deathadder
-
Posts
83 -
Joined
-
Last visited
-
Days Won
2
Posts posted by deathadder
-
-
URL: http://rspsdb.org/freak.txt
Hi i would like you all to test my site for all the possible exploits you can find thanks.
-
Hi, i need to connect my java application to my SQL server, i have the code but i have the problem of i don't know what to change localhost to, as i normally use localhost on my website, i don't know what i should change it to.
help would be much appreciated.
-
Wrong section, plus im fairly sure you are going to pay first
-
1
-
-
ik what the problem is it is searching all users, and upating all timestamps, but i have no idea how to fix it.
-
EDIT: i have a problem, my previous theory did not work, so i retried what you said, i wrote up this code but it selects all users timestamps, and whenever one person does an action it uses that as previous action time for all.
<? include 'config.php'; session_start(); $SQL = mysql_query("SELECT * FROM users"); $dbfield = mysql_fetch_assoc($SQL); $inactive = 900; $current_time = time(); $prev_time = $dbfield['timestamp']; $query = $current_time - $prev_time > $inactive; $SQL2 = mysql_query("SELECT * FROM users WHERE timestamp = '$query' AND online='online'") or die(mysql_error()); $dbfield2 = mysql_fetch_assoc($SQL2); $count = mysql_num_rows($SQL2); echo $current_time - $prev_time; echo '<br />'; echo $count; ?>here is the code, can you please tell me what i need to do to fix this?
-
i have an idea, at school i was thinking about this, and came up with the idea to check if the timestamp is older then 15 minutes old on the online list, ill be back if it does not work
-
Ok, so i have it working by setting the cookie time to 300 seconds(5 minutes), and i also have it so if you click logout it deletes cookie, and sessions + sets status field to offline, i also have a script in the config file that checks if the user has had any activity for the last 500 seconds, if it has it resets the time() for the user, if not it logs them out.
what im having trouble with is making a user online list, if they do not refresh their status will be set to online forever, can anyone help me here?
-
still not what i asked for
:confused: :confused: :confused: :confused: :confused:i need to know what function records the timestamp, and what checks for the difference
like i need a function to record the stamp then i also need one to check the difference....
-
yes, thanks but this did not answer my question, could you possibley post a snippit of the code/functions used
-
Hi, i read what you said but i cannot seem to figure it out, you did not explain much of how to do it or what functions to use.
i am using this
<? session_start(); include 'config.php'; $time = time() + (0 * 0 * 15 * 0); $username = $_SESSION['username']; mysql_query("UPDATE `dragonx_sql`.`users` SET timestamp=$time WHERE username='$username'") or die(mysql_error()); ?>but i dont know if that is correct, if not what is, and if it is correct how can i get 15 minutes from this....
-
Wow everyone, thank you for the contribution. I will have a go and find out how to use the timestamp().
Thanks.
-
Hi, i have never worked with timestamps before, and i don't exactly understand how i am going to log actions, if you could post a bit of a snippit or explain a bit more or what to do.
-
Dear fellow Freaks,
So me and my partner have come up with an idea and to build a project for a Runescape Private Server Community.
So far, we've managed to build a Profile page, however within the profile page there is a area which shows weather they're online, or offline.
At the moment, it's just text showing their name and it just says online. We're using cookies to register logins, as well as sessions to use information like username/password, ect ect.
If anyone could give us a hand on how we can make it show weather they're online or offline work, I'd appreciate it.
Thanks. Here's a preview on what it looks like, just to give you an idea.
See how I'm not logged in, yet it says online? Thank you.
-
Hi, can someone give me a simple php script that will read a rss from the mybb forum RSS syndication
please just a simple script that will display who posted the topic, date posted, post content and number or views/ replies if you can
-
Vulnerability testing is all about doing the illogical. The things the programmer probably never thought of and did not test for. That is where a hacker is going to find their way into your systems and wreak havoc. That's one of the mindsets you need to get into while programming and testing. As well as the mindset of a clueless user and the mindset of a cat walking across the keyboard (as in make sure a 2k-char-long string of "ap]342]345o325t\34r5q324iour9ajr3]214r2it..." doesn't cause problems), to name a few.
max username chars is 32, same with password, max page chars is 10,000 and page name around 100-300 cant remember
max username char is 32 same with pass max page char is 10,000 and page name 100 i thinkk
I hope that doesn't mean that you found there was a typo in the password because they are stored in your database table in plain text?
no, it means that i couldnt login to the testacc, so i remade it with a new password
-
You can't edit/delete pages with special characters. I'd save the pages as IDs instead of names. EX: http://generalprogra...trol.php?edit=1
ok thans for this, will fix it now, although there is no logical explanation to sava page as that
not to mention when you visit thewebsite it uses the $_GET method, i could fix it by using ids onthat too, but then the user on the website would have mor difficulty identifing the page
-
BUMP
-
yeah i made a typo in pass fixed now
cant someone please just test for vulnrabilities
-
username: testacc
password: test
-
what do you mean text account?
well like yeah test all input fields, for vulnrabillities and others, idk much about them, but isn't there a tool that looks for them?
-
ok ,thanks for that can you take a look at my site to check for vulnrabillities, it is posted in test your stuff
-
<?php> $pc = $_POST['pc']; ]If ($pc == 0) { $pcText = "<a href=http://www.yahoo.com'>yahoo.com</a>"; } else if ($pc == 1) { $pcText = "<a href='http://www.google.com'>Google.com</a>"; } ?>there you go, i edited your php code, all you have to do is paste it
-
idk where else to put this, so ill post it here, i have some .htaccess code that changes profile.php?username=username to domain.com/profile/username
but in this case what i need to do is
make wwebsite.php?website=name&page=homepage
into website/name/page/homepage or something similar
thi is what i got now
RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /website.php?website=$1 -
thats the problem line 1 of the file where this error is displays there is <?php include 'inc/header.php'; ?> and line one of header.php is <?php include 'inc/config.php'; ?>
line 2 of header.php is session_start();
i tried putting session_start(); on line one but it still didn't work
Javascript not working on HTTPS
in Javascript Help
Posted
So straight to the point, http works, but the javascript on https does not
the only thing i am connecting to require from http is the javascript file, everythigg else has /dir without the http or htpps, help?