• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Help revive codeigniter 2.x project

#11
(02-26-2018, 04:16 PM)Ricke Wrote: Yes, one step further, but yet another problem richer.

Yepp, I'm from Sweden, thought you might be Swedish to because of the jrEklund name Smile

Well, I'm being cheated 2 times, first of $2,5K which was handwritten code that would be more expensive to get sorted than build it from scratch, so I fell in the trap again and let another one do it from scratch, so about $20k + $3K design later I'm left with this unfinished project and has no funds to be able to pay that amount again, that's why I'm trying to sort it out myself as far as I'm able to.
Even thinking about go an development education, but you have to start somewhere Smile

I always had notepad++ on my PC, and got a trial PHPStorm just to get started with this project again after it been in an folder on my desktop about a year.

Although, I changed back to the CI 2.x project again, the updated CI 3.1.7 project just throws db duplicated errors, so have to take a look at that one later on, if I get this one to work I can just make a copy of the entire project, update it to 3.1.7 and go from there with an working backup.


I noticed that she has copied models since the bottom lines aren't changed to the right "xxxx_model" it's in.

PHP Code:
/* End of file event_model.php */
/* Location: ./application/models/event_model.php */ 


Here's the admin_model code:


PHP Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class 
Administrator_model extends CI_Model {

 
   public function __construct()
 {
 
// Call the Model constructor
 
parent::__construct();
 }
 
 function 
login($username$password)
 {
 
$this->db->where('username'$username);
 
$this->db->from('accounts');
 
$this->db->limit(1);
 
$query $this->db->get();
 
$admin $query->row();
 
 if (
is_object($admin) && $admin->password == sha1($this->config->item('member_salt') . $password)) {
 return 
$admin;
 } else {
 return 
false;
 }
 }
 
 function 
get_countries($country FALSE)
 {
 
$this->db->from('countries');
 
$query $this->db->get();
 return 
$query;
 }
 
 function 
get_states()
 {
 
$this->db->from('states');
 
$this->db->join('countries''countries.country_id=states.country_id''left');
 
$this->db->order_by('countries.country_name','asc');
 
$this->db->order_by('states.state_name''asc');
 
$query $this->db->get();
 return 
$query;
 }
 
 function 
get_provinces()
 {
 
$this->db->from('provinces');
 
$this->db->join('states''states.state_id=provinces.state_id''left');
 
$this->db->join('countries''countries.country_id=states.country_id''left');
 
$this->db->order_by('countries.country_name','asc');
 
$this->db->order_by('states.state_name''asc');
 
$this->db->order_by('provinces.province_name''asc');
 
$query $this->db->get();
 return 
$query;
 }
 
 function 
get_members($letter){
 
$this->db->like('username',$letter'after');
 
$this->db->from('members');
 
$this->db->join('provinces''provinces.province_id=members.location_id''left');
 
$this->db->join('states''states.state_id=provinces.state_id''left');
 
$this->db->join('countries''countries.country_id=states.country_id''left');
 
$this->db->join('memberships''memberships.membership_id=members.membership_id''left');
 
$query $this->db->get();
 return 
$query;
 
 }
 
 
// add a country to the DB
 
function add_country($country)
 {
 
// add the $country object/array to the DB
 
$this->db->insert('countries'$country);
 
 
// fetch the inserted id (auto incremented value of country_id) and return it
 
return $this->db->insert_id();
 }
 function 
add_state($state)
 { 
 
// add the $country object/array to the DB
 
$this->db->insert('states'$state);
 
 
// fetch the inserted id (auto incremented value of country_id) and return it
 
return $this->db->insert_id();
 }
 function 
update_state($state$state_id)
 { 
 
// add the $country object/array to the DB
 
$this->db->where('state_id'$state_id);
 
$this->db->update('states'$state);
 }
 function 
add_province($province)
 { 
 
// add the $country object/array to the DB
 
$this->db->insert('provinces'$province);
 
 
// fetch the inserted id (auto incremented value of country_id) and return it
 
return $this->db->insert_id();
 }
 function 
update_province($province$province_id)
 { 
 
// add the $country object/array to the DB
 
$this->db->where('province_id'$province_id);
 
$this->db->update('provinces'$province);
 }
 
 function 
get_reports(){
 
$this->db->from('reports');
 
$this->db->join('members''members.member_id = reports.reported_member_id''left');
 
 
$query $this->db->get();
 return 
$query
 }
 function 
read_report($read)
 { 
 
// add the $country object/array to the DB
 
$this->db->where('read'0);
 
$this->db->update('reports'$read);
 
 
// fetch the inserted id (auto incremented value of country_id) and return it
 
return $this->db->insert_id();
 }
 
 function 
get_text($id)
 {
 
$this->db->where('id'$id);
 
$this->db->from('texts');
 
$query $this->db->get();
 return 
$query->row();
 }
 
 function 
edit_text($id$text)
 { 
 
$this->db->where('id'$id);
 
$this->db->update('texts'$text);
 }

 
}
/* End of file event_model.php */
/* Location: ./application/models/event_model.php */ 

The Passwordcode is bad design Sad.

