Ayaka 300 Posted December 10, 2014 Share Posted December 10, 2014 (edited) Hi, I am working on a Fork (Open Source) of hennink's metin2 CMS. A lot of people have already tried to recode this system but more or less the most of it is trash. Why a Fork of an outdated CMS? We all know that the used mysql_* functions in this CMS are outdated, the codesemantic is weak and the structure bulding isnt that good, too. Fact is that the Hen! CMS is the most used system and I don't think that the community is ready for new systems because of silly entrenched habit. It is undeniable that a CMS developed from the ground up is much better (like projects by ChuckNorris) but people which have used this system for years wouldn't change to a completely new CMS that fast. Let me explain this by an example: How much people (including me) tried to code a new and better toplist for this com? Unsuccessfully although the basic approaches where much better. What I am NOT doing: - I will not just replace the querys and say its finished! - I will not copy the whole code and say its finished What i am doing: - I will create an OOP Fork of THIS CMS which will be save, timely and familiar to the people. - I will deffently write a beginner friendly documentation. - I will create a simple installer to use this CMS without any problems (check if important tables or column already exist or missing ect.) Techniques: - Rebuild existing code to a semantic code. - MySQLi (we dont have to talk about using PDO or what is the best) - only a few OOP techniques because Object-Oriented Programming is too difficult to comprehend for the most in this com) - Better structure - jQuery features for better usability Main Features: - mod_rewrite (SEO friendly URLs) - language system [IMG01] - auctionhouse (+ Quest for easy implementation) - better statistics - Better Login (login attempts against Bruteforce, login faillogs) - Coinslog for Users (when did i buy coins? where did i spend coins (item Shop, auctionhouse)? and how much ) - Better register (we all know that the current form is shit when having an error) [IMG01] - Rankings (PVP, top player, top guild etc.) - Itemshop - Simple but effective ticketsystem [IMG01 , IMG02] I will not implement this things: - I thought about a template engine but I'm convinced that the most people can't handle it (knowledge problem). It is quite simple for beginners to implement their design with a simple index.php and a default.css like before. - I will not use HTML or CSS Frameworks like Bootstrap or Foundation because its easier for the most to implement their designs and element colors by changing only a few lines of an existing CSS file. Download: This is the hidden content, please Sign In or Sign Up Changelog: [14.01.2015] [Add] - Add auto language detection and ACP option > [13.01.2015] [Add] - Add IP and port control (Server Settings) + view > [07.01.2015] [Add] - Coins History for Member. > [07.01.2015] [Add] - Referral System. > [04.01.2015] [Add] - Logs in adminCP. > [03.01.2015] [Add] - Add installer. > [03.01.2015] [Add] - Add some basic settings. > [19.12.2014] [Add] - Add register. > [17.12.2014] [Edit] - Statistics expanded > [15.12.2014] [Edit] - You can enter site title and other website informations in the adminCP now. no need to edit the config.inc.php[15.12.2014] [Add] - statistics in adminCP. > show[15.12.2014] [Add] - backup system in adminCP. > show[12.12.2014] [Add] - implemented overview in adminCP. > show[12.12.2014] [Edit] - Cleaned up language files and split all entries to seperate category groups. > show[12.12.2014] [Add] - New Adminoptions in the ticket sections: disable/enable ticketsystem, disable/enable email notice for new tickets.[12.12.2014] [Add] - Admin CP is now in the sidenavigation.[12.12.2014] [Add] - SA can search tickets by ticket IDs now. > show[12.12.2014] [Edit] - recoded the paginations (more opportunities). > show Important: I will kick your ass if you post shit like: "This is not necessary". It is my intention to do this because I want to do this! You can bring ideas or constructive feedback but no bullshit. I will release this ONLY here (metin2dev) when I'm done. epvp can suck my **** and if someone releases this there, I will report that. Special thanks:Krusty, SoNiice, hennink, Denis, NotEnoughForYou, Yoshix3, Stefan, ManojGeek Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 14 2 1 8 42 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 10, 2014 Author Share Posted December 10, 2014 Hi! You can help to finish this CMS! - Need Translation in several languages -- coming soon -- 1 3 2 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 11, 2014 Author Share Posted December 11, 