progress #1

LegendOfMCPE · Dec 6, 2014 · 3cba78f · 3cba78f
1 parent aa5c105
commit 3cba78f
Show file tree

Hide file tree

Showing 6 changed files with 115 additions and 25 deletions.
diff --git a/cms/index.php b/cms/index.php
@@ -16,9 +16,6 @@
 ****************************************************
 */
 
-require_once("/src/lomcms.php");
-require_once("/src/api.php");
-
-require "/src/pages/dashboard.php";
+include "/src/loader.php";
 
 ?>
diff --git a/cms/install.php b/cms/install.php
@@ -18,6 +18,7 @@
 error_reporting(0);
 
 require_once(dirname(__FILE__) . "/src/lomcms.php");
+require_once(dirname(__FILE__) . "/src/api.php");
 
 echo "<title>LoM-CMS Installation</title>";
 
@@ -161,6 +162,7 @@
 					cat_id				INT(8) NOT NULL,
 					topic				VARCHAR(80) NOT NULL,
 					author				VARCHAR(16) NOT NULL,
+					ip					VARCHAR(11) NOT NULL,
 					discussion			VARCHAR(5000) NOT NULL,
 					lastposted			INT(11) NOT NULL,
 					lastupdate			INT(11) NOT NULL,
@@ -187,6 +189,7 @@
 			$sql_generate_tickets_a = "CREATE TABLE IF NOT EXISTS lomcms_tickets_a(
 					id					INT(11) NOT NULL,
 					author				VARCHAR(16) NOT NULL,
+					ip					VARCHAR(11) NOT NULL,
 					discussion			VARCHAR(5000) NOT NULL,
 					lastposted			INT(11) NOT NULL,
 					lastupdate			INT(11) NOT NULL
@@ -211,6 +214,7 @@
 			$sql_generate_report = "CREATE TABLE IF NOT EXISTS lomcms_report(
 					id					INT(11) NOT NULL AUTO_INCREMENT,
 					author				VARCHAR(16) NOT NULL,
+					ip					VARCHAR(11) NOT NULL,
 					target				VARCHAR(16) NOT NULL,
 					reason				VARCHAR(50) NOT NULL,
 					discussion			VARCHAR(1000) NOT NULL,
@@ -235,26 +239,55 @@
 
 		if(!$db->query("SELECT * FROM lomcms_user_status LIMIT 0")){
 
-			$sql_generate_report = "CREATE TABLE IF NOT EXISTS lomcms_user_status(
+			$sql_generate_user_status = "CREATE TABLE IF NOT EXISTS lomcms_user_status(
 					name				VARCHAR(16) NOT NULL,
 					isbanned			INT(1) NOT NULL DEFAULT '0',
-					ip					INT(11) NOT NULL,
+					ip					VARCHAR(11) NOT NULL,
 					lastupdate			INT(11) NOT NULL
 					)ENGINE=INNODB;";
 
-			$db->query($sql_generate_report);
+			$db->query($sql_generate_user_status);
 
 			echo "&gt; [PENDING] lomcms_user_status database not found.<br />";
 			echo "&gt; [PENDING] Generating table ...<br />";
 
-			if(!$db->query($sql_generate_report)){
+			if(!$db->query($sql_generate_user_status)){
 				echo "&gt; [FAILED] Can't create the table : \"lomcms_user_status\"!<br />";
 				echo "&gt; Aborting ...<br />";
 			}else{
 				echo "&gt; [SUCCESS] Successfully created \"<strong>lomcms_user_status</strong>\" table on \"<strong>" . SIMPLEAUTH_DB . "</strong>\" database! <br />";
 			}
 
 		}
+
+		if(!$db->query("SELECT * FROM lomcms_staff LIMIT 0")){
+
+			$sql_generate_staff = "CREATE TABLE IF NOT EXISTS lomcms_staff(
+					username			VARCHAR(16) NOT NULL,
+					password			CHAR(128) NOT NULL,
+					position			INT(1) NOT NULL DEFAULT '0',
+					lastip				VARCHAR(11) NOT NULL,
+					lastlogin			INT(11) NOT NULL
+					)ENGINE=INNODB;";
+
+			$db->query($sql_generate_staff);
+
+			echo "&gt; [PENDING] lomcms_staff database not found.<br />";
+			echo "&gt; [PENDING] Generating table ...<br />";
+
+			if(!$db->query($sql_generate_staff)){
+				echo "&gt; [FAILED] Can't create the table : \"lomcms_staff\"!<br />";
+				echo "&gt; Aborting ...<br />";
+			}else{
+				$time = intval(time());
+				$clean_usr = strtolower(TEMP_ADM_USER);
+				$hashed_password = hashME($clean_usr, TEMP_ADM_PASS);
+				$submit_temp = "INSERT INTO `lomcms_staff` (`username`, `password`, `position`, `lastip`, `lastlogin`) VALUES ('$clean_usr', '$hashed_password', '2', '0.0.0.0', '$time');";
+				$db->query($submit_temp);
+				echo "&gt; [SUCCESS] Successfully created \"<strong>lomcms_staff</strong>\" table on \"<strong>" . SIMPLEAUTH_DB . "</strong>\" database! <br />";
+			}
+
+		}
 
 		if(!$db->query("SELECT * FROM lomcms_srv_mngr LIMIT 0")){
 
@@ -279,8 +312,6 @@
 			}else{
 				echo "&gt; [SUCCESS] Successfully created \"<strong>lomcms_srv_mngr</strong>\" table on \"<strong>" . SIMPLEAUTH_DB . "</strong>\" database! <br />";
 			}
-
-			//echo "&gt; LoM-CMS is now installed and connected to the database! Please delete the <strong>install.php</strong> afterwards.<br />";
 
