[RELEASE] UserSystem v1.0.0

[MrCraig]

Ok, for the past 2 weeks or so, ive been on-off making a usersystem for public download on my website, www.Habbo-Center.com

I have finally completed it and made a neat little installer for it

So, if you want a completely open-source usersystem, click here to download it

We do ask that you read the README.txt file before installation as it gives you all the licencing information etc etc etc.

The layout for the panel isnt too good atm and is just one big table designed to show off all the features so far. So yh, you can make new layouts for it easily and its coded in basic PHP

its really easy to edit for first time coders and all the content in it is run through a mini-CMS

So yh, have fun experimenting, dont have demo set up at the moment, will try to get it if i have time to disable all the pw resets and stuff.

Please also post any comments

Thanks
Craig-

[Chippiewill]

sounds great now to test it ;D

[Naruto!]

magnificent.
I'm going to upload it now.

[Eccentric]

ill test it soon may use it on my new site im making. !

[Chippiewill]

first review, nice loads of features, like you said looks a bit off in setting up admin account passsword field isnt ****** only prob so far hmm once logged in, WOW you pulled out all the stops it lks awesome,

everything is easy access and easy modded!!!

Admin tools access is hard getting to the end setting takes skill lol


hmmm thats all really less than i orriginly thought but it looks gr8!!!

[Naruto!]

Whats admin user & cp to my one?

[Invent]

Nice to give it out for free, but there are a few security issues I think and I also think the emailer upon registration can be exploited.

EDIT: Some things also wont work without REGISTER_GLOBALS set On and some vars are not cleaned.

[Naruto!]

I'm stuck with it, like the mySQL shizzle.

[Tomm]

WARNING

This script is highly unsecure. The only protection from SQL injection is htmlspecialchars. This is highly inadequate. Without setting ENT_QUOTES single quotes will not be escaped using this function, not to mention all the other posible security issues.

[MrCraig]

Nice to give it out for free, but there are a few security issues I think and I also think the emailer upon registration can be exploited.

EDIT: Some things also wont work without REGISTER_GLOBALS set On and some vars are not cleaned.

Emailer can be turned off for now, and i think default is set to off. u got any ideas how to fix it tho?

+

What vars arent cleaned? I know i didnt do most of the admin ones or select ones.

Thanks for advice tho :]

EDIT: Tom, would an addslashes/stripslashes be any better?