from Hacker News

Show HN: Requiem: No setup PHP scripts for blog, gallery

by ffwd on 10/20/24, 5:07 PM with 3 comments

Very simple PHP scripts with zero or minimal setup - just upload to webhost and blog/share photos

Blog features:

- Uses sqlite

- Drag n drop upload of files

- Posts and static pages

Gallery features:

- All images organized through FTP

- Single file gallery

- Just upload and add folders via FTP

- Automatically creates thumbnails

- Doesn't modify directory structure

Calendar features:

- Calendar is still a work in progress and is not as zero setup as you need to rename all files manually.

  • by stephenr on 10/20/24, 5:21 PM

    Oh sweet baby Jesus

    Please learn about authentication, and password handling, and sessions.

    TLDR: md5ing the hardcoded username + password and setting it in a cookie is basically asking to be hacked.

    I literally got to line 30-something on the first file I looked at, and stopped reading.