PDA

View Full Version : Mysidia Adoptables v1.3.1[Security Release]


Hall of Famer
04-08-2012, 07:33 AM
It is about time to release the next version Mysidia Adoptables v1.3.1 to public now. The script is rather heavily modified, the magnitude is no smaller than the upgrade from Mys v1.2.2 to Mys v1.2.3, though not as dramatically different as from Mys v1.2.4 to Mys v1.3.0. The new version features several significant enhancement over existing features, security improvement and bug fixes. The major changes are listed as below:


1. The move towards Object-oriented design: Starting from Mys v1.3.1 you will see more and more classes and interfaces from the script files. Example files are class_database, class_item, class_shop, class_pagination and more. The first class file is important, it may affect the coding style of future Mys v1.3.x Mods. Id strong recommend aspiring coders to get used to object-oriented programming and the way to use our database class.

2. Brand new Promocode and Pound System: Some of you may have read the blog I wrote regarding the new promocode and pound system. They sure signify significant improvement over the old script and more importantly, admins will have more control over the features running on their sites. Just as I put it from the blog, you now have more ways to piss off your members, but perhaps in a way you want it to be. Read the blogs if you want to know more details about the new features.

3. Enhancement over items and forum integration: Two new mini-features for items are introduced in Mys v1.3.1. It is not possible to specify chances for items not to take effect, and the maximum quantity of items a user can obtain. Enhancement over forum integration is available too from Mys v1.3.1, as users are automatically logged into their forum account if they log in from the site. It applies to guest-registration too.

4. Security improvement of database: Some of you may have noticed that if you specify database information incorrectly, the PDO class will generate an error message that prints your dbpassword to screen. This is usually not a problem, but can be vital if you have a popular site running already. This security flaw is resolved by the usage of PDO exception. Another possible security flaw is superglobals, I got rid of half of them by using PHP constants.

5. Old glitches fixed in new release: Mys v1.3.0 was quite buggy, this I have to agree. Famous glitches such as file 'uploading path', 'reset password' and 'guest cannot click' are all resolved in this version. Small bugs such as 'friend-option', 'update avatar', 'trade with items' and 'adoptables maximum level' are gone too from Mys v1.3.1. More details can be found in our bug tracker, note the css glitches with pagination and user profile are still unresolved, as I do not know how to fix them myself.


Installation Guide:
1. Use ftp to Upload the entire folder Mysidia Adoptables v1.3.1 to your preferred directory, and change the name to whatever you like.
2. Change the CMD of folder "picuploads" to 777, together with its subfolders, this is required to enable user uploading images.
3. Rename the file config_adopts to config.php, otherwise the script will tell you config.php does not exist.
4. Access the installer script at "http://yoursitename.com/install/index.php", follow the instructions and proceed.
5. Congrats, you've successfully installed Mys v1.3.1. There is no need to manually encrypt your password in Mys v1.3.1, so cheers!

Note: The value pepper code can be generated from a website called: http://strongpasswordgenerator.com/, it can be of any length and may contain symbols. Make sure to delete the file install/index.php after running this script, or your site is potentially at danger if this file is accessed by someone else.

Upgrade Mini-Guide:
An upgrader from mys v1.3.0 is available, but the megaupgrader from Mys v1.2.x will have to wait longer. To upgrade, simply upload all script files to your folder and overwrite the existing ones. Make sure to remove the file config.php from the new script folder(or maybe config_forum.php too if you have an active forum running) before uploading, as otherwise you lose your config settings. Then run the upgrade.php script to complete this task, shouldnt take more than 10 secs. Note you need to manually remove the file poundpost.php from your root directory before proceeding, and the upgrade.php file too after you have completed this process.

Also do not use the upgrader if you have a site with heavily modified script, it only works if you havent touched the core script files such as functions.php and functions_users.php. You will have to upgrade manually if your site is highly customized, just the same old story with Mys v1.1.x and v1.2.x's upgraders.


Forum Integration Guide:

First of all, make sure you have both fresh installation of Mysidia Adoptables and MyBB forum. Open the file /inc/config_forums.php, enter each empty field for the database info of your MyBB forum. Then Change the variable mybbenabled from 0 to 1. The very last step is to disable registration on the forum. It is all said and done, new users will have accounts created from both the adoptables site and the forum from now on. In Mys v1.3.1 they also log into site and forum accounts simultaneously!

Note the forum statistics cannot be automatically updated with registration from adoptables site, so run your maintenance tool regularly. The trick is quite simple, go to forum ACP -> Database Backup -> Recount/Rebuild -> Rebuild Statistics. It is not required though, but your forum statistics can be messed up if you dont do this.


Download Links(both .rar and .zip are provided):

Rapidshare links:

Rar version:
https://rapidshare.com/files/25932293/Mysidia_Adoptables_v1.3.1.rar

Zip version:
https://rapidshare.com/files/1889471496/Mysidia_Adoptables_v1.3.1.zip

Mediafire Links:

Rar version:
http://www.mediafire.com/?b0nnfqcdbll287g

Zip version:
http://www.mediafire.com/?4bte4b419t48w44

I hope you like the direction our dev team is going. It may be hard for some of you, more advanced codes are usually more complicated and tend to be hard to understand. It wont hurt to learn a little bit of coding though, and in fact some of you actually will find the classes/objects quite easy to use. With database class, you do not write long query string and instead call database's select(), update(), insert() or even join() methods to complete tasks. At least for me it is more readable this way.

And thanks for whoever stay with us and look for updates over our softwares. Development actually has a long time to go until we can call it a professional/advanced script, but the day will come.


Hall of Famer
April 8, 2012

AlexC
04-08-2012, 09:39 AM
Yay new release!

I tried upgrading, but I seem to have run into a problem...? I'm getting the following error: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

I ran the install/upgrade.php file and deleted the install directory and the poundpost.php file and now I can't get onto my site. I checked the config.php file and it is empty. Was I suppose to run the install script or something?

Hall of Famer
04-08-2012, 09:41 AM
Yay new release!

I tried upgrading, but I seem to have run into a problem...? I'm getting the following error: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

I ran the install/upgrade.php file and deleted the install directory and the poundpost.php file and now I can't get onto my site. I checked the config.php file and it is empty. Was I suppose to run the install script or something?

Umm you are trying to upgrade the script? Did you receive any error messages during the process? 'cause as far as I know, your config.php file is re-written using PHP constants instead of variables that will later be declared as superglobals. It is more secure this way, but can be a pain in the butt for upgraders. I ran the upgrader script myself and it worked flawlessly though.

Edit:
My goodness, did you upload everything to your root directory, even the blank config.php file? o_o If so, this explains why your config.php file is blank and database constants aint being created. You aint supposed to do that, your current config.php file stores database information that will be passed into the installer. You need to remove config.php(or maybe config_forum.php) from your site before upgrading. Guess I will have to highlight this part from the upgrade mini-guide, it is not a big issue though since I believe you still remember your old config settings.

