CUTCODEDOWN
Minimalist Semantic Markup

Welcome Guest
Please Login or Register

If you have registered but not recieved your activation e-mail in a reasonable amount of time, or have issues with using the registration form, please use our Contact Form for assistance. Include both your username and the e-mail you tried to register with.

Author Topic: Milestone 02 Dec 2020 14:27 GMT  (Read 265 times)

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 714
  • Karma: +132/-1
    • CutCodeDown -- Minimalist Semantic Markup
Milestone 02 Dec 2020 14:27 GMT
« on: 2 Dec 2020, 09:36:25 am »
Alright, this one should actually work since rather than a rushed "here's where I'm at", this is a more polished and tested release where user creation, deletion, and editing is implemented, as are the one to many user permissions.

https://cutcodedown.com/paladinX/milestone_02_Dec_2020_14_27/

Again, see the installation instructions post for how to set things up.

Beware that the /setup routine requires that the database be EMPTY -- no tables -- before you start. Any existing tables should be wiped. I've put a "upgrade" option on my to-do list. For now because the data structures are so in-flux, I'm not willing to commit to that part YET.

Also note that the admin panel is 100% form driven off a single URI (/admin). As such it's very hard to XSS exploit, but normal navigation -- forward/back/refresh -- is UTTERLY BANJAXED. This is on purpose, and the errors you see are in fact EXPECTED. They'll even "break" if you try to open multiple admin tabs at once. (only the most recent one will work!)

Administration action pages are not revisitable or re-usable. PERIOD. Get used to it. You can't XSS if you can't predict what random hash is required on the form for actions to work.

'Cause that's how I roll.
I'll fix every flaw, I'll break every law, I'll tear up the rulebook if that's what it takes. You will see, I will crush this cold machine.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 714
  • Karma: +132/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Milestone 02 Dec 2020 14:27 GMT
« Reply #1 on: 2 Dec 2020, 10:01:53 am »
actions/admin/admin.process.phpsource
Timestamp comments line 2..13

Milestone maker didn't remove old milestone on just this one file?

Error in stamp detection regex. Fixed for next release.
I'll fix every flaw, I'll break every law, I'll tear up the rulebook if that's what it takes. You will see, I will crush this cold machine.

benanamen

  • Full Member
  • ***
  • Posts: 149
  • Karma: +12/-0
Re: Milestone 02 Dec 2020 14:27 GMT
« Reply #2 on: 2 Dec 2020, 05:06:04 pm »
To save time, let's just assume I am never wrong.

Jason Knight

  • Administrator
  • Hero Member
  • *****
  • Posts: 714
  • Karma: +132/-1
    • CutCodeDown -- Minimalist Semantic Markup
Re: Milestone 02 Dec 2020 14:27 GMT
« Reply #3 on: 2 Dec 2020, 06:22:35 pm »
Add new user problem

https://github.com/benanamen/paladinx/issues/1

Please report using the format suggested in the sticky. Again, for me even that shithub page is useless broken crap that tells me as a user to go F*** myself.
I'll fix every flaw, I'll break every law, I'll tear up the rulebook if that's what it takes. You will see, I will crush this cold machine.

 

SMF spam blocked by CleanTalk

Advertisement