RevCMS habbo theme edit & RevCMS Housekeeping release

[Lewislol]

Decided to do more work on forgot password system because I was bored.
Updates since last time.
Now redone it so it is done via actions.


- - - Updated - - -

Anyone have any suggestions on what to improve so far?
btw the ts $_GET is as I didn't have MySQL access for a few minutes & needed to check db structure.

Code:

removed

Will change some things in abit to make sure it is 100% secure.

- - - Updated - - -

Never done email related things before(SMTP), if anyone has any experience just PM me.
It's annoying me.

[Lewislol]

Just checked a friends error logs and he used the bug reporting page I released.
I noticed people have made a tool spamming it eventually causing his site to go down.(Over 20000 post submits in under 5 minutes).
I would advise you to remove this page as soon as possible and wait till tomorrow when I have a chance to recode it with security as #1 priority.

[Dann Marchelo]

Code:

<?php 
                                        $sql = mysql_query("SELECT username FROM hk_issues WHERE username = '".$_SESSION['user']['username']."'");
                                        if($_POST['add_ban']){
                                            $text = mysql_real_escape_string($_POST['text']);
                                            $type = mysql_real_escape_string($_POST['type']);
                                            $username = mysql_real_escape_string($_POST['username']);
                                            $resolved = mysql_real_escape_string($_POST['resolved']);
                                            
                                            if(empty($text)){
                                                echo '<div class = "alert">You have not entered a bug/feature request?</div><br>';
                                            }
                                            
                                            else if($_SESSION['user']['username'] == 'Test'){
                                                echo '<div class = "alert" style = "height:50px;">Please make your own account to submit a feature request.</div>';
                                            }
                                            
                                            else{    
                                            if(mysql_num_rows($sql) < 1){
                                                $query = "INSERT INTO hk_issues SET type='{$type}', text='{$text}', username='" . $_SESSION['user']['username'] ."'";
                                                mysql_query($query) or die ("Error in query: {$logtest}. ".mysql_error());
                                                mysql_query($banlog);
                                                echo '<div class = "alert">Bug/Feature request added successfully.<meta http-equiv="refresh" content="3;url={url}/bugs"/></div><br>';
                                            }else{
                                                echo '<div class = "alert">You already have an open/pending issue!</div><br />';
                                           } 
                                          }
                                        }
                                ?>

I was bored that should be fine I guess. http://prntscr.com/4ehx54

[JackHoll]

I was bored that should be fine I guess. http://prntscr.com/4ehx54

Thanks for the fix.

[Damien Jolly]

Code:

<?php 
                                        $sql = mysql_query("SELECT username FROM hk_issues WHERE username = '".$_SESSION['user']['username']."'");
                                        if($_POST['add_ban']){
                                            $text = mysql_real_escape_string($_POST['text']);
                                            $type = mysql_real_escape_string($_POST['type']);
                                            $username = mysql_real_escape_string($_POST['username']);
                                            $resolved = mysql_real_escape_string($_POST['resolved']);
                                            
                                            if(empty($text)){
                                                echo '<div class = "alert">You have not entered a bug/feature request?</div><br>';
                                            }
                                            
                                            else if($_SESSION['user']['username'] == 'Test'){
                                                echo '<div class = "alert" style = "height:50px;">Please make your own account to submit a feature request.</div>';
                                            }
                                            
                                            else{    
                                            if(mysql_num_rows($sql) < 1){
                                                $query = "INSERT INTO hk_issues SET type='{$type}', text='{$text}', username='" . $_SESSION['user']['username'] ."'";
                                                mysql_query($query) or die ("Error in query: {$logtest}. ".mysql_error());
                                                mysql_query($banlog);
                                                echo '<div class = "alert">Bug/Feature request added successfully.<meta http-equiv="refresh" content="3;url={url}/bugs"/></div><br>';
                                            }else{
                                                echo '<div class = "alert">You already have an open/pending issue!</div><br />';
                                           } 
                                          }
                                        }
                                ?>

I was bored that should be fine I guess. http://prntscr.com/4ehx54

Should store user ID rather than username. Would be better for the hotels that have :flagme and the ability to change name.

[Dann Marchelo]

But who would flagme 20k times just to abuse the system? Added userid anyway.

