Jump to content

Most Liked Content

#1393384 Profanity Filter

Posted by doddsey_65 on 18 November 2012 - 02:58 PM


I have just finished creating a profanity filter in PHP and would like to see if anyone can bypass it.

I have spent a few days working on the algorithm which accounts for spaces and symbols as well as words that sound like profanity eg/ replacing "er" with "a".

I should mention that this project displays a list of all the words that bypass the filter. So if you do not wish to see these words then please do not visit the page.




#1403476 Gludoe CMS

Posted by RobertP on 05 January 2013 - 09:16 PM

Well, this is my second time posting my project here. There have been way to many upgrades / re-factors to list. Basically it is a full functioning cms, with many features (that don't hinder the site's usability).

I would like to ask for the community to take a look, and try to break the site. If you find anything that looks odd / weird; please post as well.

Site: http://auth.gludoe.com/
Verification: http://auth.gludoe.com/phpfreaks.txt

Test Account:
Email: test1@gludoe.com
Password: test

PS: this is a link to my previous topic, in which i can not edit, so i decided to create a new one.

PPS: If the site is offline; it is running off my laptop at home, and sometimes it gets unplugged accidentally. I will do my best to keep it online until my testing purposes are completed.

#1383160 Test My Website Builder For Vulnrabilities

Posted by deathadder on 06 October 2012 - 05:38 AM

hi, i am working on a website builder project and i was wondering if you guys could test it for vulnrabilities

i am fairly new to php, but as far as i can see the code is valid, and secure, i have only added basic sql injection protection so hope you can help

proof i own the website: http://generalprogra...g.org/freak.txt

http://generalprogramming.org is website

#1202980 Guidelines and FAQ

Posted by .josh on 18 April 2011 - 02:42 PM

What this board is for

If you have some code you are wanting people to debug, or a website you are working on that you want people to 'beta test,' post the code/link here.

The idea of this forum is that you have finished your code, and now you wish for people to test it for weak spots, logic problems, etc.. While you can of course expect feedback from your testers, if you need more help fixing your code, use the Help forums. This forum is for testing and testing feedback ONLY.

This is NOT a "rate my script/site" forum. Please go to the critique forum for that. Try to give a good description of what your code is supposed to be doing.  We can do little more than find syntax errors if we don't know what it's supposed to be doing.

Your topic doesn't show?

All new topics are moderated, meaning that they will not show up until a staff member approves it. Read the rules for posting in this forum and follow the directions.

Some advice to be cautious

Be very careful on what kind of info you post, especially when it comes to posting links to your site.  Posts of this nature are often times aliases of "please try to hack my site and tell me if you do, and how, so I can fix it."  We cannot and will not be held liable for any kind of damage or loss that results from you posting any of your stuff here (or anywhere else on the site, for that matter).  Not everybody out there is honest. Someone out there may read your post, go to your script, find a security hole and exploit it without telling you, all the while giving you the thumbs up.

Rules Regarding "Exploit Scanners"

Use of exploit scanners can be an effective way to discover exploits on a website, so we have no intention of banning posting scanner results. But these scanners can also return bogus results.

Secondly: Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.

As of now, posting scanner results is only allowed under the following conditions:

1) You must share the name and how to get the scanner
2) You absolutely MUST explain every item in the result (why is this a risk, not just because the scanner says so)

As with all forum rules, ignoring these could lead to moderation action. Ignorance of these rules is not a defense.

Thank you for your cooperation.

#1459355 Code Review, Beta Testing and Help needed with new site

Posted by r3wt on 21 November 2013 - 01:18 PM

I'm building a trade site for virtual currencies like bitcoin and such.


i need a bit of help as well as some general feedback on the site(be forwarned, it looks pretty crappy in non webkit browsers like firefox and ie. i probably should be developing for those browsers as well, but i feel like they are inferior and will be forgotten soon enough.


this being said, here is the link to the site






test123 | 12345678 TraderBob | 12345678 test2 | password test5 | password


help i need:




I need a way to autoscroll the window down, but unfortunately i haven't been able to get it to work. code always seems to break.

