Jump to content
MaxCheaters Official Group on Discord
Top.MaxCheaters.com is now OPEN – Lineage 2 Top Listing

[Re-Share]Account Manager With Admin Panel

Pauler
 Share

Recommended Posts

Pauler Newbie

Pauler

Posted
Posted

So, for some reasons I deleted all my previous shares. But I saw that many game masters appreciated this share, so I re-share it.

 

It is an account manager written in pure php by me, which allows players to change password, delete account, and do some other things that I don't remember.

 

Also, admin is able to put items to players' inventories.

 

Have fun.

 

Preview:

http://l2knockout.com/acc/

http://l2family.com/acc/

 

Download:

Download

 

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.)

NumL0ck Newbie

NumL0ck

Posted
Posted

Thanks man, but i if you say [quote author=Pauler

it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.)

I wait new version :)

gRfd` Newbie

gRfd`

Posted
Posted

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.) Waiting :)

Pauler Newbie

Pauler

Posted
  • Author
Posted

(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.) Waiting :)

You may have to wait a little because I am busy these days.
dpbBryan Newbie

dpbBryan

Posted
Posted

Not to be a buzz kill but

 

1) You should use OO and keep everything organized into generic classes. You've mixed the HTML presentation along with PHP functionality. Now it can be difficult to seperate the two incase somebody wanted to have a different implementation. Also if you're talking about involving jquery, I'd say just don't.

 

2) You send the password plaintext in a plain unsecured post request.

http://stackoverflow.com/questions/1008668/how-secure-is-a-http-post

 

3) You only ask for a username and a password and theres no confirmation. Simple, yes. However somebody could easily make a typing mistake and has no way of confirming it.

 

4) connect.php, instead of having some kind of secure configuration file the mysql connection information is slapped right in the file. It should be kept in a secure file.

Pauler Newbie

Pauler

Posted
  • Author
Posted

Not to be a buzz kill but

 

1) You should use OO and keep everything organized into generic classes. You've mixed the HTML presentation along with PHP functionality. Now it can be difficult to seperate the two incase somebody wanted to have a different implementation. Also if you're talking about involving jquery, I'd say just don't.

 

2) You send the password plaintext in a plain unsecured post request.

http://stackoverflow.com/questions/1008668/how-secure-is-a-http-post

 

3) You only ask for a username and a password and theres no confirmation. Simple, yes. However somebody could easily make a typing mistake and has no way of confirming it.

 

4) connect.php, instead of having some kind of secure configuration file the mysql connection information is slapped right in the file. It should be kept in a secure file.

 

First of all, I think you ignored the last two lines of my first post. That means I have to ignore your 1, 2 and 3 because the have to do with what I said at my last two lines.

 

About the forth one. Why should it be kept in a secure file? Php is a server side programming language. That means that user can see only the staff which are echoed out. It is impossible for a user to see the database information even if he writes connect.php in his browser. The only way to see the php part is if you have ftp access to the files.

 

Also, I noticed that you said, not to use ajax. Jquery `ajax` will make acm run smoothly without refresing the browser and without overloading server.

 

Thank you for your feedback.

dpbBryan Newbie

dpbBryan

Posted
Posted
(It was written by me many months ago and it is a little bad-coded. Maybe, I will share a new acm coded in jquery and php. Anyway, it works perfectly.)

 

That's hardly an excuse for you to write shit. I should start telling my customers "Oh by the way I'm going to give you a terrible program and you can't comment on it because I told you ahead of time."

 

And as for the secure file, PHP is as secure as you make it. What if you don't set your permissions right? What if you're using windows which'll automatically set it's permissions for you? Server side or not, what do you think happens when you write a post request? PHP files are still read by a seperate executable.

 

Even if you use AJAX or Jquery, you're still going to have to write something server-side. Jquery and AJAX only run off the client machine as a presentation. Your presentation should be seperate from your application.

 

 

Pauler Newbie

Pauler

Posted
  • Author
Posted

That's hardly an excuse for you to write shit.

 

And as for the secure file, PHP is as secure as you make it. What if you don't set your permissions right? What if you're using windows which'll automatically set it's permissions for you? Server side or not, what do you think happens when you write a post request? PHP files are still read by a seperate executable.

 

Even if you use AJAX or Jquery, you're still going to have to write something server-side. Jquery and AJAX only run off the client machine as a presentation. Your presentation should be seperate from your application.

 

First of all, it's just a share. Also, nobody forced you to download it.

 

And I said, above it is IMPOSSIBLE to stole php code without having access at files.