Code:

DROP TABLE IF EXISTS `hk_issues`;
CREATE TABLE `hk_issues` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
  `type` enum('bug','request','') NOT NULL,
  `text` varchar(255) NOT NULL,
  `username` varchar(255) NOT NULL,
  `userid` int(11) DEFAULT '0',
  `resolved` text,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

Code:

<?php                                          $sql = mysql_query("SELECT userid,username FROM hk_issues WHERE (userid='".$_SESSION['user']['id']."' OR username='".$_SESSION['user']['username']."')");
                                        if($_POST['add_ban']){
                                            $text = mysql_real_escape_string($_POST['text']);
                                            $type = mysql_real_escape_string($_POST['type']);
                                            $username = mysql_real_escape_string($_POST['username']);
                                            $userid = mysql_real_escape_string($_POST['userid']);
                                            $resolved = mysql_real_escape_string($_POST['resolved']);
                                            
                                            if(empty($text)){
                                                echo '<div class = "alert">You have not entered a bug/feature request?</div><br>';
                                            }
                                            
                                            else if($_SESSION['user']['id'] == ''){
                                                echo '<div class = "alert">Please log in to submit a feature request.</div>';
                                            }
                                            
                                            else{    
                                            if(mysql_num_rows($sql) < 1){
                                                $query = "INSERT INTO hk_issues SET type='{$type}', text='{$text}', username='" . $_SESSION['user']['username'] ."', userid='" . $_SESSION['user']['id'] ."'";
                                                mysql_query($query) or die ("Error in query: {$logtest}. ".mysql_error());
                                                mysql_query($banlog);
                                                echo '<div class = "alert">Bug/Feature request added successfully.<meta http-equiv="refresh" content="3;url={url}/bugs"/></div><br>';
                                            }else{
                                                echo '<div class = "alert">You already have an open/pending issue!</div><br />';
                                           } 
                                          }
                                        }
                                ?>

http://prntscr.com/4ej9js

[Lewislol]

But who would flagme 20k times just to abuse the system? Added userid anyway.

Code:

DROP TABLE IF EXISTS `hk_issues`;
CREATE TABLE `hk_issues` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
  `type` enum('bug','request','') NOT NULL,
  `text` varchar(255) NOT NULL,
  `username` varchar(255) NOT NULL,
  `userid` int(11) DEFAULT '0',
  `resolved` text,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

Code:

<?php                                          $sql = mysql_query("SELECT userid,username FROM hk_issues WHERE (userid='".$_SESSION['user']['id']."' OR username='".$_SESSION['user']['username']."')");
                                        if($_POST['add_ban']){
                                            $text = mysql_real_escape_string($_POST['text']);
                                            $type = mysql_real_escape_string($_POST['type']);
                                            $username = mysql_real_escape_string($_POST['username']);
                                            $userid = mysql_real_escape_string($_POST['userid']);
                                            $resolved = mysql_real_escape_string($_POST['resolved']);
                                            
                                            if(empty($text)){
                                                echo '<div class = "alert">You have not entered a bug/feature request?</div><br>';
                                            }
                                            
                                            else if($_SESSION['user']['id'] == ''){
                                                echo '<div class = "alert">Please log in to submit a feature request.</div>';
                                            }
                                            
                                            else{    
                                            if(mysql_num_rows($sql) < 1){
                                                $query = "INSERT INTO hk_issues SET type='{$type}', text='{$text}', username='" . $_SESSION['user']['username'] ."', userid='" . $_SESSION['user']['id'] ."'";
                                                mysql_query($query) or die ("Error in query: {$logtest}. ".mysql_error());
                                                mysql_query($banlog);
                                                echo '<div class = "alert">Bug/Feature request added successfully.<meta http-equiv="refresh" content="3;url={url}/bugs"/></div><br>';
                                            }else{
                                                echo '<div class = "alert">You already have an open/pending issue!</div><br />';
                                           } 
                                          }
                                        }
                                ?>

http://prntscr.com/4ej9js

Just to answer your question.
The owners of Rise Hotel would.

- - - Updated - - -

Done it with a check, will make a housekeeping addon for this soon.
Create Function

Code:

								 <?php 
										if($_POST['add_ban']){
											$text = mysql_real_escape_string($_POST['text']);
											$type = mysql_real_escape_string($_POST['type']);
											$username = mysql_real_escape_string($_POST['username']);
											$resolved = mysql_real_escape_string($_POST['resolved']);
											$bugcheck = mysql_query("SELECT id, resolved FROM hk_issues WHERE username = '{$_SESSION['user']['username']}' AND resolvedc = '0'");


											if(empty($text)){
												echo '<div class = "alert">You have not entered a bug/feature request?</div><br>';
											}
											


											if(mysql_num_rows($bugcheck) >= 2){
												echo 'You must wait until your current bug reports are resolved.';
											}
											
											else{	
												$query = "INSERT INTO hk_issues SET type='{$type}', text='{$text}', username='" . $_SESSION['user']['username'] ."'";
												mysql_query($query) or die ("Error in query: {$logtest}. ".mysql_error());
												mysql_query($banlog);
												echo '<div class = "alert">Bug/Feature request added successfully.<meta http-equiv="refresh" content="3;url={url}/bugs"/></div><br>';
											}
										}
								?>
									<form method = "post">
										<select name = "type">
										  <option value="bug">Bug</option>
										  <option value="request">Feature Request</option>
										</select><br>
										<b>Bug/Feature?: </b><br><input type = "text" value = "<?php echo $_POST['text']; ?>" name = "text"><br><br>
										<input type = "sub

