Jump to content
[MUST READ] Forum Rules ×
Important message for newcomers!

PlanetCloud

Senior Members
 View Profile  See their activity

  • Posts

    1137

  • Joined

  • Last visited

  • Days Won

    37

 Content Type 

Everything posted by PlanetCloud

  1. PlanetCloud
    I'm well aware inspect element can be used to get around this but at least users cannot accidentally register sensitive domains. See this topic: and the JS would be like "Whoops this is taken" or "Contains blacklisted keywords" before submit. If then someone were to register the sensitive/reserved keywords with inspect element or other ways.. we can blacklist their IP instead or something, as we now know they're malicious.
  2. PlanetCloud
    I got onto this late and I didn't read MOST of the posts but I say the JS to hide and restrict subdomains should be a Wybe plugin. @Anyx @AA22Dev. It should have a blacklisted domains (as in the hosting's cpanel domain), and blacklisted keywords.
  3. PlanetCloud
    I'm not going to stop you.... I'm just going to beat you https://imgur.com/a/TCTvwCY Is this how I'm going to be suppressed from reaching 2K posts? Oh nvm it's now approved ^W^
  4. PlanetCloud
    I see... Imagine if someone started a "chat" thread where people would "spam" messages there and raise their post count 🤔
  5. PlanetCloud
    Was late to the party wow... and will be busy for the next few days as well. Yes I'm going steady with my 1001th posts and may soon reach 1003! aaaand where's byet chat? for some reason my chat are always invincible there 🤔
  6. PlanetCloud
    Can't agree more.
  7. PlanetCloud
    Rest of the message: I am not a bot, I am a {{THIS_WORLD.WIKI.INTTELIGENCE_CREATURE.sort('desc').pop().take(1)}}. Thank You.
  8. PlanetCloud
    Beep boop ... To view the rest of the message please verify you're not a bot:
  9. PlanetCloud
    Oooo I see, okay
  10. PlanetCloud
    Hi, I came waaay too late. You may find these interesting: https://github.com/InfinityFreeHosting/mofh-client/issues/41, https://github.com/InfinityFreeHosting/mofh-client/issues/46. It has response samples n stuff. also the library itself is cool and you should use it instead of making new one.
  11. PlanetCloud
    I'm alive and not a bot. Here to say you're welcome.
  12. PlanetCloud
    You're welcome again. I'm still alive btw.
  13. PlanetCloud
    You're welcome.
  14. PlanetCloud
    #UXMatters Then check the logic code again, as you can just call it and return. About this, I also have a comment... shouldn't have used a single letter for the file name as it violates PSR rules. PSR is a coding style standard that I and many others use so we can easily work on other's code. Also it's a security risk now I realized it... Check again https://github.com/PlanetTheCloud/mofh-callback-client. Good
  15. PlanetCloud
    I see this is definitely a huge improvements from the previous version. Using CodeIgniter framework and avoiding most common security vulnerabilities, however there are still some yet these are a bit harder to exploit such as storing password only using hash (prone to rainbow table attack), some confusing logic such as: if($res) { if($this->mailer->is_active()) { return true; } return true; } return false; That could have been re-written as: if($res) { $this->mailer->is_active(); return true; } return false; or: return $res; Depending if the $this->mailer->is_active() call is needed or not, and many others I see that can be optimized or be more concise. Also there's a possibility for spam attacks where Admin's password kept getting reset, and also check this out: https://github.com/PlanetTheCloud/mofh-callback-client. Other notable mention is that when I request reset password for non-existent email, it says that the reset is successful instead of error indicating email is invalid. Either change the message to be more neutral such as "Check your inbox. If your account is with us, you'll receive an email.". I haven't dive in much deeper in other parts of the site but generally this has fixed most of the issues. Congratulations!
  16. PlanetCloud
    By the Support team?
  17. PlanetCloud
    I've updated the code to include this feature. // Function to be executed when an account has been suspended $callback->onAccountSuspended(function ($username, $reason, ..., $common_reason) { echo "Account {$username} has been suspended with the following reason: {$reason}"; if ($common_reason) { $reason = str_replace(['DAILY_EP', 'DAILY_CPU', 'DAILY_HIT', 'DAILY_IO'], ['Entry Process', 'CPU Usage', 'Website Hits', 'Input/Output'], $common_reason); } echo "Your account has been suspended because the daily {$reason} quota has been exhausted"; }); You can handle the reason quite elegantly as well.
  18. PlanetCloud
    Hmm I see... I've provided the reason to the suspended call. Your code should filter the reason to see if the cause of the suspension is x and notify the client appropriately. I'll try to implement another method to help with parsing common errors. Will code it tomorrow.
  19. PlanetCloud
    I'd like to point out that there's an issue with the domain availability API where if the account is being created but not activated yet, the domain can still be registered, as seen in the screenshot below: Both have the same main domain under different account. So you should not rely on MOFH API alone. # Check domain availability $domains = $db->select('accounts', 'id', ['main_domain' => $main_domain]); if (count($domains) > 0) { throw new Rejection('Domain is not available.'); } $response = MofhClient::availability($main_domain); if (!$response->isSuccessful()) { throw new Rejection('Domain is not available.'); } Here is my implementation to check the domain's availability. Please note that I make my own wrapper (MofhClient) to handle the errors that may be returned by the API. The errors are logged and will not be shown to the end user unless the DEBUG mode is enabled in the config.
  20. PlanetCloud
    Hmm, why should that be the case?
  21. PlanetCloud
    Ah... that's what you meant... well I have another way of handling that and also Project LOGGED (v1.x) is not meant to have anything to do with composer (yet).. I'll consider it though. I'm not sure will the inode limits be enough or how it will perform. Will have to do some testing.
  22. PlanetCloud
    Ah yes, I see... is that price for 1 user or for hostin companies to implement their builder? I think there's a difference....
  23. PlanetCloud
    What do you mean validate domain names?
  24. PlanetCloud
    Very limited IIRC
  25. PlanetCloud
    Yes, will be considered on future version. Kindly advise the user to use any subdomain, and then add their custom domain afterwards through the cPanel.
×
×
  • Create New...