R_P Posted March 9, 2007 Share Posted March 9, 2007 This is a browser chat that works with current Gecko, Trident, KHTML and WebCore based browsers. I've not tested or checked for compliance with Opera or the Presto layout engine. I've done my best to emulate IRC technology, meaning there is no page flickering and little latency (low response time) between your chat and my server. The chat includes a message window and user list. You will see your text immediately after you send it. You are automatically logged in when you enter the chat and logged out when you close the chat window. A chat-bot monitors room activity and returns critical messages. The load on my server is relatively low per-user. The link below will take you to my website were you will see another "open chat" link. Clicking "open chat" will open a pop-up which will prompt you for a username. You can choose any username you like. When you're done chatting, just close the chatroom window and you will be automatically logged out. The logout button doesn't work yet. Make sure you tell me how it went. What kind of response times you got and if the chat lagged (stuttered) and how I can improve. Feel free to email or message me with questions. If you see username roddzilla, it probably means I'm in the room working on it. Without further ado: Chat Room Alpha Release Also new IRC commands include: /auth {password} - makes you a moderator /op {username} - makes username a mod (mods only) /deop {username} - takes mod priveleges away from username (mods only) /kick {username} - kicks username out of the chatroom (mods only) /authstate - returns 1 if your a mod, 0 if not (mods also have gavel next to their username) /nick {new} - changes your username to {new} value (mods can't do this) /getnick - returns your original session nickname in case you've forgot it /welcome - redisplays the welcome message /help - displays options If you're serious about testing it, message me and I'll give you the /auth password. Although its not really fun until there are others in the chat with you just asking for a good swift kick. Also, tell me what other functions you think are essential to IRC so I can include them. Link to comment Share on other sites More sharing options...
Lumio Posted March 10, 2007 Share Posted March 10, 2007 is that done with AJAX? Link to comment Share on other sites More sharing options...
mattd8752 Posted March 10, 2007 Share Posted March 10, 2007 Yeah I'm almost positive. Link to comment Share on other sites More sharing options...
R_P Posted March 11, 2007 Author Share Posted March 11, 2007 Yes. The remote request procedure is the order of the day. Sorry no Java here (question left in log). Unless I found a way to remove the applet security prompt! Link to comment Share on other sites More sharing options...
tarun Posted March 17, 2007 Share Posted March 17, 2007 Nice... You Could Sell This Commericaly If You Had More Of The Basic IRC Commands And Even Some More Advanced Commands Thnx, Taun Link to comment Share on other sites More sharing options...
Design Posted March 17, 2007 Share Posted March 17, 2007 Pretty cool, I checked it out with a friend, good stuff. Link to comment Share on other sites More sharing options...
redarrow Posted March 21, 2007 Share Posted March 21, 2007 Not bad nice idear but the same old thing agin why not add somethink new to your chat code for example let users print there chat to a page ect ect ....... Otherwise nice go for a chat program. Link to comment Share on other sites More sharing options...
php_starter_sl Posted March 29, 2007 Share Posted March 29, 2007 nice wrk man u gotta develop it Link to comment Share on other sites More sharing options...
JoshF Posted March 29, 2007 Share Posted March 29, 2007 Nice, I like it. Link to comment Share on other sites More sharing options...
R_P Posted October 22, 2007 Author Share Posted October 22, 2007 Bumping this. Optimizing the back end code and would like a few people in the room to help me test. *Hint: Want to be mod? Just type: /auth doggie Link to comment Share on other sites More sharing options...
