MellerCMS Easy coded, NOT SECURE

[Meller Plus]

Meller CMS ~ Development
WARNING: The Meller cms is not Secure! This is my first try to a CMS. It may contain Exploits.

Things that's done or planing.
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
Register (79%]
Login [94%]
Client [100%]
Exploits [21%]
News [69%]
Topusers [0%]
MySQLI [0%]
MySQL [98%]
PDO [0%]
Language switch [50%]
-_-_-_-_-_-_-_-_-_-_-_-_-
Prints

Spoiler

Code snippets:

Spoiler

Engine

<?php
require_once('config.php');


/*------------MySQL ~ Connect-------------*/
if ($MySQL['type'] == 'MySQL' && $MySQL['connect'] == 'Connect')
{
    // PhpMyAdmin
    $phpmyadmin = mysql_connect($MySQL['hostname'], $MySQL['username'], $MySQL['password']);
    if (!$phpmyadmin)
    {
        die ('<b>PHPMyAdmin Error</b>: ' . mysql_error());
    }
    
    // DB
    $phpmyadmindb = mysql_select_db($MySQL['database'], $phpmyadmin);
    if (!$phpmyadmindb)
    {
        die ('<b>Database Error</b>: ' . mysql_error());
    }
}
/*------------MySQL ~ PConnect-------------*/


if ($MySQL['type'] == 'MySQL' && $MySQL['connect'] == 'PConnect')
{
    // PhpMyAdmin
    $phpmyadmin = mysql_pconnect($MySQL['hostname'], $MySQL['username'], $MySQL['password']);
    if (!$phpmyadmin)
    {
        die ('<b>PHPMyAdmin Error</b>: ' . mysql_error());
    }
    
    // DB
    $phpmyadmindb = mysql_select_db($MySQL['database'], $phpmyadmin);
    if (!$phpmyadmindb)
    {
        die ('<b>Database Error</b>: ' . mysql_error());
    }
}
?>

Remember this is my first CMS try,
Got suggestion? Leave a comment.

--------Update--------
Another page done.

Spoiler

 

[Droppy]

Thread approved.

 

[The General]

Use PDO & Prepared statements. Then there is already a little chance it contains SQL exploits.

MySQL is really deprecated and should be removed from PHP.

 

[Jonteh]

Please take some time and read this:

You must be registered to see links

You will learn how to code better, I have no idea what I was just reading and I highly doubt that the screenshots you provided and the code you provided are even related.

 

[Meller Plus]

Please take some time and read this:

You must be registered to see links

You will learn how to code better, I have no idea what I was just reading and I highly doubt that the screenshots you provided and the code you provided are even related.

As I said, This is my first try, So it may contain Exploits.

 

[Liam]

Should probably consider using MySQLi. Also, are you able to provide more code examples, will make it easier for us to give you guide along with your development. And like Jonty said, I don't think the code provided is related to the screenshots, if anything it looks like a pre-coded SQL engine.

 

[Droppy]

I'll leave here my opinion:

For the end-user, it's great. They won't see the back of the application, they just see it running.
But now, developers will see this and think it's a total mess, which is right. You should consider using MySQLi or PDO, and learning a little bit of OOP before doing a 100% CMS. At the end of the CMS, you may see that a lot of stuff you did use were wrongly done, and that will make your whole CMS fall apart.

Good luck with your CMS, hope you learn good stuff from it!

 

[Meller Plus]

I'll leave here my opinion:

For the end-user, it's great. They won't see the back of the application, they just see it running.
But now, developers will see this and think it's a total mess, which is right. You should consider using MySQLi or PDO, and learning a little bit of OOP before doing a 100% CMS. At the end of the CMS, you may see that a lot of stuff you did use were wrongly done, and that will make your whole CMS fall apart.

Good luck with your CMS, hope you learn good stuff from it!

Thanks, Also as I planned it will be able to select mysqli or pdo or mysql, And I got a friend @Sara2000 Who will check exploits for me. She is already doing it, Edit: Nvm... Seems like she quited retros for 3minutes ago.

 

[GrateZ4]

What have you actually done in this? this is babbo cms and it is already released here on rz. you can't call this your own theme when it's just a edit, i can't even see the edit when i actually looks like the babbo theme that is released. stop copy paste..

https://forum.ragezone.com/f353/revcms-habbo-skin-edit-993471/

 

[academic]

I would really like to know how you calculated those percentages. 69%? 94%?

 

[Moogly]

Here's another source for developing in PHP:

You must be registered to see links

Definitely worth it's dollar if you want to make anything worthwhile.

 

[Jonteh]

I would really like to know how you calculated those percentages. 69%? 94%?

I have always wondered that.

 

[Meller Plus]

What have you actually done in this? this is babbo cms and it is already released here on rz. you can't call this your own theme when it's just a edit, i can't even see the edit when i actually looks like the babbo theme that is released. stop copy paste..

https://forum.ragezone.com/f353/revcms-habbo-skin-edit-993471/

Not the damn theme -_- The CMS, Not theme.. -_-

I have always wondered that.

Took some time and counted what I've done and comming next in just that 'stuff'.

 

[Jonteh]

I think this thread should be locked, this isn't even a real development. Why bother coding something and putting it on here if it's unsecure and badly coded. That just gives more noobs the chance to be hacked and to hack other hotels which is what is turning this community into dirt.
Droppy asesinato

 

[Liam]

I think this thread should be locked, this isn't even a real development. Why bother coding something and putting it on here if it's unsecure and badly coded. That just gives more noobs the chance to be hacked and to hack other hotels which is what is turning this community into dirt.
@Droppy @asesinato

Agreed.

 

[Forex]

This is a low reCMS. Why do you change the Name of Basic reCMS on Meller CMS?
If you change 2-3 codes, its not your CMS my friend.

Greez, Forex

 

[Meller Plus]

This is a low reCMS. Why do you change the Name of Basic reCMS on Meller CMS?
If you change 2-3 codes, its not your CMS my friend.

Greez, Forex

Owh really?
look at the htdocs, Does it looks like revcms

You must be registered to see links

This was made from scratch, Only the theme is made of Wouto and ofcourse Sulake.

 

[Forex]

Owh really?
look at the htdocs, Does it looks like revcms

You must be registered to see links

This was made from scratch, Only the theme is made of @Wouto and ofcourse Sulake.

Oh, allright my friend, i don't know about that.
Why do Wouto not make a own Theme?

Greez, Forex

PS: But thanks for the Release =)

 

[Meller Plus]

Oh, allright my friend, i don't know about that.
Why do Wouto not make a own Theme?

Greez, Forex

PS: But thanks for the Release =)

Eh? The theme is made by Wouto and ofcourse sulake, But the Self CMSsystem is made by me, Also the theme is avalibe to change. But not comes as a config.

 

[Droppy]

I think this thread should be locked, this isn't even a real development. Why bother coding something and putting it on here if it's unsecure and badly coded. That just gives more noobs the chance to be hacked and to hack other hotels which is what is turning this community into dirt.
Droppy asesinato

I'll give him a chance to amaze us, and he said he will probably be moving towards MySQLi or PDO soon. Let's see how it goes first.

Thanks, Also as I planned it will be able to select mysqli or pdo or mysql, And I got a friend @Sara2000 Who will check exploits for me. She is already doing it, Edit: Nvm... Seems like she quited retros for 3minutes ago.

I can assist with the code later if you want, just PM me with questions.