Feature Request: Online Auction House page

Anything FFXI Related
Dante
Posts: 86
Joined: Sat Feb 18, 2017 10:58 am

Re: Feature Request: Online Auction House page

Post by Dante » Fri Nov 03, 2017 8:43 pm

I'm just excited :P I'm not trying to rush you or anything

fire
Posts: 17
Joined: Sun Oct 15, 2017 4:09 am

Re: Feature Request: Online Auction House page

Post by fire » Sat Nov 04, 2017 12:33 am

I submitted non wordpress version just now.. so maybe youll have new toy soon :lol:

Alexander
Posts: 37
Joined: Mon Aug 14, 2017 3:33 pm

Re: Feature Request: Online Auction House page

Post by Alexander » Tue Nov 21, 2017 1:59 pm

Any word on this?
Previously Gweivyth @ Nasomi.

Dante
Posts: 86
Joined: Sat Feb 18, 2017 10:58 am

Re: Feature Request: Online Auction House page

Post by Dante » Tue Nov 21, 2017 7:08 pm

^

User avatar
StardewValley
Posts: 36
Joined: Tue Nov 07, 2017 4:07 pm
Location: TX, USA
Contact:

Re: Feature Request: Online Auction House page

Post by StardewValley » Tue Nov 21, 2017 7:53 pm

^
^
Stardew - WAR50 | THF25 | NIN14 | RDM09
Valley - BLM46 | WHM25 | NIN12 | THF11
Cooking 42 | Goldsmithing 2
(12/11/17)

fire
Posts: 17
Joined: Sun Oct 15, 2017 4:09 am

Re: Feature Request: Online Auction House page

Post by fire » Thu Nov 23, 2017 2:09 am

Was on vacation out of country .. didn't check this..

No PM in box.. I made a newer version I'll post here:

http://www.filedropper.com/auctionhouse

no license, anyone can do or claim anything with this code

Only bug? I think some `item_basic`.`flags` should not show in results..
Easy fix.. add something like <code>AND `item_basic`.flags` = N</code> where N is allowed flag.. after line 196 in ah.php

If you see bug but don't understand code or want new feature, post here .. I can do

fire
Posts: 17
Joined: Sun Oct 15, 2017 4:09 am

Re: Feature Request: Online Auction House page

Post by fire » Thu Nov 23, 2017 4:31 am

Also here is the WordPress version.

same.. no license etc

http://www.filedropper.com/auctionhousewp

works with WordPress 4.9

User avatar
atom0s
Posts: 50
Joined: Sat Feb 18, 2017 4:33 am

Re: Feature Request: Online Auction House page

Post by atom0s » Thu Nov 23, 2017 9:35 am

Some suggestions since you are doing this in php:
- Rather than const the db vars, just use them then nuke the object so it is not a global const left over that could potentially be leaked at some point.
- You are not sanitizing input variables which can lead to SQL injections.
- Instead of mysqli, you should use PHPs newer PDO drivers. (And use proper prepared statements to avoid SQL injections.)
- It is recommended and more common practice to not end php files with ?> any longer.

Avoid using 'debug_backtrace' as a method to check for direct access. Instead, use a define between files to reduce overhead. For example, in the ah.php file you can do:

Code: Select all

define('SOME_RANDOM_VARIABLE_NAME_HERE', 1);
Then inside of the config.php:

Code: Select all

if (!defined('SOME_RANDOM_VARIABLE_NAME_HERE')) { die("Direct access is not allowed."); }
Another suggestion, I would recommend looking into a data binding library that you can use to make cleaner HTML with and avoid the mix of php/html in single files. Something like Angular.js or Knockout.js. These type of libraries make it very easy to bind data (such as json objects) to the UI elements in simple and clean code setups.
  • Ashita Lead Developer

fire
Posts: 17
Joined: Sun Oct 15, 2017 4:09 am

Re: Feature Request: Online Auction House page

Post by fire » Thu Nov 23, 2017 9:14 pm

atom0s wrote:
Thu Nov 23, 2017 9:35 am
Some suggestions since you are doing this in php:
- Rather than const the db vars, just use them then nuke the object so it is not a global const left over that could potentially be leaked at some point.
- You are not sanitizing input variables which can lead to SQL injections.
- Instead of mysqli, you should use PHPs newer PDO drivers. (And use proper prepared statements to avoid SQL injections.)
- It is recommended and more common practice to not end php files with ?> any longer.

Avoid using 'debug_backtrace' as a method to check for direct access. Instead, use a define between files to reduce overhead. For example, in the ah.php file you can do:

Code: Select all

define('SOME_RANDOM_VARIABLE_NAME_HERE', 1);
Then inside of the config.php:

Code: Select all

if (!defined('SOME_RANDOM_VARIABLE_NAME_HERE')) { die("Direct access is not allowed."); }
Another suggestion, I would recommend looking into a data binding library that you can use to make cleaner HTML with and avoid the mix of php/html in single files. Something like Angular.js or Knockout.js. These type of libraries make it very easy to bind data (such as json objects) to the UI elements in simple and clean code setups.
Good suggestions! any always welcome !

I did those.. I think its XSS/SQL safe now js and php both

I was thinking to do 2 way data bind variant for fun after seeing your code.. maybe try.. knockout

until then let me know if more changes, or additions for this ver..

http://www.filedropper.com/auctionhousev2

kupo guys tell me if you have preference for framework fork.. idc which but will use knockout if no input

Dante
Posts: 86
Joined: Sat Feb 18, 2017 10:58 am

Re: Feature Request: Online Auction House page

Post by Dante » Sat Nov 25, 2017 5:06 am

Hopefully we can get this added, as it would be an extremely convenient tool for players to use

Post Reply