Mysidia Adoptables v1.3.1[Security Release]

[Hall of Famer]

It is about time to release the next version Mysidia Adoptables v1.3.1 to public now. The script is rather heavily modified, the magnitude is no smaller than the upgrade from Mys v1.2.2 to Mys v1.2.3, though not as dramatically different as from Mys v1.2.4 to Mys v1.3.0. The new version features several significant enhancement over existing features, security improvement and bug fixes. The major changes are listed as below:


1. The move towards Object-oriented design: Starting from Mys v1.3.1 you will see more and more classes and interfaces from the script files. Example files are class_database, class_item, class_shop, class_pagination and more. The first class file is important, it may affect the coding style of future Mys v1.3.x Mods. Id strong recommend aspiring coders to get used to object-oriented programming and the way to use our database class.

2. Brand new Promocode and Pound System: Some of you may have read the blog I wrote regarding the new promocode and pound system. They sure signify significant improvement over the old script and more importantly, admins will have more control over the features running on their sites. Just as I put it from the blog, you now have more ways to piss off your members, but perhaps in a way you want it to be. Read the blogs if you want to know more details about the new features.

3. Enhancement over items and forum integration: Two new mini-features for items are introduced in Mys v1.3.1. It is not possible to specify chances for items not to take effect, and the maximum quantity of items a user can obtain. Enhancement over forum integration is available too from Mys v1.3.1, as users are automatically logged into their forum account if they log in from the site. It applies to guest-registration too.

4. Security improvement of database: Some of you may have noticed that if you specify database information incorrectly, the PDO class will generate an error message that prints your dbpassword to screen. This is usually not a problem, but can be vital if you have a popular site running already. This security flaw is resolved by the usage of PDO exception. Another possible security flaw is superglobals, I got rid of half of them by using PHP constants.

5. Old glitches fixed in new release: Mys v1.3.0 was quite buggy, this I have to agree. Famous glitches such as file 'uploading path', 'reset password' and 'guest cannot click' are all resolved in this version. Small bugs such as 'friend-option', 'update avatar', 'trade with items' and 'adoptables maximum level' are gone too from Mys v1.3.1. More details can be found in our bug tracker, note the css glitches with pagination and user profile are still unresolved, as I do not know how to fix them myself.


Installation Guide:
1. Use ftp to Upload the entire folder Mysidia Adoptables v1.3.1 to your preferred directory, and change the name to whatever you like.
2. Change the CMD of folder "picuploads" to 777, together with its subfolders, this is required to enable user uploading images.
3. Rename the file config_adopts to config.php, otherwise the script will tell you config.php does not exist.
4. Access the installer script at "http://yoursitename.com/install/index.php", follow the instructions and proceed.
5. Congrats, you've successfully installed Mys v1.3.1. There is no need to manually encrypt your password in Mys v1.3.1, so cheers!

Note: The value pepper code can be generated from a website called: http://strongpasswordgenerator.com/, it can be of any length and may contain symbols. Make sure to delete the file install/index.php after running this script, or your site is potentially at danger if this file is accessed by someone else.

Upgrade Mini-Guide:
An upgrader from mys v1.3.0 is available, but the megaupgrader from Mys v1.2.x will have to wait longer. To upgrade, simply upload all script files to your folder and overwrite the existing ones. Make sure to remove the file config.php from the new script folder(or maybe config_forum.php too if you have an active forum running) before uploading, as otherwise you lose your config settings. Then run the upgrade.php script to complete this task, shouldnt take more than 10 secs. Note you need to manually remove the file poundpost.php from your root directory before proceeding, and the upgrade.php file too after you have completed this process.

Also do not use the upgrader if you have a site with heavily modified script, it only works if you havent touched the core script files such as functions.php and functions_users.php. You will have to upgrade manually if your site is highly customized, just the same old story with Mys v1.1.x and v1.2.x's upgraders.


Forum Integration Guide:

First of all, make sure you have both fresh installation of Mysidia Adoptables and MyBB forum. Open the file /inc/config_forums.php, enter each empty field for the database info of your MyBB forum. Then Change the variable mybbenabled from 0 to 1. The very last step is to disable registration on the forum. It is all said and done, new users will have accounts created from both the adoptables site and the forum from now on. In Mys v1.3.1 they also log into site and forum accounts simultaneously!

