Mailbox System

oo_jazz_oo · #1 12-29-2009, 05:55 AM

Hello people of the Graal forums!

I made this system a few months ago. It was just to test out the sqlite functions, and see how they work.

I never intended to release it, so some things might seem a bit...inefficient.
Also, some of the gui controls have some very long and unneccesary names. But that is because every gui control had the prefix "Npulse".
The reason being, I scripted this on Npulse. So, I just replaced 'Npulse' with 'Mail'.
And that made some gui controls have weird names, such as "Mail_Mail_*".

Its just a basic mailing system.

You can compose mail, read mail, reply, add and manage contacts.
You can move the mail between your inbox and a saved folder, or delete them. So its just basic functionality of a mailbox.

As I said, this was never meant for release, but since its not being used for anything, I decided to release it.
So, use it as you wish, edit it, mock it, praise it, do as you see fit.

I'll include some screenshots as well so you can see how it looks.

k_killar · #2 12-29-2009, 06:02 AM

hey didnt you script stuff for Dark horizon? im manager and we could use you send me a forum pm for info yo.

oo_jazz_oo · #3 12-29-2009, 06:03 AM

Quote:

Originally Posted by k_killar

hey didnt you script stuff for Dark horizon? im manager and we could use you send me a forum pm for info yo.

I don't know, and I didn't realize I was posting a resume. (I don't script for uc playerworlds anyways because I don't have a gold account)

fowlplay4 · #4 12-29-2009, 06:25 AM

You have no escapes on anything before you store it in the table, so using a single quote will result in SQL Errors which in turn makes SQL Injection a possibility.

PHP Code:


			
function onCreated() {

  temp.str = "How's it going!";

  echo(temp.str.escape()); // Prints the Escaped String

}

oo_jazz_oo · #5 12-29-2009, 06:31 AM

I have all 's being parsed clientside before sending it serverside though.

Altho, adding that would be better...I just didn't think of sql injections on Graal. :P

12171217 · #6 12-29-2009, 06:32 AM

Quote:

Originally Posted by oo_jazz_oo

I have all 's being parsed clientside before sending it serverside though.

Doesn't stop me from using a memory editor ;O

oo_jazz_oo · #7 12-29-2009, 06:33 AM

You shouldn't be using a memory editor on Graal. Tisk tisk, I thought I raised you better.

Crono · #8 12-29-2009, 06:49 AM

Quote:

Originally Posted by 12171217

Doesn't stop me from using a memory editor ;O

u so cool

zephirot · #9 12-29-2009, 07:29 AM

Cool system!

12171217 · #10 12-29-2009, 07:34 AM

I was speaking in terms of how it could be exploited. It was more or less an explanation as to why parsing them clientside is a bad idea compared to escaping them on the server. Why did nobody get butthurt when SQL injections were mentioned? Jesus Christ.

And I like your stuff, Jazz, it's good.

fowlplay4 · #11 12-29-2009, 07:06 PM

Quote:

Originally Posted by oo_jazz_oo

I have all 's being parsed clientside before sending it serverside though.

I tested it, and got SQL errors when using single quotes so you've still got some fixing up to do. Just drop the clientside parsing, and escape on the serverside.

Other than that, it's pretty nifty.