Jump to content

[ Dead Download Link ] MT2-CMS - FORK [ We Need You ]


Ayaka

Recommended Posts

  • Bronze

Hi,
I am working on a Fork (Open Source) of hennink's metin2 CMS. A lot of people have already tried to recode this system but more or less the most of it is trash.
 
Why a Fork of an outdated CMS?
We all know that the used mysql_* functions in this CMS are outdated, the codesemantic is weak and the structure bulding isnt that good, too.
Fact is that the Hen! CMS is the most used system and I don't think that the community is ready for new systems because of silly entrenched habit. It is undeniable that a CMS developed from the ground up is much better (like projects by ChuckNorris) but people which have used this system for years wouldn't change to a completely new CMS that fast. Let me explain this by an example: How much people (including me) tried to code a new and better toplist for this com? Unsuccessfully although the basic approaches where much better.
 
What I am NOT doing:
- I will not just replace the querys and say its finished!
- I will not copy the whole code and say its finished
 
What i am doing:
- I will create an OOP Fork of THIS CMS which will be save, timely and familiar to the people.
- I will deffently write a beginner friendly documentation.
- I will create a simple installer to use this CMS without any problems (check if important tables or column already exist or missing ect.)
 
Techniques:
- Rebuild existing code to a semantic code.
- MySQLi (we dont have to talk about using PDO or what is the best)
- only a few OOP techniques because Object-Oriented Programming is too difficult to comprehend for the most in this com)
- Better structure
- jQuery features for better usability
 
Main Features:
- mod_rewrite (SEO friendly URLs)
- language system [IMG01]
- auctionhouse (+ Quest for easy implementation)
- better statistics
- Better Login (login attempts against Bruteforce, login faillogs)
- Coinslog for Users (when did i buy coins? where did i spend coins (item Shop, auctionhouse)? and how much )
- Better register (we all know that the current form is shit when having an error) [IMG01]
- Rankings (PVP, top player, top guild etc.)
- Itemshop
- Simple but effective ticketsystem [IMG01 , IMG02]
 
I will not implement this things:


- I thought about a template engine but I'm convinced that the most people can't  handle it (knowledge problem). It is quite simple for beginners to implement their design with a simple index.php and a default.css like before.
 
- I will not use HTML or CSS Frameworks like Bootstrap or Foundation because its easier for the most to implement their designs and element colors by changing only a few lines of an existing CSS file.


 
Download:

This is the hidden content, please

 
Changelog:

[14.01.2015] [Add] - Add auto language detection and ACP option > 

[13.01.2015] [Add] - Add IP and port control (Server Settings) + view > 

[07.01.2015] [Add] - Coins History for Member. > 

[07.01.2015] [Add] - Referral System. > 

[04.01.2015] [Add] - Logs in adminCP. > 

[03.01.2015] [Add] - Add installer. > 

[03.01.2015] [Add] - Add some basic settings. > 

[19.12.2014] [Add] - Add register. > 

[17.12.2014] [Edit] - Statistics expanded >

[15.12.2014] [Edit] - You can enter site title and other website informations in the adminCP now. no need to edit the config.inc.php
[15.12.2014] [Add] - statistics in adminCP. > show
[15.12.2014] [Add] - backup system in adminCP. > show
[12.12.2014] [Add] - implemented overview in adminCP. > show
[12.12.2014] [Edit] - Cleaned up language files and split all entries to seperate category groups. > show
[12.12.2014] [Add] - New Adminoptions in the ticket sections: disable/enable ticketsystem, disable/enable email notice for new tickets.
[12.12.2014] [Add] - Admin CP is now in the sidenavigation.
[12.12.2014] [Add] - SA can search tickets by ticket IDs now. > show
[12.12.2014] [Edit] - recoded the paginations (more opportunities). > show
 
Important:
I will kick your ass if you post shit like: "This is not necessary". It is my intention to do this because I want to do this! You can bring ideas or constructive feedback but no bullshit. I will release this ONLY here (metin2dev) when I'm done. epvp can suck my **** and if someone releases this there, I will report that.
 
Special thanks:
Krusty, SoNiice, hennink, Denis, NotEnoughForYou, Yoshix3, Stefan, ManojGeek 

Edited by Metin2 Dev
Core X - External 2 Internal
  • Metin2 Dev 14
  • kekw 2
  • Sad 1
  • Good 7
  • Love 39
Link to comment
Share on other sites

  • Bronze

For developer
How to get Userinformations?

function userinfo($var)

You can get every column from account.account with this function. Example:

echo userinfo(login); // will output the LOGIN Accountname (from the logged-in user)
echo userinfo(email); // will output the EMAIL (from the logged-in user) 
echo userinfo(social_id); // will output the DELETE KEY (from the logged-in user)
// ... you can get all account informations like this

How to check user rights?
You can do it like this:

// Get userlevel
$userlevel = userinfo(web_admin);

// Check if user is logged-in
if(logged_in()) {
    if($userlevel > 2) {
        echo "You are logged-in and you have a higher Userlevel than 2";
    }
} else {
    echo "You are not logged in!";
}