 

Futhermore, I guess you have to idea what ajax is according to your last three lines of crap.

 

With Ajax, web applications can send data to, and retrieve data from, a server asynchronously (in the background) without interfering with the display and behavior of the existing page. Data is usually retrieved using the XMLHttpRequest object. Despite the name, the use of XML is not needed (JSON is often used instead), and the requests do not need to be asynchronous.[2]

Ajax is not a single technology, but a group of technologies. HTML and CSS can be used in combination to mark up and style information. The DOM is accessed with JavaScript to dynamically display, and to allow the user to interact with the information presented. JavaScript and the XMLHttpRequest object provide a method for exchanging data asynchronously between browser and server to avoid full page reloads.

 

<=> Less server usage.

dpbBryan Newbie

dpbBryan

Posted
Posted
First of all, it's just a share. Also, nobody forced you to download it.

True. Now I'll play that card: Since you posted it in the public domain I can say what I want about it and it sucks. People that know what they're doing and not just trying to bump their post count here won't be using this.

 

And I said, above it is IMPOSSIBLE to stole php code without having access at files.

Ideally and normally yes, however:

http://www.cyberciti.biz/tips/php-script-downloaded-as-source-code.html

It can still happen. And it shows what kind of a programmer you are if you're saying 'why should I secure it?'.

 

Futhermore, I guess you have to idea what ajax is according to your last three lines of crap.

http://en.wikipedia.org/wiki/Ajax_(programming)

Ajax (also AJAX; pronounced /ˈeɪdʒæks/; an acronym for Asynchronous JavaScript and XML)[1] is a group of interrelated web development techniques used on the client-side to create asynchronous web applications.

 

Also, it's not like your PHP script is going to actually use that much of your resources. It doesn't matter how you do it your server is still going to be processing some kind of information. There is still a seperate between the presentation and information, you just don't see it.

Pauler Newbie

Pauler

Posted
  • Author
Posted

Many people already use it and no one faced a single problem.

 

Ok, I thing now I fed the troll enough.

 

Pauler Newbie

Pauler

Posted
  • Author
Posted

If you make a new ACM you should use suggestions that "dpbBryan" gave you....

Anyway thanks for that waiting for new ^_^(Help Me On This Click Me

They were not excactly suggestions. He said some things which I know about, but some of these do not exist in acm because this was made long ago.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • l2viserion
      L2VISERION CHAPTER IV - 16.05.2026

      By l2viserion · Posted

      And Discord: https://discord.gg/3aYqWNqb
    • l2viserion
      [L2] VISERION

      By l2viserion · Posted

      Ofc: https://discord.gg/3aYqWNqb
    • NoJobRob
      Skins for H5

      By NoJobRob · Posted

      You can find some H5 skins shared in old L2 modding Discords, but most of the higher‑quality ones are either paid or come bundled with full client edits. I usually mix in commissioned work and whatever I can patch myself. On a side note, I fund a lot of these commissions by selling off game items through instant sell cs2 skins, which has been a quick way for me to get some cash for projects.
    • Elfo
      Outerlude - A Modern Interlude aCis fork

      By Elfo · Posted

      There is no need for gRPC in this case, even tho originally it was gRPC based but since we don't need it to be bi-directional, we switched to simple http requests for the web calls and SSEs for the data streamed from the server. There are distributed locks in place to precent race conditions between actions that can happen between multiple web instances and the server.   Local models can also be slow depending on the model, and most external models can actually be faster than local ones if you use Flash 2.5 or something along those lines. I am running on 512GB of Unified Memory on my Mac Studio M3 Ultra so the speed of the local model for a small model is pretty good but I tested it with Gemini too and it works equally as fast and in some cases faster. The way it works is that I'm using pgvector (one of the benefits of moving to Postgres) to search the data and see what the player can see etc and there is some batching of the next few actions for 2-4 seconds for the user until the next LLM request fires. The batching also includes branching on logic so if they for example fall under some HP they will move to kiting instead of attacking or maybe they heal etc.   Everything is authed and permission-based. The server and the backend of the frontend have secure communication between them, either with a symmetric key (not recommended for production) or a certificate (the recommended way), so there is no worry. It's all tied to the account's access level, etc., so nobody can make an action that they normally wouldn't be allowed to do. Even the MCP is token-based, and there are prompt injection protections in place. The MCP is audited, and every mutation needs confirmation. The admin area is only accessible to the admin account anyway so normal users can't access it.  
    • Frank
      Outerlude - A Modern Interlude aCis fork

      By Frank · Posted

      Amazing job! Gratz!

  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..