- Joined
- Feb 5, 2012
- Messages
- 259
- Reaction score
- 93
This will be released soon, well as soon as it's production ready. I will probably create some kind of testing-website where you can test this, and report bugs.
Revcms21 - the code
The code is not rewritten, it has been re-done where it needed to be redone. Alot of old issues are being fixed, or are currently fixed.
Snippets
Part of uswers class (NEW)
Ooh and here is what the filter method is made of
PHP:
/*------------------------------- Auth -------------------------------------*/
final public function isLogged()
{
return isset($_SESSION['user']['id']);
}
final public function logOut()
{
session_regenerate_id(true);
session_destroy();
}
/*-------------------------------Checking of submitted data-------------------------------------*/
final public function validName($username)
{
return strlen($username) <= 25 && preg_match("/^[a-zA-Z0-9]+$/", $username);
}
final public function validEmail($email)
{
return filter_var($email, FILTER_VALIDATE_EMAIL);
}
final public function validSecKey($seckey)
{
return is_numeric($seckey) && strlen($seckey) == 4;
}
final public function nameTaken($username)
{
global $db;
return $db->prepare("SELECT id FROM users WHERE username = ? LIMIT 1")->execute($username)->rowCount() > 0;
}
final public function emailTaken($email)
{
global $db;
return $db->prepare("SELECT id FROM users WHERE mail = ? LIMIT 1")->execute($email)->rowCount() > 0;
}
final public function userValidation($username, $password)
{
global $db, $_CONFIG, $core;
if($_CONFIG['site']['hash'] === 'md5')
{
$pass = md5($password);
return $db->prepare("SELECT id FROM users WHERE username = ? AND password = ? LIMIT 1")->execute([$username, $pass])->rowCount() > 0;
}
elseif($_CONFIG['site']['hash'] === 'sha1')
{
$pass = sha1($password);
return $db->prepare("SELECT id FROM users WHERE username = ? AND password = ? LIMIT 1")->execute([$username, $pass])->rowCount() > 0;
}
elseif($_CONFIG['site']['hash'] === 'bcrypt')
{
$db->prepare("SELECT password FROM users WHERE username = ? LIMIT 1")->execute($username);
if($db->rowCount() == 1)
{
$ui = $db->fetch();
return password_verify($password, $ui['password']);
}
}
else
{
$core->systemError("Configuration", "no hash type has been set, please choose between md5, sha1 or <b>bcrypt</b>.");
}
}
/*-------------------------------Stuff related to bans-------------------------------------*/
final public function isBanned($value)
{
global $db;
return $db->prepare("SELECT id FROM bans WHERE value = ? AND expire >= '" . time() . "'")->execute($value)->rowCount() > 0;
}
final public function getReason($value)
{
global $db;
$baninfo = $db->prepare("SELECT reason FROM bans WHERE value = ? LIMIT 1")->execute($value)->fetch();
return $baninfo['reason'];
}
final public function hasClones($ip)
{
global $_CONFIG, $db;
return ($db->prepare("SELECT id FROM users WHERE ip_reg = ?")->execute($ip)->rowCount() >= $_CONFIG['site']['maxregperip']);
}
PHP:
// search page
final public function searchMember()
{
global $engine, $db, $template;
if(isset($_GET["q"]) && !empty($_GET["q"]))
{
$result = $db->prepare("SELECT username, look FROM users WHERE username LIKE ?")->execute( "%" . $engine->filter($_GET["q"]) . "%" );
$searchListTpl = ''; //html error fix
if($result->rowCount() > 0)
{
$searchListTpl .= '
<div class="panel panel-blue">
<div class="panel-heading">
<h3 class="panel-title">
<i class="fa fa-search"></i> Search results
</h3>
</div>
<div class="panel-body recent-users-wrap">
';
foreach($result->fetchAll() as $user)
{
$look = 'https://www.habbo.nl/habbo-imaging/avatarimage?figure=' . $user['look'] .'&size=m&direction=3&head_direction=3&guesture=sml&action=crr';
$searchListTpl .= '
<div class="recent-user c-0" style="background-image: url(' . $look . ');">
<h4 class="user-name">
<a href="{url}/profile/' . $user['username'] .'" >' . $user['username'] .'</a>
</h4>
</div>
';
}
$searchListTpl .= '</div></div';
$template->setParams('searchList', $searchListTpl);
}
else
{
$searchListTpl = '
<div class="panel-body recent-users-wrap">
<div class="alert alert-red">No results found!</div>
</div>
';
$template->setParams('searchList', $searchListTpl);
}
}
else
{
$searchListTpl = ''; //hide result box
$template->setParams('searchList', $searchListTpl);
}
}
Ooh and here is what the filter method is made of
PHP:
// for filtering inputs etc.
final public function filter($txt)
{
return (stripslashes(htmlspecialchars($txt)));
}
Revcms21 - Features
While keeping all the old features, here are some of the new features that will be coded into the base of RevCms21.
- Language system ???
- user-Support panel
- Simple admin panel
- Sugguest something please ?
Completed
- pdo transfer
- anti session fixation
- update of most classes
- Profiles
- Supports Bcrypt, sha1 and md5
- comment systems
- Compatible with Arcturus, and plusemu (plusemu mode should work for phoenix too)
- security - Brute force systems, anti session fixation, prepared statements, filters etc.
- Logs (for everything neccesary, logins, register, client entrances etc.)
Attachments
You must be registered for see attachments list
Last edited: