Jump to content
Gepard

Flux Control Panel for Hercules

Recommended Posts

I don't really see problems with piece of software being few years old. If there are issues with it, they can be fixed, code can be improved etc. Writing new application from scratch doesn't guarantee it would be better. More likely there will be some new bugs in it, and it will take time to find and fix them all. FluxCP is matured enough, and as far as I know, there haven't been any major problems with it, despite it being used in hundreds of servers.

Share this post


Link to post
Share on other sites

Re-writing this pieces of software allow to get better performance, cleaner code, maintainable code, knowing what can be avoid or optimized, using latest technologies features for better experiences or speed up the process, remove deprecated element...

 

A lot of big softwares are rewriting from scratch from a version to another (just in PHP framework for example: Laravel, Symfony, ...), and they never get so optimized and easy to use.

 

To finish, it's not because you don't know or heard about exploits that they don't exist.

Lucky admins, RO hackers seems to have a pretty bad level and just know about SQLI, LFI (and DDOS of course) :)

Share this post


Link to post
Share on other sites

Just a suggestion, will it be much better if we change the item database view instead of showing the item scripts, it will show the item description of the item. :)

Share this post


Link to post
Share on other sites

To finish, it's not because you don't know or heard about exploits that they don't exist.

Lucky admins, RO hackers seems to have a pretty bad level and just know about SQLI, LFI (and DDOS of course) :)

How would a full rewrite help preventing these attacks? I feel that ditching an old (but maintained) and well tested codebase to rewrite it from scratch, would have the opposite effect and risk creating more security vulnerabilities, other than breaking compatibility with any old addons and themes. As someone once said, if it ain't broke, don't fix it.

Share this post


Link to post
Share on other sites

Re-writing this pieces of software allow to get better performance, cleaner code, maintainable code, knowing what can be avoid or optimized, using latest technologies features for better experiences or speed up the process, remove deprecated element...

If we followed that logic, the very first piece of software that should be thrown into the trash bin and rewritten from scratch is athena/hercules. FluxCP has actually a well structured and documented code, quite easy to understand, follow and maintain. Did you even take a look at its source? You're talking about using latest technologies.... which one do you exactly think could be used in a new, better control panel, that isn't present in flux? Just asking, cause all your arguments are valid but you haven't show us yet how they apply to fluxcp.

Share this post


Link to post
Share on other sites

@Gepard
Rewriting an emulator from scratch is a lot of work, you can't compare it to a CP. Yeah FluxCP is the most advanced CP currently available for RO (talking about structure, organization, documentation and support), but it's not for this reason it's the best code ever.
It was a list for general reasons to rewrite a code, not specialy related to FluxCP. Just talking about technologies and organization (not about features since it can be add at all time) :

  • HMVC
  • ORM
  • Namespace
  • Anonymous function/Closures
  • Optionnal ajax support
  • Optionnal Template Engine
  • Hook system


And of course I investigated FluxCP source code, that's why I complain about it, its structure and its exploits.

@Haru
Well I have to agree, if you don't have a talented web developer (and specialized in security audit), there is no point to create a new CP from scratch, you will just create a complete copy of others CP with maybe some more hacks.

Share this post


Link to post
Share on other sites

Not every new technology or design pattern is worth following or being used. Software doesn't need to be state-of-the-art to be a good piece of software. You seem to be focused too much on internal aspects of the control panel, and forgetting that first and foremost it is a tool, an utility. It has to work and work properly most of the time - that is what is expected from a program. Then, it should be easy to maintain and develop. (BTW, using latest technologies is great way to create a steep learning curve for anyone who'd like to contribute to the project, so it can have exactly opposite effect) And only then it should be beautiful (code-wise, internal design-wise, not talking about appearance here). If you have too much free time nobody is holding you from using all kind of latest technology and writing your own state-of-the-art control panel for ragnarok server.

