-
Paradinight
Senior Member
-
Posts: 445
Threads: 6
Joined: Jun 2015
Reputation:
25
(02-26-2018, 04:16 PM)Ricke Wrote: Yes, one step further, but yet another problem richer.
Yepp, I'm from Sweden, thought you might be Swedish to because of the jrEklund name
Well, I'm being cheated 2 times, first of $2,5K which was handwritten code that would be more expensive to get sorted than build it from scratch, so I fell in the trap again and let another one do it from scratch, so about $20k + $3K design later I'm left with this unfinished project and has no funds to be able to pay that amount again, that's why I'm trying to sort it out myself as far as I'm able to.
Even thinking about go an development education, but you have to start somewhere
I always had notepad++ on my PC, and got a trial PHPStorm just to get started with this project again after it been in an folder on my desktop about a year.
Although, I changed back to the CI 2.x project again, the updated CI 3.1.7 project just throws db duplicated errors, so have to take a look at that one later on, if I get this one to work I can just make a copy of the entire project, update it to 3.1.7 and go from there with an working backup.
I noticed that she has copied models since the bottom lines aren't changed to the right "xxxx_model" it's in.
PHP Code: /* End of file event_model.php */ /* Location: ./application/models/event_model.php */
Here's the admin_model code:
PHP Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Administrator_model extends CI_Model {
public function __construct() { // Call the Model constructor parent::__construct(); } function login($username, $password) { $this->db->where('username', $username); $this->db->from('accounts'); $this->db->limit(1); $query = $this->db->get(); $admin = $query->row(); if (is_object($admin) && $admin->password == sha1($this->config->item('member_salt') . $password)) { return $admin; } else { return false; } } function get_countries($country = FALSE) { $this->db->from('countries'); $query = $this->db->get(); return $query; } function get_states() { $this->db->from('states'); $this->db->join('countries', 'countries.country_id=states.country_id', 'left'); $this->db->order_by('countries.country_name','asc'); $this->db->order_by('states.state_name', 'asc'); $query = $this->db->get(); return $query; } function get_provinces() { $this->db->from('provinces'); $this->db->join('states', 'states.state_id=provinces.state_id', 'left'); $this->db->join('countries', 'countries.country_id=states.country_id', 'left'); $this->db->order_by('countries.country_name','asc'); $this->db->order_by('states.state_name', 'asc'); $this->db->order_by('provinces.province_name', 'asc'); $query = $this->db->get(); return $query; } function get_members($letter){ $this->db->like('username',$letter, 'after'); $this->db->from('members'); $this->db->join('provinces', 'provinces.province_id=members.location_id', 'left'); $this->db->join('states', 'states.state_id=provinces.state_id', 'left'); $this->db->join('countries', 'countries.country_id=states.country_id', 'left'); $this->db->join('memberships', 'memberships.membership_id=members.membership_id', 'left'); $query = $this->db->get(); return $query; } // add a country to the DB function add_country($country) { // add the $country object/array to the DB $this->db->insert('countries', $country); // fetch the inserted id (auto incremented value of country_id) and return it return $this->db->insert_id(); } function add_state($state) { // add the $country object/array to the DB $this->db->insert('states', $state); // fetch the inserted id (auto incremented value of country_id) and return it return $this->db->insert_id(); } function update_state($state, $state_id) { // add the $country object/array to the DB $this->db->where('state_id', $state_id); $this->db->update('states', $state); } function add_province($province) { // add the $country object/array to the DB $this->db->insert('provinces', $province); // fetch the inserted id (auto incremented value of country_id) and return it return $this->db->insert_id(); } function update_province($province, $province_id) { // add the $country object/array to the DB $this->db->where('province_id', $province_id); $this->db->update('provinces', $province); } function get_reports(){ $this->db->from('reports'); $this->db->join('members', 'members.member_id = reports.reported_member_id', 'left'); $query = $this->db->get(); return $query; } function read_report($read) { // add the $country object/array to the DB $this->db->where('read', 0); $this->db->update('reports', $read); // fetch the inserted id (auto incremented value of country_id) and return it return $this->db->insert_id(); } function get_text($id) { $this->db->where('id', $id); $this->db->from('texts'); $query = $this->db->get(); return $query->row(); } function edit_text($id, $text) { $this->db->where('id', $id); $this->db->update('texts', $text); }
} /* End of file event_model.php */ /* Location: ./application/models/event_model.php */
The Passwordcode is bad design .
Has it ever worked? If not, start with 3.1.7. How many controllers/models and views?