SQL

Code:

DROP TABLE IF EXISTS `hk_issues`;
CREATE TABLE `hk_issues` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
  `type` enum('bug','request','') NOT NULL,
  `text` varchar(255) NOT NULL,
  `username` varchar(255) NOT NULL,
  `resolved` text,
  `resolvedc` enum('0','1') NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=7 DEFAULT CHARSET=utf8;


-- ----------------------------
-- Records of hk_issues
-- ----------------------------
INSERT INTO `hk_issues` VALUES ('1', 'bug', 'l', 'Test', 'Content', '0');
INSERT INTO `hk_issues` VALUES ('2', 'bug', 'l', 'Test', 'Content', '1');
INSERT INTO `hk_issues` VALUES ('3', 'bug', 'l', 'Test', 'Content', '1');
INSERT INTO `hk_issues` VALUES ('4', 'bug', 'te', 'Test', 'Content', '1');
INSERT INTO `hk_issues` VALUES ('5', 'bug', '.', 'Test', null, '1');
INSERT INTO `hk_issues` VALUES ('6', 'bug', 'l', 'Test', null, '0');

Added a column 'resolvedc' that needs to be set for 1 in order for the user to make more than three requests.

- - - Updated - - -

Forgot to post add case "bugs": to class.core near cases so it can't be viewed if someone does not have a active session( near case "me": )

- - - Updated - - -

This thread can be closed, I can't be assed working on this anymore.
Might release my DJ panel & Forgot password system in a few weeks but depends on how I feel.

[Hejula]

Just checked a friends error logs and he used the bug reporting page I released.
I noticed people have made a tool spamming it eventually causing his site to go down.(Over 20000 post submits in under 5 minutes).
I would advise you to remove this page as soon as possible and wait till tomorrow when I have a chance to recode it with security as #1 priority.

@Joopie had SMTP email in BrickPHP (I think it was this one) and maybe you'll be able to use it as an example? I haven't got a copy of it any more but he might if you ask nicely

[Joopie]

@Joopie had SMTP email in BrickPHP (I think it was this one) and maybe you'll be able to use it as an example? I haven't got a copy of it any more but he might if you ask nicely

Or just use phpmailer, thats the one I'm currently using for my framework. There are enough examples on their github to set it up for your needs.

[Detox]

Re-opened upon original posters request.

[Lewislol]

Sick of getting PMs with people saying "I am getting hacked using this CMS" so I am going to post a download with a few updates in the next few days.
Will remove the forgotten password exploit and throw in a few extra features.
Features planned
- Two factor authentication(Security Pins)
- Login on housekeeping
- Basic forgotten password system
- Updated habbo index added(credits to another user, cba doing it myself)
- Redoing some design aspects.
- MySQLi class added(credits to @wesley66101 but added a few little tweaks myself)
- Better home page.

And another few little things.
I know RevCMS is outdated but most hotels I see uses it so I thought i would do one last version.

[Nexeuz]

Very good cms, i don't avatible in spanish?

genial cms, no esta avatible en español?

[Lewislol]

Very good cms, i don't avatible in spanish?

genial cms, no esta avatible en español?

I won't be translating it to other languages, sorry but you can easily do it yourself.

- - - Updated - - -

I need some ideas for features, as I will spend a few hours on this.
So far:
-> Updated to MySQLi
-> Latest index
-> Better user home pages in progress

Live demo server is getting installed.

All features planned are above.

Just list the idea below in this format:
IDEA:
How it should work:
Example(If possible):

[Andre96]

Could you maybe look if things like {newsTitle} can work when you aren't logged in.

[Lewislol]

Could you maybe look if things like {newsTitle} can work when you aren't logged in.

I can probably make it configurable, in the configuration file so if you want to allow people to roam around your cms without an active session they can see the news, but otherwise it redirects you back to the index page.
This has been added to the next revision for you :) A demo should be up within the next 24 hours.(Similar to my old demos, every user gets a staff rank)

Made a few changes to this.
This feature has been added to the configuration file, you have to set site_roaming to false if you wish to not let
users access your site without an active session or true and they get access to community, shop, staff and the news page.