 

Also, if you realized there are some real exploits in current code of FluxCP, you should just fix it or at least report it, instead of complaining. Otherwise, I can't take what you're saying seriously. I respect you having great deal of knowledge about webcoding, but sometimes you need get off your high horse and help less experienced people or you just start to sound like a prick. Now I have the feeling that it's you advertising yourself in this topic, trying to make an impression how good you are at things, and how cool would be the control panel you could write. Please refrain from it, showcase/bragging topics belong to other sections.

 

Once again, point to any bug/exploit in current fluxcp, or at least justify using any of the stuff you mention with real use-case examples, instead of making general remarks about webcoding. All input is appreciated, but it has to be more specific. "FluxCP is not using latest technologies" is NOT a useful suggestion. Useful one would be: in file foo.php, we could use new feature from foolib ver. 1234 so that we can simplify the code in file bar.php and make it easier to create new foobars for baz module.  

Share this post


Link to post
Share on other sites
Don't say something I didn't write.
 
It's not because I post a list of technologies than all have to be used, even if it's a base from a good framework, the pros and crons have to be studied before writing a piece of code.
If I had enough time to write a CP, it will be already done for years but I already have some problems to regularly work on my personal projects to add a new one to the queue.
 
The exploits i were talking are already in discussion with Xantara and CalciumKid to find the better approach to fix it without potentially provoke a massive hack of a big part of pservers. The main problem of this exploit : it required some fix on templates folder but no servers are using the default one because of theirs custom design (so it's an update that will break all current servers).
 
I'm not here to promote myself, just to discuss but it seems like when an opinion diverges from yours we just are the bad guys and you need to spit on me to discredit myself and all I said, just grow up guys, I think you are enough older to have a discussion without bashing the guy in front of you.

Share this post


Link to post
Share on other sites

Well then, if pros and cons have to be studied, then go study first, and only then come here and share your wisdom. Cause right now you're talking some totally general stuff about how cool would it be to do this and that, but you are not willing to discuss any specific issues related to FluxCP, which this topic happens to be about.

 

I'm not discrediting anything you say, I'm just pointing that what you're saying isn't really useful for further FluxCP development, so in fact irreleveant. I don't see the point in discussing "why FluxCP isn't so awesome as I'd like it to be" or similarly abstract stuff, but unfortunately that's exactly what you're trying to "discuss" here. 

 

It's you who started the bashing without giving any reasonable points and it's you who first came to weird conclusions ("this topic is fluxcp ad"). If you claim that some app has "conception fails and critical exploits" you must have something to back up your words. That's what I expect from a serious discussion.

 

That being said, I'm waiting for a PM with details about the exploit you mentioned.

 

Last but not least, I'm sorry for being so straightforward. This is just how I am, and I'm not really hostile towards you or anything like that. 

Share this post


Link to post
Share on other sites
Sorry, it was not my intention to troll you all with a "Apple Sucks !" in this Apple Store, I didn't know there were so much fanboy here.
 
Since I'm lazy and will have vacations in some hours, just read the above posts to get answers. I didn't ask to rewrite FluxCP or updating it, but I suggested to create a new one with solid foundation. If you don't want, who cares ? : it's a suggestion.
 
If you want to get informations about the hack I will add you to our discussion. Talking about how to exploit a zero-day in public, isn't something smart at all.

Share this post


Link to post
Share on other sites

I think you're missing GD php extension. How to get it and install it and so? I don't know but that page explains you how to.

 

Maybe run a phpinfo() in your server before and see if you have GD installed?

 

P.S.: I will try to also make an es_ES translation, but preferably not Spanish/Spain but as much neutral Spanish as I can.

Share this post


Link to post
Share on other sites

what would be the problem for this?

no Captcha?

