Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

MellerCMS Easy coded, NOT SECURE

Status
Not open for further replies.
Junior Spellweaver
Joined
Mar 12, 2015
Messages
111
Reaction score
8
Meller CMS ~ Development
WARNING: The Meller cms is not Secure! This is my first try to a CMS. It may contain Exploits.

Things that's done or planing.
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
Register (79%]
Login [94%]
Client [100%]
Exploits [21%]
News [69%]
Topusers [0%]
MySQLI [0%]
MySQL [98%]
PDO [0%]
Language switch [50%]
-_-_-_-_-_-_-_-_-_-_-_-_-
Prints
Meller Plus - MellerCMS Easy coded, NOT SECURE - RaGEZONE Forums

Meller Plus - MellerCMS Easy coded, NOT SECURE - RaGEZONE Forums

Meller Plus - MellerCMS Easy coded, NOT SECURE - RaGEZONE Forums
Meller Plus - MellerCMS Easy coded, NOT SECURE - RaGEZONE Forums
Code snippets:
Engine
PHP:
<?php
require_once('config.php');


/*------------MySQL ~ Connect-------------*/
if ($MySQL['type'] == 'MySQL' && $MySQL['connect'] == 'Connect')
{
    // PhpMyAdmin
    $phpmyadmin = mysql_connect($MySQL['hostname'], $MySQL['username'], $MySQL['password']);
    if (!$phpmyadmin)
    {
        die ('<b>PHPMyAdmin Error</b>: ' . mysql_error());
    }
    
    // DB
    $phpmyadmindb = mysql_select_db($MySQL['database'], $phpmyadmin);
    if (!$phpmyadmindb)
    {
        die ('<b>Database Error</b>: ' . mysql_error());
    }
}
/*------------MySQL ~ PConnect-------------*/


if ($MySQL['type'] == 'MySQL' && $MySQL['connect'] == 'PConnect')
{
    // PhpMyAdmin
    $phpmyadmin = mysql_pconnect($MySQL['hostname'], $MySQL['username'], $MySQL['password']);
    if (!$phpmyadmin)
    {
        die ('<b>PHPMyAdmin Error</b>: ' . mysql_error());
    }
    
    // DB
    $phpmyadmindb = mysql_select_db($MySQL['database'], $phpmyadmin);
    if (!$phpmyadmindb)
    {
        die ('<b>Database Error</b>: ' . mysql_error());
    }
}
?>
Remember this is my first CMS try,
Got suggestion? Leave a comment.

--------Update--------
Another page done.
Meller Plus - MellerCMS Easy coded, NOT SECURE - RaGEZONE Forums
 
Last edited:
Developer
Developer
Joined
Aug 10, 2011
Messages
7,405
Reaction score
3,315
Use PDO & Prepared statements. Then there is already a little chance it contains SQL exploits.

MySQL is really deprecated and should be removed from PHP.
 
Junior Spellweaver
Joined
Mar 12, 2015
Messages
111
Reaction score
8
Please take some time and read this:

You will learn how to code better, I have no idea what I was just reading and I highly doubt that the screenshots you provided and the code you provided are even related.
As I said, This is my first try, So it may contain Exploits.
 
Joined
Dec 16, 2011
Messages
1,994
Reaction score
633
Should probably consider using MySQLi. Also, are you able to provide more code examples, will make it easier for us to give you guide along with your development. And like Jonty said, I don't think the code provided is related to the screenshots, if anything it looks like a pre-coded SQL engine.
 
Joined
Feb 22, 2012
Messages
2,103
Reaction score
1,271
I'll leave here my opinion:

For the end-user, it's great. They won't see the back of the application, they just see it running.
But now, developers will see this and think it's a total mess, which is right. You should consider using MySQLi or PDO, and learning a little bit of OOP before doing a 100% CMS. At the end of the CMS, you may see that a lot of stuff you did use were wrongly done, and that will make your whole CMS fall apart.

Good luck with your CMS, hope you learn good stuff from it!
 
Junior Spellweaver
Joined
Mar 12, 2015
Messages
111
Reaction score
8
I'll leave here my opinion:

For the end-user, it's great. They won't see the back of the application, they just see it running.
But now, developers will see this and think it's a total mess, which is right. You should consider using MySQLi or PDO, and learning a little bit of OOP before doing a 100% CMS. At the end of the CMS, you may see that a lot of stuff you did use were wrongly done, and that will make your whole CMS fall apart.

Good luck with your CMS, hope you learn good stuff from it!
Thanks, Also as I planned it will be able to select mysqli or pdo or mysql, And I got a friend @Sara2000 Who will check exploits for me. She is already doing it, :) Edit: Nvm... Seems like she quited retros for 3minutes ago.
 
Last edited:
Software Engineer
Loyal Member
Joined
Feb 19, 2008
Messages
1,055
Reaction score
492
Here's another source for developing in PHP:



Definitely worth it's dollar if you want to make anything worthwhile.
 
Junior Spellweaver
Joined
Mar 12, 2015
Messages
111
Reaction score
8
What have you actually done in this? this is babbo cms and it is already released here on rz. you can't call this your own theme when it's just a edit, i can't even see the edit when i actually looks like the babbo theme that is released. stop copy paste..

https://forum.ragezone.com/f353/revcms-habbo-skin-edit-993471/
Not the damn theme -_- The CMS, Not theme.. -_-



I have always wondered that.
Took some time and counted what I've done and comming next in just that 'stuff'.
 
Newbie Spellweaver
Joined
May 11, 2015
Messages
29
Reaction score
1
This is a low reCMS. Why do you change the Name of Basic reCMS on Meller CMS?
If you change 2-3 codes, its not your CMS my friend.

Greez, Forex
 
Junior Spellweaver
Joined
Mar 12, 2015
Messages
111
Reaction score
8
This is a low reCMS. Why do you change the Name of Basic reCMS on Meller CMS?
If you change 2-3 codes, its not your CMS my friend.

Greez, Forex

Owh really?
look at the htdocs, Does it looks like revcms



This was made from scratch, Only the theme is made of Wouto and ofcourse Sulake.
 
Newbie Spellweaver
Joined
May 11, 2015
Messages
29
Reaction score
1
Owh really?
look at the htdocs, Does it looks like revcms



This was made from scratch, Only the theme is made of @Wouto and ofcourse Sulake.

Oh, allright my friend, i don't know about that.
Why do Wouto not make a own Theme?

Greez, Forex

PS: But thanks for the Release =)
 
Junior Spellweaver
Joined
Mar 12, 2015
Messages
111
Reaction score
8
Oh, allright my friend, i don't know about that.
Why do Wouto not make a own Theme?

Greez, Forex

PS: But thanks for the Release =)
Eh? The theme is made by Wouto and ofcourse sulake, But the Self CMSsystem is made by me, Also the theme is avalibe to change. But not comes as a config.
 
Joined
Feb 22, 2012
Messages
2,103
Reaction score
1,271
I think this thread should be locked, this isn't even a real development. Why bother coding something and putting it on here if it's unsecure and badly coded. That just gives more noobs the chance to be hacked and to hack other hotels which is what is turning this community into dirt.
Droppy asesinato

I'll give him a chance to amaze us, and he said he will probably be moving towards MySQLi or PDO soon. Let's see how it goes first.



Thanks, Also as I planned it will be able to select mysqli or pdo or mysql, And I got a friend @Sara2000 Who will check exploits for me. She is already doing it, :) Edit: Nvm... Seems like she quited retros for 3minutes ago.

I can assist with the code later if you want, just PM me with questions.
 
Status
Not open for further replies.
Back
Top