Jump to content


  • Posts

  • Joined

  • Last visited


Everything posted by john010117

  1. Make sure to validate your code. While looking at the source code, you have two DOCTYPEs, two <head> and two <body>.
  2. Very nice design, first of all. I have a couple of suggestions. For that nav to work effectively as tabs (as I'm assuming you are), I think it'll be best if you specified where the user is in terms of the tabs. For example, if I'm at the homepage, the tab "Home" should be highlighted. That's my only complaint so far. Again, nice job!
  3. The only thing I would complain about is the "bar" that goes across the entire page at the top. It's kinda distracting for me. Other than that, nice job!
  4. This is just a simple form for trying to XSS the input/output. If you find any vulnerabilities, please do tell me. I used my custom function to prevent XSS from happening. Any characters are allowed. In other words, try to "hack" this simple form. http://area51.john010117.com/xss.php
  5. Try putting "Navigation" / "Other Links" / "Login" in the top bar. The login form doesn't work (login.php doesn't exist) Center the main content.
  6. No you didn't (at least on the second page if it's a new movie). "><script>alert("hi")</script>
  7. Your site is XSS vulnerable. Try registering w/ the username of: "><script>alert('hi')</script>
  8. I'm using Firefox 3 Beta 5 with a 1280 x 1024 monitor resolution. An annoying horizontal scrollbar appears on my browser window while visiting your site.
  9. Use AJAX, for one. Nobody wants to reload the entire page just to make a shout.
  10. What sstangle73 said is true. <?php $dir = 'upload/02_00'; echo (count(glob($dir . '/*')) === 0) ? '<a href="upload/0200.php"><img src="img/0200.png" border="0"></a>' : '<img src="img/booked.png" border="0">'; ?>
  11. <?php error_reporting(E_ALL); ?> at the top of every page. If you're using a custom error handler, use set_error_handler(function_name)
  12. Letting users use HTML is a huge security risk. That's what I believe BBCodes are for.
  13. Just found the include directory. Huge security risk.
  14. Ok, thank you very much for giving me a detailed explanation. I have modified my site to most (if not all) of the things you've mentioned. Again, more suggestions are great.
  15. I just put the forums there just as a test. I'll get rid of it soon. Ok, I'll put more padding in. As for the pictures, how big do you think the screenshots of the websites in my portfolio should be? If it's too big (as it is right now), I'll have to put a lot of text on the right side to make the page look good. Thanks everyone for their opinions. If you have any more opinions, please feel free to say them. I'm looking to improving my site (and others) constantly.
  16. Wrong section, I believe. Try this forum.
  17. Ok, thank you for the suggestions. I have fixed the typo in the portfolio page, and have implemented screenshots of my projects. However, I'll leave the copyright as "John the Freelancer". Again, thanks.
  18. http://www.johnthefreelancer.com/ I aimed for simplicity while giving the user maximized info about me and my freelance services. Please let me know if something does not display correctly for you (although I have tested my website in 5 different browsers in Vista - Firefox, IE 7, Opera, Safari, Netscape). If you would like to suggest more content (especially for the "about" section - I definately need more in there, but I have no idea what else to put), please feel free to do so. It'll be great also if you could suggest what the colors for the text in the forum section should be.
  19. You have way too much scripts going on per page. I suggest you size it down.
  20. He shows you how he did it, by removing your existing HTTP vars and editing it to adding single quotes, this is SQL injection... use the function mysql_real_escape_string($_GET['id']) He did tell you how to fix those errors.
  21. Ok, I think I got it. Thanks.
  22. I need help with this query: SELECT polls. * , poll_options. * FROM polls, poll_options LEFT JOIN poll_votes ON polls.poll_id = poll_votes.poll_id WHERE polls.poll_id =1 AND poll_options.poll_id = polls.poll_d Here's my database structure for the three tables: -- -- Table structure for table `polls` -- CREATE TABLE `polls` ( `poll_id` mediumint(5) NOT NULL auto_increment, `poll_question` varchar(200) NOT NULL, `poll_start` int(11) NOT NULL, `poll_end` int(11) NOT NULL, `poll_type` tinyint(1) NOT NULL default '1', PRIMARY KEY (`poll_id`), KEY `poll_start` (`poll_start`,`poll_end`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; -- -------------------------------------------------------- -- -- Table structure for table `poll_options` -- CREATE TABLE `poll_options` ( `option_id` mediumint(5) NOT NULL, `poll_id` mediumint(5) NOT NULL, `option_name` varchar(200) NOT NULL, KEY `option_id` (`option_id`,`poll_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1; -- -------------------------------------------------------- -- -- Table structure for table `poll_votes` -- CREATE TABLE `poll_votes` ( `vote_id` int(11) NOT NULL auto_increment, `poll_id` mediumint(5) NOT NULL, `option_id` mediumint(5) NOT NULL, `vote_user` int(11) NOT NULL, KEY `vote_id` (`vote_id`,`poll_id`,`option_id`,`vote_user`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; MySQL returns with an error: Any help will be appreciated.
  23. The top nav could be vertically-centered. Also, you could use a different font. Oh, and please fix the spelling mistakes.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.