$(document).ready(function() {
		//load messages
		$('#ajaxPOST').submit(function() {
			$.post('ajaxPOST.php', $('#ajaxPOST').serialize(), function(data){
			//clear the message field
			//reload messages
			return false; 



This was working before i built the chat, but since i find that logging out no longer redirects back to the homepage. 

if (isUserLoggedIn()) {
	echo"<p class='notify-green' id='notify'>You are now logged out.</p>";
	header('Refresh: 2; url=https://openex.pw');
	header( 'Location: index.php');

#1396996 Mvc Framework

Posted by Jragon on 02 December 2012 - 09:33 PM


I recently wrote a php framework, it's more just a structure for code. https://github.com/Jragon/Midget-MVC

It's called Midget-MVC 'cause it's so tiny. I was just wondering what you php experts thought about it.


#1392918 Is My Site Vulnerable?

Posted by Manixat on 16 November 2012 - 11:51 AM

Heya guys,

We're soon officially releasing our new project but I am unsure about how vulnerable it is, so I'm hoping you can help me out?

The site is not in English, so I figured if you want to help me I must explain to you what it actually is. So the site basically is a catalog type of thing where people upload their unneeded old stuff in order to sell it. And we have narrowed it down to a very few categories, based on most common needs.

On the index page you have the logo, which is still not added ( waiting for our photoshop guru to show up ) and just below it you can find the "add advertisement" button. ( I'm not sure if advertisement is the correct word but well .. ). Below that is the menu with the categories and at the bottom are the most recent advertisements

You can get to the search page by clicking on an item from the categories menu, then a new menu with subcategories will show up and you just pick one. The search page is where the most url variables are passed and I think where the most vulnerable part is supposed to be. Although if you use google chrome to translate the index page you're gonna have a bad time, getting <fonts> all over the url.

Anyway, here's the website URL, I have everything backed up so don't worry to mash things up, and I would really appreciate your help!

[text file received via PM]

#1447959 Robot Detection Class - For Your Use

Posted by Muddy_Funster on 03 September 2013 - 12:21 PM

I have knocked up this liitle class for retrieving a list of known robot user agents from the really rather helpfull people over at robotstxt.org.  It pulls info from their site and builds an array that can be used to compare against the $_SERVER['HTTP_USER_AGENT'] varable.  It has an exlusion array that can be altered to suit your personal prefferences and can be echoed directly to produce a valid JSON string that can be passed as is to a JQuery/Javascript using AJAX or anything of that like.  I am putting no restrictions on this, but the people over at the robotstxt.org do request that you give them a mention for accessing their data, so I leave that up to anyone who may want to use it.


Anyway, I found the need to be able to ensure bots didn't get free reign of the site I was making and thought that some other people out there may have a use for this.


Here it is, enjoy (maybe) - anyway let me know what you guys think of it.  (p.s. - I'm new to the whole DocBlock thing... ;) )

 * Generates a list of robot useragent deffinitions for use with
 * $_SERVER['HTTP_USER_AGENT'] to identify robots
 * This links into the robotstext.org site to access thier current
 * robot list.  It then produces an arrau of these useragents that
 * can be used to check if a visitor is a robot or not.  
 * Call: $yourVar = new getRobots();
 * $robotArray = $yourVar->robots;
 * JSON output (if you want to pass to javascript): echo $yourVar;
 * @param string $url Link to robotstxt.org server
 * @param array $robots the array list of useragents
 * @return __toString Returns JSON string of Object{"robots":array[{"numericalKey":"useragentText"}]
class getRobots{
    public $url;
    public $robots=array();

    public function __construct()
        $url = "http://www.robotstxt.org/db/all.txt"{
        $fullList = file($url);
        $exlusions = array //add lines here to include exclusions for any other agents in the list
                "Due to a deficiency in Java it's not currently possible to set the User-Agent.",
        echo "<pre>";
        foreach ($fullList as $line=>$content){
            $delimit = ":";
            $split = explode($delimit, $content);
            if(trim($split['0']) == "robot-useragent"){
                $conCount = count($split);
                $agent = "";
                    if($i != 0){
                        $conPart = $i;
                        $agent .= " {$split[$conPart]} ";
                array_push( $this->robots, trim($agent));
        foreach($this->robots as $key=>$agent){
            if(in_array($agent, $exlusions)){
    public function __toString(){
        $json = "{\"robots\":[".json_encode($this->robots)."]}";
        return $json;

