GESIOR 2012 - ideas, bug reports

[Gesior.pl]

bug tracker = forum
changelog = forum

'Server Info' I will make today.

I will try to make Bans, but I'm not sure how to show bans of accounts.

Namelocks/Bans of account/player are visible on Characters page, but not on highscores, because it could use too many queries.
I added 'Old Names' on page Characters. Now I will write list of name changes 'namelocks.php'. There will be list of current names and old names/change dates.

HP/Mana bar fixed, minimum 0%, maximum 100%.

 

[LucasFerraz]

Great job. As far as you know, is it safe?

 

[Gesior.pl]

I rewrote all SQL queries and classes [POT removed]. They all use now $SQL->tableName('name'), $SQL->fieldName('name'), $SQL->quote($value) in queries.
If methods to 'escape' are safe then acc. maker is safe from SQL injections.

I did also check/edit all variables that acc. maker 'shows'. All except 'number values' from database [safe] are in htmlspecialchars($value) or urlencode($value). Pure HTML/JS can post only admin in first post of thread on forum on board News.

That's why I'm making new acc. maker... TO MAKE IT SAFE.

 

[LucasFerraz]

I got it. Great job!

 

[Gesior.pl]

Namelocks ready:
Namelocks - Anderion
This is example of my char 3 x namelocked.

I added letters in field/table name verification:

	public function fieldName($name)
	{
		if(strspn($name, "1234567890qwertyuiopasdfghjklzxcvbnm_") != strlen($name))
			new Error_Critic('', 'Invalid field name format.');

		return '`' . $name . '`';
	}

	public function tableName($name)
	{
		if(strspn($name, "1234567890qwertyuiopasdfghjklzxcvbnm_") != strlen($name))
			new Error_Critic('', 'Invalid table name format.');

		return '`' . $name . '`';
	}

 

[LucasFerraz]

Is it far of finished status?

 

[bok]

bans.php? view the ban, ban and unban also a page within the administration bans.php.

 

[Xavicrak]

increase security. I used gesior acc 0.6.2 on my ot, and one hacker(black hack) fuck my website in 5 seconds.

 

[Evil Puncker]

increase security. I used gesior acc 0.6.2 on my ot, and one hacker(black hack) fuck my website in 5 seconds.

Acc. maker last version: 0.3.2/0.3.4beta
Acc. maker last update 29 April 2009 - all updates after that date were not made by me.

u used a version with exploited scripts, don't blame gesior for it

 

[Xavicrak]

u used a version with exploited scripts, don't blame gesior for it

i dont blame gesior... i love gesior too
really? what version is safe?

Some ots use gesior, and they havent problems with hackers, like NoxiousOT - Latest News - Open Tibia - Free multiplayer online role playing game, Masiyah - Latest News etc

i use uniform+gesior, antiddos guardian and ip bloker (host: i7 3,4ghz, 16gb ram) then what is the problem? gesior version?

22:11 Black Hack [20]: check your website now, down again
kind regards

 

[Raggaer]

You cant be protected to ddos in windows ( I mean 100%

 

[Vightrain]

i dont blame gesior... i love gesior too
really? what version is safe?

Some ots use gesior, and they havent problems with hackers, like NoxiousOT - Latest News - Open Tibia - Free multiplayer online role playing game, Masiyah - Latest News etc

i use uniform+gesior, antiddos guardian and ip bloker (host: i7 3,4ghz, 16gb ram) then what is the problem? gesior version?

22:11 Black Hack [20]: check your website now, down again
kind regards

DDoS attacks has nothing to do with what version of gesior you're using... Also you mentioned 2 things, hackers & ddos protection.. What is your real problem here?

1. DDoS attacks can be done even to facebook.com, so it has absolutely nothing to do with what website resources you're using.
2. Hackers can hack your site if you have exploits or leaks & sometimes even without but as far as I know Gesior.pl has fixed them all, so download the newest version & you'll have clean files. (pro hackers wouldn't waste time on open tibia servers...)

Solution: follow my tutorial in my signature below and you will have a stable server running, Also I don't recommend hosting on windows.

Sincerely,
Viggy

 

[Gesior.pl]

You could try new acc. maker:
http://gesior2012.ots.me/?download=&dir=account+maker/trunk/TFS_0_3_6&file=

I'm still waiting for bug reports. When I will finish all missing pages (server info, bans) I will release it, but I'm sure it has less bugs then any other version you can find on forum.
Post link to your ots, maybe it's problem with PC/dedic configuration, not exactly website scripts.

About 'gesiors' from that page Downloads - gesior-aac - A new Gesior-AAC - Google Project Hosting (also available rehosts on otland). I don't trust them (Widnet and other authors of that versions). In some version they did add modified houses.php with soooo simple 'mistake' that let them hack any ots they want. I think that they did put somewhere in code some command/mistake that let them [and all 'haxors' who know bug] hack otses again.

 

[Xavicrak]

You could try new acc. maker:
http://gesior2012.ots.me/?download=&dir=account+maker/trunk/TFS_0_3_6&file=

I'm still waiting for bug reports. When I will finish all missing pages (server info, bans) I will release it, but I'm sure it has less bugs then any other version you can find on forum.
Post link to your ots, maybe it's problem with PC/dedic configuration, not exactly website scripts.

About 'gesiors' from that page Downloads - gesior-aac - A new Gesior-AAC - Google Project Hosting (also available rehosts on otland). I don't trust them (Widnet and other authors of that versions). In some version they did add modified houses.php with soooo simple 'mistake' that let them hack any ots they want. I think that they did put somewhere in code some command/mistake that let them [and all 'haxors' who know bug] hack otses again.

Fixed Thanks a lot! u are the best!

 

[Diath]

Why don't you start using some VCS for the project? It'd make it possible to keep a better track with changes on the progress plus people could commit their changes which you would either accept or reject after reviewing them.

 

[Gesior.pl]

Can you recommend any? Google Codes? Sourceforge? Of course free.

 

[Znote]

Can you recommend any? Google Codes? Sourceforge? Of course free.

https://github.com/

It will easily allow people to branch your version (which is master version) and create their local repository, which they can update, and request to push/merge with master version, or just pull changes you do, to keep their system in-tact and up to date, even tho there are differences.

 

[LucasFerraz]

Gesior, a suggestion for you, same made to Znote's AAC.

What about Videos Library? There people could add their videos (recorded in wars and etc..)
Admin should have access to edit(comment) and remove videos.

TIP: Would be amazing if all videos posted depends of acceptance to be public. If receivbe a rejection it will be deleted.

 

[averatec]

Can you recommend any? Google Codes? Sourceforge? Of course free.

github like Znote wrote : )

 

[Diath]

Can you recommend any? Google Codes? Sourceforge? Of course free.

As far as I'm aware git is currently the best system out there, once you learn how to use it properly you will find it really handful and useful.