RevCms21 | PHP OOP PDO | Ft. Shock 2.3

[Funsolit]

Revcms21 is a clean version of RevCMS 1.9.9.9, updated and using OOP PDO and is based on modern php. It also follows basic standards, security measures, and it will support current most popular emulators. This version of RevCms will also offer alot of new configuration, such as being able to choose between Bcrypt, md5 or sha1 as simple as changing a single word in a file.

This will be released soon, well as soon as it's production ready. I will probably create some kind of testing-website where you can test this, and report bugs.

Revcms21 - the code
The code is not rewritten, it has been re-done where it needed to be redone. Alot of old issues are being fixed, or are currently fixed.

Snippets

Spoiler

Part of uswers class (NEW)

	/*------------------------------- Auth -------------------------------------*/ 
	
	final public function isLogged()
	{
		return isset($_SESSION['user']['id']);
	}

	final public function logOut()
	{
                session_regenerate_id(true);
		session_destroy();
		
	}
	
	/*-------------------------------Checking of submitted data-------------------------------------*/ 
	
	final public function validName($username) 	
	{
		return strlen($username) <= 25 && preg_match("/^[a-zA-Z0-9]+$/", $username);
	}

	final public function validEmail($email) 	
	{ 		
		return filter_var($email, FILTER_VALIDATE_EMAIL);	
	} 	 	
	
	final public function validSecKey($seckey)
	{
		return is_numeric($seckey) && strlen($seckey) == 4;
	}
	
	final public function nameTaken($username) 	
	{ 		
		global $db;
		return $db->prepare("SELECT id FROM users WHERE username = ? LIMIT 1")->execute($username)->rowCount() > 0;
	} 
	
	final public function emailTaken($email)
	{
		global $db;
		return $db->prepare("SELECT id FROM users WHERE mail = ? LIMIT 1")->execute($email)->rowCount() > 0;
	} 
		
	final public function userValidation($username, $password)
	{ 		
		global $db, $_CONFIG, $core; 
		if($_CONFIG['site']['hash'] === 'md5')
		{
			$pass = md5($password);
			return $db->prepare("SELECT id FROM users WHERE username = ? AND password = ? LIMIT 1")->execute([$username, $pass])->rowCount() > 0;
		}
		elseif($_CONFIG['site']['hash'] === 'sha1')
		{
			$pass = sha1($password);
			return $db->prepare("SELECT id FROM users WHERE username = ? AND password = ? LIMIT 1")->execute([$username, $pass])->rowCount() > 0;
		}
		elseif($_CONFIG['site']['hash'] === 'bcrypt')
		{
			$db->prepare("SELECT password FROM users WHERE username = ? LIMIT 1")->execute($username);

			if($db->rowCount() == 1)
			{
				$ui = $db->fetch();
				return password_verify($password, $ui['password']);
			}
		}
		else
		{
			$core->systemError("Configuration", "no hash type has been set, please choose between md5, sha1 or <b>bcrypt</b>.");
		}
	} 	 	
	
	/*-------------------------------Stuff related to bans-------------------------------------*/ 
	
final public function isBanned($value) 
    { 
    	global $db;
		return $db->prepare("SELECT id FROM bans WHERE value = ? AND expire >= '" . time() . "'")->execute($value)->rowCount() > 0;
    }  
	
	final public function getReason($value)
	{
		global $db;
		$baninfo = $db->prepare("SELECT reason FROM bans WHERE value = ? LIMIT 1")->execute($value)->fetch();
		return $baninfo['reason'];
	}
	
	final public function hasClones($ip)
	{
		global $_CONFIG, $db;
		return ($db->prepare("SELECT id FROM users WHERE ip_reg = ?")->execute($ip)->rowCount() >= $_CONFIG['site']['maxregperip']);
	}

	// search page
    final public function searchMember()
    {
        global $engine, $db, $template;

        if(isset($_GET["q"]) && !empty($_GET["q"]))
        {
            $result = $db->prepare("SELECT username, look FROM users WHERE username LIKE ?")->execute( "%" . $engine->filter($_GET["q"]) . "%" );

            $searchListTpl = ''; //html error fix
 
            if($result->rowCount() > 0)
            {
                $searchListTpl .= '

                <div class="panel panel-blue">
	                <div class="panel-heading">
		                <h3 class="panel-title">
			                <i class="fa fa-search"></i> Search results
		                </h3>
		             </div>
		             <div class="panel-body recent-users-wrap">

                ';

                foreach($result->fetchAll() as $user)
                {
                   
                	$look = 'https://www.habbo.nl/habbo-imaging/avatarimage?figure=' . $user['look'] .'&size=m&direction=3&head_direction=3&guesture=sml&action=crr';