AlexC
04-08-2012, 09:54 AM
wait... so I need to go back, find a config.php file and refill it with details and then reupload it?

I did find the forum config file blank, but I fixed that one. There is literally nothing in the config.php file so I didn't know what to put.

Hall of Famer
04-08-2012, 10:00 AM
Well the old config.php file for mysidia adoptables should look like this:


<?php
//Mysidia Adoptables Site Configuration File

$dbhost = 'localhost'; //DB Hostname
$dbuser = 'yourdbusername'; //DB User
$dbpass = 'yourdbpassword'; //DB Password
$dbname = 'yourdbname'; //Your database name
$domain = 'yourdomain.com'; //Your domain name (No http, www or . )
$scriptpath = 'scriptpath'; //The folder you installed this script in
$prefix = 'adopts_';

?>


Copy/paste this format to your config.php and change the values for each variables(begin with $) to whatever they are supposed to be in your old config file. Run the upgrader again and it should work.

AlexC
04-08-2012, 10:07 AM
I did that, but now I appear to be having trouble accessing my site. I'm just waiting for it to load at the moment, I'll tell you when it finally comes up.

EDIT: It loaded, same error as before: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

Hall of Famer
04-08-2012, 10:09 AM
I did that, but now I appear to be having trouble accessing my site. I'm just waiting for it to load at the moment, I'll tell you when it finally comes up.

Alright then, lemme know what happens then.

I apologize for this though, I thought it was a common practice for people to remove new config files(so as they wont overwrite old config files) before upgrading, but I was wrong. Upgrading this script does get a bit tricky from now on, luckily we may be having a brand new installer/upgrader system soon so we will be fine in future.

Edit:
Umm, what's inside your config file this time?

AlexC
04-08-2012, 10:12 AM
Well, I never had to do that before when I was previously upgrading the script, so I didn't think to save anything.

Here is my file;

<?php
//Mysidia Adoptables Site Configuration File

$dbhost = 'localhost'; //DB Hostname
$dbuser = 'gloometh_me'; //DB User
$dbpass = '*****'; //DB Password
$dbname = 'gloometh_adopts'; //Your database name
$domain = 'ratties.x10.mx/'; //Your domain name (No http, www or . )
$scriptpath = ''; //The folder you installed this script in
$prefix = 'adopts_';

?>

Hall of Famer
04-08-2012, 10:14 AM
Have you run the upgrader yet? It looks to me that you havent, since the config file still contains variable, not constants.

AlexC
04-08-2012, 10:16 AM
I'll run it again, perhaps that was the problem.

EDIT: I'm trying to get to the install/upgrade.php path but it keeps timing out, I haven't had this problem with my host before. :/

EDIT2: I tried it like ten times and it finally loaded with no problem. Upgraded fine and now the site is up fine. I'm going to do a bug check now, but it looks good.

Hall of Famer
04-08-2012, 10:26 AM
umm this is weird, the script takes too long to respond? It worked on both my dedicated server and shared server though. Is it possible for you to check what is going on behind the scene, like from process manager located in your cpanel?

Edit: Good to know you got it to work, I dont understand why it takes this long to respond. It runs like within 5-10 secs on my sites, I will look into the codes to see if there are inefficient and resource-extensive codes in it.

AlexC
04-08-2012, 10:32 AM
I'm not sure what it was - it was there for maybe ten minutes but now it's gone - my host is running at completely normal speed. o.0 I think I just make technology glitch or something. xD

EDIT: ... and now it's doing it again. Where can I find that process manager?

Hall of Famer
04-08-2012, 10:45 AM
The process manager can be found in your cpanel, at the bottom of close to the bottom Id say. Anyway mind telling me what script files you were browsing before it slowed down?

AlexC
04-08-2012, 10:50 AM
I'm on x10hosting. I had a look, but I can't see anything - I see a raw-access log, error log? Is that it?

I was sitting on the promo code page after switching between a few different pages. I was copying down my links so I could redo my navigation bar, and when I went to go to the myadopts.php page it suddenly slowed down. I can't remember what pages it was on before.

(Also, just so you know, it appears the "div" debugs didn't make it into the new scripts - I'm still getting glitches on the profile.php and myadopts.php page)

Hall of Famer
04-08-2012, 10:55 AM
Well you run a process, and check process manager at once if it is slow since a process disappears from the list if it is executed a few minutes ago.

umm I did say that I couldnt fix the css glitches, didnt I? But it sounds interesting that you found a way to resolve them. Can you show me a screenshot of what it looks like before and after you add the <div> tag? Whats the difference?

AlexC
04-08-2012, 10:57 AM
I can't find anything that looks like it'll do that.

Silver Kitsune did, she added <div>s and managed to fix some issues I had with my theme, here I'll do the screenshots, give me a few minutes.

EDIT: gah, I don't know why it's not working now. D: She said before that I was missing a closing </div> somewhere, so she added it on the myadopts page and it was fixed. I tried duplicating it, but it didn't seem to work... I'll have to see if I can find where we were talking.

Hall of Famer
04-08-2012, 11:03 AM
Alright then, the css issue has been preventing me from further implementing the pagination to other pages beyond messages.php and myadopts.php. Once settled, you will see pagination being used like essentially everywhere. ^^

AlexC
04-08-2012, 11:14 AM
NEVERMIND, I was adding it in the wrong place. Made it work!

Okay, so I managed to fix the memberlist and the myadopts page. Here are before and after pictures;

My Adopts Page:

BEFORE: http://i40.tinypic.com/1hbhoz.jpg
AFTER: http://i40.tinypic.com/14be45.jpg

CODE EDIT: }
$article_content .= "</table></div><br /><br />{$pagination->showPage()}";
}

Members List Page:

BEFORE: http://i44.tinypic.com/2z3vx5h.jpg
AFTER: http://i43.tinypic.com/2ai3o94.jpg

CODE EDIT: $article_content .= "<strong><a href='profile.php?user={$row->username}'>{$star}{$row->username}</a></strong><br />";
}

$article_content .= "<br />{$pagination->showPage()}</div>";

I can take a stab at trying to fix the profile page, but to be honest, that is a lot of code - looks kinda scary.. o.o

Hall of Famer
04-08-2012, 06:14 PM
Thank you so much, I wasnt aware of this css issue since the main theme never had any of them. Seems that other themes do suffer such problems, such as the elements and green themes. I fixed all of them already, and a quick note you forgot to mention that messages.php has the same css flaw as myadopts.php and profile.php. It is present whenever pagination is used.

Looks like the css font size glitch only applies to the main theme, the green theme is unaffected. Weird, but its somewhat interesting to investigate.

SilverDragonTears
04-08-2012, 07:18 PM
Can you tell me which parts to add for the auto log in to the forum when they log into the site?

Hall of Famer
04-08-2012, 07:19 PM
Well copy/paste the functions_forums to your functions directory, and look into the script files login.php and register.php.