How to add a new page with my own code and features?
Just create a new .php file in the "/pages" folder. This is a template:

<?php
// Check if user is logged-in
if(!logged_in()) {
    echo "<div class="error">".lang('ERR_NOTLOGIN')."</div>";
}
else {
    // here we go!
    echo "<h2>New Page</h2>";
    // you can do what ever you want here
}
?>

you can access this page with the link: http://www.yourdomain.tld/index.php?page=<filename>
 
How to add a new admin page?
Just create a new "admin_<your file name>.php" file in the "/pages" folder. This is a template:

<?php
// Get userlevel
$userlevel = userinfo(web_admin);
// Check if logged-in
if(logged_in()) {
    if($userlevel > 0) {
        // Administration Naviagtion
        echo "<div id="admin_box">";
        echo "<div class="navleft">";
        echo lang('ADMIN_CENTER');
        echo "</div>";
        echo "<div class="navright">";
        echo "<a class="yellow" href="index.php?page=admin_file">Link 1</a> ";
        echo "<a class="yellow" href="index.php?page=admin_file">Link 2</a> ";
        echo "<a class="yellow" href="index.php?page=admin_file">Link 3</a> ";
        echo "</div>";
        echo "</div>";
    }
}
// Only access when admin
if(!logged_in()) {
    echo "<div class="error">" . lang('ERR_ADMINACCESS1') . "</div>";
} elseif($userlevel !== "9") {
    echo "<div class="error">" . lang('ERR_ADMINACCESS2') . "</div>";
} else {
    // CONTENT
    // You can do what ever you want here
}
?>

you can access this page with the link: http://www.yourdomain.tld/index.php?page=<filename>
Dont forget to put a link in the admin navigation. You can find it in the file navigation.php
 
In which file are used function?
All functions are in the functions.php file in the lib folder!
 
How to use SQL in this CMS?
Fucking simple!

// SELECT EXAMPLE
$mysqli = getConnected(account);
$res = mysqli_query($mysqli, "SELECT id FROM table WHERE option1='text1'");
while($row = mysqli_fetch_array($res)) {
    echp $row["id"];
}
mysqli_close($mysqli);

// UPDATE EXAMPLE
$mysqli = getConnected(account);
mysqli_query($mysqli,"UPDATE table SET option1='text1'");
mysqli_close($mysqli);

// INSERT EXAMPLE
$mysqli = getConnected(account);
mysqli_query($mysqli,"INSERT INTO table (option1, option2) VALUES ('text1', 'text2')");
mysqli_close($mysqli);

you can connect account or player database like this:

$mysqli = getConnected(account); // account database
$mysqli = getConnected(player); // player database

If you want to escape a GET or POST variable use the following to write in database:

$var2 = $_GET['example'];
$var2 = mysqli_real_escape_string($mysqli, $var2); // put this AFTER $mysqli = getConnected(account)!
// $var2 is now escaped and can executed in a query!

How to use the Coins Log and transfer Coins in my own code?

Use the function "write_coinslog". It will add an entry in coins log and the user get or lose coins. Its very simple to use:

write_coinslog("$var1","$var2","$var3","$var4","$var5"); 
// $var1 = Amount of Coins
// $var2 = +Coins = "get", -coins = "lose"
// $var3 = Give here a short Reason about the transfer. If its an Itemshop transfer use "IS", Auctionhouse = "AH".
// $var4 = If there is a item transfer use the vnum to get the name of item. Default is "0". This info will displayed in reason ($var3) when ist not "0".
// $var5 = If there is a other User ID than the logged-in user give the Username to get the userid

// Live Example 1
write_coinslog("200","get","A transfer example","0","0");
// The logged-in user get 200 Coins with the reason "A transfer example"

// Live Example 2
write_coinslog("300","lose","IS","102380","0");
// The logged-in user lose 200 Coins with the reason "IS - Weaponname +3"
  • Good 1
  • Love 2
Link to comment
Share on other sites

  • Bronze

Yes but i have to go to work now. I will add you later :)

 

// Update: I have rewritten the login again:

This is the hidden content, please

(login attempts and login faillogs not included yet)

 

edit:// please notice that im NOT coding with placeholders and the MySQLi object oriented style. I try to develop this most similar to mysql_* for beginners (procedural).

  • Metin2 Dev 1
  • Good 1
  • Love 1
Link to comment
Share on other sites

  • Bronze

First look - the ticketsystem works fine :) A few functions are missing but i will add them soon. The style is basic (as simple as possible):

 

M319Am3.png

more pictures:

V2h47iE.png

 

YBrwf51.png

 

cPmupSu.png

 

zFKWaPw.png

 

 

sourcecode pics:

7YSMS3k.png

 

QK2jcQA.png

 

jmHwSGW.png

 

hAjowyM.png

4sjMKp7.png

Edited by Metin2 Dev
Core X - External 2 Internal
  • Love 4
Link to comment
Share on other sites

  • Bronze

Add database backup system (for security reasons, you can disable this feature manually):

ukRfutR.png

 

(sorry for mixing 2 languages, I have not translated all parameter in english atm.)

