Jump to content

[Re-Share]Account Manager With Admin Panel


Recommended Posts

So, for some reasons I deleted all my previous shares. But I saw that many game masters appreciated this share, so I re-share it.

 

It is an account manager written in pure php by me, which allows players to change password, delete account, and do some other things that I don't remember.

 

Also, admin is able to put items to players' inventories.

 

Have fun.

 

Preview:

http://l2knockout.com/acc/

http://l2family.com/acc/

 

Download:

Download

 

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.)

Link to comment
Share on other sites

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.) Waiting :)

You may have to wait a little because I am busy these days.
Link to comment
Share on other sites

Not to be a buzz kill but

 

1) You should use OO and keep everything organized into generic classes. You've mixed the HTML presentation along with PHP functionality. Now it can be difficult to seperate the two incase somebody wanted to have a different implementation. Also if you're talking about involving jquery, I'd say just don't.

 

2) You send the password plaintext in a plain unsecured post request.

http://stackoverflow.com/questions/1008668/how-secure-is-a-http-post

 

3) You only ask for a username and a password and theres no confirmation. Simple, yes. However somebody could easily make a typing mistake and has no way of confirming it.

 

4) connect.php, instead of having some kind of secure configuration file the mysql connection information is slapped right in the file. It should be kept in a secure file.

Link to comment
Share on other sites

Not to be a buzz kill but

 

1) You should use OO and keep everything organized into generic classes. You've mixed the HTML presentation along with PHP functionality. Now it can be difficult to seperate the two incase somebody wanted to have a different implementation. Also if you're talking about involving jquery, I'd say just don't.

 

2) You send the password plaintext in a plain unsecured post request.

http://stackoverflow.com/questions/1008668/how-secure-is-a-http-post

 

3) You only ask for a username and a password and theres no confirmation. Simple, yes. However somebody could easily make a typing mistake and has no way of confirming it.

 

4) connect.php, instead of having some kind of secure configuration file the mysql connection information is slapped right in the file. It should be kept in a secure file.

 

First of all, I think you ignored the last two lines of my first post. That means I have to ignore your 1, 2 and 3 because the have to do with what I said at my last two lines.

 

About the forth one. Why should it be kept in a secure file? Php is a server side programming language. That means that user can see only the staff which are echoed out. It is impossible for a user to see the database information even if he writes connect.php in his browser. The only way to see the php part is if you have ftp access to the files.

 

Also, I noticed that you said, not to use ajax. Jquery `ajax` will make acm run smoothly without refresing the browser and without overloading server.

 

Thank you for your feedback.

Link to comment
Share on other sites

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.)

 

That's hardly an excuse for you to write shit. I should start telling my customers "Oh by the way I'm going to give you a terrible program and you can't comment on it because I told you ahead of time."

 

And as for the secure file, PHP is as secure as you make it. What if you don't set your permissions right? What if you're using windows which'll automatically set it's permissions for you? Server side or not, what do you think happens when you write a post request? PHP files are still read by a seperate executable.

 

Even if you use AJAX or Jquery, you're still going to have to write something server-side. Jquery and AJAX only run off the client machine as a presentation. Your presentation should be seperate from your application.

 

 

Link to comment
Share on other sites

That's hardly an excuse for you to write shit.

 

And as for the secure file, PHP is as secure as you make it. What if you don't set your permissions right? What if you're using windows which'll automatically set it's permissions for you? Server side or not, what do you think happens when you write a post request? PHP files are still read by a seperate executable.

 

Even if you use AJAX or Jquery, you're still going to have to write something server-side. Jquery and AJAX only run off the client machine as a presentation. Your presentation should be seperate from your application.

 

First of all, it's just a share. Also, nobody forced you to download it.

 

And I said, above it is IMPOSSIBLE to stole php code without having access at files.

 

Futhermore, I guess you have to idea what ajax is according to your last three lines of crap.

 

With Ajax, web applications can send data to, and retrieve data from, a server asynchronously (in the background) without interfering with the display and behavior of the existing page. Data is usually retrieved using the XMLHttpRequest object. Despite the name, the use of XML is not needed (JSON is often used instead), and the requests do not need to be asynchronous.[2]

Ajax is not a single technology, but a group of technologies. HTML and CSS can be used in combination to mark up and style information. The DOM is accessed with JavaScript to dynamically display, and to allow the user to interact with the information presented. JavaScript and the XMLHttpRequest object provide a method for exchanging data asynchronously between browser and server to avoid full page reloads.

 

<=> Less server usage.

Link to comment
Share on other sites

First of all, it's just a share. Also, nobody forced you to download it.

True. Now I'll play that card: Since you posted it in the public domain I can say what I want about it and it sucks. People that know what they're doing and not just trying to bump their post count here won't be using this.

 

And I said, above it is IMPOSSIBLE to stole php code without having access at files.

Ideally and normally yes, however:

http://www.cyberciti.biz/tips/php-script-downloaded-as-source-code.html

It can still happen. And it shows what kind of a programmer you are if you're saying 'why should I secure it?'.

 

Futhermore, I guess you have to idea what ajax is according to your last three lines of crap.

http://en.wikipedia.org/wiki/Ajax_(programming)

Ajax (also AJAX; pronounced /ˈeɪdʒæks/; an acronym for Asynchronous JavaScript and XML)[1] is a group of interrelated web development techniques used on the client-side to create asynchronous web applications.

 

Also, it's not like your PHP script is going to actually use that much of your resources. It doesn't matter how you do it your server is still going to be processing some kind of information. There is still a seperate between the presentation and information, you just don't see it.

Link to comment
Share on other sites

If you make a new ACM you should use suggestions that "dpbBryan" gave you....

Anyway thanks for that waiting for new ^_^(Help Me On This Click Me

Link to comment
Share on other sites

If you make a new ACM you should use suggestions that "dpbBryan" gave you....

Anyway thanks for that waiting for new ^_^(Help Me On This Click Me

They were not excactly suggestions. He said some things which I know about, but some of these do not exist in acm because this was made long ago.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share




×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock