[B]EDIT: Planning on re-making the entire script based on new suggestions and awareness of my sh*ty code. Although this still works, I am just letting you know I will be releasing a better version in the nearish future ;)[/B]
[B]PLEASE KEEP IN MIND THIS IS MY FIRST PHP/MYSQL SCRIPT EVER MADE EVER IN MY LIFE SO PLZ NO HATES[/B]
[B]I have created a PHP/MySQL web administration tool, pretty simple, works with all gamemodes and is an overall great addition to your staff team! Allowing your staff to ban and kick while not being on the server.
[/B]
[I]Features:
- Live Player View (You can view every player that is on your server using the table at the top)
- Ban/Kick (From the table, you can ban/kick the players (this uses ULX however in the next update I plan to have it configurable for multiple types of admin modules)
- Run Console Command (You can run any console command you like)
- Configurable Update time (You can change how often the server checks the database for new commands to run)
- Additional Admin Users (You can add more administrators when logged in as the root account)
- Add Users ID (For ULX, you can add players to groups from the web administration portal provided you have their SteamID (which the player table provides))
[/I]
[B]I do plan to make this even better with future updates, my main plan was to sell this on script fodder because I am broke af but paying for scripts is bad imo
If I wouldn't buy it then who would lmao[/B]
Also keep in my this is my first php/mysql project, although I have tried my best to make it as efficient as possible, there may be some performance flaws I am unaware of, sorry :(
[B]Installation[/B]
- Open the WEB folder in the .zip downloaded, extract this to your web host in the directory you want it installed!
- Open up the config.php file, edit the top database settings only, there is no need to setup tables yourself as my script does it for you!!! :D
- Once saved and re-uploaded, navigate to yourdomain.com/yourdirectory/install.php
- Upon success, you will be greated with a message that informs you to delete the install.php file. This means it has worked!
- Now you can safely navigate to your main directory where index.php is located and login using default values Username: root Password: root
[B]Game Server Setup[/B]
- Upload the contents of your GAME folder in the .zip you downloaded into your addons folder.
- Navigate to _freds_admin/lua/autorun/server/sv_fredsadmin.lua and open it
- Change the MySQL database details to match those of your web file's
- Save the file, upload it.
- You need to have the MySQL Pre-requisites installed for Garry's Mod 13, you can download that [URL="https://facepunch.com/showthread.php?t=1220537"]here[/URL]
- You are all set! Give it a shot, get some support in the comments below I will check this as often as I can depending on how busy I am!!!
[U]Passwords do not currently encrypt, sorry :( Will release in future update :D[/U]
[B]Here are some images[/B]
[IMG]http://i.imgur.com/hWyjIpf.png[/IMG]
[IMG]http://i.imgur.com/QvOyzbD.png[/IMG]
[IMG]http://i.imgur.com/REOX6yK.png?1[/IMG]
[B]Downloads!!![/B]
- Fred's Admin System v1.0 [URL="https://mega.nz/#!Mtx1EYJb!v0C0O3TUdAOUF4vvnNb6CSk_Yk9wGktWxTAMqkPYbYk"][DOWNLOAD][/URL]
[URL="https://github.com/StrandedHeart/GMod-Web-Administrator-Plugin"]GITHUB[/URL]
Make it available on github or ill find you
[QUOTE=Slyde;51868015]Make it available on github or ill find you[/QUOTE]
Will do man! Expect it to be up tomorrow ;)
Do you have plans for Steam login or a permissions system?
This is something I've been looking for, thanks a ton. I'm using my own admin mod instead of ulx, however I should be able to edit this to make it work with my own. I would love an ability to run lua from this though.
The mysql module you linked is outdated, v9 is the latest version. Will it still work for v9?
[QUOTE=fourny;51868371]This is something I've been looking for, thanks a ton. I'm using my own admin mod instead of ulx, however I should be able to edit this to make it work with my own. I would love an ability to run lua from it though.
The mysql module you linked is outdated, v9 is the latest version. Will it still work for v9?[/QUOTE]
The module update shouldn't create too many issues, especially if you have the knowledge to create an admin mod. It wouldn't be too hard to port it to the newer module.