#1417745 Canvas Retro Shooter

Posted by doddsey_65 on 09 March 2013 - 07:34 PM



I have been working on a side scrolling shooter for the past couple of weeks and I would like to get some testing done.

The game is similar in style to many retro shooters like Gradius, UN Squadron etc.


The game play is a simple wave style, where you complete a level that has certain groups of enemies come at you in different patterns/amounts.


This version only contains 1 level and is quite short to help with debugging and testing.


Let me know what you think and if there are any issues that you can see.


The graphics are basic atm, I will be getting better ones made once the games mechanics are stable.






#1376341 V CMS beta test

Posted by ComGuar on 08 September 2012 - 07:33 PM

Hello people!

I am testing CMS for vulnerabilities on the first place.
If you find any error, please send message to me or post it here. If you have any idea how I can improve CMS it would be nice to say me :)
Soon some components like forum and photo gallery will be added.

Website URL: http://goo.gl/rDcS0
Verification file: http://goo.gl/X6UAF

I created account for phpfreaks members, but I'll be happy if you register :)

username: phpfreaks
password: phpfreaks

Thanks in advance!

#1374846 CMS backend: test for vulnerabilities and security problems

Posted by happypete on 03 September 2012 - 02:21 PM

Hi Experts,

I'm designing the back-end of a CMS and not being a great programmer would like someone to test the script for vulnerabilities, in particular:

  • image uploads + photo gallery in general
  • availability calendar (the calendar isn't showing on the index.php page but can be viewed/updated by clicking the 'Edit Availbility Calendar' link
  • WYSIWYG inputs
  • Google Map

URL: http://bit.ly/QfI6od
Verification: http://bit.ly/SdI4Rr

If you find any vulnerabilities then hinds on getting them sorted would be very much appreciated

Thanks a lot,


#1308563 this site keeps getting hacked

Posted by geeks on 17 January 2012 - 02:40 PM

Please help, this site keeps getting hacked, I have escaped all my sql input, as well as applying intval() to almost all input variable, I have hit a brick wall, I can always use PDO, but that would be a monumental task, and it may be something simple that I am missing.

link to my verifying txt file : http://www.apdec.org.za/phpfreaks.txt

link to the site : http://www.apdec.org.za/

specifically I have been hacked on the branch names and page content.

I have a full backup of code as well as the database.

I would really appreciate any help.


#1436504 Gamebu

Posted by doddsey_65 on 18 June 2013 - 12:06 AM





I have recently created http://www.gamebu.co.uk and would like some testing done before I add more features.


Gamebu is a site where you can play online games for free. Game types include Flash, Unity3D and HTML5.


I have a collection of over 1000 games so far from sites such as MochiGames, FreeOnlineGames and FlashGamesDistribution.


I would like to know if there are any security vulnerabilities and if everything works as expected (ie no dead links).




#1327912 My Reprogrammed CMS System

Posted by ryanfilard on 15 March 2012 - 11:29 PM

Verification: http://goo.gl/yVLKm

Website: http://goo.gl/2aiey

Frontend Demo: http://goo.gl/UwHqS

Dashboard Demo: http://goo.gl/6Gr8X (Please don't delete the homepage.)
Username: admin
Password: pass

I just released the next major version of my CMS. I re-programmed from the start because the previous version had to many bugs. Can you test it for errors it would really help.


