[WIP] APP - all your domains

Comments

• alex Member

  May 2013

  @vanarp said: Like one can keep a track of his domains with dAgent, similarly app to keep a track of all the vps purchased from different providers will be quite useful.

  I already have something similar in mind to connect a domain with a hosting, so extending this seems not too difficult and far from my idea. But one step at a time
• alex Member

  May 2013

  website is up and running at http://dagent.org/
• vanarp Member

  May 2013

  @alex said: I already have something similar in mind to connect a domain with a hosting, so extending this seems not too difficult and far from my idea. But one step at a time

  It was just an idea that you could consider. I think a standalone tool for vpses alone might be much beneficial thus replacing another spreadsheet.

  @tortau said: @vanarp: I think it's more about the fact that not everyone wants to track the same things when it comes down to VPS.

  I can understand that. But, for Alex it will be much easy since he has anyways developed the tool for domains that has similar requirements. Later he can add features like custom fields where one can add as many fields to store any information.

  @alex said: website is up and running at http://dagent.org/

  Your choice but you could consider forwarding to one of below pages with instructions on how to implement it documented.

  https://github.com/mprz/dAgent
  https://github.com/mprz/dAgent/blob/master/README.md
• debug Member

  May 2013

  There's a nice SQL injection in the remove action, index page. You didn't escape the id variable, nor the action variable. Also use freaking PDO, I honestly don't know why anyone still uses the mysql_* functions anymore.
• Adduc Member

  May 2013

  SQL injection can occur in PDO, MySQL, and MySQLi, as long as raw queries are being built.

  Prepared statements are probably what you mean to advocate.
• debug Member

  May 2013

  Yeah, I was talking about prepared statements, I just said PDO because you also get the ability to switch database types easily (to MySQL/SQLite for example)
• blergh_ Member

  May 2013

  Too bad the shit on git doesn't work.
• natestamm Member

  May 2013

  @alex sweet..and Bootstrap gives you a +2
• dAgent Member

  May 2013

  @debug said: There's a nice SQL injection in the remove action, index page. You didn't escape the id variable, nor the action variable. Also use freaking PDO, I honestly don't know why anyone still uses the mysql_* functions anymore.

  I know about the vulnerability, but first time hearing about PDO. Done some reading and it's definitely worth using it. It's my first PHP project so cut me some slack :P

  @blergh_ said: Too bad the shit on git doesn't work.

  Too bad you have problems with reading.
• prae5 Member

  May 2013

  @seikan
  Do you have a repo for your project - it looks good and I would like to test it.

  @dAgent
  I've just grabbed this latest version in your repo and it doesn't work.

  It installs fine, creates tables, etc... When you add a Registrar it works and if i check out the table in mysql the content is there. However, it never displays it in the web gui - Likewise it then prevents you adding a domain as it isn't listing it.

  Haven't had a chance to check further, but i'm assuming its a simple sql error - might get time to take a look tomorrow.

  Thinking long term, I would strongly suggest using a whois lib as mentioned above rather than manually adding registrars, domain dates etc - it quickly becomes unmanageable with large lists of domains.
• alex Member

  May 2013

  @prae5 said: However, it never displays it in the web gui

  I'll look into it. Works on my localhost, but I will try to do a fresh install and see. Thanks for feedback!
• alex Member

  May 2013

  @debug said: There's a nice SQL injection in the remove action, index page.

  fixed