SilverDragonTears
04-08-2012, 07:23 PM
I'm getting this now when I try to login

Fatal error: Call to undefined method PDO::select() in /home/taleofdr/public_html/login.php on line 63

Hall of Famer
04-08-2012, 07:31 PM
Oh this is because you are missing the database class. Copy/paste the class_database.php and functions.php files to your site and it should work. Note you do not have to use select() or other database methods introduced in Mys v1.3.1, the old $adopts->query() and $stmt->fetchObject() still works.

SilverDragonTears
04-08-2012, 07:35 PM
Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2005] Unknown MySQL server host 'DBHOST' (1)

Did you make major changes or something? It's hard for me to upgrade b.c I have so many customizations. Now I'm all screwed up.

Hall of Famer
04-08-2012, 07:39 PM
Yeah I did, the config file now uses PHP constants instead of variables. The new database class is being used everywhere. I can help you get rid of the constants though, and then it should be backward-compatible with Mys v1.3.0.

SilverDragonTears
04-08-2012, 07:39 PM
Ok just tell me what to do...

Hall of Famer
04-08-2012, 07:48 PM
Do you have the old functions file? If so, just replace this line below:


$dsn = "mysql:host={$dbhost};dbname={$dbname}";
$adopts = new PDO($dsn, $dbuser, $dbpass);


with the following codes:

$adopts = new Database($dbname, $dbhost, $dbuser, $dbpass, $prefix);

SilverDragonTears
04-08-2012, 07:49 PM
No, you told me to replace it with the new one.

Hall of Famer
04-08-2012, 08:11 PM
umm so you dont have the old functions.php file anymore? If so, download Mys v1.3.0 again and use that one.

SilverDragonTears
04-08-2012, 08:18 PM
I have my old one saved but when I did what you told me to do I get this:

Fatal error: Class 'Database' not found in /home/taleofdr/public_html/functions/functions.php on line 10

Hall of Famer
04-08-2012, 08:20 PM
Yeah, you need to include the file classes/class_database.php.

SilverDragonTears
04-08-2012, 08:24 PM
omg. Now I'm back to

Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2005] Unknown MySQL server host 'DBHOST' (1)

Hall of Famer
04-08-2012, 08:30 PM
umm what does your functions.php and config.php file look like? I got rid of these constants for you as they aint supposed to show up anymore.

SilverDragonTears
04-08-2012, 08:41 PM
I just need to know what to add to my scripts to make users auto login to the forum when they log in to the site. I fixed whatever error I had and thought I had it working to do this but it doesn't log me in the forum when I log into the main site.

Hall of Famer
04-08-2012, 08:52 PM
Well the functions_forums.php are what you need of course. You may also look into the new lines I added for register.php and login.php from Mys v1.3.1, since these are what helps new users log into their forum account after registration or logging into the main site.

SilverDragonTears
04-08-2012, 09:03 PM
My site is all messed up now. I keep trying to register an alt and it inserts into db but won't let them log in.

It's something with the cookies. I just cleared mine and now I can't log in as myself. It says I do but then it takes me to the log in screen.

Hall of Famer
04-09-2012, 12:04 AM
umm sigh... Post your register.php and login.php then, I will rewrite the codes for you.

SilverDragonTears
04-09-2012, 01:07 AM
It's too late.... I had to reinstall everything and lost everything.

Hall of Famer
04-09-2012, 03:01 AM
Oh I am sorry about that, but I really dont understand why you could have messed up your site. The only changes you made to your old scripts were register.php, login.php and functions.php, correct? If so, just post them and I will get them to work for you. Theres no need to start over. Well if you've followed the upgrade procedure and replaced all your old files by the new files, then its indeed over...

SilverDragonTears
04-09-2012, 05:05 AM
It's telling me I already leveled up adopts when I haven't.

Hall of Famer
04-09-2012, 05:17 AM
Oh wait a sec what is this about? The glitch you have after trying to manipulate the register.php and login.php files?

SilverDragonTears
04-09-2012, 05:35 AM
No. This is a fresh install without modifying the files.

Hall of Famer
04-09-2012, 05:50 AM
Oh a fresh install? I believe the problem is not with the script since I've installed/upgraded the script on my dev demo server for many times and never had problem leveling up/clicking adoptables.

Edit:
I visited your site and tested the levelup.php myself on one of your pets. It worked perfectly, as I was able to click it at the first time and then receive an error message when I try to click again:
http://oi44.tinypic.com/n680np.jpg

So yeah, I have no idea why it was being mean to you. XD

SilverDragonTears
04-09-2012, 06:41 AM
Well no matter who's pets I click on, I've already leveled them up.

Hall of Famer
04-09-2012, 07:05 AM
I see what you mean, I registered an account on your site and once I click one adoptable, I will not be able to click any others and instead receive the error message saying I've leveled them up. Again this is strange as I never had the issue on my two demo sites, are you sure this is a fresh installation? I just did a fresh installation and did not have this problem. Anyway I will ask other members and see if they have the same problem as well. Thanks for bringing it up.

AlexC
04-09-2012, 09:47 AM
Thank you so much, I wasnt aware of this css issue since the main theme never had any of them. Seems that other themes do suffer such problems, such as the elements and green themes. I fixed all of them already, and a quick note you forgot to mention that messages.php has the same css flaw as myadopts.php and profile.php. It is present whenever pagination is used.

Looks like the css font size glitch only applies to the main theme, the green theme is unaffected. Weird, but its somewhat interesting to investigate.

I actually only just figured out the messages.php one while I was testing the notification thing. xD But I fixed it there too. It could possibly even work for the profile itself, but that doesn't resolve the ID missing thing.

I see what you mean, I registered an account on your site and once I click one adoptable, I will not be able to click any others and instead receive the error message saying I've leveled them up. Again this is strange as I never had the issue on my two demo sites, are you sure this is a fresh installation? I just did a fresh installation and did not have this problem. Anyway I will ask other members and see if they have the same problem as well. Thanks for bringing it up.

I think I had this issue in 1.3.0 as well - I just tested and I don't have it now, but it sounds familiar.

SilverDragonTears
04-09-2012, 02:48 PM
I did add in some modifications but not to the levelup script.

Hall of Famer
04-09-2012, 03:01 PM
Are you sure about that? If so, send me the levelup.php and the modified files on your site so I may see what was the cause of your problem. Also investigate into the table prefix.voters and see if anything appears abnormal there.

SilverDragonTears
04-09-2012, 03:11 PM
Nothing looks weird there I don't think.....
Only thing I changed here is the is_numeric thing. But I changed that on my other site and it never messed it up.
levelup.php

<?php

include("functions/functions.php");
include("functions/functions_users.php");
include("functions/functions_adopts.php");
include("inc/lang.php");


//***************//
// START SCRIPT //
//***************//

$id = $_GET["id"];
$id = preg_replace("/[^a-zA-Z0-9s]/", "", $id);
$id = secure($id);

if($id == ""){

// If the ID is blank or non-numeric, then it is invalid...

