security | Webhook signature verification, Connect account isolation |
| WhatsApp Security | Webhook verification token, message signature validation |
| Audit Logging | Security events logged with IP, timestamp, and context |
| Data Isolation | Per-restaurant Firestore collections, no cross-tenant access |
| API Protection | API key validation for platform-level endpoints |
| Deployment | GitHub webhook with secret verification for auto-deploy |
eitio/
├── public/ # Customer-facing pages
│ ├── homepage.php # Landing page with restaurant discovery
│ ├── restaurant.php # Menu browsing & ordering
│ ├── book-table.php # Table reservation form
│ ├── become-a-rider.php # Rider recruitment
│ ├── account/ # Customer account
│ │ ├── dashboard.php # Loyalty tiers, active orders, favorites
│ │ ├── orders.php # Order history with filters
│ │ ├── addresses.php # Saved delivery addresses
│ │ ├── profile.php # Account settings
│ │ └── login.php # Authentication
│ ├── about.php, blog.php, ... # Content pages (12 total)
│ └── assets/ # Static files (logos, icons)
├── api/ # Customer API (14 endpoints)
│ ├── create-order.php # Order placement
│ ├── order-status.php # Live order tracking
│ ├── check-postcode.php # Delivery zone validation
│ ├── validate-discount.php # Discount code verification
│ ├── favourites.php # Favorite items management
│ └── whatsapp/ # WhatsApp integration
│ ├── webhook.php # Incoming message handler
│ └── send.php # Outbound messaging
├── admin/ # Restaurant admin panel
│ ├── index.php # Dashboard with live orders
│ ├── orders.php # Order history & management
│ ├── menu.php # Menu CRUD with images
│ ├── bookings.php # Table booking management
│ ├── marketing.php # Email campaigns & discounts
│ ├── reports.php # Analytics & revenue
│ ├── settings.php # Restaurant configuration (149KB)
│ └── api/ # Admin API (33 endpoints)
│ ├── get-orders.php # Order retrieval
│ ├── save-menu.php # Menu updates
│ ├── send-campaign.php # Marketing campaigns
│ ├── track-open.php # Email open tracking
│ └── ...
├── core/ # Business logic (29 modules)
│ ├── AIBrain.php # Conversational AI engine
│ ├── AIFunctions.php # AI tool calling
│ ├── AIFunctionsExtended.php # Extended AI capabilities
│ ├── AI/ # Multi-provider AI layer
│ │ ├── ProviderFactory.php # Provider selection
│ │ ├── ProviderInterface.php # Common interface
│ │ └── Providers/
│ │ ├── ClaudeProvider.php # Anthropic Claude
│ │ ├── GeminiProvider.php # Google Gemini
│ │ ├── GroqProvider.php # Groq (Llama)
│ │ ├── KimiProvider.php # Moonshot Kimi
│ │ └── OpenAIProvider.php # OpenAI GPT
│ ├── Restaurant.php # Restaurant management
│ ├── Auth.php # Authentication
│ ├── Security.php # Security utilities
│ ├── Database.php # Database abstraction
│ ├── FirebaseDatabase.php # Firestore integration
│ ├── JsonDatabase.php # JSON file fallback
│ ├── StripeConnect.php # Payment processing
│ ├── WhatsAppService.php # WhatsApp API
│ ├── WhatsAppNotifications.php # Order notifications
│ ├── ConversationManager.php # Chat context persistence
│ ├── CustomerMemory.php # Customer preferences
│ ├── UpsellEngine.php # Product recommendations
│ ├── Email.php # SMTP email service
│ ├── Analytics.php # Analytics engine
│ ├── CommissionLedger.php # Platform fee tracking
│ ├── PostcodeService.php # Delivery zone logic
│ ├── Cache.php # TTL caching layer
│ ├── AuditLog.php # Security event logging
│ └── Backup.php # Automated backups
├── restaurants/ # Per-restaurant data
│ ├── lion-hotel/ # Restaurant tenant
