Mysidia Adoptables Support Forum

Mysidia Adoptables Support Forum (http://www.mysidiaadoptables.com/forum/index.php)
-   Mysidia Adoptables Official Announcement (http://www.mysidiaadoptables.com/forum/forumdisplay.php?f=2)
-   -   Mysidia Adoptables v1.3.1[Security Release] (http://www.mysidiaadoptables.com/forum/showthread.php?t=3571)

Hall of Famer 04-08-2012 07:33 AM

Mysidia Adoptables v1.3.1[Security Release]
 
It is about time to release the next version Mysidia Adoptables v1.3.1 to public now. The script is rather heavily modified, the magnitude is no smaller than the upgrade from Mys v1.2.2 to Mys v1.2.3, though not as dramatically different as from Mys v1.2.4 to Mys v1.3.0. The new version features several significant enhancement over existing features, security improvement and bug fixes. The major changes are listed as below:


1. The move towards Object-oriented design: Starting from Mys v1.3.1 you will see more and more classes and interfaces from the script files. Example files are class_database, class_item, class_shop, class_pagination and more. The first class file is important, it may affect the coding style of future Mys v1.3.x Mods. Id strong recommend aspiring coders to get used to object-oriented programming and the way to use our database class.

2. Brand new Promocode and Pound System: Some of you may have read the blog I wrote regarding the new promocode and pound system. They sure signify significant improvement over the old script and more importantly, admins will have more control over the features running on their sites. Just as I put it from the blog, you now have more ways to piss off your members, but perhaps in a way you want it to be. Read the blogs if you want to know more details about the new features.

3. Enhancement over items and forum integration: Two new mini-features for items are introduced in Mys v1.3.1. It is not possible to specify chances for items not to take effect, and the maximum quantity of items a user can obtain. Enhancement over forum integration is available too from Mys v1.3.1, as users are automatically logged into their forum account if they log in from the site. It applies to guest-registration too.

4. Security improvement of database: Some of you may have noticed that if you specify database information incorrectly, the PDO class will generate an error message that prints your dbpassword to screen. This is usually not a problem, but can be vital if you have a popular site running already. This security flaw is resolved by the usage of PDO exception. Another possible security flaw is superglobals, I got rid of half of them by using PHP constants.

5. Old glitches fixed in new release: Mys v1.3.0 was quite buggy, this I have to agree. Famous glitches such as file 'uploading path', 'reset password' and 'guest cannot click' are all resolved in this version. Small bugs such as 'friend-option', 'update avatar', 'trade with items' and 'adoptables maximum level' are gone too from Mys v1.3.1. More details can be found in our bug tracker, note the css glitches with pagination and user profile are still unresolved, as I do not know how to fix them myself.


Installation Guide:
1. Use ftp to Upload the entire folder Mysidia Adoptables v1.3.1 to your preferred directory, and change the name to whatever you like.
2. Change the CMD of folder "picuploads" to 777, together with its subfolders, this is required to enable user uploading images.
3. Rename the file config_adopts to config.php, otherwise the script will tell you config.php does not exist.
4. Access the installer script at "http://yoursitename.com/install/index.php", follow the instructions and proceed.
5. Congrats, you've successfully installed Mys v1.3.1. There is no need to manually encrypt your password in Mys v1.3.1, so cheers!

Note: The value pepper code can be generated from a website called: http://strongpasswordgenerator.com/, it can be of any length and may contain symbols. Make sure to delete the file install/index.php after running this script, or your site is potentially at danger if this file is accessed by someone else.

Upgrade Mini-Guide:
An upgrader from mys v1.3.0 is available, but the megaupgrader from Mys v1.2.x will have to wait longer. To upgrade, simply upload all script files to your folder and overwrite the existing ones. Make sure to remove the file config.php from the new script folder(or maybe config_forum.php too if you have an active forum running) before uploading, as otherwise you lose your config settings. Then run the upgrade.php script to complete this task, shouldnt take more than 10 secs. Note you need to manually remove the file poundpost.php from your root directory before proceeding, and the upgrade.php file too after you have completed this process.

Also do not use the upgrader if you have a site with heavily modified script, it only works if you havent touched the core script files such as functions.php and functions_users.php. You will have to upgrade manually if your site is highly customized, just the same old story with Mys v1.1.x and v1.2.x's upgraders.


Forum Integration Guide:

First of all, make sure you have both fresh installation of Mysidia Adoptables and MyBB forum. Open the file /inc/config_forums.php, enter each empty field for the database info of your MyBB forum. Then Change the variable mybbenabled from 0 to 1. The very last step is to disable registration on the forum. It is all said and done, new users will have accounts created from both the adoptables site and the forum from now on. In Mys v1.3.1 they also log into site and forum accounts simultaneously!

Note the forum statistics cannot be automatically updated with registration from adoptables site, so run your maintenance tool regularly. The trick is quite simple, go to forum ACP -> Database Backup -> Recount/Rebuild -> Rebuild Statistics. It is not required though, but your forum statistics can be messed up if you dont do this.