agentsteal Posted October 22, 2007 Share Posted October 22, 2007 Admin Access: Anyone can access the admin panel. Cross Site Scripting: There is Cross Site Scripting if your username contains code. Cross Site Scripting: There is Cross Site Scripting in the chat if a message contains code. Directory Transversal: http://www.roddzilla.com/?page=../index Directory Transversal: http://www.roddzilla.com/?page=../modules/do Full Path Disclosure: http://www.roddzilla.com/?page[] Warning: include(./pages/Array.php) [function.include]: failed to open stream: No such file or directory in C:\InetRoot\zilla\pages.php on line 8 Warning: include() [function.include]: Failed opening './pages/Array.php' for inclusion (include_path='.;C:\php5\pear') in C:\InetRoot\zilla\pages.php on line 8 Full Path Disclosure: http://www.roddzilla.com/pages/fbchat.php Warning: include_once(./fbchat/facebook_conf.php) [function.include-once]: failed to open stream: No such file or directory in C:\InetRoot\zilla\pages\fbchat.php on line 2 Warning: include_once() [function.include]: Failed opening './fbchat/facebook_conf.php' for inclusion (include_path='.;C:\php5\pear') in C:\InetRoot\zilla\pages\fbchat.php on line 2 Warning: include_once(./fbchat/facebookapi_php5_restlib.php) [function.include-once]: failed to open stream: No such file or directory in C:\InetRoot\zilla\pages\fbchat.php on line 3 Warning: include_once() [function.include]: Failed opening './fbchat/facebookapi_php5_restlib.php' for inclusion (include_path='.;C:\php5\pear') in C:\InetRoot\zilla\pages\fbchat.php on line 3 Full Path Disclosure: http://www.roddzilla.com/img.php Warning: imagettfbbox() [function.imagettfbbox]: Invalid font filename in C:\InetRoot\zilla\img.php on line 7 Warning: imagecreatetruecolor() [function.imagecreatetruecolor]: Invalid image dimensions in C:\InetRoot\zilla\img.php on line 12 Warning: imagecolorallocate(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 15 Warning: imagecolorallocate(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 16 Warning: imagecolorallocate(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 17 Warning: imagecolorallocate(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 18 Warning: imagecolorallocate(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 19 Warning: imagefilledrectangle(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 29 Warning: imagettftext() expects parameter 1 to be resource, boolean given in C:\InetRoot\zilla\img.php on line 30 Warning: imagecolortransparent(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 31 Warning: imagepng(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 34 Warning: imagedestroy(): supplied argument is not a valid Image resource in C:\InetRoot\zilla\img.php on line 35 Full Path Disclosure: http://www.roddzilla.com/img.php?t[] Warning: imagettfbbox() expects parameter 4 to be string, array given in C:\InetRoot\zilla\img.php on line 7 Full Path Disclosure: http://www.roddzilla.com/img.php?t&s[] Warning: imagettfbbox() expects parameter 1 to be double, array given in C:\InetRoot\zilla\img.php on line 7 Includes Directory: http://www.roddzilla.com/modules/ Includes Directory: http://www.roddzilla.com/pages/ Poison Null Byte: http://www.roddzilla.com/?page=../images/banner.jpg%00 Link to comment Share on other sites More sharing options...
R_P Posted October 22, 2007 Author Share Posted October 22, 2007 Thanks steal for the diagnostic. Turning off indexes in apache and removing full path disclosure in php.ini should remedy just about the whole list. As for the chat, in more evolved version there will be strict checks on i/o. What I'm worried about right now is that it the base functionality works. I'm in the midst of streamlining data throughput so that client-server pings are literally bits. Core functionality is what I'm worried about. So come in and stay a bit. Let me know the response/lagging times. Works best if theres more than a person in the room. Unfortunately users are sparse. Link to comment Share on other sites More sharing options...
R_P Posted October 22, 2007 Author Share Posted October 22, 2007 Noted and fixed. Link to comment Share on other sites More sharing options...
Coreye Posted November 4, 2007 Share Posted November 4, 2007 Not really a security flaw, but when you type <?php and press enter it will show up blank, BUT then you enter something else and that will show up on the same line. You can login as <?php and it will be a blank username. Link to comment Share on other sites More sharing options...
Recommended Posts