2014 For developerHow to get Userinformations? function userinfo($var) You can get every column from account.account with this function. Example: echo userinfo(login); // will output the LOGIN Accountname (from the logged-in user) echo userinfo(email); // will output the EMAIL (from the logged-in user) echo userinfo(social_id); // will output the DELETE KEY (from the logged-in user) // ... you can get all account informations like this How to check user rights? You can do it like this: // Get userlevel $userlevel = userinfo(web_admin); // Check if user is logged-in if(logged_in()) { if($userlevel > 2) { echo "You are logged-in and you have a higher Userlevel than 2"; } } else { echo "You are not logged in!"; } How to add a new page with my own code and features? Just create a new .php file in the "/pages" folder. This is a template: <?php // Check if user is logged-in if(!logged_in()) { echo "<div class="error">".lang('ERR_NOTLOGIN')."</div>"; } else { // here we go! echo "<h2>New Page</h2>"; // you can do what ever you want here } ?> you can access this page with the link: http://www.yourdomain.tld/index.php?page=<filename> How to add a new admin page? Just create a new "admin_<your file name>.php" file in the "/pages" folder. This is a template: <?php // Get userlevel $userlevel = userinfo(web_admin); // Check if logged-in if(logged_in()) { if($userlevel > 0) { // Administration Naviagtion echo "<div id="admin_box">"; echo "<div class="navleft">"; echo lang('ADMIN_CENTER'); echo "</div>"; echo "<div class="navright">"; echo "<a class="yellow" href="index.php?page=admin_file">Link 1</a> "; echo "<a class="yellow" href="index.php?page=admin_file">Link 2</a> "; echo "<a class="yellow" href="index.php?page=admin_file">Link 3</a> "; echo "</div>"; echo "</div>"; } } // Only access when admin if(!logged_in()) { echo "<div class="error">" . lang('ERR_ADMINACCESS1') . "</div>"; } elseif($userlevel !== "9") { echo "<div class="error">" . lang('ERR_ADMINACCESS2') . "</div>"; } else { // CONTENT // You can do what ever you want here } ?> you can access this page with the link: http://www.yourdomain.tld/index.php?page=<filename> Dont forget to put a link in the admin navigation. You can find it in the file navigation.php In which file are used function? All functions are in the functions.php file in the lib folder! How to use SQL in this CMS? Fucking simple! // SELECT EXAMPLE $mysqli = getConnected(account); $res = mysqli_query($mysqli, "SELECT id FROM table WHERE option1='text1'"); while($row = mysqli_fetch_array($res)) { echp $row["id"]; } mysqli_close($mysqli); // UPDATE EXAMPLE $mysqli = getConnected(account); mysqli_query($mysqli,"UPDATE table SET option1='text1'"); mysqli_close($mysqli); // INSERT EXAMPLE $mysqli = getConnected(account); mysqli_query($mysqli,"INSERT INTO table (option1, option2) VALUES ('text1', 'text2')"); mysqli_close($mysqli); you can connect account or player database like this: $mysqli = getConnected(account); // account database $mysqli = getConnected(player); // player database If you want to escape a GET or POST variable use the following to write in database: $var2 = $_GET['example']; $var2 = mysqli_real_escape_string($mysqli, $var2); // put this AFTER $mysqli = getConnected(account)! // $var2 is now escaped and can executed in a query! How to use the Coins Log and transfer Coins in my own code? Use the function "write_coinslog". It will add an entry in coins log and the user get or lose coins. Its very simple to use: write_coinslog("$var1","$var2","$var3","$var4","$var5"); // $var1 = Amount of Coins // $var2 = +Coins = "get", -coins = "lose" // $var3 = Give here a short Reason about the transfer. If its an Itemshop transfer use "IS", Auctionhouse = "AH". // $var4 = If there is a item transfer use the vnum to get the name of item. Default is "0". This info will displayed in reason ($var3) when ist not "0". // $var5 = If there is a other User ID than the logged-in user give the Username to get the userid // Live Example 1 write_coinslog("200","get","A transfer example","0","0"); // The logged-in user get 200 Coins with the reason "A transfer example" // Live Example 2 write_coinslog("300","lose","IS","102380","0"); // The logged-in user lose 200 Coins with the reason "IS - Weaponname +3" 1 2 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Former Staff .InyaProduction 1132 Posted December 11, 2014 Former Staff Share Posted December 11, 2014 Ayaka could you add me on skype? gm.tune im currently developing a similar thing but not based on hen maybe we could exchange some features Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 11, 2014 Author Share Posted December 11, 2014 Yes but i have to go to work now. I will add you later // Update: I have rewritten the login again: This is the hidden content, please Sign In or Sign Up (login attempts and login faillogs not included yet) edit:// please notice that im NOT coding with placeholders and the MySQLi object oriented style. I try to develop this most similar to mysql_* for beginners (procedural). 