Note the forum statistics cannot be automatically updated with registration from adoptables site, so run your maintenance tool regularly. The trick is quite simple, go to forum ACP -> Database Backup -> Recount/Rebuild -> Rebuild Statistics. It is not required though, but your forum statistics can be messed up if you dont do this.


Download Links(both .rar and .zip are provided):

Rapidshare links:

Rar version:
https://rapidshare.com/files/25932293/Mysidia_Adoptables_v1.3.1.rar

Zip version:
https://rapidshare.com/files/1889471496/Mysidia_Adoptables_v1.3.1.zip

Mediafire Links:

Rar version:
http://www.mediafire.com/?b0nnfqcdbll287g

Zip version:
http://www.mediafire.com/?4bte4b419t48w44

I hope you like the direction our dev team is going. It may be hard for some of you, more advanced codes are usually more complicated and tend to be hard to understand. It wont hurt to learn a little bit of coding though, and in fact some of you actually will find the classes/objects quite easy to use. With database class, you do not write long query string and instead call database's select(), update(), insert() or even join() methods to complete tasks. At least for me it is more readable this way.

And thanks for whoever stay with us and look for updates over our softwares. Development actually has a long time to go until we can call it a professional/advanced script, but the day will come.


Hall of Famer
April 8, 2012

 

[AlexC]

Yay new release!

I tried upgrading, but I seem to have run into a problem...? I'm getting the following error: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

I ran the install/upgrade.php file and deleted the install directory and the poundpost.php file and now I can't get onto my site. I checked the config.php file and it is empty. Was I suppose to run the install script or something?

 

[Hall of Famer]

Yay new release!

I tried upgrading, but I seem to have run into a problem...? I'm getting the following error: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

I ran the install/upgrade.php file and deleted the install directory and the poundpost.php file and now I can't get onto my site. I checked the config.php file and it is empty. Was I suppose to run the install script or something?

Umm you are trying to upgrade the script? Did you receive any error messages during the process? 'cause as far as I know, your config.php file is re-written using PHP constants instead of variables that will later be declared as superglobals. It is more secure this way, but can be a pain in the butt for upgraders. I ran the upgrader script myself and it worked flawlessly though.

Edit:
My goodness, did you upload everything to your root directory, even the blank config.php file? o_o If so, this explains why your config.php file is blank and database constants aint being created. You aint supposed to do that, your current config.php file stores database information that will be passed into the installer. You need to remove config.php(or maybe config_forum.php) from your site before upgrading. Guess I will have to highlight this part from the upgrade mini-guide, it is not a big issue though since I believe you still remember your old config settings.

 

[AlexC]

wait... so I need to go back, find a config.php file and refill it with details and then reupload it?

I did find the forum config file blank, but I fixed that one. There is literally nothing in the config.php file so I didn't know what to put.

 

[Hall of Famer]

Well the old config.php file for mysidia adoptables should look like this:

<?php
//Mysidia Adoptables Site Configuration File

$dbhost = 'localhost';              //DB Hostname
$dbuser = 'yourdbusername';            //DB User
$dbpass = 'yourdbpassword';            //DB Password
$dbname = 'yourdbname';                //Your database name
$domain = 'yourdomain.com';                //Your domain name (No http, www or . )
$scriptpath = 'scriptpath';        //The folder you installed this script in
$prefix = 'adopts_';                

?>

Copy/paste this format to your config.php and change the values for each variables(begin with $) to whatever they are supposed to be in your old config file. Run the upgrader again and it should work.

 

[AlexC]

I did that, but now I appear to be having trouble accessing my site. I'm just waiting for it to load at the moment, I'll tell you when it finally comes up.

EDIT: It loaded, same error as before: Could not connect to database, the following error has occurred:
SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'DBHOST' (111)

 

[Hall of Famer]

I did that, but now I appear to be having trouble accessing my site. I'm just waiting for it to load at the moment, I'll tell you when it finally comes up.

Alright then, lemme know what happens then.

I apologize for this though, I thought it was a common practice for people to remove new config files(so as they wont overwrite old config files) before upgrading, but I was wrong. Upgrading this script does get a bit tricky from now on, luckily we may be having a brand new installer/upgrader system soon so we will be fine in future.

Edit:
Umm, what's inside your config file this time?

 

[AlexC]

Well, I never had to do that before when I was previously upgrading the script, so I didn't think to save anything.

