Jump to content


Photo

eduTrac: An Open Source Student Information System

sis php mysql bootstrap

  • This topic is locked This topic is locked
12 replies to this topic

#1 parkerj

parkerj

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts
  • LocationBoston, MA

Posted 20 September 2013 - 10:15 AM

Hello everyone. I've been busily working on a new student information system. It is currently in beta and there are still some missing pieces, but I think it is big enough to start letting people test it in case I've overlooked something. To test it out, visit the link below. The test login credentials are on the login screen. Thank you.
 
URL: http://pt.7mediaws.org/

Verification link: http://pt.7mediaws.org/phpfreaks.txt

Edited by ignace, 21 September 2013 - 04:38 PM.

eduTrac ERP | College Management System


#2 ignace

ignace

    Now mod flavored

  • Moderators
  • 6,208 posts
  • LocationBelgium

Posted 20 September 2013 - 12:00 PM

Looks really good.

#3 parkerj

parkerj

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts
  • LocationBoston, MA

Posted 20 September 2013 - 12:21 PM

Thank you, @ignace.


eduTrac ERP | College Management System


#4 Coreye

Coreye

    PHPHelpCenter.com

  • Members
  • PipPipPip
  • 537 posts
  • LocationFlorida

Posted 22 September 2013 - 03:27 PM

Cross Site Scripting (XSS):

http://pt.7mediaws.o...or?code=<h1>XSS

 

Cross Site Scripting (XSS):
You can submit code in your first and last name and it'll execute.

Attached File  Screnshot-2013-09-22_16.12.01.png   10.98KB   0 downloads


PHP Help Center - PHP Help and Security Testing.  :)


#5 parkerj

parkerj

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts
  • LocationBoston, MA

Posted 22 September 2013 - 03:52 PM

@Coreye, thank you. I missed those two; I updated the classes accordingly.


eduTrac ERP | College Management System


#6 Coreye

Coreye

    PHPHelpCenter.com

  • Members
  • PipPipPip
  • 537 posts
  • LocationFlorida

Posted 22 September 2013 - 04:03 PM

Cross Site Scripting (XSS):

You can submit code in your query and it'll execute.

Attached File  Screnshot-2013-09-22_17.00.06.png   11.1KB   1 downloads


Edited by Coreye, 22 September 2013 - 04:04 PM.

PHP Help Center - PHP Help and Security Testing.  :)


#7 parkerj

parkerj

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts
  • LocationBoston, MA

Posted 22 September 2013 - 04:12 PM

@Coreye, thanks. Got it.


eduTrac ERP | College Management System


#8 PaulRyan

PaulRyan

    Hello World

  • Members
  • PipPipPip
  • 873 posts
  • LocationUK
  • Age:22

Posted 23 September 2013 - 11:51 AM

I am able to log in to your system by doing the following.

 

Inspect Element in Firefox, I change the "uname" field to "uname[]" and the "password" field to "password[]".

 

Then any information I enter will allow me to log in.


My Internet Home - Dumping ground for new ideas/tips/tricks and general grievances of developing.

 

Firefox 17 - PHP 5.4 - MySQL 5 - Win7 [64-bit]

Rule for asking for help: If you don't show that you've tried to accomplish something, you don't deserve help.


#9 parkerj

parkerj

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts
  • LocationBoston, MA

Posted 23 September 2013 - 12:18 PM

@PaulRyan. Thanks for that. I made a stupid change yesterday that broke the verification. It is fixed now.


eduTrac ERP | College Management System


#10 0xMatt

0xMatt

    Advanced Member

  • Members
  • PipPipPip
  • 32 posts
  • LocationPooptown, Arkansas

Posted 23 September 2013 - 12:39 PM

I like it and I think it looks really good. I'm just not too fond of the framework you used as the foundation.


Friend of the night.

My Project


#11 parkerj

parkerj

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts
  • LocationBoston, MA

Posted 23 September 2013 - 12:44 PM

Thanks for the input. It's my framework, and I decided to go with it because I know it inside out and have improved it along the way during this project.


eduTrac ERP | College Management System


#12 PaulRyan

PaulRyan

    Hello World

  • Members
  • PipPipPip
  • 873 posts
  • LocationUK
  • Age:22

Posted 23 September 2013 - 02:21 PM

@PaulRyan. Thanks for that. I made a stupid change yesterday that broke the verification. It is fixed now.

It is still allowing me to log in using the method I posted earlier.


My Internet Home - Dumping ground for new ideas/tips/tricks and general grievances of developing.

 

Firefox 17 - PHP 5.4 - MySQL 5 - Win7 [64-bit]

Rule for asking for help: If you don't show that you've tried to accomplish something, you don't deserve help.


#13 parkerj

parkerj

    Advanced Member

  • Members
  • PipPipPip
  • 167 posts
  • LocationBoston, MA

Posted 23 September 2013 - 02:51 PM

@PaulRyan, thanks. I took another look at that method and saw that it always evaluated to true. The new change should fix the issue now.


eduTrac ERP | College Management System





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com