#728729 Rules - Must Read Before Posting

Posted by 448191 on 03 January 2009 - 04:51 PM

Conditions for Testing Requests

In order to post in this forum, the following conditions must be met:

  • You must have at least 10 posts, from posting in other forums on this site.  Do not "spam" your way to 10 posts just to post here.
  • You are only allowed to request testing of your own website or websites you are otherwise authorized to manage. In order to verify this you must:
  • Create a regular .txt file containing a full URL link to your profile here on PHP Freaks (see details below), and place it on the same domain(s) as your script(s). The text file must be in the root directory of your site. 
    URL: http://www.yoursite.com/phpfreaks.txt
    Text in file: http://forums.phpfre.../user/1-philip/ (but to your profile link)
  • You must then notify us with the URL of the .txt file by placing a link to it in your post or report your post to moderator with the link in the report details.

Profile Link

In my experience, the one thing that people fail to do most of the time, is properly post a link to their profile in the text file. 

The following is not a valid profile link:



That link only works for you, based off of the main menu link and your browser&#039;s session.  Below is what a valid profile link looks like:


You can easily get your profile link by:
  • Clicking on your own name in one of your own posts
  • Clicking on your own name at the top right of the screen
  • Putting [member=your username here] in a test post and hitting the preview button and getting the URL generated from the link.  For example, [member=.josh] will generate .josh.
  • Going to Members > Search For Members and searching for yourself and clicking on that link.

Failure to follow these rules and instructions may result in actions from locking or deleting your topic or even having your account banned depending on the severity and at the discretion of the staff member handling the incident. There are no exceptions and this rule is in effect of immediately meaning that all topics created after this topic will have to abide by this rule.

Waiting for Approval

It generally takes 1-3 days for someone to approve your post.  Normally we will not respond if you are not approved, because of failing to follow the instructions above (we will usually respond if it&#039;s for some other reason).  If after 3 days your post has not been approved and you have not received a response, you can resubmit your site, however, more than likely you were not approved because you failed to follow the rules/instructions! So please re-read the rules and follow the instructions carefully

Someone posted my site!

If someone posted your site here without your authorization then you may use the report to moderator link within the topic and verify your status as owner or representative of the website in the same way as outlined above.  Note that we cannot be held responsible for any damage that may have occurred because of this! If someone had the ability to create the text file on your site to prove ownership/access, they hacked or otherwise gained access to your site independently and prior to whatever thread you are reporting!

#1434108 Web service to generate thumbnail previews online

Posted by ThumbifyMe on 04 June 2013 - 08:55 PM

Hi all,

I'd love some feedback on my new web service (site) called http://thumbify.me


It basically allows you to push files (of many file types) to it and then it creates a thumbnail preview of the file (or website) and returns it to you.

It supports many image formats, video formats and even word, excel and powerpoint documents.

Its still in beta at the moment, but any feedback would be greatly welcomed.



#1480479 Crowd sourced beer price aggregator

Posted by lemmin on 22 May 2014 - 06:48 PM

This is a Gas Buddy type website for beer prices. Feel free to add real or fake data.







I would like to include weekly circular prices from the big supermarkets, but I've tried ad nauseam to contact anyone at a corporate level who could answer any questions. Any ideas on that level?



I appreciate any and all feedback.



#1437558 RacoonJS HTML5 Canvas Game Engine

Posted by Volter9 on 23 June 2013 - 07:13 PM

Hello guys!


I created simple HTML5 Canvas Game Engine and want to share with my creation.


There's a link to the project (on github): https://github.com/Volter9/RacoonJS


And demo: http://volter9.githu...oids/index.html


Thank you for attention.

P.S.: I hope I not violating any rules.

P.S.S.: To admins/moderators: did I choosed right section to post in?

#1383589 New Uploading Site: Uqload.com

Posted by Lukeidiot on 08 October 2012 - 02:15 AM

Hey guys,

I just made a new upload site and would love for you guys to test it for me!

Here is the site: http://uqload.com

Do your best!


#1256377 New forum software

Posted by doddsey_65 on 12 August 2011 - 12:57 PM

I am currently creating a new forum software called A Simple Forum. For the most part it is complete. I just need to finish off the admin section then I will be releasing the first beta to download. But before that I need to make sure everything works. So can you guys please test my site and let me know how things go. Thanks