December 21, 2014 at 5:27 am #2126
‘mysql’ is not compatible with the latest PHP (it’s deprecated). You have to use ‘mysqli’ or ‘PDO’.
Without the change this script will be unusable very very soon.December 27, 2014 at 11:37 am #2134
Ahh yes, it shouldn’t be that hard to fix so I can adjust the code.
I’ve created an issue here where I’ll post an update once it’s done: https://github.com/MillionDollarScript/MillionDollarScript/issues/20December 30, 2014 at 5:32 am #2155
I updated the issue with a link to the commit that converts everything from mysql to mysqli.December 30, 2014 at 11:03 am #2159
Probably not a easy as at first hoped. I implemented the new code and now my site does not load at all.
Did you test it?December 30, 2014 at 2:57 pm #2161
Do you get any errors in your logs?December 30, 2014 at 3:07 pm #2162
Oh nevermind, I see what I did. Will fix it up.December 31, 2014 at 12:14 pm #2163
There, hopefully that does the trick. I forgot to add the extra database connection parameters for mysqli commands.
I also have added an option to change the Error reporting value and fixed the currency symbols.December 31, 2014 at 7:27 pm #2166
Now the admin section is gaped wide open! No login asked for at all -no security -straight into Admin. You cannot log out of admin either!
Hence, I shut down my site and removed the config file until this is fixed.
Also shouldn’t the admin login ask for a username too? Without it, this script is an open house for dictionary brute-force attacks.
Are you not able to test it because of some extenuating circumstance?
let me know, and I’ll setup something off-site to test new builds.December 31, 2014 at 9:25 pm #2167
Sorry, that was due to the solving of some of the notices that I had did. I pushed a fix for that.
Yeah I know the login sucks but that’s how it was before I started development on it and I’m not messing with it in this version. The WordPress plugin should fix that though once it’s done.
I do some testing when I get time. I didn’t notice the admin login not working though since I was already logged in.
Thanks for reporting the issues!January 1, 2015 at 5:57 pm #2168
I’ve been testing it for a while now, and have found no problems so far.
But I would suggest, if you haven’t already, you should recommend in the installation instructions, to remove ‘install.php’ in admin folder after install, or else the site is wide open for attack.
Good Job Ryan!January 1, 2015 at 9:25 pm #2169
Yeah it does mention to delete install.php after install in the README.txt file but it doesn’t do an actual check to make sure. Maybe I could put a notification up or something if that file exists though.
You must be logged in to reply to this topic.