Web EdBox

Descreption: Web EdBox is an open-source project editor IDE built entirely in PHP. It provides a secure environment for managing and editing project code on a server without granting full server access. With Web EdBox, managers can create and manage developers and admins, while developers have access to edit the code of the project.

Hosted On GitHub

README

Web EdBox

Pull Requests GitHub release (latest by date)

Web EdBox is an open-source project editor IDE built entirely in PHP. It provides a secure environment for managing and editing project code on a server without granting full server access. With Web EdBox, managers can create and manage developers and admins, while developers have access to edit the code of the project.

Features

User Access Control: Managers have full control over user access, while developers have limited access to project code.
Secure Environment: File and folder access control prevents accidental modifications of critical files.
Backup System: Automatically backs up previous versions of edited files to the developers local system for easy recovery in case of errors.

Setup

Fill in the required credentials (Encryption IV Key, EKey) in editor/login/dataEnc.php.
Default cipher method used is AES-256-CBC, but this can be modified.
Upload the Web EdBox folder to your server.
Open the editor using the URL http://[siteurl]/editor.
Upon setup completion, the editor will ask for a manager username and password for setup [This step must be performed immediately after setup].

Vulnerabilities

ALLNEW Vulnerability: Opening the editor without populating the user database will expose the user access page, allowing the creation of a manager.
Solution: To prevent this vulnerability, simply create the manager user as soon as setting up the editor, if you want to remove manager without having access to the editor, you can clear out the dbase.jdb file contents from within the server which will make the editor allow creating a new manager.

Usage

The editor hides certain files and folders (editHide) and makes others inaccessible (editLocked) to prevent accidental modifications.
File names can also be used to lock (*.elock.*) and hide (*.ehide.*) individual files.
Developers can edit files and must press "Save to Site" to save changes. Previous versions are automatically backed up in the developers’ local computer for recovery, as a .txt file.

Note: Intentional modifications using code can be performed on locked files and folders as usual, locking and hiding is to just prevent accidental modifications.

Directory Structure

            Server Root:.
            └── editor
                | ├── index.php
                | └── style.css
                |
                └── images
                |    ├── edicon.png
                |    └── edlogo.png
                |
                └── login
                |    ├── data.php
                |    ├── dataEnc.php
                |    ├── dbase.jdb
                |    └── index.php
                |
                └── master
                     └── index.php

Note

Changing filenames or codes without proper understanding may lead to errors. Ensure to follow the setup instructions carefully to avoid vulnerabilities.

License

This project is licensed under the MIT License. See the LICENSE file for details.

Developer

Primary Developer:
Kanish Ravikumar

Downloads

Version 0.1.0-beta

Web-EdBox-0.1.0-beta.zip Web-EdBox-0.1.0-beta.tar.gz