Server and HTPC webconsole (3 Viewers)

[SpudR]

Probably wise
Glad to have been of help...

 

[joz]

I had a little talk with my colleague and a friend of a friend who runs his own webhosting company.
Sorry guys but now I'm even more convinced you guys are talking paranoia. Yes, an inexperienced user should not be programming this and setting this up, because most likely he will leave gaping holes in his security.
However the risks are totally acceptable. Even basic authenticication is good enough, no need to move to MD5 or SHA1 but maybe I still will do that to have the login a little nicer and incorporate the bruteforce attack blocker (the 3 times and then timeout idea).
They both agreed that the infiltration of the LAN will most likely come from a different source then the webserver, such as surfing the internet, running malicious downloads etc.

Little progress update;

- IE 6 and newer 100% compatible
- DU Meter integration
- MP plugins section's done, starting the general settings bit
- Redesigned free space progressbar thingies to have rounded borders
- Added suckerfish dropdown for MediaPortal submenu
- Refactored JS navigation. Saved 50 lines, totalling now on 100. This might seem weird to some of you but I decided to handle navigation thru JS. This saves a couple requests. I'm trying to keep it light weight
- Refresh iFrame functionality added
- Working on EventGhost webserver integration. Just for fun; possible to send remote messagecalls thru the web

 

[joz]

Is everyone that scared that there's no interest in this whatsoever?

I made some leaps;
- Now build upon my own php framework; PHP Powerplay
- Added phpinfo (5 second thingie )
- Added XMLTidier, tidies my aMPed skin folders for me by a press on the button
- Added speedfan statistics, lot to do still.
- Improved free drive space progressbars, it is now pretty generic and can cope with as many partitions as users would have (C thru Z)
- Eventghost webserver integration

So if you are interested don't be shy to PM me. Since it now is pretty generic I can create some howto if needed for setting it all up.
And it would be even more awesome if I had someone to help me out getting this project a bit more up to speed.
please consider these requirements though;

- Apache 2.x, together with these modules;
* Mod Rewrite
* Rotate log
* Basic authentication
- PHP >= 5, with these extensions;
* SQLite PDO (and therefore the PDO main class)
* php_sockets (used by ajax wakeup on lan)
* php_tidy (used by xml tidier)
- Windows XP or higher

p.s.
The machine's still purring along nicely.

 

[joz]

Another progress update;

- Moved away from basic authentication and moved to a sha1 based one. This means there's a new requirement added to the list; mysql. Maybe I'll migrate to sqlite eventually to remove that.
- Added remember me functionality
- Eventghost webserver functionality extended (more buttons)

roadmap;
- Add user administration
- Add database based menu structure and make it configurable

 

[mylle]

This sounds like a great idea. Im looking forward to trying it out.

Mylle

 

[joz]

it is a long way from ever being released.
I know I have said some things about how I would treat release but I think I need to revise that.
I will for now only release to people who;
1) Have serious interest
2) Are offering to help out on development. The framework it runs on is easy enough to understand and could also be improved a lot. It's lightweight and for me flexible since I wrote that code
PHP knowledge and SQL is a must.

Before I even can do that I need to translate some comments and variablenaming stuff. Write a small howto for the framework config etc.

The reason I decided this, is that I'm pretty busy and do not work on this as much as I wanted too and therefore it's really not ready for any body else than people who have good knowledge about the underlying techniques being used.

 

[joz]

Little progress update;

- Moved menu structure to DB. Not started yet on the GUI CRUD (Create, Read, Update, Delete). This has 2 upsides, users can define there own menu items and the HTML of the template's a little less messy (at least, more readable in source)
- Started GUI for user CRUD
- Added JQuery. I didn't want that but it will save me a humongous effort when integrating all kinds of dynamic stuff (which I want in for example user CRUD). Probably will rewrite the normal javascript to make use of jquery more.
- Fixed an IE bug where the suckerfish was positioned wrong
- Fixed a javascript html overflow bug

 

[joz]

I just noticed the first real hack attempts on this application, some guy from los angeles (screw him). I just upgraded this mysql login I got going with a "failed_login" for me to keep track of this sorta thing. He didn't do any harm, he couldn't get in Suck on that LA loser.

 

[joz]

Another update round;

- Introduced usertypes (that is admin and regular user)
- Completed user administration part
- Start of menu editor. Already able to move menu items
- PHP and other comments rewritten to english (@ first dutch)
- uTorrent webui 0.362 compatible + some webui look & feel enhancements

Some good news for people who so rightfully pressed my nose into security issues!
I changed my mind again (omg lol, indecisive) I am gonna try to release this baby (will still take loads of time before you see any release though). The good news I have for you is that the menu editor is coming along quite nicely. Whenever it gets to a release the user will be able to build their own menu from available modules. this way the user decides the level of exposure.
I could then write a how to (which will be necesarily however much I optimize it, at least at first) with security thread levels.

 

[ErAzOr]

your project is very interesting
could you upload new screenshots of the actually progress?