                    $searchListTpl .= '

                    <div class="recent-user c-0" style="background-image: url(' . $look . ');">
                        <h4 class="user-name">
                        	<a href="{url}/profile/' . $user['username'] .'" >' . $user['username'] .'</a>
                        </h4>
                    </div>

                    ';
                   
                }

                $searchListTpl .= '</div></div';

                $template->setParams('searchList', $searchListTpl);
            }
            else
            {
                $searchListTpl = '
                <div class="panel-body recent-users-wrap">
                	<div class="alert alert-red">No results found!</div>
                </div>
                ';

                $template->setParams('searchList', $searchListTpl);
            }
       
        }
        else
        {
            $searchListTpl = ''; //hide result box
            $template->setParams('searchList', $searchListTpl);
        }
    }

Ooh and here is what the filter method is made of

	// for filtering inputs etc.
	final public function filter($txt)
	{
		return (stripslashes(htmlspecialchars($txt)));
	}

Revcms21 - Features
While keeping all the old features, here are some of the new features that will be coded into the base of RevCms21.

• Language system ???
• user-Support panel
• Simple admin panel
• Sugguest something please ?

Completed

• pdo transfer
• anti session fixation
• update of most classes
• Profiles
• Supports Bcrypt, sha1 and md5
• comment systems
• Compatible with Arcturus, and plusemu (plusemu mode should work for phoenix too)
• security - Brute force systems, anti session fixation, prepared statements, filters etc.
• Logs (for everything neccesary, logins, register, client entrances etc.)

 

[pel]

Didnt got the sense of using if-conditions. Why not just like this:

return isset($_SESSION['user']['id']);

return (strlen($username) <= 25 && preg_match("/^[a-zA-Z0-9]+$/", $username));

return is_numeric($seckey) && strlen($seckey) == 4;

but well, yea, good luck.

 

[telli]

Good luck with this.

 

[ovflowd]

Okay, it's a RevCMS edit? Yeah? So in terms you will only edit the backend.. I mean the core.. Why not also include a new AdminCP and new Theme?

 

[telli]

Okay, it's a RevCMS edit? Yeah? So in terms you will only edit the backend.. I mean the core.. Why not also include a new AdminCP and new Theme?

It states on the features list that he'll be adding a:

• Simple admin panel

 

[Funsolit]

Okay, it's a RevCMS edit? Yeah? So in terms you will only edit the backend.. I mean the core.. Why not also include a new AdminCP and new Theme?

This is going to be a new version of Revcms, it will keep everything it has and then add new things, new configuration , oop pdo db class and much more, and yes there will be a Admin panel.

People can use whatever skin they want, and make their own templates, all of that will be supported just like the old Revcms supported it, the only things people need to change is that there will be no PHP in the skin file it self, all of that will be replaced with things such as {getProfileFriends}, {getProfileComments}, and this can all be edited in the form-page "handler".

And while doing this, i decided to update The Shock theme, and include it in the same Dev thread since i don't want to make two different threads, and it might as well be the Default skin for RevCms21 as there won't be any other skin edits that will work 100% when this gets released.



New snippets will be released soon (within a few days, or later on today), and probably upload it all on Github publicly for testing- and feedback.

 

[The General]

Needs Arcturus compatibility.

 

[Funsolit]

Needs Arcturus compatibility.

Currently adding that :sneaky2:



I just wanted to say that i've only been coding in PHP in a serious way for about 2 weeks and that i'm only doing this project to get feedback and at the same time give something back to the community that i once enjoyed very much. So any feedback you give me is highly appreciated.

New snippet + updates

So... I'm making sure that the template requires no PHP, and thus i'm creating new template tags that will make everything look better in the template files.

Search page handler

Spoiler

	// search page
    final public function searchMember()
    {
        global $engine, $db, $template;

        if(isset($_GET["q"]) && !empty($_GET["q"]))
        {
            $result = $db->prepare("SELECT username, look FROM users WHERE username LIKE ?")->execute( "%" . $engine->filter($_GET["q"]) . "%" );

            $searchListTpl = ''; //html error fix
 
            if($result->rowCount() > 0)
            {
                $searchListTpl .= '

                <div class="panel panel-blue">
	                <div class="panel-heading">
		                <h3 class="panel-title">
			                <i class="fa fa-search"></i> Search results
		                </h3>
		             </div>
		             <div class="panel-body recent-users-wrap">

                ';

                foreach($result->fetchAll() as $user)
                {
                   
                	$look = 'https://www.habbo.nl/habbo-imaging/avatarimage?figure=' . $user['look'] .'&size=m&direction=3&head_direction=3&guesture=sml&action=crr';

                    $searchListTpl .= '

