Jump to content
MaxCheaters Official Group on Discord
Top.MaxCheaters.com is now OPEN – Lineage 2 Top Listing

[Re-Share]Account Manager With Admin Panel

Pauler
 Share

Recommended Posts

Pauler Newbie

Pauler

Posted
Posted

So, for some reasons I deleted all my previous shares. But I saw that many game masters appreciated this share, so I re-share it.

 

It is an account manager written in pure php by me, which allows players to change password, delete account, and do some other things that I don't remember.

 

Also, admin is able to put items to players' inventories.

 

Have fun.

 

Preview:

http://l2knockout.com/acc/

http://l2family.com/acc/

 

Download:

Download

 

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.)

NumL0ck Newbie

NumL0ck

Posted
Posted

Thanks man, but i if you say [quote author=Pauler

it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.)

I wait new version :)

gRfd` Newbie

gRfd`

Posted
Posted

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.) Waiting :)

Pauler Newbie

Pauler

Posted
  • Author
Posted

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.) Waiting :)

You may have to wait a little because I am busy these days.
dpbBryan Newbie

dpbBryan

Posted
Posted

Not to be a buzz kill but

 

1) You should use OO and keep everything organized into generic classes. You've mixed the HTML presentation along with PHP functionality. Now it can be difficult to seperate the two incase somebody wanted to have a different implementation. Also if you're talking about involving jquery, I'd say just don't.

 

2) You send the password plaintext in a plain unsecured post request.

http://stackoverflow.com/questions/1008668/how-secure-is-a-http-post

 

3) You only ask for a username and a password and theres no confirmation. Simple, yes. However somebody could easily make a typing mistake and has no way of confirming it.

 

4) connect.php, instead of having some kind of secure configuration file the mysql connection information is slapped right in the file. It should be kept in a secure file.

Pauler Newbie

Pauler

Posted
  • Author
Posted

Not to be a buzz kill but

 

1) You should use OO and keep everything organized into generic classes. You've mixed the HTML presentation along with PHP functionality. Now it can be difficult to seperate the two incase somebody wanted to have a different implementation. Also if you're talking about involving jquery, I'd say just don't.

 

2) You send the password plaintext in a plain unsecured post request.

http://stackoverflow.com/questions/1008668/how-secure-is-a-http-post

 

3) You only ask for a username and a password and theres no confirmation. Simple, yes. However somebody could easily make a typing mistake and has no way of confirming it.

 

4) connect.php, instead of having some kind of secure configuration file the mysql connection information is slapped right in the file. It should be kept in a secure file.

 

First of all, I think you ignored the last two lines of my first post. That means I have to ignore your 1, 2 and 3 because the have to do with what I said at my last two lines.

 

About the forth one. Why should it be kept in a secure file? Php is a server side programming language. That means that user can see only the staff which are echoed out. It is impossible for a user to see the database information even if he writes connect.php in his browser. The only way to see the php part is if you have ftp access to the files.

 

Also, I noticed that you said, not to use ajax. Jquery `ajax` will make acm run smoothly without refresing the browser and without overloading server.

 

Thank you for your feedback.

dpbBryan Newbie

dpbBryan

Posted
Posted
(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.)

 

That's hardly an excuse for you to write shit. I should start telling my customers "Oh by the way I'm going to give you a terrible program and you can't comment on it because I told you ahead of time."

 

And as for the secure file, PHP is as secure as you make it. What if you don't set your permissions right? What if you're using windows which'll automatically set it's permissions for you? Server side or not, what do you think happens when you write a post request? PHP files are still read by a seperate executable.

 

Even if you use AJAX or Jquery, you're still going to have to write something server-side. Jquery and AJAX only run off the client machine as a presentation. Your presentation should be seperate from your application.

 

 

Pauler Newbie

Pauler

Posted
  • Author
Posted

That's hardly an excuse for you to write shit.

 

And as for the secure file, PHP is as secure as you make it. What if you don't set your permissions right? What if you're using windows which'll automatically set it's permissions for you? Server side or not, what do you think happens when you write a post request? PHP files are still read by a seperate executable.

 

Even if you use AJAX or Jquery, you're still going to have to write something server-side. Jquery and AJAX only run off the client machine as a presentation. Your presentation should be seperate from your application.

 

First of all, it's just a share. Also, nobody forced you to download it.

 

And I said, above it is IMPOSSIBLE to stole php code without having access at files.

 

Futhermore, I guess you have to idea what ajax is according to your last three lines of crap.

