Show DevBest Live Chat

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
Hello!

Not too long ago I made a chat room which let's users come together and chat.
It's a nice feature to have on a website and can come in use.

I have a few screenshots which are below.
I'll be working on this a bit more, making admin tools etc...
There's still some stuff to do also.
So for now, this is V1.

Edit: There was a problem with the "Name" field where user's were able to execute scripts.
This has been fixed and a new download link has been provided.

-- UPDATES --

Added new download link to original post.

  • Added auto URL's ( RL changes to a href="URL">URL</a>)
  • Added an option to register to reserve your username or sign in as a guest
  • Added chat box commands (\ban and \unban so far)
Next to come:
  • Admin sticky note
  • Ability to mute users
Added checkbox for submitting when the enter key is pressed
Added some extra checks for Name and Message
Added Theme Chooser
Fixed Problems with Bans

Screenshot
48e7e4a15297f2a57cdabf4941388670.png


-- Updates --

  • Added admin area
  • Added installation
  • Added password recovery for administration
  • Added some extra features to the admin area
Added some security to the installation.
When accessing the installation, if PHP can connect to the database, you don't need to access the file otherwise you can edit it from the config.
When accessing part two of the installation, it checks to see if you've been to part 1, if you haven't it will send you to the index page.
Admins can do the following from the admin area:
  • Ban a user
  • Un-Ban a user
  • Change their password
  • Search logs
  • Search bans
  • Search admins
Here is the admin area (still needs some styling)
877c30f8b7128673f95b5cecee69fb3d.png

Here is the installation (which also needs some styling)
Part 1 (Database)
a1a3aedd598b6b76174b64bcdf443de4.png

Part 2 (Administration)
546f34d149ba8b5a2f4b00d9cf2b6519.png


Password Recovery (Still needs styling)

eaf4adf21ea9a92596e03fccc8c4cd01.png


New ideas are welcome.

Download


Updated SQL



Remember to move or rename the installation once finished!

-- NOTE --
The part where the user specifies their own username -- this part isn't finished.
The user can specify their username but, they can't reserve the username yet.

Live View
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
Might add some sort of jQuery CSS switcher which let's users choose their own look.
 

Markshall

Русский Стандарт
Contributor
Dec 18, 2010
2,638
2,393
You should patch up XSS injections, I've just place an alert box on your site by doing it.

Also, since your script doesn't allow line breaks in the message, why use the textarea element? You're better off using text input.

Looks cool though. Try adding features such as word filter, being able to delete a message matching your IP etc.
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
There is actually a word filter, but only certain words.
If you go on the site, and type "fuck" you should be banned.

Wasn't aware of XSS Injections. Fuck.
 

Markshall

Русский Стандарт
Contributor
Dec 18, 2010
2,638
2,393
There is actually a word filter, but only certain words.
If you go on the site, and type "fuck" you should be banned.

Wasn't aware of XSS Injections. Fuck.
I wouldn't automatically ban users, I'd just censor the words with an asterisk or something. Say if a user was spelling a name like, "Dickson", and "dick" caught out in the filter and resulted in a ban, I don't think they'd be too happy.

Also, to patch them, only use escape the string when inserting into the database, don't filter the data when you're entering it into the database, filter it when you're retrieving it, if you get me?
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
Added checkbox for submitting when the enter key is pressed
Added some extra checks for Name and Message
Added Theme Chooser
Fixed Problems with Bans
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
I know just realized that the shout-box wasn't full enough now, Is viewing history also available?

What do you mean?
The chat box shows 40 posts before it starts cutting them out.
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
You should patch up XSS injections, I've just place an alert box on your site by doing it.

Also, since your script doesn't allow line breaks in the message, why use the textarea element? You're better off using text input.

Looks cool though. Try adding features such as word filter, being able to delete a message matching your IP etc.


I added it so it was future proof.
I'll be adding nl2br to preserve line breaks once I get it fully secure.
 

Weasel

👄 I'd intercept me
Nov 25, 2011
4,135
2,461
Some ideas.

Chatbox:
- Sticky note
- / commands
- Automaticly make links hyperlinks

Admin:
- Banned user list
- Prune logs
- Show all logs
- Wordfilter

You might also want to let people register their unique name.
 

NSA

sudo apt-get thefuckout.tar.gz
Dec 9, 2011
715
86
I'm gonna add something which let's users either login / register or use it as a guest.
At which point if they're a guest, their name will be something like GUEST-{Random}.
Probably also add something to let people know who's online and away.
 

Users who are viewing this thread

Top