 

ewq.jpg

 

If CAPTCHA is not working try to use reCAPTCHA

application.php in line 81 to 83

 

    'EnableReCaptcha'	  => false,				    // Enables the use of reCAPTCHA instead of Flux's native GD2 library (http://www.google.com/recaptcha)    'ReCaptchaPublicKey'   => '...',				    // This is your reCAPTCHA public key [REQUIRED FOR RECAPTCHA] (sign up at http://www.google.com/recaptcha)    'ReCaptchaPrivateKey'  => '...',				    // This is your reCAPTCHA private key [REQUIRED FOR RECAPTCHA] (sign up at http://www.google.com/recaptcha)

 

@Gepard

Can i ask if Flux CP CMS Addon by CalciumKid is compatible with the theme? well it seems to work fine but the News and Update part are missing its all blank after adding this in the themes/emphaino/main/index.php

 

<?php if (!defined('FLUX_ROOT')) exit;        $this->redirect($this->url('news','view'))        ?>

Share this post


Link to post
Share on other sites

 

 

 

what would be the problem for this?

no Captcha?

 

ewq.jpg

 

If CAPTCHA is not working try to use reCAPTCHA

application.php in line 81 to 83

 

    'EnableReCaptcha'	  => false,				    // Enables the use of reCAPTCHA instead of Flux's native GD2 library (http://www.google.com/recaptcha)    'ReCaptchaPublicKey'   => '...',				    // This is your reCAPTCHA public key [REQUIRED FOR RECAPTCHA] (sign up at http://www.google.com/recaptcha)    'ReCaptchaPrivateKey'  => '...',				    // This is your reCAPTCHA private key [REQUIRED FOR RECAPTCHA] (sign up at http://www.google.com/recaptcha)

 

@Gepard

Can i ask if Flux CP CMS Addon by CalciumKid is compatible with the theme? well it seems to work fine but the News and Update part are missing its all blank after adding this in the themes/emphaino/main/index.php

 

<?php if (!defined('FLUX_ROOT')) exit;        $this->redirect($this->url('news','view'))        ?>

 

 

yah i did that

Share this post


Link to post
Share on other sites

@bgamez23

You probably need to look into addons/content_management/themes/, copy default and rename it to emphaino.

 

@JulioCF

You forgot to uncomment the 2 lines that define top-level menu 'Main Menu' (the one that will have forums link in it).

Share this post


Link to post
Share on other sites

@bgamez23

You probably need to look into addons/content_management/themes/, copy default and rename it to emphaino.

 

@JulioCF

You forgot to uncomment the 2 lines that define top-level menu 'Main Menu' (the one that will have forums link in it).

lol

 

sorry ;_;

Share this post


Link to post
Share on other sites

Registration error

 

Always recieve this message after clicking the Create My Account.

 

Uh oh, what happened?

are you using hercules emulator?

Share this post


Link to post
Share on other sites

 

Registration error

 

Always recieve this message after clicking the Create My Account.

 

Uh oh, what happened?

are you using hercules emulator?

yes. do you know how to fix this Uh oh, what happened?

Share this post


Link to post
Share on other sites

 

 

Registration error

 

Always recieve this message after clicking the Create My Account.

 

Uh oh, what happened?

are you using hercules emulator?

yes. do you know how to fix this Uh oh, what happened?

Nevermind. Problem solved

Share this post


Link to post
Share on other sites

 

@Gepard

Can i ask if Flux CP CMS Addon by CalciumKid is compatible with the theme? well it seems to work fine but the News and Update part are missing its all blank after adding this in the themes/emphaino/main/index.php

 

<?php if (!defined('FLUX_ROOT')) exit;        $this->redirect($this->url('news','view'))        ?>

 

Does anyone have the same problem like mine?

Edited by Lelouch

Share this post


Link to post
Share on other sites

Thank you for agreeing to add lag pt_br option

Add spanish language too thanks

Share this post


Link to post
Share on other sites

 

Thank you for agreeing to add lag pt_br option

Add spanish language too thanks

Being worked on at the moment. It's currently in the last phase of being proof read.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.