Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
C0D4669027y$password = md5($password);
😢
sha256 that thing atleast.
Look at blowfish if you can.
Md5/sha1 are useless for secure data now a days. -
Dacexi119967yI can't use PC today but what keeps me from just loading admin/admin.php? I see no protection against it
-
@Dacexi but it won't show the actual content admin is supposed to see? Bad practice?
-
Dacexi119967y@dextel2 just cheking if session is set is not good. What i would do is use a token based system. More info here: https://youtube.com/watch/...
-
ace4810067yOh dear god... I'm sorry in advance, and I hate to be that guy, but this codebase is fucked up in so many ways I don't know where to start..
1) you should really look into starting over with MVC structure, if you have the time that is.. It would make your life easier.
2) if time is an issue, atleast start using classes for handling db connections, so you don't end up with too many open connections.
3) you should look into bootstrapping your urls
I'm currently in a hurry and don't have enough time to set this up locally, or even look at the code.. But will reply later. -
@Dacexi @bas1948 I'll be waiting for your feedback and I'm open to positive criticisms
-
ryuu1509117yI'll look into it when I get a chance but I admire your willingness to learn and open to these kinds of comments.
Just from a brief scan. And looking at what your project requirements are I personally would recommend Laravel as a framework. It has a ton of supporting libraries, it is well documented and uses an MVC like style.
But in not going this way I'll be sure to provide some more feedback when I can look at the code -
ace4810067yI can't seem to get it to work locally right now, as it looks like I messed up my server config.
anyway straight to the point:
1) your folders structure is all wrong, and I guess you're having a hard time knowing which file does what, hence your "known bugs" include too many open connections.
this SO link might give you a rough idea of a good structure/s: https://stackoverflow.com/questions...
2) your links are error prone and "dirty", you should refrain from using plain file names, and rather clean your urls (eg: /login instead of login.php):
https://binpress.com/tutorial/...
3) Like I said earlier, you should seriously look into MVC, it WILL make your life easier.. and while Laravel is a great framework, I'd suggest "building" your own framework first to understand how frameworks are built:
https://youtube.com/watch/... -
ace4810067y4) your php code is pretty much all over the place, connections inside HTML files, your database credentials also all over the place.. Like I stated earlier, obviously this has already got you lost.
5) you're not checking for form inputs.. are you really going to rely on users? or frontend js checks?
6) Like you stated, you're not proud of echo-ing "not logged in" message, you should look into redirecting to the login page
7) you have a dbConfig.php file, yet you're using it to perform queries?
8) /admin/admin.php... please do not ever echo html.. its a recipe for disaster, you should only echo the data retrieved from the DB, I'd also look into fetching ASSOC_ARRAY and using foreach instead of while.
this is what I could find in addition to what others said while scanning your code.
you're brave enough to publicly show your code and learn from your mistakes.. keep it up.
Sorry for being harsh, but your code is everything that shouldn't be done :D
Good luck mate, and keeping asking -
C0D4669027y@bas1948
I had a quick look on my phone and I think you’ve summed it up well.
@dextel2
On top of @bas1984 look into DRY as well so you don’t end up with copy/paste hell. -
@bas1948 I guess I learnt this from obsolete tutorials.. is there anything I've done right?
-
ace4810067y@dextel2
I wouldn't necessarily call it obsolete, as I guess it was simply teaching you the basics from what I can tell...
Trust me, we've all been there.. I know I have, and my college end project code wasn't that great either.
I can upload my project later tonight if you want, as I think it's close to what you're doing..
May I ask how long you've been learning PHP? -
C0D4669027y@dextel2
If I may suggest jumping onto
https://sitepoint.com
and grabbing some of the PHP books they will help you out with structuring your code and getting into a good habit.
Although not specifically for PHP7 it will help:
https://sitepoint.com/premium/... -
C0D4669027y@dextel2
Also you can get a *free* year of premium which gives you access to all the ebooks and online courses.
https://sitepoint.com/premium/l/...
*free sitepoint for a $5 hosting + domain. -
ace4810067y@dextel2
Here you go: https://bitbucket.org/bas1948/...
I believe this was an old version of the project, haven't tested it recently.. but you should get a rough idea about it.
It also isn't documented, but I believe the code is self-explanatory.
PS: Looking back at it, I like how much I improved from 2 years ago :-) -
ace4810067yRemember to remove the "2" from folder name before running locally.
Or easier, change the url in config/paths.php to whatever you want to name the main folder.
Related Rants
my first ever release
https://github.com/dextel2/...
please, give your thoughts, and it would mean a lot if you run it locally :)
undefined
github
first
virgin
beta
release