$article_title = $err_idnoexist;
$article_content = $err_idnoexist_text;

}
else{

// We have what appears to be a valid adoptable ID, so we pull the adoptable's information from the database...
$owned_adoptable = $adopts->select("owned_adoptables", array(), "aid='{$id}'")->fetchObject();
if($owned_adoptable->aid == $id){

// The adoptable does exist, so now we need to see if we can vote...
// We need to get the date today and the user's IP address (if is guest we use this)

$date = date('Y-m-d');

$ip = $_SERVER['REMOTE_ADDR'];
$ip = preg_replace("/[^a-zA-Z0-9@._-]/", "", $ip);
$ip = secure($ip);

$where_clause = ($isloggedin == "yes")
?"adoptableid='{$id}' and username = '{$loggedinname}' and date = '{$date}'"
:"adoptableid='{$id}' and ip = '{$ip}' and date = '{$date}'";
$voters = $adopts->select("vote_voters", array(), $where_clause)->fetchObject();
$userstatus = getuserstatus($loggedinname);


if($isloggedin == "yes" and $userstatus['canlevel'] == "no") $article_content .= "It appears that you have been banned from leveling up adoptables. Please contact an administrator for assistance.";
elseif(!is_object($voters)){

// The number of results is still zero, so we did not vote on this adoptable yet today...

// Now we see if the adoptable is frozen by its owner. If it is, we do not level...

if($owned_adoptable->isfrozen == "yes"){

$article_title = $lang_isfrozen_title;
$article_content = $lang_isfrozen_explain;

}
else{

// Adoptable is NOT frozen, so I think we can actually proceed with the leveling up of this adoptable...
$newclicks = $owned_adoptable->totalclicks + 1; // Add 1 click to the current click total of this adoptable...

// Actually insert our click information into the database...
$adopts->update("owned_adoptables", array("totalclicks" => $newclicks), "aid='{$id}'");

// Now we need to update our vote_voters table with the user's vote...
$adopts->insert("vote_voters", array("void" => NULL, "date" => $date, "username" => $loggedinname, "ip" => $ip, "adoptableid" => $id));

// Now we need to see if we actually level this adoptable up, see if another level actually exists...

$nextlevelexists = getnextlevelexists($owned_adoptable->type, $owned_adoptable->currentlevel);

if($nextlevelexists == "true"){

// A higher level does exist, so we see if it is time to level up
$nextlevel = $owned_adoptable->currentlevel + 1;
$level = $adopts->select("levels", array(), "adoptiename='{$owned_adoptable->type}' and thisislevel='{$nextlevel}'")->fetchObject();

// Check if the number of clicks we have now is greater than or equal to the required clicks to level up...
if($newclicks >= $level->requiredclicks and $level->requiredclicks != 0 and $level->requiredclicks != ""){

// We need to level this adoptable up...
$adopts->update("owned_adoptables", array("currentlevel" => $nextlevel), "aid='{$id}'");

// Now we check if we are enabling alternate images...
$parentid = converttypetoparentid($owned_adoptable->type); // Get the ID of the parent type adoptable
$altstatus = getaltstatus($parentid, $id, $nextlevel); // Check if we are using alternate images or not...

if($altstatus == "yes") $adopts->update("owned_adoptables", array("usealternates" => 'yes'), "aid='{$id}'");
// Now we can see if the adoptable's owner gets a reward, the reward function will take care of sending out any reward that exists...
$rewardstatus = reward($id, $owned_adoptable->type, $nextlevel, $owned_adoptable->owner);
} // End the if statement if we are leveling the adoptable up
}

// Show a thank you message along with the adoptable's information to the user...
$image = getcurrentimage($id); // Get the current image of the adoptable...
$article_title = $lang_gave."{$owned_adoptable->name} one ".$lang_unit;
$article_content = "<img src='{$image}'><br>{$lang_gave}{$owned_adoptable->name} one {$lang_unit}.<br>".$lang_levelup_encourage;
} // Adoptable is not frozen, end isfrozen else check

if($owned_adoptable->isfrozen == "no"){
$reward = clickreward(grabanysetting('rewardmoney'), $GLOBALS['username'], $GLOBALS['money']);
$newamount = $GLOBALS['money'] + $reward;
$adopts->update("users", array("money" => $newamount), "username = '{$loggedinname}'");
$article_content = $article_content . "<div align='center'><br />You have earned {$reward} ".grabanysetting('cost')." for leveling up this adoptable. <br />You now have {$newamount} ".grabanysetting('cost')."</div>";
}

}
else{

// We already voted on this adoptable today, so show an error...

if($isloggedin == "yes"){
$article_title = $lang_alreadyleveled_title;
$article_content = $lang_member_alreadyleveled;
}
else{
$article_title = $lang_alreadyleveled_title;;
$article_content = $lang_guest_alreadyleveled;
}
}
}
else{

// Adoptable is invalid, show an error...

$article_title = $err_idnoexist;
$article_content = $err_idnoexist_text;

}



} // End the ID is not blank and is numeric else check


//***************//
// OUTPUT PAGE //
//***************//

echo showpage($article_title, $article_content, $date);

?>

Hall of Famer
04-09-2012, 03:19 PM
Yeah, it does not look any different from mine. Id recommend you to debug the codes then, and see if any variables are assigned with incorrect values. Assume you have not clicked a pet, the object $voters should be nonexistent and the property $voters->void should be absent. Now find this line:


$article_content = $lang_member_alreadyleveled;


Replace with:


$article_content = $lang_member_alreadyleveled;
$article_content .= "The record is stored as {$voters->void} in the voters table.";


Give a try on your site and see what message you receive.

SilverDragonTears
04-09-2012, 03:23 PM
Ok clicked one and it let me level: You already leveled this adoptable today. You may only level an adoptable once per day. Please come back tomorrow to level this adoptable again.The record is stored as 547 in the voters table.

Clicked another and got this (that I hadn't leveled)
ou already leveled this adoptable today. You may only level an adoptable once per day. Please come back tomorrow to level this adoptable again.The record is stored as 39 in the voters table.

Hall of Famer
04-09-2012, 03:31 PM
I see, now it is possible that something is wrong with your table prefix.voters, the very last one from your database. Take a look at the row with void '39' and '547', chances are the record of you clicking on these adoptables were already stored in database. Its weird though, no way it should occur with the way I designed the script...

SilverDragonTears
04-09-2012, 03:44 PM
Should I empty it?

Derp. It was the adoptid. You know how I have letters? Forgot to change it in that db :/

Hall of Famer
04-09-2012, 04:24 PM
Ah I see. I did some test myself and it seems to be working too, glad you figured it out on your own. At least, well, I know for sure this is not a glitch with the new script. I was quite worried before. XD

SilverDragonTears
04-09-2012, 05:54 PM
Darn me and my need for letter codes :D Everyone is ok with the site re install. The new pound features are really neat and I saved everyone's dragons so it's all good. But now I have to get use to another new way of coding, lol. How do I join tables?