Has it ever worked? If not, start with 3.1.7. How many controllers/models and views?
Reply

#12
One bug in code.
Fix that bug.
One hundred bugs in the code.

Sounds like a nightmare to say the least.

Yeah, stick with 2.x at this time. You need to manually search and replace all new functions and deprecated code, I'm afraid you can't just copy over the system folder.

You normally copy things over, so that you don't need to write it again and again. But if you copy too much code you need to make a more generic modal that can adapt to multiple tables instead.

______________________________

Okey, you where right. Admin accounts are stored in 'accounts'. At this time your rights (100) aren't being used. From the code posted at least.

So your admin password should be generated by:
PHP Code:
<?php echo sha1('member_salt' 'abcdef'); ?>

Where member_salt can be found in a config file under application\config (at least I hope so).

You can of course just hack it so you always login, and ignore the password at this time.
PHP Code:
// if (is_object($admin) && $admin->password == sha1($this->config->item('member_salt') . $password)) {
// return $admin;
// } else {
// return false;
// }
return $admin
Reply

#13
(02-26-2018, 10:09 PM)Paradinight Wrote:
(02-26-2018, 04:16 PM)Ricke Wrote: Yes, one step further, but yet another problem richer.

Yepp, I'm from Sweden, thought you might be Swedish to because of the jrEklund name Smile

Well, I'm being cheated 2 times, first of $2,5K which was handwritten code that would be more expensive to get sorted than build it from scratch, so I fell in the trap again and let another one do it from scratch, so about $20k + $3K design later I'm left with this unfinished project and has no funds to be able to pay that amount again, that's why I'm trying to sort it out myself as far as I'm able to.
Even thinking about go an development education, but you have to start somewhere Smile

I always had notepad++ on my PC, and got a trial PHPStorm just to get started with this project again after it been in an folder on my desktop about a year.

Although, I changed back to the CI 2.x project again, the updated CI 3.1.7 project just throws db duplicated errors, so have to take a look at that one later on, if I get this one to work I can just make a copy of the entire project, update it to 3.1.7 and go from there with an working backup.


I noticed that she has copied models since the bottom lines aren't changed to the right "xxxx_model" it's in.

PHP Code:
/* End of file event_model.php */
/* Location: ./application/models/event_model.php */ 


Here's the admin_model code:


PHP Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class 
Administrator_model extends CI_Model {

 
   public function __construct()
 {
 
// Call the Model constructor
 
parent::__construct();
 }
 
 function 
login($username$password)
 {
 
$this->db->where('username'$username);
 
$this->db->from('accounts');
 
$this->db->limit(1);
 
$query $this->db->get();
 
$admin $query->row();
 
 if (
is_object($admin) && $admin->password == sha1($this->config->item('member_salt') . $password)) {
 return 
$admin;
 } else {
 return 
false;
 }
 }
 
 function 
get_countries($country FALSE)
 {
 
$this->db->from('countries');
 
$query $this->db->get();
 return 
$query;
 }
 
 function 
get_states()
 {
 
$this->db->from('states');
 
$this->db->join('countries''countries.country_id=states.country_id''left');
 
$this->db->order_by('countries.country_name','asc');
 
$this->db->order_by('states.state_name''asc');
 
$query $this->db->get();
 return 
$query;
 }
 
 function 
get_provinces()
 {
 
$this->db->from('provinces');
 
$this->db->join('states''states.state_id=provinces.state_id''left');
 
$this->db->join('countries''countries.country_id=states.country_id''left');
 
$this->db->order_by('countries.country_name','asc');
 
$this->db->order_by('states.state_name''asc');
 
$this->db->order_by('provinces.province_name''asc');
 
$query $this->db->get();
 return 
$query;
 }
 
 function 
get_members($letter){
 
$this->db->like('username',$letter'after');
 
$this->db->from('members');
 
$this->db->join('provinces''provinces.province_id=members.location_id''left');
 
$this->db->join('states''states.state_id=provinces.state_id''left');
 
$this->db->join('countries''countries.country_id=states.country_id''left');
 
$this->db->join('memberships''memberships.membership_id=members.membership_id''left');
 
$query $this->db->get();
 return 
$query;
 
 }
 
 
// add a country to the DB
 
function add_country($country)
 {
 
// add the $country object/array to the DB
 
$this->db->insert('countries'$country);
 
 
// fetch the inserted id (auto incremented value of country_id) and return it
 
return $this->db->insert_id();
 }
 function 
add_state($state)
 { 
 
// add the $country object/array to the DB
 
$this->db->insert('states'$state);
 
 
// fetch the inserted id (auto incremented value of country_id) and return it
 
return $this->db->insert_id();
 }
 function 
update_state($state$state_id)
 { 
 
// add the $country object/array to the DB
 
$this->db->where('state_id'$state_id);
 