-
jreklund
Administrator
-
Posts: 1,408
Threads: 3
Joined: Aug 2017
Reputation:
43
One bug in code.
Fix that bug.
One hundred bugs in the code.
Sounds like a nightmare to say the least.
Yeah, stick with 2.x at this time. You need to manually search and replace all new functions and deprecated code, I'm afraid you can't just copy over the system folder.
You normally copy things over, so that you don't need to write it again and again. But if you copy too much code you need to make a more generic modal that can adapt to multiple tables instead.
______________________________
Okey, you where right. Admin accounts are stored in 'accounts'. At this time your rights (100) aren't being used. From the code posted at least.
So your admin password should be generated by:
PHP Code: <?php echo sha1('member_salt' . 'abcdef'); ?>
Where member_salt can be found in a config file under application\config (at least I hope so).
You can of course just hack it so you always login, and ignore the password at this time.
PHP Code: // if (is_object($admin) && $admin->password == sha1($this->config->item('member_salt') . $password)) { // return $admin; // } else { // return false; // } return $admin;
-
Ricke
Junior Member
-
Posts: 12
Threads: 1
Joined: Feb 2018
Reputation:
0
(02-26-2018, 10:09 PM)Paradinight Wrote: (02-26-2018, 04:16 PM)Ricke Wrote: Yes, one step further, but yet another problem richer.
Yepp, I'm from Sweden, thought you might be Swedish to because of the jrEklund name
Well, I'm being cheated 2 times, first of $2,5K which was handwritten code that would be more expensive to get sorted than build it from scratch, so I fell in the trap again and let another one do it from scratch, so about $20k + $3K design later I'm left with this unfinished project and has no funds to be able to pay that amount again, that's why I'm trying to sort it out myself as far as I'm able to.
Even thinking about go an development education, but you have to start somewhere
I always had notepad++ on my PC, and got a trial PHPStorm just to get started with this project again after it been in an folder on my desktop about a year.
Although, I changed back to the CI 2.x project again, the updated CI 3.1.7 project just throws db duplicated errors, so have to take a look at that one later on, if I get this one to work I can just make a copy of the entire project, update it to 3.1.7 and go from there with an working backup.
I noticed that she has copied models since the bottom lines aren't changed to the right "xxxx_model" it's in.
PHP Code: /* End of file event_model.php */ /* Location: ./application/models/event_model.php */
Here's the admin_model code:
PHP Code: <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Administrator_model extends CI_Model {
public function __construct() { // Call the Model constructor parent::__construct(); } function login($username, $password) { $this->db->where('username', $username); $this->db->from('accounts'); $this->db->limit(1); $query = $this->db->get(); $admin = $query->row(); if (is_object($admin) && $admin->password == sha1($this->config->item('member_salt') . $password)) { return $admin; } else { return false; } } function get_countries($country = FALSE) { $this->db->from('countries'); $query = $this->db->get(); return $query; } function get_states() { $this->db->from('states'); $this->db->join('countries', 'countries.country_id=states.country_id', 'left'); $this->db->order_by('countries.country_name','asc'); $this->db->order_by('states.state_name', 'asc'); $query = $this->db->get(); return $query; } function get_provinces() { $this->db->from('provinces'); $this->db->join('states', 'states.state_id=provinces.state_id', 'left'); $this->db->join('countries', 'countries.country_id=states.country_id', 'left'); $this->db->order_by('countries.country_name','asc'); $this->db->order_by('states.state_name', 'asc'); $this->db->order_by('provinces.province_name', 'asc'); $query = $this->db->get(); return $query; } function get_members($letter){ $this->db->like('username',$letter, 'after'); $this->db->from('members'); $this->db->join('provinces', 'provinces.province_id=members.location_id', 'left'); $this->db->join('states', 'states.state_id=provinces.state_id', 'left'); $this->db->join('countries', 'countries.country_id=states.country_id', 'left'); $this->db->join('memberships', 'memberships.membership_id=members.membership_id', 'left'); $query = $this->db->get(); return $query; } // add a country to the DB function add_country($country) { // add the $country object/array to the DB $this->db->insert('countries', $country); // fetch the inserted id (auto incremented value of country_id) and return it return $this->db->insert_id(); } function add_state($state) { // add the $country object/array to the DB $this->db->insert('states', $state); // fetch the inserted id (auto incremented value of country_id) and return it return $this->db->insert_id(); } function update_state($state, $state_id) { // add the $country object/array to the DB $this->db->where('state_id', $state_id); $this->db->update('states', $state); } function add_province($province) { // add the $country object/array to the DB $this->db->insert('provinces', $province); // fetch the inserted id (auto incremented value of country_id) and return it return $this->db->insert_id(); } function update_province($province, $province_id) { // add the $country object/array to the DB $this->db->where('province_id', $province_id); $this->db->update('provinces', $province); } function get_reports(){ $this->db->from('reports'); $this->db->join('members', 'members.member_id = reports.reported_member_id', 'left'); $query = $this->db->get(); return $query; } function read_report($read) { // add the $country object/array to the DB $this->db->where('read', 0); $this->db->update('reports', $read); // fetch the inserted id (auto incremented value of country_id) and return it return $this->db->insert_id(); } function get_text($id) { $this->db->where('id', $id); $this->db->from('texts'); $query = $this->db->get(); return $query->row(); } function edit_text($id, $text) { $this->db->where('id', $id); $this->db->update('texts', $text); }
} /* End of file event_model.php */ /* Location: ./application/models/event_model.php */
The Passwordcode is bad design .