Hall of Famer
04-09-2012, 09:54 PM
I see, glad it works out nicely, thought your members will be angry at the fact that they have to start over again. I do recommend you to be careful next time, you have an active site running already so the cost of rebuilding your site is immensely high compared to those who do not have much activity going on.

Actually the old code still works, you can write $query = "' and run it with $adopts->query(). Thats the beauty of the database class, it has backward compatibility. The new methods are really easy to use though, if you want to learn. The below code demonstrates such an example:


$row = $adopts->join("users_status", "users_status.uid = users.uid")->join("users_profile", "users_profile.uid = users.uid")
->join("users_options", "users_options.uid = users.uid")->join("users_contacts", "users_contacts.uid = users.uid")
->select("users", array(), constant("PREFIX")."users.username = '{$user}'")->fetchObject();


So the script means you are joining the table users, users_contacts, users_options, users_profile and users_status with records that share the same user id, the where clause is username = $user. Note the current join() method has a tiny bit of problem, as you have to use ".constant('PREFIX')." in the statement. The idea of this database class is to get rid of having to play with table prefixes though, and we will fix it soon.

SilverDragonTears
04-09-2012, 10:01 PM
Hmm having some issues with it. I want to join owned_adoptables and adoptables... not sure really how to write it out though. I need currentlevel from owned_adoptables and description, hatchdescript, hatchmdescript and adult descript from adoptables.

Hall of Famer
04-09-2012, 10:09 PM
The code should look like this:


$pet = $adopts->join("adoptables", "adoptables.type = owned_adoptables.type")->select("owned_adoptables", array(), constant("PREFIX")."owned_adoptables.aid = '{$aid}'")->fetchObject();
The script means that you are joining tables adoptables and owned_adoptables by referencing the field 'type', which is supposed to be the same for each row fetched from database. The new script allows you to chain class methods by fetching object or array directly after a select query is used, so you do not need to write separate lines for mysql select codes. After applying the codes above, all you have to do is to retrieve the properties such as:


$pet->id //The adoptables species id from table prefix.adoptables
$pet->description // The adoptables species description from table prefix.adoptables
$pet->currentlevel // The adoptables currentlevel from table prefix.owned_adoptables
$pet->totalclicks // The adoptables totalclicks from table prefix.owned_adoptables
If you want to join another table, just use the join() method twice in the script and chain them with select() and fetchObject() methods, it will work out nicely too.

And btw the script now wont autoban your user unless they try to adopt pets that have been taken away from pound center one day ago or earlier. In future I may improve this performance by allowing admins to determine how long this 'session' is going to be. Of course if you have a user trying to adopt a pet that has been adopted one day ago, he/she is most likely a cheater/hacker using inspect element(unless he/she takes a day to adopt a pound pet, which is stupid I say?). XD

KaceKuma
04-09-2012, 10:17 PM
I did everything you said to do to upgrade my sire from 1.3.0 to 1.3.1 and something is wrong :\ Everytime I try to login it just says I have a programing error...help?!

Snapshot: http://www.iaza.com/work/120410C/iaza18671524773200.png

Code of Login Page:
<?php

include("functions/functions.php");
include("functions/functions_users.php");
include("inc/lang.php");

//***************//
// START SCRIPT //
//***************//

if($isloggedin == "yes"){

$article_title = $langislog;
$article_content = $langislogfull;

}
else{

//User is not logged in, so let's attempt to log them in...

$username = $_POST["username"];
$username = secure($username);
$password = $_POST["password"];
$password = secure($password);
$salt = $_POST["salt"];
$salt = secure($salt);

//User is not logged in

$loginform = "<form name='form1' method='post' action='login.php'>
<p>Username:
<input name='username' type='text' id='username'>
</p>
<p>Password:
<input name='password' type='password' id='password'>
</p>
<p>
<input type='submit' name='Submit' value='Submit'>
</p>
<p>Don't have an account?<br>
<a href='register.php'>Register Free</a> </p>
<a href='forgotpass.php'>Forgot your password? Click Here</a>
</form>";



if($loggedinname == "" and $password == ""){
// User is viewing login form
$article_title = "Member Login:";

$article_content = $loginform;
}
else if(($username != "" and $password == "") or ($username == "" and $password != "") ){

//Something was left blank
$article_title = "Login Error:";
$article_content = "Something was left blank. Please try logging in again.<br><br>{$loginform}";

}
else if($username != "" and $password != ""){
// Try to log the user in

$user = $adopts->select("users", array(), "username = '{$username}'")->fetchObject();
$password = passencr($username, $password, $user->salt);

if($username == $user->username and $password == $user->password){
$article_title = "Login Successful!";
$article_content = "Welcome back {$username}. You are now logged in. <a href='account.php'>Click Here to view or edit your account.</a>";

// Set the cookie
$Month = 2592000 + time();
// Convert from username to uid to secure data, no need for password since it is already hashed.
$uid = usernametouid($username);
$session = session_id();
$myssession = md5($uid.$session);
setcookie("mysuid",$uid,$Month);
setcookie("myssession",$myssession,$Month);

// Now update the user login session
$adopts->update("users", array("session" => $myssession), "username = '{$username}'");

// Time for forum-integration check
include("inc/config_forums.php");
if($mybbenabled == 1){
include_once("functions/functions_forums.php");
$forums = new Database($mybbdbname, $mybbhost, $mybbuser, $mybbpass, $mybbprefix) or die("Cannot connect to forum database, please contact an admin immediately.");
$mybbuser = $forums->select("users", array("uid", "loginkey"), "username = '{$username}'")->fetchObject();
$cookiesettings = array();
$cookiesettings['cookiedomain'] = $forums->select("settings", array("value"), "name = 'cookiedomain'")->fetchColumn();
$cookiesettings['cookiepath'] = $forums->select("settings", array("value"), "name = 'cookiepath'")->fetchColumn();
$cookiesettings['cookieprefix'] = $forums->select("settings", array("value"), "name = 'cookieprefix'")->fetchColumn();
mybbsetcookie("mybbuser", $mybbuser->uid."_".$mybbuser->loginkey, NULL, true, $cookiesettings);

$mybbsid = mybb_random_str(32);
mybbsetcookie("sid", $mybbsid, -1, true);
}
}
else{
$article_title = "Login Failed!";
$article_content = "Sorry, we could not log you on with the details specified. You can <a href='login.php'>try again</a> or <a href='forgotpass.php'>request a password reset.</a>";
$fail = 1;
}
}




}


//***************//
// OUTPUT PAGE //
//***************//

echo showpage($article_title, $article_content, $date);

?>

SilverDragonTears
04-09-2012, 10:17 PM
No, what I'm trying to do is if an adopt is a certain currentlevel, then show a certain description...

if($row->currentlevel == '6') {
$article_content .="<p align='justify'>{$row->adultdescript}";
}else if($row->currentlevel == '5') {
$article_content .="<p align='justify'>{$row->hatchmdescript}";
}else if($row->currentlevel == '4') {
$article_content .="<p align='justify'>{$row->hatchdescript}";
}else if($row->currentlevel <= '3') {
$article_content .="<p align='justify'>{$row->description}";
}

Hall of Famer
04-09-2012, 10:22 PM
@KaceKuma:
This is strange, your server does not tell you what the error may be? If so, check your root directory and see if there is a file called error_log being generated. Copy/Paste the last lines and I will see what errors you are getting. Chances are you are missing some files. Note if your database table structure differs from a Mys v1.3.0 fresh install, theres no way to upgrade with the simple upgrader. In such a case, do it manually.