                    <div class="recent-user c-0" style="background-image: url(' . $look . ');">
                        <h4 class="user-name">
                        	<a href="{url}/profile/' . $user['username'] .'" >' . $user['username'] .'</a>
                        </h4>
                    </div>

                    ';
                   
                }

                $searchListTpl .= '</div></div';

                $template->setParams('searchList', $searchListTpl);
            }
            else
            {
                $searchListTpl = '
                <div class="panel-body recent-users-wrap">
                	<div class="alert alert-red">No results found!</div>
                </div>
                ';

                $template->setParams('searchList', $searchListTpl);
            }
       
        }
        else
        {
            $searchListTpl = ''; //hide result box
            $template->setParams('searchList', $searchListTpl);
        }
    }

Ooh and here is what the filter method is made of

	// for filtering inputs etc.
	final public function filter($txt)
	{
		return (stripslashes(htmlspecialchars($txt)));
	}

 

[zRarely]

Ooh and here is what the filter method is made of

    // for filtering inputs etc.
    final public function filter($txt)
    {
        return (stripslashes(htmlspecialchars($txt)));
    }

[/SPOILER]

A simple filter_var($txt, FILTER_SANITIZE_STRING); would do the job.

 

[pel]

nvm looks good

 

[Jonteh]

Should apply your skills to a new project instead of fixing up a bad one.

 

[Kryptos]

Best of luck, you have good ideas.

Should apply your skills to a new project instead of fixing up a bad one.

Better than anything you ever did tt1:

 

[Jonteh]

Best of luck, you have good ideas.



Better than anything you ever did tt1:

Dunno about that bro. No need to get butthurt, this code is outdated and a new project is in order. Why must everyone in the Habbo section be so protective of their trash?

 

[KyleeIsProzZ]

Dunno about that bro. No need to get butthurt, this code is outdated and a new project is in order. Why must everyone in the Habbo section be so protective of their trash?

Hmm I can say the same about you to, you to have revived projects that has old code and have been dead into new, just look at your uber bring backs and everything else. Also "this code is outdated", take a look at this thread again and ask yourself why did you say such a thing. (No butthurting intended) just trying to tell someone that is butthurt himself so stop with this bs that you comment on new development threads tt1:.

--- EDIT: --

Ontopic:

Nice Development, you have here, best wishes on this being released once completed. You should create a github for preview purposes and also other users can learn from it.

 

[Jonteh]

Hmm I can say the same about you to, you to have revived projects that has old code and have been dead into new, just look at your uber bring backs and everything else. Also "this code is outdated", take a look at this thread again and ask yourself why did you say such a thing. (No butthurting intended) just trying to tell someone that is butthurt himself so stop with this bs that you comment on new development threads tt1:.

Uber is years old. I haven't put a CMS on here in years (not a newly coded one anyway).

This code is outdated lol, it has no caching, it runs multiple queries on each page and it mixes html and php together in the template files... and you can also execute template files if you access them directly because it uses PHP format and has no rules to stop it... If that's not bad then I don't know what is.

 

[Funsolit]

Update:

Working on the default theme and its handlers, and at the same time the Admin panel :junglejane:

Here is the sneak peak of the Default theme of Revcms21, Shock 2.3.

Btw i didn't design this theme, i just took the .css file :

 

[ovflowd]

@Funsolit i reate the theme with 7 points​... I think you can do a better job haha. Good luck.

 

[Funsolit]

Funsolit i reate the theme with 7 points​... I think you can do a better job haha. Good luck.

I understand your point, and i too feel that it is a little "too much" but in a good yet bad way.

I might be the worst "designer" in css out of every person that considers themselves a webdeveloper.

No way dude that i personaly can do better, and even if people don't like this style, i'm going to add another new style after the release :five:.

 

[ovflowd]

I understand your point, and i too feel that it is a little "too much" but in a good yet bad way.

I might be the worst "designer" in css out of every person that considers themselves a webdeveloper.

No way dude that i personaly can do better, and even if people don't like this style, i'm going to add another new style after the release :five:.

I don't think you're the baddest CSS developer. See this website:

You must be registered to see links

, that is bad.

I recommend you see this site:

You must be registered to see links

, has a great design, it's the best design ever in my opinion. Inspire yourself with this..

Good luck

 

[EmielJ]

At this point in your snippets

$result = $db->prepare("SELECT username, look FROM users WHERE username LIKE ?")->execute( "%" . $engine->filter($_GET["q"]) . "%" );

Why not use something like this ( My guess is that you wouldn't have to filter it this way )

$result = $db->prepare("SELECT username, look FROM users WHERE username LIKE CONCAT('%', :q, '%')")->execute(array(":q", => $_GET['q']));

Fairly new to PDO sooo... idk :blush: