Jump to content

PHP.neoform Framework 1.20

neoform

By neoform
in Beta Test Your Stuff!

 Share

Recommended Posts

neoform Regular Member

neoform

Posted
Posted

I've been working on this framework for about 2 years now, I've finally hit the point where I think it's good to go for public use. I'm releasing it under Creative Commons Attribution-Noncommercial 3.0 Generic License.

 

http://www.phpneoform.com/phpneoform.v.1.201.zip

 

I've used it on about 20 different sites, and have tried to make it as extensible as possible.

 

For a bit of a readme on how it works, check out a current version of it running:

 

http://www.phpneoform.com/117/

 

Screenshots of the admin backend:

 

http://www.phpneoform.com/117/phpneoform_images/neoform/albums/phpneoformscreenshots/

 

Web Forums Package:

http://www.phpneoform.com/117/forum/

 

Images Package:

http://www.phpneoform.com/117/phpneoform_images/

 

I'm still in the process of writing up more documentation on it, takes time though.

Link to comment
Share on other sites
neoform Regular Member

neoform

Posted
  • Author
Posted

Just fixed that, I used print_r() just to show the value of the GET. wasn't really considering people hacking the sample page since it's not meant for any sort of production environment.

 

I also forgot to mention, the requirements:

 

MySQL 5

PHP 5 (using mysqli)

Apache with mod_rewrite on

Link to comment
Share on other sites
agentsteal Newbie

agentsteal

Posted
Posted

Admin Access:

Anyone can access the admin panels.

 

Cross Site Scripting:

http://www.phpneoform.com/117/a/<marquee><h1>vulnerable</marquee>

 

Cross Site Scripting:

http://www.phpneoform.com/117/index.php?<marquee><h1>vulnerable</marquee>

 

Full Path Disclosure:

http://www.phpneoform.com/phpneoform.v.1.201/install.php

D:/websites/phpneoform.com/website/phpneoform.v.1.201/neoform_core/

 

Full Path Disclosure:

http://www.phpneoform.com/1201/install.php

D:/websites/phpneoform.com/website/1201/neoform_core/

 

Includes Directory:

http://www.phpneoform.com/

 

Includes Directory:

http://www.phpneoform.com/117/public/

 

SQL Dump:

http://www.phpneoform.com/1201/install.sql

 

SQL Dump:

http://www.phpneoform.com/phpneoform.v.1.201/install.sql

Link to comment
Share on other sites
neoform Regular Member

neoform

Posted
  • Author
Posted

Err, other than the XSS deal which I took care of, I don't plan to fix any of the other things..

 

the SQL file is part of the installer, it contains no valuable information that isn't already freely available. The public dir is just that, public, it contains images, css and js.

 

Full path disclosure is nice, but I'm showing people what the installer looks like. Without my mysql login/password they can't do anything with that installer. (worst they really could do is install the framework, if they did have the password).

 

If you want to pick apart the framework, I'd ask that you do it to pages that are not the sample page that is not used for anything other than as a demo..

Link to comment
Share on other sites
Liquid Fire Advanced Member

Liquid Fire

Posted
Posted

This is not really a framework IMO, it is more of a system like a CMS or something like that.  From what i looked at, which is just the structure, file name, and a few files of code, a lot of the code is for specific functions and work with specific table structure.  IMO a framework should help making a site qiucker and easier to build and maintain and this does not seem to do that unless you are building a site that specific suites the table structure you already have in place.  However what i have seen in the code looks ok.

 

Also the Admin area looks very nice from the screen shots.

Link to comment
Share on other sites
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.