@Silverdragontears:
Yeah, I do not see the difference here besides you need to replace $pet by $row, unless you have another table storing pets descriptions. If this is true, just join another table, plain and simple. The codes I just posted should work fine for ya.

KaceKuma
04-09-2012, 10:30 PM
0.e i don't see an error log...and I haven't editted the database either...
I went through to see if the other errors for the login page (I.E not entering in all feilds) worked and they did, but when I enter everything correctly it comes up with that screenshoted screen.
My site is: http://www.generationsaber.com/
If you would like to create an account and see...

Hall of Famer
04-09-2012, 10:39 PM
I see, looks like I cannot register lol. Have you heavily modified your users table? If so, the upgrader will not work for you. Also check the files config.php and config_forum.php and see if anything is wrong in these files.

SilverDragonTears
04-09-2012, 10:42 PM
I pasted it in and it won't pull up the info.

Hall of Famer
04-09-2012, 10:47 PM
Did you change $pet to $row? Also its better for you to start a new thread asking for questions unrelated to installing/upgrading Mys v1.3.1 here.

KaceKuma
04-09-2012, 10:49 PM
No my config and forum config both looked filled out and fine. Again I really haden't messed with any of the script or db in fear that something like this would happen when I upgraded. I took a screenie of my adopts_users table as well...I'm veryconfused on what's happening and don't really want to have to wipe my site with other users on it...

Table Screenie: http://www.iaza.com/work/120410C/iaza18671541365100.png

Hall of Famer
04-09-2012, 10:53 PM
I see, you were using an earlier version of Mys v1.3.0 that I replaced with an updated file two days later. The version(which I refer to as Mys v1.3.0 RC) you are using is missing a field called 'session' from table prefix.users, so you need to add it manually. The field should be placed between the field 'password' and 'email'. The field 'session' should be VARCHAR(100).

KaceKuma
04-09-2012, 11:00 PM
Alright...how should I fill this out (Like what should I put for the details and fill in for each user) and would that fix the problem? Also since I already ran the upgraded would that have messed with things? (*Is so clueless XD*)

Hall of Famer
04-09-2012, 11:07 PM
Nope it will not mess up with things, your only problem appears to be the missing field from table prefix.users.

To accomplish this task, you need to go to the tab 'Structure' in Phpmyadmin. Now look at the screenshots below. The first one tells you how to add new field(note you must add the new field after the field 'password'!), the second one gives more detail on what values you should enter when phpmyadmin asks you to add a new field.

http://oi44.tinypic.com/2wfu1rk.jpg

KaceKuma
04-09-2012, 11:22 PM
Beautiful! It works fine now, thanks HoF!

Hall of Famer
04-09-2012, 11:25 PM
You are very welcome, glad it works.

PokePets
04-10-2012, 01:33 PM
Small notice;
"Open the file /inc/config_forum.php"
It's
"Open the file /inc/config_forums.php"

;)

Hall of Famer
04-10-2012, 01:49 PM
Thanks for pointing this out. In fact the reason why I changed it from config_forum.php to config_forums.php is that I plan on possibilities of integrating more than just MyBB. In future, users will need to select a forum engine they wish to integrate with their sites, although MyBB is highly recommended over other forum engines such as PhpBB, SMF and PunBB. Integrating with commercial forumwares such as Vbulletin, IPB and XenForo is also possible, but will most likely come out as premium Mod.

SilverDragonTears
04-10-2012, 05:51 PM
So I just set up a few shops and I don't see the item I put in one of my shops... It was the Breed1... what should the value be? Maybe that was my error.

Derp. I spelled the shop name wrong. Nm :D

What should the value be? Says I can't use it on a dragon that I should be able to?

SilverDragonTears
04-10-2012, 07:46 PM
Also the chance of an item is suppose to be random yet everytime it's telling me it failed. Sometimes it tells me that the item can't be used then when I try it again it tells me that it failed.... EVERY time. It's set at 50. Also I still can't get the breed1 to work.

Hall of Famer
04-11-2012, 12:18 AM
Well this does not happen to me though, are you sure it is set to be 50? I set the chance to be barely 30 and it works on my adoptables like once per three tries.

SilverDragonTears
04-11-2012, 12:24 AM
Hmm.... I'm sure. Maybe it's my letter codes? I dont know... I mean for the click1 it sometimes says my luck sucks or whatever, or it says I can't use it. For breed1 and alts1 I can't ever use it.

Edit: It works for click2, but not the others.

Hall of Famer
04-11-2012, 12:35 AM
umm thats strange. My breeding soup(breed1) has only 30% chance to take effect, and I've just tested it a moment ago. It worked 2 out of 3 times, so Id suppose it is indeed working. Did you set the target to 'all'? This aint supposed to be a problem for Mys v1.3.1 as I've set 'all' to be default value incase people make mistakes. Also make sure you do not enter numbers like 0.5 or 0.3 instead of 50 or 30.

SilverDragonTears
04-11-2012, 12:40 AM
breed1 works.... it's alts1 and clicks1 that I'm having issues with. I meant clicks not breed

Edit: Set it to all and it works... why doesn't it work when you put in the adopt ids?

Hall of Famer
04-11-2012, 12:45 AM
Well I tested it on my site and the click1 item worked, the chance was set to be 80% and it took effect 1 out of 2 times(not sure if it would be 8 out of 10 if I had attempted 10 times lol). The Alt1 function does seem a bit glitchy, I will figure this out later.

SilverDragonTears
04-11-2012, 12:48 AM
So if I want to use alts I can't use my alt script for male and female images?

Hall of Famer
04-11-2012, 12:53 AM
Well this question is beyond the scope of this thread is supposed to serve. Post a new thread and explain your problem in Questions/Support section.

Edit:
An glitch is found within the script file class_item.php, and I've re-uploaded Mys v1.3.1 completely. If you have an active site running already, check the bug tracker and download the attachment. It may not seem obvious to those of you running a site that aint quite active yet though.

