Mysidia Adoptables v1.3.1[Security Release]

[SilverDragonTears]

So if I want to use alts I can't use my alt script for male and female images?

 

[Hall of Famer]

Well this question is beyond the scope of this thread is supposed to serve. Post a new thread and explain your problem in Questions/Support section.

Edit:
An glitch is found within the script file class_item.php, and I've re-uploaded Mys v1.3.1 completely. If you have an active site running already, check the bug tracker and download the attachment. It may not seem obvious to those of you running a site that aint quite active yet though.

 

[Alaric]

When i registered it showed me this :

Warning: include(../inc/config_forums.php) [function.include]: failed to open stream: No such file or directory in /home/a5401752/public_html/functions/functions.php on line 314 Free Web Hosting PHP Error Message Warning: include() [function.include]: Failed opening '../inc/config_forums.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/a5401752/public_html/functions/functions.php on line 314

After I logged in It showed me this :

Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[28000] [1045] Access denied for user 'a5401752'@'localhost' (using password: NO)' in /home/a5401752/public_html/classes/class_database.php:40 Stack trace: #0 /home/a5401752/public_html/classes/class_database.php(40): PDO->__construct('mysql:host=loca...', '', '') #1 /home/a5401752/public_html/login.php(86): Database->__construct('', 'localhost', '', '', 'mybb_') #2 {main} thrown in /home/a5401752/public_html/classes/class_database.php on line 40 Says that when I attempt to log in.

Sorry, but we could not find a user in the system with the name Lu Bu. Please make sure you have the username right. The user's account may also have been deleted by the system admin.

 

[Hall of Famer]

Well it means that you've specified the forum database info incorrectly.

 

[Alaric]

I'll re-install everything once again, what should i not install?

 

[Hall of Famer]

Umm I dont quite understand you, what do you mean by 'what should i not install'? Theoretically you can install the adoptables site and mybb forum at any order. Make sure you enter correct database info for config_forums.php if you want mybb integration.

 

[Alaric]

When my friend registered it gave him this message :

PHP Error Message Warning: include(../inc/config_forums.php) [function.include]: failed to open stream: No such file or directory in /home/a2447255/public_html/adopts/functions/functions.php on line 314 Free Web Hosting PHP Error Message Warning: include() [function.include]: Failed opening '../inc/config_forums.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/a2447255/public_html/adopts/functions/functions.php on line 314 Still shows.

 

[Hall of Famer]

Well I saw you have a newly registered user, and everything went fine?
http://www.pokemonranch.co.cc/adopts/profile.php

 

[Tequila]

All right, I want the letter codes to work as well, what do I have to change?

 

[Hall of Famer]

Letter codes for what? For owned_adoptables?

 

[Tequila]

Both owned_ and to adopt new ones (mask the id so no one can cheat).

 

[Hall of Famer]

Well there are better ways to prevent cheating. You may consider using session, as a user cannot go back to the page(as they may have bookmarked) if the session expires. I do not really recommend using non_numeric ids though, it creates all kinds of problems with other scripts and is essentially impossible to upgrade.

 

[Tequila]

All right, I'll see about session and random for the adopts. Eh, I didn't know that. I'll see what else I can figure out. ;3

 

[Hall of Famer]

Well yeah, actually since Mys v1.2.3 it is already impossible to cheat with multi-adoption, thanks to Fadillzzz. In Mys v1.3.2 a new way of defining and accessing session will be available, which I shall illustrate in the development thread later. Mys v1.3.2 makes dramatic changes to Mys v1.3.1, as you will see soon.

 

[Tequila]

Ooh... Shiny... *waits patiently in dev staff section*

 

[SilverDragonTears]

It's not impossible to upgrade using letter codes. I do it everytime. It might be a slight pain but I love it and my members love it. They love getting codes that spell things out. And when I release a new adopt I make the codes relate to what type of dragon it is. Such as my Cow Dragon, his code was Moooo

 

[Tequila]

It's not impossible to upgrade using letter codes. I do it everytime. It might be a slight pain but I love it and my members love it. They love getting codes that spell things out. And when I release a new adopt I make the codes relate to what type of dragon it is. Such as my Cow Dragon, his code was Moooo

I may try it later, too late tonight, and I've a long early day tomorrow. Ugh, retail...

 

[Folli]

Nobackseat posted an updated mini-review of the script.

http://www.virtualpetlist.com/showthread.php/3760-Mysidia-Adoptables-Review/page2

It points out a few things, so I thought you might be interested. It's at the bottom of that page. ^

 

[Hall of Famer]

Well actually I am revising the user system including user registration now. The plan was to have Nobackseat review it after Mys v1.3.2 release, but nvm. He has some good point and it is clear that the user registration system does need an overhaul immediately. You will see this in next release, which I promise. The remaining superglobals are gone too in Mys v1.3.2, just incase you are wondering. In a few occasions I will use global keyword in functions or classes, but no more superglobals like $GLOBALS.

I do not quite agree with what he said about password encryption being messy, I personally see no problem in it. You may wonder why the password is md5'd at first, it was done to compensate old users trying to upgrade. The old encryption method is md5 without salting, and I can redesign a new function called updatepass() which accepts md5'd passwords and update them to new and secured version. If the encryption method is altered without using md5 initially, old Mys sites will have to force all of their members to reset passwords after upgrading. This is not what I wanted, not sure what you think. Also I dont understand what he means by 'Guys, are ya sure that's the final password...' though. Not secured enough? If so I will improve it.

 

[nobackseat]

Hey,

Wow didn't realize my post had been noted here so fast.

I realize I got increasingly sarcastic throughout the post, but I was being honest on my view of it, and I had listed plenty of examples.

I also, like before, realize that some of these issues aren't your fault, but after all they are being released under your name. I'm glad to hear you're working on them for the next release.

In my strong opinion, globals often mean that code was designed 'wrong'. There's always a better way to achieve what you want without using globals. I can understand if the way the code is setup makes it hard to transition from globals, but it's still being released with them and I was asked to give an honest review.

The jab at the encryption was mostly at how dramatic it was. There's easier ways to obtain equally secure encryption. I would call that secure, but how you encrypted it is just odd, not common at all, which just might make it more secure overall anyway.

Good luck, I'll keep checking it out every few releases.

NBS