 		}else{
 			echo "&gt; LoM-CMS is already installed and connected to the database! Please delete the <strong>install.php</strong> afterwards.<br />";

diff --git a/cms/resource/config.php b/cms/resource/config.php
@@ -26,16 +26,43 @@
 //===========================
 //----------------------------
 /* <--	Website Fields --> */
+//----------------------------
+/* <! --- Start Here --- !> */
 /* --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- */
-//Note: This is only temporary. You can apply these settings
+//Note: This is only temporary. You can change these settings
 //		after you have installed this CMS in the Admin Panel.
+//		Once you have installed, LoM-CMS, all settings in here
+//		is saved into the database. Hence, making changes in
+//		here wouldn't take any effect.
 /* --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- */
 define('TEMP_TITLE', 'LoM-CMS MCPE Website');
 define('TEMP_SLOGAN', 'A compact CMS suitable for MCPE servers.');
+//----------------------------
+/* <--	SitePanel Admin --> */
+//----------------------------
+/*		UserName	*/
+define('TEMP_ADM_USER','admin');
+/*		Password	*/
+define('TEMP_ADM_PASS','123');
+/* <--	SitePanel Admin --> */
+//----------------------------
+/* --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- */
+//Note: This is only temporary. You can change these settings
+//		after you have installed this CMS in the Admin Panel.
+//		Once you have installed, LoM-CMS, all settings in here
+//		is saved into the database. Hence, making changes in
+//		here wouldn't take any effect.
+/* --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- */
+/* <! --- End Here --- !> */
+//===========================
 /* <--	Website Fields --> */
 //----------------------------
 //===========================
 //----------------------------
+/* --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- */
+//Note: Please DO NOT make any changes below ONCE the CMS has
+//		been installed unless you know what you are doing.
+/* --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- */
 /* <--	MySQL Details --> */
 /*		HostName	*/
 define('MYSQL_HOST','localhost');
@@ -50,16 +77,7 @@
 /* <--	MySQL Details --> */
 //----------------------------
 //===========================
-//----------------------------
-/* <--	SitePanel Admin --> */
-//----------------------------
-/*		UserName	*/
-define('ADM_USER','admin');
-/*		Password	*/
-define('ADM_PASS','123');
-/* <--	SitePanel Admin --> */
-//----------------------------
-//===========================
 //<--- EDITABLE FIELDS --->//
 //===========================
+
 ?>
diff --git a/cms/src/api.php b/cms/src/api.php
@@ -16,10 +16,10 @@
 ****************************************************
 */
 
-require_once(dirname(__FILE__) . "/src/lomcms.php");
+/* APIs */
 
-/*
-API FUNCTIONS SOON!
-*/
+function hashME($username, $password) {
+	return bin2hex(hash("sha512", $password . strtolower($username), true) ^ hash("whirlpool", strtolower($username) . $password, true));
+}
 
 ?>
diff --git a/cms/src/loader.php b/cms/src/loader.php
@@ -0,0 +1,41 @@
+<?php
+/*
+====================================================
+****************************************************
+*  _           __  __         _____ __  __  _____  *
+* | |         |  \/  |       / ____|  \/  |/ ____| *
+* | |     ___ | \  / |______| |    | \  / | (___   *
+* | |    / _ \| |\/| |______| |    | |\/| |\___ \  *
+* | |___| (_) | |  | |      | |____| |  | |____) | *
+* |______\___/|_|  |_|       \_____|_|  |_|_____/  *
+*                                                  *
+*                -=[VERSION 1.0.0]=-               *
+*          BY: LEGEND OF MCPE ORGANIZATION         *
+*       GITHUB: HTTP://GITHUB.COM/LEGENDOFMCPE     *
+*                                                  *
+****************************************************
+*/
+
+require_once("/src/lomcms.php");
+require_once("/src/api.php");
+
+session_start();
+session_regenerate_id(true);
+ini_set('session.hash_function', 'whirlpool');
+ini_set('session.cookie_secure',1);
+ini_set('session.cookie_httponly',1);
+ini_set('session.use_only_cookies',1);
+set_time_limit(10);
+
+if (isset($_SESSION['HTTP_USER_AGENT']) && $_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])){
+	session_destroy();
+	header("refresh: 0;");
+	exit;
+}else{
+	$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
+}
+
+
+
+
+?>
diff --git a/cms/src/lomcms.php b/cms/src/lomcms.php
@@ -21,4 +21,7 @@
 $db = new \mysqli(MYSQL_HOST, MYSQL_USER, MYSQL_PASS, SIMPLEAUTH_DB, MYSQL_PORT);
 $db_check = @fsockopen(MYSQL_HOST, MYSQL_PORT, $errno, $errstr, 5);
 
+/* Constants */
+//define(' ?? ', ' ?? ');
+
 ?>