HylibCMS - All Emulators

IndraBB

New Member
Apr 3, 2019
15
10
Hello, today I came to post a CMS of my last project - HylibCMS. CMS is entirely its own, both in its design and in its system. It contains (Index, record, me, profile, hall of fame, staff). This CMS is easily adapted for any emulator, but comes adapatada by default for the Comet Emulator.

This CMS is compatible with
  • PHP 5.5+
  • MySQL 5.0+
  • Iis
  • XAMPP 5.5.30+
  • Any Emulator (just adapt later)

About security:
This CMS is made entirely with PDO function to perform querys faster and more securely. All querys are filtered before sending to the database.
In addition, she works together with Ajax for better fluidity and speed.

First of all I want to thank the developers who participated in its creation and in all projects, , and , because all the projects were developed by us the 3.

Credits:
  • Wake
  • Dut
  • Laxus (me)

You are free to edit, but do not remove the credits of the creators of it, because it involves many hours of work, do not be like certain people who live at the expense of others and are little for those who have the real work!

To view the download you will need to make a comment!

Download:
Images:

- "The secret to developing, is not to make the code but to think like the code." - Dut.

Visit :D
 

IndraBB

New Member
Apr 3, 2019
15
10
the design is quite different and the code is also, lol?
and all the vulnerabilities stowed.
 

Shxrty

Shorty#1960
Mar 31, 2018
629
163
tbf; its owned by the same GitHub user, its basically the same. Same design pretty much. You should've edited the AstroCMS instead of making a "new" one with basically the same design.
 

BIOS

ಠ‿ಠ
Apr 25, 2012
906
247
PHP:
        static function Filter($type, $string) {
            if ($type == 'XSS' || $type == 'xss') {
                $value = htmlspecialchars_decode($string);
                $value = trim($value);

                # 18
                $search = [
                    "<script", "/script>",
                    "<div", "/div>",
                    "<a", "/a>",
                    "<button", "/button>",
                    "<?php", "?>",
                    "<?=", "?>",
                    "<svg", "/svg>",
                    "<link", "<?xml"
                ];

                $replace = [
                    "", "",
                    "", "",
                    "", "",
                    "", "",
                    "", "",
                    "", "",
                    "", "",
                    "", "",
                    "", ""
                ];
               
                $value = str_replace($search, $replace, $value);

Don't do this to prevent XSS, it's the least effective way to go about it. What about img tags? Or literally any invalid character tag? There's too many permutations to be able to "replace" known-bad.

Instead use an actual template engine like Twig which has built in escaping:

Or if you want to stick to vanilla PHP, use htmlentities for 99% of cases, and htmlspecialchars. That entire code block can pretty much be replaced with a one line htmlentities($string) and do a much better job.
 

jamesgree

New Member
May 31, 2019
2
0
Yo,

I need the full database. Where can I get it because im getting errors that tables are missing as I dont have the full db
 

omatamix

New Member
Feb 20, 2019
18
6
The structure of the code is ugly, also no website is completely safe. Thanks for sharing I hope it improves.
 

Users who are viewing this thread

Top