 

With Ajax, web applications can send data to, and retrieve data from, a server asynchronously (in the background) without interfering with the display and behavior of the existing page. Data is usually retrieved using the XMLHttpRequest object. Despite the name, the use of XML is not needed (JSON is often used instead), and the requests do not need to be asynchronous.[2]

Ajax is not a single technology, but a group of technologies. HTML and CSS can be used in combination to mark up and style information. The DOM is accessed with JavaScript to dynamically display, and to allow the user to interact with the information presented. JavaScript and the XMLHttpRequest object provide a method for exchanging data asynchronously between browser and server to avoid full page reloads.

 

<=> Less server usage.

dpbBryan Newbie

dpbBryan

Posted
Posted
First of all, it's just a share. Also, nobody forced you to download it.

True. Now I'll play that card: Since you posted it in the public domain I can say what I want about it and it sucks. People that know what they're doing and not just trying to bump their post count here won't be using this.

 

And I said, above it is IMPOSSIBLE to stole php code without having access at files.

Ideally and normally yes, however:

http://www.cyberciti.biz/tips/php-script-downloaded-as-source-code.html

It can still happen. And it shows what kind of a programmer you are if you're saying 'why should I secure it?'.

 

Futhermore, I guess you have to idea what ajax is according to your last three lines of crap.

http://en.wikipedia.org/wiki/Ajax_(programming)

Ajax (also AJAX; pronounced /ˈeɪdʒæks/; an acronym for Asynchronous JavaScript and XML)[1] is a group of interrelated web development techniques used on the client-side to create asynchronous web applications.

 

Also, it's not like your PHP script is going to actually use that much of your resources. It doesn't matter how you do it your server is still going to be processing some kind of information. There is still a seperate between the presentation and information, you just don't see it.

Pauler Newbie

Pauler

Posted
  • Author
Posted

Many people already use it and no one faced a single problem.

 

Ok, I thing now I fed the troll enough.

 

Pauler Newbie

Pauler

Posted
  • Author
Posted

If you make a new ACM you should use suggestions that "dpbBryan" gave you....

Anyway thanks for that waiting for new ^_^(Help Me On This Click Me

They were not excactly suggestions. He said some things which I know about, but some of these do not exist in acm because this was made long ago.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • VPSLab
      — VPSLAB — Fast & Private RDP/VPS | 100% Instant Setup

      By VPSLab · Posted

      Active & Taking Orders!
    • Ghost87
      [L2J] L2 Exay

      By Ghost87 · Posted

      Only 3 days left and we'll start with some events, you can check our Discord for more info!
    • Darafamboos
      L2 Title [DLLMOD] Protocol 286 | MasterWork Eternal Server

      By Darafamboos · Posted

      Tired of frantically switching between windows trying to find that specific Warlock who should be casting saves? Forgot which server you left your Warsmith on? This mod solves these problems! What it does: Turns the boring window title into an information panel: Server Name - Character Name [Class] Real-life examples: - ServerName - HardcoreFarm [Spoilerr] (who's been spoiling for 3 months already) - ServerName - ClericHelper [Buffer] (eternal buffer on standby) - ServerName - MainChar [Gladiator] (main character who's always AFK) Why you need this: For multiboxers - to avoid confusing where the DD is and where the healer is For the forgetful - if your memory is like a goldfish For streamers - viewers immediately see who's on screen For adults - when playing at work and need to quickly hide the window DLL only - no Interface files needed Installation (more complicated than making tea): 1. Download the DLL 2. Drop it into the System folder 3. Launch the client 4. Be amazed how you lived without this before! Purchase Conditions: Price: 100$ Payment Method: USDT. How to Buy: Contact me on Telegram: @kiselevwv for a quick response. I will answer all your questions and provide additional information if needed. I guarantee functionality at the moment of sale and prompt assistance with setup after purchase.
    • Huggo
      [L2J] L2DAMAGE

      By Huggo · Posted

      I agree, l2damage crap to compare to l2java which was the father of pvp servers and till this days people playing there for good time.
    • Kenrix
      Registration, change password, password recovery, for L2J

      By Kenrix · Posted

      📝 Registration — Account Registration Creating a new player account. Usually includes: login password password confirmation email Result: a new record is created in the accounts table (loginserver). 🔑 Change Password — Password Change The player changes the password knowing the current one. Required: current password new password new password confirmation Result: the password field is updated in the accounts table. ♻️ Password Recovery — Password Reset If the player forgot the password. Implementation only via email: the player enters their login, email the system sends an email with a link or code the player opens the link / enters the code sets a new password Result: the password is updated in the accounts table.   All fields are validated (required, format, length, uniqueness, security checks).   Price: 80$   and i can rewrite script for PTS server.   Contacts:   Telegram Discord

  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..