Alaric
04-15-2012, 04:40 AM
When i registered it showed me this :

Warning: include(../inc/config_forums.php) [function.include]: failed to open stream: No such file or directory in /home/a5401752/public_html/functions/functions.php on line 314 Free Web Hosting PHP Error Message Warning: include() [function.include]: Failed opening '../inc/config_forums.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/a5401752/public_html/functions/functions.php on line 314

After I logged in It showed me this :

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[28000] [1045] Access denied for user 'a5401752'@'localhost' (using password: NO)' in /home/a5401752/public_html/classes/class_database.php:40 Stack trace: #0 /home/a5401752/public_html/classes/class_database.php(40): PDO->__construct('mysql:host=loca...', '', '') #1 /home/a5401752/public_html/login.php(86): Database->__construct('', 'localhost', '', '', 'mybb_') #2 {main} thrown in /home/a5401752/public_html/classes/class_database.php on line 40 Says that when I attempt to log in.

Sorry, but we could not find a user in the system with the name Lu Bu. Please make sure you have the username right. The user's account may also have been deleted by the system admin.

Hall of Famer
04-15-2012, 04:44 AM
Well it means that you've specified the forum database info incorrectly.

Alaric
04-15-2012, 04:47 AM
I'll re-install everything once again, what should i not install?

Hall of Famer
04-15-2012, 05:04 AM
Umm I dont quite understand you, what do you mean by 'what should i not install'? Theoretically you can install the adoptables site and mybb forum at any order. Make sure you enter correct database info for config_forums.php if you want mybb integration.

Alaric
04-15-2012, 05:46 AM
When my friend registered it gave him this message :

PHP Error Message Warning: include(../inc/config_forums.php) [function.include]: failed to open stream: No such file or directory in /home/a2447255/public_html/adopts/functions/functions.php on line 314 Free Web Hosting PHP Error Message Warning: include() [function.include]: Failed opening '../inc/config_forums.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/a2447255/public_html/adopts/functions/functions.php on line 314 Still shows.

Hall of Famer
04-15-2012, 05:51 AM
Well I saw you have a newly registered user, and everything went fine?
http://www.pokemonranch.co.cc/adopts/profile.php

Tequila
04-20-2012, 10:40 AM
All right, I want the letter codes to work as well, what do I have to change?

Hall of Famer
04-20-2012, 11:14 AM
Letter codes for what? For owned_adoptables?

Tequila
04-20-2012, 11:21 AM
Both owned_ and to adopt new ones (mask the id so no one can cheat).

Hall of Famer
04-20-2012, 11:24 AM
Well there are better ways to prevent cheating. You may consider using session, as a user cannot go back to the page(as they may have bookmarked) if the session expires. I do not really recommend using non_numeric ids though, it creates all kinds of problems with other scripts and is essentially impossible to upgrade.

Tequila
04-20-2012, 11:28 AM
All right, I'll see about session and random for the adopts. Eh, I didn't know that. I'll see what else I can figure out. ;3

Hall of Famer
04-20-2012, 11:31 AM
Well yeah, actually since Mys v1.2.3 it is already impossible to cheat with multi-adoption, thanks to Fadillzzz. In Mys v1.3.2 a new way of defining and accessing session will be available, which I shall illustrate in the development thread later. Mys v1.3.2 makes dramatic changes to Mys v1.3.1, as you will see soon.

Tequila
04-20-2012, 11:46 AM
Ooh... Shiny... *waits patiently in dev staff section*

SilverDragonTears
04-20-2012, 12:50 PM
It's not impossible to upgrade using letter codes. I do it everytime. It might be a slight pain but I love it and my members love it. They love getting codes that spell things out. And when I release a new adopt I make the codes relate to what type of dragon it is. Such as my Cow Dragon, his code was Moooo ;)

Tequila
04-20-2012, 08:43 PM
It's not impossible to upgrade using letter codes. I do it everytime. It might be a slight pain but I love it and my members love it. They love getting codes that spell things out. And when I release a new adopt I make the codes relate to what type of dragon it is. Such as my Cow Dragon, his code was Moooo ;)
I may try it later, too late tonight, and I've a long early day tomorrow. Ugh, retail...

Folli
04-28-2012, 06:19 PM
Nobackseat posted an updated mini-review of the script.

http://www.virtualpetlist.com/showthread.php/3760-Mysidia-Adoptables-Review/page2

It points out a few things, so I thought you might be interested. It's at the bottom of that page. ^

Hall of Famer
04-28-2012, 07:34 PM
Well actually I am revising the user system including user registration now. The plan was to have Nobackseat review it after Mys v1.3.2 release, but nvm. He has some good point and it is clear that the user registration system does need an overhaul immediately. You will see this in next release, which I promise. The remaining superglobals are gone too in Mys v1.3.2, just incase you are wondering. In a few occasions I will use global keyword in functions or classes, but no more superglobals like $GLOBALS.

I do not quite agree with what he said about password encryption being messy, I personally see no problem in it. You may wonder why the password is md5'd at first, it was done to compensate old users trying to upgrade. The old encryption method is md5 without salting, and I can redesign a new function called updatepass() which accepts md5'd passwords and update them to new and secured version. If the encryption method is altered without using md5 initially, old Mys sites will have to force all of their members to reset passwords after upgrading. This is not what I wanted, not sure what you think. Also I dont understand what he means by 'Guys, are ya sure that's the final password...' though. Not secured enough? If so I will improve it.

nobackseat
04-28-2012, 08:58 PM
Hey,

Wow didn't realize my post had been noted here so fast.

I realize I got increasingly sarcastic throughout the post, but I was being honest on my view of it, and I had listed plenty of examples.

I also, like before, realize that some of these issues aren't your fault, but after all they are being released under your name. I'm glad to hear you're working on them for the next release.

In my strong opinion, globals often mean that code was designed 'wrong'. There's always a better way to achieve what you want without using globals. I can understand if the way the code is setup makes it hard to transition from globals, but it's still being released with them and I was asked to give an honest review.

The jab at the encryption was mostly at how dramatic it was. There's easier ways to obtain equally secure encryption. I would call that secure, but how you encrypted it is just odd, not common at all, which just might make it more secure overall anyway.

Good luck, I'll keep checking it out every few releases.

NBS

Hall of Famer
04-28-2012, 09:29 PM
Hey,

Wow didn't realize my post had been noted here so fast.

I realize I got increasingly sarcastic throughout the post, but I was being honest on my view of it, and I had listed plenty of examples.

I also, like before, realize that some of these issues aren't your fault, but after all they are being released under your name. I'm glad to hear you're working on them for the next release.

In my strong opinion, globals often mean that code was designed 'wrong'. There's always a better way to achieve what you want without using globals. I can understand if the way the code is setup makes it hard to transition from globals, but it's still being released with them and I was asked to give an honest review.

The jab at the encryption was mostly at how dramatic it was. There's easier ways to obtain equally secure encryption. I would call that secure, but how you encrypted it is just odd, not common at all, which just might make it more secure overall anyway.

Good luck, I'll keep checking it out every few releases.