Has it ever worked? If not, start with 3.1.7. How many controllers/models and views?
I have no idea actually.
The developer said it had work to login into the admin page,, if it has,, no clue, never seen it.
I just saw the page through my browser from her server during the so called developement :/
15 controllers
16 models
39 views
Bare in mind some of the are called:
xxxxx.php,
xxxxx_controller.php
old_xxxxx.php
old_xxxxx_controller.php
So instead of debugging or fix one of each there are sometimes old_xxxxx.php and older_xxxxx.php files in the folders.
-
Ricke
Junior Member
-
Posts: 12
Threads: 1
Joined: Feb 2018
Reputation:
0
02-27-2018, 08:34 AM
(This post was last modified: 02-27-2018, 08:39 AM by Ricke.)
(02-27-2018, 01:00 AM)jreklund Wrote: One bug in code.
Fix that bug.
One hundred bugs in the code.
Sounds like a nightmare to say the least.
Yeah, stick with 2.x at this time. You need to manually search and replace all new functions and deprecated code, I'm afraid you can't just copy over the system folder.
You normally copy things over, so that you don't need to write it again and again. But if you copy too much code you need to make a more generic modal that can adapt to multiple tables instead.
______________________________
Okey, you where right. Admin accounts are stored in 'accounts'. At this time your rights (100) aren't being used. From the code posted at least.
So your admin password should be generated by:
PHP Code: <?php echo sha1('member_salt' . 'abcdef'); ?>
Where member_salt can be found in a config file under application\config (at least I hope so).
You can of course just hack it so you always login, and ignore the password at this time.
PHP Code: // if (is_object($admin) && $admin->password == sha1($this->config->item('member_salt') . $password)) { // return $admin; // } else { // return false; // } return $admin;
Can't disagree with you there, seems like a project crawling with bugs,, even though I'm not even on a hobbycoder level I learn by everything I read, test and do.
Only member_salt info in the config.php is $config['member_salt'] = '#/G)FH!*FG9/"PF=!#F!)#FGH!^=FGH!G(=-!=H';
if that was the line you thought about?
Got a new password by the php code you provided and replaced the admin pass i phpMyadmin,, no response when providing user "admin" and pass "abcdef" in the login fields.
Cut of the lines with // in the administrator_controller.php and added return $admin;
Still no response when trying to log in.
Just resets the login fields and remains on the landing page :/
-
Ricke
Junior Member
-
Posts: 12
Threads: 1
Joined: Feb 2018
Reputation:
0
So there is nothing in that php thats telling it to be able to login to the admin page through the ordinary login fields in the landing page where members login?
Can't find any other page where it would be able to login, going to localhost/WebSite/administrator.php just sends me back to localhost/WebSite/home, so that's the only page accessible.
Seems to be a real solid build with working admin page, or not :/
-
Ricke
Junior Member
-
Posts: 12
Threads: 1
Joined: Feb 2018
Reputation:
0
well, I have to start there as you suggest, to search for those entries.
Feels like I'm really scre**d all over again with what I got for what I paid.
Any tips where the admin login usually woud be? Maybe hard to tell when all projects are different.
-
Ricke
Junior Member
-
Posts: 12
Threads: 1
Joined: Feb 2018
Reputation:
0
I suppose it should be the same forms, since all atempts to go to /admin /administrator and so on just redirects me to the landing page everytime.
But still no luck figuring out why it won't access the administrator.php / administrator_model.php. when I try to login with a hached made pass or when hacking/commenting it out and use the return $admin. Nothing.
|