Release of CCDC ISE Manager Website
I worked on the ISE (Inject Scoring Engine) website from 2017 to 2019. I made it to encourage teams to follow a merit-based, open admission tryout format. I identified a problem and made a solution for it.
Problem: Call for Merit and Fairness on CCDC Rosters
Solution: Github Project
Solution: How to run a Team
After Tri-C was finished with 2017 Midwest Wildcards I used httrack to grap the Inject PDF files. I didn't grap just the files, but the entire front-end code of the website. If you created the HTML and CSS of the original ISE website, tell me your name so I can give you credit!
My goal was to make an almost-replica of the original. The database and back-end code is all guessing by me. I used a LAMP stack because I believe the original website is built on that. I did some fingerprinting and found the "ccdcadmin1" website was hosted on Apache and PHP.
If you notice any bugs or errors let me know. If you want a feature added let me know. I will be working on the "Service Scoring Engine" now. I will test other solutions out first.
Video of Website Demo:
https://www.youtube.com/watch?v=YvPWPr0O0Dc
MySQL Database:
Security
There are 3 layers of security.1. People WITHOUT an Account.
2. People with a Team or User Account.
3. Admins.
1. I'm 90% sure the website is safe from random people on the internet. AS LONG as you use GOOD passwords. The website should be secure enough to host online. Make sure you use updated versions of PHP, Apache2, MySQL etc.
2. People with Team or User Accounts I'm 70% sure can't do anything. They can try attacking the 1 upload directory. They can crash the website by uploading too many files I suppose. Make sure the php engine is turned off in the uploads/ directory.
3. Ok Admins can take down this website. I didn't harden the Inject -> PDF Conversion. Make sure you give this privilege to trusted users only.
If you notice any bad practices let me know. I learned PHP on my own.
Comments
Post a Comment