[QUOTE=JamesScott;51868408]The module update shouldn't create too many issues, especially if you have the knowledge to create an admin mod. It wouldn't be too hard to port it to the newer module.[/QUOTE]
Alright thanks.
I haven't used a mysql module before, I guess now with this addition it would be a great opportunity for me to make a second server.
[QUOTE=fourny;51868416]Alright thanks.
I haven't used a mysql module before, I guess now with this addition it would be a great opportunity for me to make a second server.[/QUOTE]
You should look at SQL Injection, this code is vulnerable to it and I'd advise anyone against using this until it's patched.
[QUOTE=JamesScott;51868292]Do you have plans for Steam login or a permissions system?[/QUOTE]
Yes! Future updates to come. Did not expect it to be as popular as it is already, planning to re-do the entire script though as I have recently found some better ways to do things, will also add more config options especially with recent suggestions :)
[editline]25th February 2017[/editline]
[QUOTE=fourny;51868371]This is something I've been looking for, thanks a ton. I'm using my own admin mod instead of ulx, however I should be able to edit this to make it work with my own. I would love an ability to run lua from this though.
The mysql module you linked is outdated, v9 is the latest version. Will it still work for v9?[/QUOTE]
Yes, this was actually made with v9 while debugging so it will work just fine. Will update link when next on PC
[QUOTE=Adzter;51868485]You should look at SQL Injection, this code is vulnerable to it and I'd advise anyone against using this until it's patched.[/QUOTE]
Adzter is right, I assumed it was the case without looking at the code, it's a common issue (Among new coders) and pretty easy to fix. Definitely need to learn about this and get into the habit of sanitizing your DB Inputs [URL]http://bobby-tables.com/[/URL]
[IMG]http://bobby-tables.com/img/xkcd.png[/IMG]
[QUOTE=Lebofly;51873185]Adzter is right, I assumed it was the case without looking at the code, it's a common issue (Among new coders) and pretty easy to fix. Definitely need to learn about this and get into the habit of sanitizing your DB Inputs [URL]http://bobby-tables.com/[/URL]
[IMG]http://bobby-tables.com/img/xkcd.png[/IMG][/QUOTE]
Alrighty, thanks for this. Will look into it tonight if I get the time hoping to re-make it all anyway it is kind of a mess atm. Yes I am new :(
[QUOTE=StrandedHeart;51868117]Will do man! Expect it to be up tomorrow ;)[/QUOTE]
Hey are you still planning on putting it on github? Would be easier to help this project move along if we could do pull requests
[QUOTE=James xX;51881579]Hey are you still planning on putting it on github? Would be easier to help this project move along if we could do pull requests[/QUOTE]
Sorry for the late reply, Here you go! [url]https://github.com/StrandedHeart/GMod-Web-Administrator-Plugin[/url]
On the login page - why are you grabbing all of the users and looping through until you find one that matches the username and password? You should be selecting a user from the table where their username == x and password == y
[QUOTE=Banana Lord.;51885338]On the login page - why are you grabbing all of the users and looping through until you find one that matches the username and password? You should be selecting a user from the table where their username == x and password == y[/QUOTE]
As stated Previously
[QUOTE]Alrighty, thanks for this. Will look into it tonight if I get the time hoping to re-make it all anyway it is kind of a mess atm. Yes I am new :([/QUOTE]
PDO > Mysqli
Makes life a lot easier
[QUOTE=Lunaversity;51885481]PDO > Mysqli
Makes life a lot easier[/QUOTE]
Working on it! :)
Correct me if I am wrong, but if I remember correctly you can use this to hash your passwords (I'm sure there is other things you should add ontop of this.if I'm wrong or this is an inefficient or ineffective method please feel free to point it out.):
[code] hash('sha256', $_POST['password']); [/code]
and then when the user logs back in you want to make sure that:
[code]
$pass = hash('sha256', $_POST['password']);
$pass == $row['password'];
[/code]
[QUOTE=SuperiorGamer;51887554]Correct me if I am wrong, but if I remember correctly you can use this to hash your passwords (I'm sure there is other things you should add ontop of this.if I'm wrong or this is an inefficient or ineffective method please feel free to point it out.):
[code] hash('sha256', $_POST['password']); [/code]
and then when the user logs back in you want to make sure that:
[code]
$pass = hash('sha256', $_POST['password']);
$pass == $row['password'];
[/code][/QUOTE]
Correct, although you will want to salt your hashes or else someone could crack passwords from the database if ever it were attacked
[QUOTE=SuperiorGamer;51887554]Correct me if I am wrong, but if I remember correctly you can use this to hash your passwords (I'm sure there is other things you should add ontop of this.if I'm wrong or this is an inefficient or ineffective method please feel free to point it out.):
[code] hash('sha256', $_POST['password']); [/code]
and then when the user logs back in you want to make sure that:
[code]
$pass = hash('sha256', $_POST['password']);
$pass == $row['password'];
[/code][/QUOTE]
Definitely not, please don't use SHA256 for new software.