Edited by Metin2 Dev
Core X - External 2 Internal
  • Love 2
Link to comment
Share on other sites

  • Bronze

very nice work my friend. I cant wait for this rlz :)) i heave no to mutch experience in cms but if you will add linguage module and if you need translate i can help you :)

 

Best regards

  language module is added ;) When im finished i will release anything and you (including other people) can add a language. I will pack your changes into the official release download with your name. Everyone can be a part of this!

  • Love 1
Link to comment
Share on other sites

  • Bronze

I will recode the whole itemshop (Player unbug and other important features too) with better usability for users and admins.
 
Once again: The whole script will be save against SQL Injection! I am NOT coding with placeholders because hen!CMS users accustomed to use mysql_real_escape_string.
This will be released with the mysqli function: http://php.net/manual/en/mysqli.real-escape-string.php and i will check all query inputs to be safe so don't worry.
 
I am not just escape a string: I am checking additional all $_POST and  $_GET before. here are some examples (also against XSS for a possible $_GET varaible output):

$go = htmlentities($_GET['go']);
if(!is_numeric($go)) {
   $go = 1;
} else {            
   $go = mysqli_real_escape_string($mysqli, $go);
}
// Check Username
if(!preg_match('/^[a-zA-Z0-9]+$/', $f_username)) {
   $error = "1";
   $errormsg = lang('ERR_USER');
}
// Check email
if(!filter_var($f_mail, FILTER_VALIDATE_EMAIL)) {
    $error = "1";
    $errormsg = lang('ERR_MAIL');
}

another example for using mysqli in this CMS (login example):

This is the hidden content, please

 

This way is correct against SQLinjection but its not a good example of how to use mysqli. I know that but the consumer habits are more important for me. I will release a version with prepared statements If there is a reasonable demand.

  • Good 1
  • Love 2
Link to comment
Share on other sites

  • Bronze

What's the exact reason for storing the usersession in the database?

Doesn't open up for me if I only look at the login.

 

Regards

 

Good question. I would like to share a good answer with you: http://stackoverflow.com/a/6122308

 

The main reasons are:

 

- The session data is more secure as a potential hacker must be able to log into the database before he can access anything.

- The use of multiple servers would not create a problem as all session data now resides in a single central place and is accessible by all servers.

- It is much easier to query the database should the site administrator require information about current sessions or current users. 

If you and other people like to share sessions in filesystem i can write an option in the ACP for choosing the session storage methode.I like to share usersessions in database but its just my personal handling.

Link to comment
Share on other sites

  • Bronze

Have another idea for this cms:

 

SA's can control features for VIP users. For example (enable/disable):

- User with VIP status get +% for more Vote Coins.

- User with VIP status have a chance to get an item when successful voted.

- User with VIP get -% for remission of itemshop items

- User with VIP can change their charakter names

-----------------------------------------------------------------------------

 

edit://

Votefunction:

SAs can choose a toplist for voting support on "metin2pserver.info", "topliste.top-pserver.com", "pservertoplist.pw". ranksec.net is offline but I hope it will come back. I will support only toplists with an API because of getting coins correctly without cheating. SAs have only to enable a toplist and input necessary data in the ACP.

 

any other suggestions?

 

What about payment methods? PSC, Paymentwall? Others?

Edited by Ayaka
  • Love 1
Link to comment
Share on other sites

  • Bronze

 

 

 

What about payment methods? PSC, Paymentwall? Others?

PayPal Psc

 

Should i work with with the Paypal API to check automatically when a payment was successfull to pay out coins directly?

 

// Edit:

Im coding a feature for team meetings atm:

SA, SGM can view and add team meetings with adding regular attendance of GMs. So you can check and have alist if a Teammember is reliable or not.

Link to comment
Share on other sites

  • Bronze

Add register:

Now the register is finish :)

 

Passwort strength live check. You cant create an account if your passwort is too weak:

var t = 0;
if (e.length < 6)

ruOJljD.png

if (e.length > 7)
t += 1;

ofo8TY9.png>>> MNgxDLz.png

if (e.match(/([a-z].*[A-Z])|([A-Z].*[a-z])/))
t += 1;
if (e.match(/([a-zA-Z])/) && e.match(/([0-9])/))
t += 1;

iYyYwuo.png>>> uUKwoTx.png

if (e.match(/([!,%,&,@,#,$,^,*,?,_,~])/))
t += 1;
if (e.match(/(.*[!,%,&,@,#,$,^,*,?,_,~].*[!,%,&,@,#,$,^,*,?,_,~])/))
t += 1;

47NTsZn.png>>> uUKwoTx.png

 

Example for wrong input (the script check all parameters and inputs for sure ;) ):

BRHVDxe.png

When all is right:

0eQmYCR.png

Edited by Metin2 Dev
Core X - External 2 Internal
  • Love 2
Link to comment
Share on other sites

  • Bronze

i will release a first version when i have following features finish:

- user management (User rights, ban,...) (30% done)

- voting management (40% done)

- auctionshouse (50% done)

- itemshop (0% done)

 

Funny is that the whole code of this cms is by me atm.. i didnt use any code form hen! yet. 

  • Love 4
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

Announcements



×
×
  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.