NBS

No worries. Actually its good to know that you had this many problems with the registration/authentification system. This makes my latest work on them more worthy than a waste of time. XD

I wont say its a problem to point out old programming flaws from rusnak script. We've tried our best to fix many of them, but it will take a while for everything to be fixed. We took care of the top priority issues, such as password encryption, insecure cookies and while loop running only once. The others will come when we are overhauling a specific script. Of course it speeds up the process if someone brings them up to me, with or without offering a possible solution.

Regarding database, yes I agree it is a waste to grab all fields of a row from database when we only need one or two. Since we are using PDO at this point, Id use fetchColumn() in circumstances when we only need one field from a row. The database class is very well designed by Fadillzzz, and it is just about time when we begin making the best use of it.

And you are right that superglobals exist because the original script was designed in a wrong way. In Mys v1.3.1 I already got rid of database superglobals such as $GLOBALS['localhost'] and so on. You still find superglobals with the current user information such as $GLOBALS['money'] in this release though. The best way to fix this is to overhaul the user system completely. A user object can store the current user information, and it will be passed into function or class method as argument when needed. Thats what I am doing right now, it will most likely have some issues when the initial design is completed. If you are around by then, lemme know what problems you find in the script and Id appreciate comments.

Like I said before, the reason why the encryption function looks messy is that we need to compensate for users upgrading from old script. This is what the script is supposed to look like in the first place:


function passencr($username, $password, $salt){
$pepper = grabanysetting("peppercode");
return hash('sha512', $pepper.$username.$password.$salt);
} Id say it looks less messy this way, and tbh thats what it was originally designed. But then there is no way for old users using old versions of this script to update their members passwords. Instead, they have to force everyone to reset passwords. Of course ideally everyone just starts over when the next major release is available so I dont have to worry about upgrading issues. Not sure if it will happen though, but its possible.

Kesstryl
05-01-2012, 10:24 AM
@nobackseat

I'm really glad you have pointed out areas where this script still needs work, but I'm also a member of VPL, and your tone there is very different than here. I do see you apologizing about that on these forums, but not even an edit on VPL which is where harsh words are smearing the name of this project. We appreciate help and pointers, but why be like that over there. I wouldn't even have a site if it weren't for this project as I'm an artist and not a programmer. I checked out other adoptable software and none of it is as supported as this project with an active community helping each other and regular updates. You called the programming "beginner" but people need to begin somewhere. Being constructive will help this move beyond a beginners project into something more viable for a larger community.

AlexC
05-01-2012, 03:13 PM
I kinda have to agree with Kesstryl with that. I mean, even in the short time I've been here, the script has come a long way - I don't see why we're getting picked on things we've yet to fix.

I mean, I don't think anyone has even bothered to attempt to hack a mys site anyway. The majority of people using these sites could be considered "hobbyists", not shoppers or bankers or people who need every-single-bug-fixed. The whole thing is just for fun, and the whole thing works /great/.

Give it time - we've had our priorities and I don't see why that shouldn't be acknowledged.

nobackseat
05-01-2012, 04:40 PM
Kesstryl,

Is this thread really the place for this? You could've PM'd me, pretty synonymous with your attempted ping.

Let's be clear first. I didn't apologize here. And I certainly am not sorry for the tone I used. If you were looking for me to sugarcoat it then you're out of luck. The script is in a pretty bad state, and if you were in my shoes, as an experienced programmer, you would be appalled.

The reason for the change of tone was that people here accept the script in the state it's in (see below). You guys aren't going to be persuaded in any way. At VPL, I wanted to make it clear that the script is not recommended (obviously not something I'd post here...) before it's too late and they rely on it (as much as you do). My mood also had a bit of influence too.

Case in point:
I don't think anyone has even bothered to attempt to hack a mys site anyway.

And? This is a pretty silly statement. Just because you appear to be OK with a site being hacked doesn't mean that the rest of the community is.

I honestly believe that my 'tone' and posts are making the programmers realize some things and be more motivated on bringing fixes than if it had been 'sugarcoated'.

Should this project improve radically I may consider recommending it in the future.

Until then, good luck.

NBS

AlexC
05-01-2012, 06:04 PM
@nobackseat: I merely meant that everyone isn't running around like headless chickens yelling "oh no, the script's hackable, don't touch it!" I don't think anyone here classifies as an experienced coder of your level, so you can't get upset at them for trying hard and not catching everything.

I'm proud of these people - they take pride in what they do, and they know there is problems but they work to fix them. This is the nicest coding community I've been to yet and yeah, there is a lot of problems, but they fix things instead of waiting months in between updates and they care about their users.

But obviously I shall be shot down so feel free to keep talking, I just wanted to make it clear I feel a little upset you're ruining our image before we even properly began.

SilverDragonTears
05-01-2012, 06:14 PM
^ This. I completely agree with you Gloometh. Thanks to this script I have a wonderful base to work with and two VERY active sites.

Kesstryl
06-07-2012, 11:27 AM
Well actually I am revising the user system including user registration now. The plan was to have Nobackseat review it after Mys v1.3.2 release, but nvm. He has some good point and it is clear that the user registration system does need an overhaul immediately. You will see this in next release, which I promise. The remaining superglobals are gone too in Mys v1.3.2, just incase you are wondering. In a few occasions I will use global keyword in functions or classes, but no more superglobals like $GLOBALS.

I do not quite agree with what he said about password encryption being messy, I personally see no problem in it. You may wonder why the password is md5'd at first, it was done to compensate old users trying to upgrade. The old encryption method is md5 without salting, and I can redesign a new function called updatepass() which accepts md5'd passwords and update them to new and secured version. If the encryption method is altered without using md5 initially, old Mys sites will have to force all of their members to reset passwords after upgrading. This is not what I wanted, not sure what you think. Also I dont understand what he means by 'Guys, are ya sure that's the final password...' though. Not secured enough? If so I will improve it.

Just wondering if there is a ETA for 1.3.2, been holding off on doing anything as I'd rather have the globals gone and a better registration system, and will probably blow everything away and reinstall. Was hoping to get my site into an Alpha state by July 1 which is the birthdate of a beloved family member who passed a few years ago. If not that's cool, I'd rather have a program that works than rush something because it's sentimental. Can always do a coming soon preview for July 1.

Hall of Famer
06-07-2012, 12:15 PM
Well it should be released before July 1, unless I got hit by some kind of illness. I actually had it planned for the last week of May before, but didnt make it since I had to keep moving/packaging while the user system overhaul seems more complicated than I envisioned back in April. Though delayed, it should not be that long.

A.F.M
08-24-2012, 03:25 AM
Hi. Hall of Famer.

I got a question! Is it possible to add Mysidia Adoptables to IPB?

Hall of Famer
08-24-2012, 04:50 AM
I think it is possible, but will require you to modify the script manually. Also keeps in mind that you will not be able to upgrade your forum with IPB's upgrader if you do this.