Download Links(both .rar and .zip are provided):

Rapidshare links:

Rar version:
https://rapidshare.com/files/2593229...les_v1.3.1.rar

Zip version:
https://rapidshare.com/files/1889471...les_v1.3.1.zip

Mediafire Links:

Rar version:
http://www.mediafire.com/?b0nnfqcdbll287g

Zip version:
http://www.mediafire.com/?4bte4b419t48w44

I hope you like the direction our dev team is going. It may be hard for some of you, more advanced codes are usually more complicated and tend to be hard to understand. It wont hurt to learn a little bit of coding though, and in fact some of you actually will find the classes/objects quite easy to use. With database class, you do not write long query string and instead call database's select(), update(), insert() or even join() methods to complete tasks. At least for me it is more readable this way.

And thanks for whoever stay with us and look for updates over our softwares. Development actually has a long time to go until we can call it a professional/advanced script, but the day will come.


Hall of Famer
April 8, 2012

AlexC 04-08-2012 09:39 AM

Yay new release!

I tried upgrading, but I seem to have run into a problem...? I'm getting the following error: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

I ran the install/upgrade.php file and deleted the install directory and the poundpost.php file and now I can't get onto my site. I checked the config.php file and it is empty. Was I suppose to run the install script or something?

Hall of Famer 04-08-2012 09:41 AM

Quote:

Originally Posted by Gloometh (Post 22659)
Yay new release!

I tried upgrading, but I seem to have run into a problem...? I'm getting the following error: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

I ran the install/upgrade.php file and deleted the install directory and the poundpost.php file and now I can't get onto my site. I checked the config.php file and it is empty. Was I suppose to run the install script or something?

Umm you are trying to upgrade the script? Did you receive any error messages during the process? 'cause as far as I know, your config.php file is re-written using PHP constants instead of variables that will later be declared as superglobals. It is more secure this way, but can be a pain in the butt for upgraders. I ran the upgrader script myself and it worked flawlessly though.

Edit:
My goodness, did you upload everything to your root directory, even the blank config.php file? o_o If so, this explains why your config.php file is blank and database constants aint being created. You aint supposed to do that, your current config.php file stores database information that will be passed into the installer. You need to remove config.php(or maybe config_forum.php) from your site before upgrading. Guess I will have to highlight this part from the upgrade mini-guide, it is not a big issue though since I believe you still remember your old config settings.

AlexC 04-08-2012 09:54 AM

wait... so I need to go back, find a config.php file and refill it with details and then reupload it?

I did find the forum config file blank, but I fixed that one. There is literally nothing in the config.php file so I didn't know what to put.

Hall of Famer 04-08-2012 10:00 AM

Well the old config.php file for mysidia adoptables should look like this:

PHP Code:

<?php
//Mysidia Adoptables Site Configuration File

$dbhost 'localhost';              //DB Hostname
$dbuser 'yourdbusername';            //DB User
$dbpass 'yourdbpassword';            //DB Password
$dbname 'yourdbname';                //Your database name
$domain 'yourdomain.com';                //Your domain name (No http, www or . )
$scriptpath 'scriptpath';        //The folder you installed this script in
$prefix 'adopts_';                

?>

Copy/paste this format to your config.php and change the values for each variables(begin with $) to whatever they are supposed to be in your old config file. Run the upgrader again and it should work.

AlexC 04-08-2012 10:07 AM

I did that, but now I appear to be having trouble accessing my site. I'm just waiting for it to load at the moment, I'll tell you when it finally comes up.

EDIT: It loaded, same error as before: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

Hall of Famer 04-08-2012 10:09 AM

Quote:

Originally Posted by Gloometh (Post 22663)
I did that, but now I appear to be having trouble accessing my site. I'm just waiting for it to load at the moment, I'll tell you when it finally comes up.

Alright then, lemme know what happens then.

I apologize for this though, I thought it was a common practice for people to remove new config files(so as they wont overwrite old config files) before upgrading, but I was wrong. Upgrading this script does get a bit tricky from now on, luckily we may be having a brand new installer/upgrader system soon so we will be fine in future.

Edit:
Umm, what's inside your config file this time?

AlexC 04-08-2012 10:12 AM

Well, I never had to do that before when I was previously upgrading the script, so I didn't think to save anything.

Here is my file;

Code:

<?php
//Mysidia Adoptables Site Configuration File

$dbhost = 'localhost';                      //DB Hostname
$dbuser = 'gloometh_me';                        //DB User
$dbpass = '*****';                        //DB Password
$dbname = 'gloometh_adopts';                            //Your database name
$domain = 'ratties.x10.mx/';                            //Your domain name (No http, www or . )
$scriptpath = '';                //The folder you installed this script in
$prefix = 'adopts_';                           

?>


Hall of Famer 04-08-2012 10:14 AM

Have you run the upgrader yet? It looks to me that you havent, since the config file still contains variable, not constants.

AlexC 04-08-2012 10:16 AM

I'll run it again, perhaps that was the problem.

EDIT: I'm trying to get to the install/upgrade.php path but it keeps timing out, I haven't had this problem with my host before. :/

EDIT2: I tried it like ten times and it finally loaded with no problem. Upgraded fine and now the site is up fine. I'm going to do a bug check now, but it looks good.


All times are GMT -5. The time now is 04:43 AM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.