Here is my file;

<?php
//Mysidia Adoptables Site Configuration File

$dbhost = 'localhost';      		//DB Hostname
$dbuser = 'gloometh_me';			//DB User
$dbpass = '*****';			//DB Password
$dbname = 'gloometh_adopts';    			//Your database name
$domain = 'ratties.x10.mx/';    			//Your domain name (No http, www or . )
$scriptpath = '';		//The folder you installed this script in
$prefix = 'adopts_';    			

?>

 

[Hall of Famer]

Have you run the upgrader yet? It looks to me that you havent, since the config file still contains variable, not constants.

 

[AlexC]

I'll run it again, perhaps that was the problem.

EDIT: I'm trying to get to the install/upgrade.php path but it keeps timing out, I haven't had this problem with my host before. :/

EDIT2: I tried it like ten times and it finally loaded with no problem. Upgraded fine and now the site is up fine. I'm going to do a bug check now, but it looks good.

 

[Hall of Famer]

umm this is weird, the script takes too long to respond? It worked on both my dedicated server and shared server though. Is it possible for you to check what is going on behind the scene, like from process manager located in your cpanel?

Edit: Good to know you got it to work, I dont understand why it takes this long to respond. It runs like within 5-10 secs on my sites, I will look into the codes to see if there are inefficient and resource-extensive codes in it.

 

[AlexC]

I'm not sure what it was - it was there for maybe ten minutes but now it's gone - my host is running at completely normal speed. o.0 I think I just make technology glitch or something. xD

EDIT: ... and now it's doing it again. Where can I find that process manager?

 

[Hall of Famer]

The process manager can be found in your cpanel, at the bottom of close to the bottom Id say. Anyway mind telling me what script files you were browsing before it slowed down?

 

[AlexC]

I'm on x10hosting. I had a look, but I can't see anything - I see a raw-access log, error log? Is that it?

I was sitting on the promo code page after switching between a few different pages. I was copying down my links so I could redo my navigation bar, and when I went to go to the myadopts.php page it suddenly slowed down. I can't remember what pages it was on before.

(Also, just so you know, it appears the "div" debugs didn't make it into the new scripts - I'm still getting glitches on the profile.php and myadopts.php page)

 

[Hall of Famer]

Well you run a process, and check process manager at once if it is slow since a process disappears from the list if it is executed a few minutes ago.

umm I did say that I couldnt fix the css glitches, didnt I? But it sounds interesting that you found a way to resolve them. Can you show me a screenshot of what it looks like before and after you add the <div> tag? Whats the difference?

 

[AlexC]

I can't find anything that looks like it'll do that.

Silver Kitsune did, she added <div>s and managed to fix some issues I had with my theme, here I'll do the screenshots, give me a few minutes.

EDIT: gah, I don't know why it's not working now. D: She said before that I was missing a closing </div> somewhere, so she added it on the myadopts page and it was fixed. I tried duplicating it, but it didn't seem to work... I'll have to see if I can find where we were talking.

 

[Hall of Famer]

Alright then, the css issue has been preventing me from further implementing the pagination to other pages beyond messages.php and myadopts.php. Once settled, you will see pagination being used like essentially everywhere. ^^

 

[AlexC]

NEVERMIND, I was adding it in the wrong place. Made it work!

Okay, so I managed to fix the memberlist and the myadopts page. Here are before and after pictures;

My Adopts Page:

BEFORE: http://i40.tinypic.com/1hbhoz.jpg
AFTER: http://i40.tinypic.com/14be45.jpg

CODE EDIT:

}
		$article_content .= "</table></div><br /><br />{$pagination->showPage()}";
	}

Members List Page:

BEFORE: http://i44.tinypic.com/2z3vx5h.jpg
AFTER: http://i43.tinypic.com/2ai3o94.jpg

CODE EDIT:

$article_content .= "<strong><a href='profile.php?user={$row->username}'>{$star}{$row->username}</a></strong><br />";
	}

	$article_content .= "<br />{$pagination->showPage()}</div>";

I can take a stab at trying to fix the profile page, but to be honest, that is a lot of code - looks kinda scary.. o.o

 

[Hall of Famer]

Thank you so much, I wasnt aware of this css issue since the main theme never had any of them. Seems that other themes do suffer such problems, such as the elements and green themes. I fixed all of them already, and a quick note you forgot to mention that messages.php has the same css flaw as myadopts.php and profile.php. It is present whenever pagination is used.

Looks like the css font size glitch only applies to the main theme, the green theme is unaffected. Weird, but its somewhat interesting to investigate.

 

[SilverDragonTears]

Can you tell me which parts to add for the auto log in to the forum when they log into the site?