│ │ ├── admin/ # Tenant admin (stub → shared)
│ │ ├── orders/ # JSON order storage
│ │ └── settings.json # Restaurant config
│ └── golden-dragon/ # Restaurant tenant
├── super-admin/ # Platform command center (22K lines)
│ ├── index.php # Login with IP whitelist + rate limiting
│ ├── dashboard.php # Enterprise dashboard (live GMV, charts)
│ ├── orders.php # Live orders kanban + activity ticker
│ ├── restaurants.php # Create/edit/suspend/delete restaurants
│ ├── applications.php # Application review + auto-onboarding
│ ├── customers.php # Customer segmentation & analytics
│ ├── commission.php # Platform + per-restaurant rates
│ ├── earnings.php # Revenue breakdowns & payout management
│ ├── whatsapp.php # WhatsApp AI control center
│ ├── whatsapp-marketing.php # Credit packages & templates
│ ├── conversations.php # Conversation viewer & management
│ ├── analytics.php # Platform-wide analytics (7-365 days)
│ ├── bookings.php # Cross-restaurant reservations
│ ├── settings.php # Branding, features, delivery, SMTP
│ ├── config.php # Super admin configuration
│ ├── includes/ # Shared layout components
│ │ ├── sidebar.php # Collapsible nav (14 items, 5 sections)
│ │ ├── header.php # HTML wrapper
│ │ ├── footer.php # Footer component
│ │ └── styles.php # Shared CSS
│ └── api/ # Super admin API (11 endpoints)
│ ├── dashboard.php # Dashboard summary data
│ ├── live-orders.php # Real-time order polling
│ ├── orders.php # Order monitoring
│ ├── restaurants.php # Restaurant CRUD
│ ├── commission.php # Commission calculations
│ ├── analytics.php # Analytics data
│ ├── whatsapp.php # WhatsApp stats
│ ├── alerts.php # Smart alert system
│ ├── get-checkout-url.php # Stripe checkout URLs
│ └── send-reminder.php # Email reminders
├── webhooks/
│ ├── stripe-connect.php # Stripe payment webhooks
│ └── github-deploy.php # Auto-deployment
├── css/ # 12 stylesheets (13,748 lines)
├── js/ # 15 JavaScript modules (10,926 lines)
├── config/
│ ├── stripe-connect.php # Stripe configuration
│ └── platform.json # Platform settings
├── data/ # Local data store
│ ├── cache/ # TTL cache files
│ ├── whatsapp/ # Message logs
│ └── rate-limits/ # Rate limit tracking
└── .env # Environment configuration
| Metric | Value |
|---|---|
| Total Lines of Code | 164,970+ |
| PHP (Backend) | 136,994 lines (419 files) |
| CSS (Styling) | 13,748 lines (12 files) |
| JavaScript (Frontend) | 10,926 lines (15 files) |
| HTML (Templates) | 3,302 lines (7 files) |
| Core Modules | 29 classes |
| API Endpoints | 58 (14 customer + 33 admin + 11 super admin) |
| Customer Pages | 24 |
| Admin Pages | 13 |
| Super Admin Pages | 14 |
| AI Providers | 5 |
| External Integrations | 8+ |
| Active Restaurants | 2 |
- Zero-framework frontend — vanilla JS with no React/Vue overhead, sub-100ms interactions
- Firebase Firestore — serverless auto-scaling with real-time listeners for order updates
- JSON fallback — automatic file-based failover ensures zero downtime during Firestore outages
- Postcode geocache — eliminates repeated geocoding API calls for delivery zone validation
- TTL caching — file-based cache layer for rate limits, API responses, and computed data
- Lazy loading — restaurant settings and menu data loaded on-demand per tenant
- PHPMailer queue — email campaigns processed with tracking pixels and click-through URLs
- Auto-deployment — GitHub webhook triggers instant production updates with zero manual steps
Built by xelauvas.dev
This repository contains only documentation. Source code is proprietary.