$this->db->update('states'$state);
 }
 function 
add_province($province)
 { 
 
// add the $country object/array to the DB
 
$this->db->insert('provinces'$province);
 
 
// fetch the inserted id (auto incremented value of country_id) and return it
 
return $this->db->insert_id();
 }
 function 
update_province($province$province_id)
 { 
 
// add the $country object/array to the DB
 
$this->db->where('province_id'$province_id);
 
$this->db->update('provinces'$province);
 }
 
 function 
get_reports(){
 
$this->db->from('reports');
 
$this->db->join('members''members.member_id = reports.reported_member_id''left');
 
 
$query $this->db->get();
 return 
$query
 }
 function 
read_report($read)
 { 
 
// add the $country object/array to the DB
 
$this->db->where('read'0);
 
$this->db->update('reports'$read);
 
 
// fetch the inserted id (auto incremented value of country_id) and return it
 
return $this->db->insert_id();
 }
 
 function 
get_text($id)
 {
 
$this->db->where('id'$id);
 
$this->db->from('texts');
 
$query $this->db->get();
 return 
$query->row();
 }
 
 function 
edit_text($id$text)
 { 
 
$this->db->where('id'$id);
 
$this->db->update('texts'$text);
 }

 
}
/* End of file event_model.php */
/* Location: ./application/models/event_model.php */ 

The Passwordcode is bad design Sad.

Has it ever worked? If not, start with 3.1.7. How many controllers/models and views?

I have no idea actually.
The developer said it had work to login into the admin page,, if it has,, no clue, never seen it.
I just saw the page through my browser from her server during the so called developement :/

15 controllers
16 models
39 views

Bare in mind some of the are called:
xxxxx.php,
xxxxx_controller.php
old_xxxxx.php
old_xxxxx_controller.php


So instead of debugging or fix one of each there are sometimes old_xxxxx.php and older_xxxxx.php files in the folders.
Reply

#14
(02-27-2018, 01:00 AM)jreklund Wrote: One bug in code.
Fix that bug.
One hundred bugs in the code.

Sounds like a nightmare to say the least.

Yeah, stick with 2.x at this time. You need to manually search and replace all new functions and deprecated code, I'm afraid you can't just copy over the system folder.

You normally copy things over, so that you don't need to write it again and again. But if you copy too much code you need to make a more generic modal that can adapt to multiple tables instead.

______________________________

Okey, you where right. Admin accounts are stored in 'accounts'. At this time your rights (100) aren't being used. From the code posted at least.

So your admin password should be generated by:
PHP Code:
<?php echo sha1('member_salt' 'abcdef'); ?>

Where member_salt can be found in a config file under application\config (at least I hope so).

You can of course just hack it so you always login, and ignore the password at this time.
PHP Code:
// if (is_object($admin) && $admin->password == sha1($this->config->item('member_salt') . $password)) {
// return $admin;
// } else {
// return false;
// }
return $admin

Can't disagree with you there, seems like a project crawling with bugs,, even though I'm not even on a hobbycoder level I learn by everything I read, test and do.

Only member_salt info in the config.php is $config['member_salt'] = '#/G)FH!*FG9/"PF=!#F!)#FGH!^=FGH!G(=-!=H';
if that was the line you thought about?

Got a new password by the php code you provided and replaced the admin pass i phpMyadmin,, no response when providing user "admin" and pass "abcdef" in the login fields.

Cut of the lines with // in the administrator_controller.php and added return $admin;
Still no response when trying to log in.
Just resets the login fields and remains on the landing page :/
Reply

#15
Ok, you are going to generate a new password like so:
PHP Code:
<?php echo sha1('#/G)FH!*FG9/"PF=!#F!)#FGH!^=FGH!G(=-!=H' 'abcdef'); ?>

But due to the fact you still can't login even though you commented out the password check out means that the login form aren't ment to be used for admin. It never looks inside the 'account' table, only the member one.
Reply

#16
So there is nothing in that php thats telling it to be able to login to the admin page through the ordinary login fields in the landing page where members login?
Can't find any other page where it would be able to login, going to localhost/WebSite/administrator.php just sends me back to localhost/WebSite/home, so that's the only page accessible.
Seems to be a real solid build with working admin page, or not :/
Reply

#17
Can't tell. But I guess so.

You can make a search for 'accounts', 'member', 'admin' and 'login' usually you can find code hints on where the admin login are, if it exists at all.
Reply

#18
well, I have to start there as you suggest, to search for those entries.
Feels like I'm really scre**d all over again with what I got for what I paid.

Any tips where the admin login usually woud be? Maybe hard to tell when all projects are different.
Reply

#19
I usually have the same login form, and grab the user or admin access from there.

Or it's a special admin url like: /admin/
Reply

#20
I suppose it should be the same forms, since all atempts to go to /admin /administrator and so on just redirects me to the landing page everytime.
But still no luck figuring out why it won't access the administrator.php / administrator_model.php. when I try to login with a hached made pass or when hacking/commenting it out and use the return $admin. Nothing.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.