1 1 1 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 11, 2014 Author Share Posted December 11, 2014 (edited) First look - the ticketsystem works fine A few functions are missing but i will add them soon. The style is basic (as simple as possible): more pictures: sourcecode pics: Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 4 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 12, 2014 Author Share Posted December 12, 2014 (edited) Admin CP implemented now. The overview page is for general settings. Any suggestions for other informations here? Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 4 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 12, 2014 Author Share Posted December 12, 2014 (edited) When this CMS is done I will code an alternative design to the current minimalstic style. Hope you like my new example design for it (isnt finished yet): Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 3 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 15, 2014 Author Share Posted December 15, 2014 (edited) Add database backup system (for security reasons, you can disable this feature manually): (sorry for mixing 2 languages, I have not translated all parameter in english atm.) Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 2 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
insaneclimax 40 Posted December 15, 2014 Share Posted December 15, 2014 very nice work my friend. I cant wait for this rlz ) i heave no to mutch experience in cms but if you will add linguage module and if you need translate i can help you Best regards 1 Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 15, 2014 Author Share Posted December 15, 2014 very nice work my friend. I cant wait for this rlz ) i heave no to mutch experience in cms but if you will add linguage module and if you need translate i can help you Best regards language module is added When im finished i will release anything and you (including other people) can add a language. I will pack your changes into the official release download with your name. Everyone can be a part of this! 1 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Premium iRETEMAG 138 Posted December 15, 2014 Premium Share Posted December 15, 2014 Nice project! Can you talk about ItemShop, Player Unbug, against sql injections? Hope you die! Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 15, 2014 Author Share Posted December 15, 2014 I will recode the whole itemshop (Player unbug and other important features too) with better usability for users and admins. Once again: The whole script will be save against SQL Injection! I am NOT coding with placeholders because hen!CMS users accustomed to use mysql_real_escape_string. This will be released with the mysqli function: http://php.net/manual/en/mysqli.real-escape-string.php and i will check all query inputs to be safe so don't worry. I am not just escape a string: I am checking additional all $_POST and $_GET before. here are some examples (also against XSS for a possible $_GET varaible output): $go = htmlentities($_GET['go']); if(!is_numeric($go)) { $go = 1; } else { $go = mysqli_real_escape_string($mysqli, $go); } // Check Username if(!preg_match('/^[a-zA-Z0-9]+$/', $f_username)) { $error = "1"; $errormsg = lang('ERR_USER'); } // Check email if(!filter_var($f_mail, FILTER_VALIDATE_EMAIL)) { $error = "1"; $errormsg = lang('ERR_MAIL'); } another example for using mysqli in this CMS (login example): This is the hidden content, please Sign In or Sign Up This way is correct against SQLinjection but its not a good example of how to use mysqli. I know that but the consumer habits are more important for me. I will release a version with prepared statements If there is a reasonable demand. 1 2 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
