-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
iRaged
Wow shit totally forgot about that..
So either put a deny from all htaccess file in there or just delete the .txts after they are parsed
For IIS:
Open web.config
Under
<rule name="Imported Rule 1">
<match url="^([^.]*)$" ignoreCase="false" />
<action type="Rewrite" url="index.php" />
</rule>
Add
<rule name="RequestBlockingRule1" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{URL}" pattern="/Boost/Configuration/*" />
</conditions>
<action type="CustomResponse" statusCode="404" statusReason="File or directory not found." statusDescription="The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable." />
</rule>
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
or, make it a php file =)
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
Joopie
or, make it a php file =)
Or don't store it in a publicly available folder at all :)
Store all the CMS files in a sub location under www/htdocs/w.e
That's the safest thing to do.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
What compelled you to use a text file, of all things?
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
iRaged
I think I just died inside. And I can't even begin to explain....
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
I've been on three hotels that haven't protected that..
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
I am really sorry about the stupidity where people could see your MySQL Password and fixed it, and uploaded the new version on the main post. But if you didn't portforward port 3306 nobody should've been able to do anything to your hotel
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
azaidi
I am really sorry about that exploit where people could see your MySQL Password and fixed it, and uploaded the new version on the main post. But if you didn't portforward port 3306 nobody should've been able to do anything to your hotel
It's not an exploit. It's stupidity. Why on earth are you not putting the configurations in a PHP file which is protected from the public even accessing the file? Did you really think storing database credentials in a .txt file which is on a public webserver is a good idea? If you're stupid enough to do this there must be other flaws in your CMS.
I recommend people do not use this, unless someone who actually knows/cares about server/PHP security is willing to take the time to thoroughly examine the code and give confirmation that it is safe.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Hi guys, there was something wrong with the web.config. If you would change your clothes you get disconnected. So I fixed up the web.config. Also you need to put this in your wwwroot:
https://mega.co.nz/#!hVcgxJhA!M66_YD...ohIrYVVG2TR7QE
And replace your web.config with this:
PHP Code:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Imported Rule 1">
<match url="^([^.]*)$" ignoreCase="false" />
<action type="Rewrite" url="index.php" />
</rule>
<rule name="RequestBlockingRule1" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{URL}" pattern="/Boost/Configuration/*" />
</conditions>
<action type="CustomResponse" statusCode="404" statusReason="File or directory not found." statusDescription="The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable." />
</rule>
<rule name="Imported Rule 100">
<match url="^(([A-Za-z0-9\-_]+/)*[A-Za-z0-9\-_]+)?$" ignoreCase="false" />
<conditions logicalGrouping="MatchAll">
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
</conditions>
<action type="Rewrite" url="{R:1}.php" />
</rule>
<rule name="Imported Rule 1-1">
<match url="^habblet/xml/promo_habbos$" ignoreCase="false" />
<action type="Rewrite" url="habblet/xml/promo_habbos.php" />
</rule>
</rules>
</rewrite>
<httpErrors>
<remove statusCode="404" subStatusCode="-1" />
<remove statusCode="403" subStatusCode="-1" />
<error statusCode="403" prefixLanguageFilePath="" path="/index.php" responseMode="ExecuteURL" />
<error statusCode="404" prefixLanguageFilePath="" path="/index.php" responseMode="ExecuteURL" />
</httpErrors>
</system.webServer>
</configuration>
This is tested on swiftemu.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
There are some things I dont understand.. for example: why do you even save your config as a txt file when in your php code you clearly generate a php file from those txt files. Dump that feature and use ONLY the php files..
Other then that, keep it up. Looks better everytime. You should look up MVC when you have time ;)
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Changing clothes disconnects me.
What KevinZuiker posted didnt work.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
Jhonn
Changing clothes disconnects me.
What KevinZuiker posted didnt work.
Not related to the CMS. It is your emulator.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Not related to the CMS. It is your emulator.
I don't think its my emu, i changed it and still disconnecting when changing clothes, KevinZuiker's post on this topic didn't work for me.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
HillBilly
Not related to the CMS. It is your emulator.
It is related to the CMS actually. ;)
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
Jhonn
I don't think its my emu, i changed it and still disconnecting when changing clothes, KevinZuiker's post on this topic didn't work for me.
Just change your SWFS & make sure everything is configured correctly.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
Leon
It is related to the CMS actually. ;)
Probably the rewrite rules being too aggressive, just make some exceptions to your swf paths like kevinzuiker said when using R63B
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
azaidi
Probably the rewrite rules being too aggressive, just make some exceptions to your swf paths like kevinzuiker said when using R63B
I tried what kevinzuiker said, but didn't work.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
Jhonn
I tried what kevinzuiker said, but didn't work.
Have you put this in your wwwroot? https://mega.co.nz/#!hVcgxJhA!M66_YD...ohIrYVVG2TR7QE
Make sure you put the whole folder in it. Not only the file when opening alle the folders.
And as I said, I only tested it on swift (r63b) and it worked for me. If you use another emu, that could be it.
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
If you cannot change your clothes (disconnect when open clothes changer) your promo_habbos is missing or is unreadable/wrong format
Just rip habbo's
http://www.habbo.com/habblet/xml/promo_habbos
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
I want to know which Emulator works best with this CMS , and can anyone give me a link to a functional r63b swfs and sqls ?
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
What framework did you use to create this cms?
(If you used any)
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
Eronisch
What framework did you use to create this cms?
(If you used any)
None, I built it all from scratch
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
Eronisch
What framework did you use to create this cms?
(If you used any)
AzaidiFramework Elite Edition :D
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
azaidi
Please post the error here and maybe I could help. If it's something with the sso ticket uncomment the #R63B_Client package (rename it to simply R63B_Client) and try again
I had changed the #R63B_Client folder to R63B_Client and now it not came out an disconnected error but it redirects me after few moments when the bar fulls up to [url]/client/new . I had my Butter Storm running . hm
-
Re: [Packages][MySqli][Templates][Epicness] BoostCMS 1.0 ~ Official Release Thread
Quote:
Originally Posted by
Syareez Zainal
I had changed the #R63B_Client folder to R63B_Client and now it not came out an disconnected error but it redirects me after few moments when the bar fulls up to [url]/client/new . I had my Butter Storm running . hm
Sorry that /new thing was a feature I implemented but removed later on. Does the emulator log any errors/write any error files?