For hashing passwords please always use something recent like bcrypt.
PHP already provides a function for doing it the correct way:
[url]http://php.net/manual/en/function.password-hash.php[/url]
[code]
$hash = password_hash($thepassword, PASSWORD_DEFAULT);
[/code]
This will even take care of correct salting, so you don't have to care about it!
See here for further reference (especially the FAQ section which tells which hashes you can use): [url]https://crackstation.net/hashing-security.htm[/url]
Outdated information on how to PHP always makes people doing and learning it wrong and not using the correct PHP function which was designed for the specific purpose.
[QUOTE=Sapd;51892625]Definitely not, please don't use SHA256 for new software.
For hashing passwords please always use something recent like bcrypt.
PHP already provides a function for doing it the correct way:
[URL]http://php.net/manual/en/function.password-hash.php[/URL]
[code]
$hash = password_hash($thepassword, PASSWORD_DEFAULT);
[/code]
This will even take care of correct salting, so you don't have to care about it!
See here for further reference (especially the FAQ section which tells which hashes you can use): [URL]https://crackstation.net/hashing-security.htm[/URL]
Outdated information on how to PHP always makes people doing and learning it wrong and not using the correct PHP function which was designed for the specific purpose.[/QUOTE]
Like I said I'm sure there is a better way to do it now that's just from what I recall, Thank you for posting a better way to go about this.
[QUOTE=SuperiorGamer;51892769]Like I said I'm sure there is a better way to do it now that's just from what I recall, Thank you for posting a better way to go about this.[/QUOTE]
Also, like I said, this was kind of a spoof, I really didn't plan on taking this further. It was literally just my first thing. I said I was going to re-make it which I will do eventually but as of right now, this is sitting here for a reason. Not because it is good, because it is a WIP that will never get finished 👍
[editline]3rd March 2017[/editline]
I was definetly high when I wrote this ^
Sorry to bump this thread. I've got a PDO module for PHP. This was made by Vrondakis and I use this in some of my projects.
Enjoy:
[url]https://github.com/vrondakis/katphp[/url]
(Again, sorry for the bump).
[B]Edit:[/B]
If you want I can help you switch this over and iron out SQL issues, You can add me on steam if you want :)
There's no reason to use a library for PDO, it's quite neat by itself. If you want a library around it it's probably better looking in to standalone Laravel components like Capsule.
[QUOTE=Flamingsword;51930319]There's no reason to use a library for PDO, it's quite neat by itself. If you want a library around it it's probably better looking in to standalone Laravel components like Capsule.[/QUOTE]
Seeing what he has now, PDO seems like a good option. Plus converting to PDO will be less of a pain to add in.
[code]$loggedIn = true;[/code]
I touched it
[QUOTE=Zortex;51949221][code]$loggedIn = true;[/code]
I touched it[/QUOTE]
I don't even think that variable is used lmao
[QUOTE=StrandedHeart;51950149]I don't even think that variable is used lmao[/QUOTE]
It's Your code, you should know if its used or not
[QUOTE=Zortex;51969017]It's Your code, you should know if its used or not[/QUOTE]
Dead post, dead script, we should stop bumping
[QUOTE=StrandedHeart;51972771]Dead post, dead script, we should stop bumping[/QUOTE]
I think it's pretty neat and I encourage you to continue work on it.
Correct me if I'm wrong, but wouldn't doing a http.Fetch request be less expensive than querying the db? I guess someone could come along and find the page where it's being posted, but it's not like anything you'd be doing with game.ConsoleCommand is top secret.
Sorry, you need to Log In to post a reply to this thread.