aze' 0 Posted December 15, 2014 Share Posted December 15, 2014 What's the exact reason for storing the usersession in the database? Doesn't open up for me if I only look at the login. Regards Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 16, 2014 Author Share Posted December 16, 2014 What's the exact reason for storing the usersession in the database? Doesn't open up for me if I only look at the login. Regards Good question. I would like to share a good answer with you: http://stackoverflow.com/a/6122308 The main reasons are: - The session data is more secure as a potential hacker must be able to log into the database before he can access anything. - The use of multiple servers would not create a problem as all session data now resides in a single central place and is accessible by all servers. - It is much easier to query the database should the site administrator require information about current sessions or current users. If you and other people like to share sessions in filesystem i can write an option in the ACP for choosing the session storage methode.I like to share usersessions in database but its just my personal handling. F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 17, 2014 Author Share Posted December 17, 2014 (edited) Update: Statistics - Admins can view Statistics overview, monthly, annual. - Admins can enable/disable general statistics for navigation. Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 4 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 17, 2014 Author Share Posted December 17, 2014 (edited) Have another idea for this cms: SA's can control features for VIP users. For example (enable/disable): - User with VIP status get +% for more Vote Coins. - User with VIP status have a chance to get an item when successful voted. - User with VIP get -% for remission of itemshop items - User with VIP can change their charakter names ----------------------------------------------------------------------------- edit:// Votefunction: SAs can choose a toplist for voting support on "metin2pserver.info", "topliste.top-pserver.com", "pservertoplist.pw". ranksec.net is offline but I hope it will come back. I will support only toplists with an API because of getting coins correctly without cheating. SAs have only to enable a toplist and input necessary data in the ACP. any other suggestions? What about payment methods? PSC, Paymentwall? Others? Edited December 18, 2014 by Ayaka 1 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Darkoz 1 Posted December 18, 2014 Share Posted December 18, 2014 What about payment methods? PSC, Paymentwall? Others? PayPal Psc 1 Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 18, 2014 Author Share Posted December 18, 2014 What about payment methods? PSC, Paymentwall? Others? PayPal Psc Should i work with with the Paypal API to check automatically when a payment was successfull to pay out coins directly? // Edit: Im coding a feature for team meetings atm: SA, SGM can view and add team meetings with adding regular attendance of GMs. So you can check and have alist if a Teammember is reliable or not. F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Premium iRETEMAG 138 Posted December 19, 2014 Premium Share Posted December 19, 2014 Paymentwall (Includes PayPal, PaySafeCard) I think you should work in a API with Paymentwall 1 Link to comment Share on other sites More sharing options...
Honorable Member NoFr1ends 754 Posted December 19, 2014 Honorable Member Share Posted December 19, 2014 Cool project and looks good. If you need some help you can contact me. Kind regards Chuck 1 Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 19, 2014 Author Share Posted December 19, 2014 (edited) Add register: Now the register is finish Passwort strength live check. You cant create an account if your passwort is too weak: var t = 0; if (e.length < 6) if (e.length > 7) t += 1; >>> if (e.match(/([a-z].*[A-Z])|([A-Z].*[a-z])/)) t += 1; if (e.match(/([a-zA-Z])/) && e.match(/([0-9])/)) t += 1; >>> if (e.match(/([!,%,&,@,#,$,^,*,?,_,~])/)) t += 1; if (e.match(/(.*[!,%,&,@,#,$,^,*,?,_,~].*[!,%,&,@,#,$,^,*,?,_,~])/)) t += 1; >>> Example for wrong input (the script check all parameters and inputs for sure ): When all is right: Edited August 18, 2022 by Metin2 Dev Core X - External 2 Internal 2 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Premium iRETEMAG 138 Posted December 20, 2014 Premium Share Posted December 20, 2014 Ayaka do you have time yet to release? Link to comment Share on other sites More sharing options...
Ayaka 300 Posted December 20, 2014 Author Share Posted December 20, 2014 i will release a first version when i have following features finish: - user management (User rights, ban,...) (30% done) - voting management (40% done) - auctionshouse (50% done) - itemshop (0% done) Funny is that the whole code of this cms is by me atm.. i didnt use any code form hen! yet. 4 F E E L - T H E - A W E S O M E N E S S Link to comment Share on other sites More sharing options...
Aemon 7 Posted December 25, 2014 Share Posted December 25, 2014 Would be nice a Wheel of fortune Edit : And a forum maybe, something like wom2 if you know what I mean. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now