Warptweet

Darn. . . that really hurts =/ Does anyone know the links to download any of the contest entries, without needing the use of administrator-only archives?

Hi there! I haven't been here for a very long time -- but there used to be a PhpFreaks Contest forum. Where did all the topics go? I'm really interested in on of the mmorpg's that was entered in the contest. Any clue where I can find the entries of the MMORPG contest?

http://www.simple-upload.com I developed this entire website, bought the domain, and brought it online in a matter of hours just today. The website follows a module of simplicity in the footsteps of google. The website is so simple, it instantly gratifies anyone who simply want's to upload a file instead of grope over sign ups, low file size limits, and useless rapidshare 30-second wait limits. Also, the design loads incredibly fast with it's simple yet elegant design. Even on a slow connection, it almost always takes less than half a second to load. Please rate: Simplicity - Is the website simple enough for you? Do you understand how it works? Design - Does the design consist of logically placed parts/looks good? Would you use this website? - How often? For what purposes? Suggestions - Anything that makes it easier for the users. Even if it saves the user a millisecond, it's roughly a minute or two of my time to make my site that much better. Any suggestion is appreciated. Side Notes: Uploading an image provides you with codes to directly view the image, post it on web pages, and post it on forums for your convenience. Uploading a .flv video will give you a button on the provided 'File Homepage' link which you may click to view the video web-based, once again for the users convenients.

HAHAAHHAAH, That front page letter was AWESOME! 90% of internet users just sitting there, eyes glued to the monitor, not even know what they're looking for (or something related). You made me laugh for like ten minutes nonstop. HILARIOUS. The articles there are funny too.

Yes, my host is ace-host.net. An awesome company, support is often answered within 5 minutes. Anyways, they aren't the problem. And as you no longer get to know the direct location of a file that can be dangerous, it's of almost no risk to me. Basically everyone variable used in my site (not many, the site is as simple as possible) uses mysql escape string now.

If you guys read the earlier posts -- the hacking problem is completely gone. The site is very safe and unless it's an image -- you don't even get to know where the file is stored.

Whew! That was HILARIOUS. It was a crazy circus ride stopping the hacking. Yeah... refer to my little "hack this upload site" topic if you wanna know how he did it. You can all resume to slaving over critisizing my website. *malicious laughing*

Lol, sillies. I deleted that script and replaced it with an IP tracker. It has no effect on my site. When my site was FIRST hacked, he hid that file there. That was the origin of all the problems. I hope I'm safe... for now. Also, even if he/she does manage to upload the script again, he/she won't know the location. Nobody gets to know the location of files anymore

Nevermind. He hid a file called c992.php in one of my many many directories. It was a program that could edit anything of my website -- really clever really. I edited c992.php into a remote IP tracker. BANNED!

HYPER EMERGENCY: I wake up in the morning. Forbidden: Warptweet.com, caramea.com, uploadpoints.com, merandtroy.com, everything. All my sites, all my folder. I can't even access my files from my own highest-access cpanel. They locked down my server. I had to contact my host to fix the problem! I took uploadpoints.com offline. I made a backup and deleted all the files. For some reason, the hackers can STILL edit the index.php! I'm guessing they hid a .php file somehwere in my other directories.

I don't seem to understand what you mean in that, "back door". Almost every variable I can find is using mysql_escape_string.

It seems to be so easy for him. I made the upload form a whitelist where you can only upload files with a type that is specified. Regardless, he keeps coming.. I'm confused.

I fixed the typo Sorry, was in a rush to restore the site. Please try hacking the website. I implement mysql_escape_string to practically every variable in my PHP. Also, for direct links, it direct links to a .php file which sends the direct download. You don't actually know the directory that the file is stored in. And the chances of you guessing it is too low to be considered possible. There are 1.84710571 × 10^89 possibilities

It happened again. I have a backup of all files, so it took seconds for me to reboot the site. The new front page was actually quite funny. "CANT TOUCH DIS HACKARY. ROFL" And a video of "Can't Touch This". I actually listened to it a couple of times. I made some tight measures against the hacking..

Hmm... SQL injection attempt. However, only files were uploaded, none of my database entries were modified...

I've been hacked once again, despite my greatest efforts. PLEASE hack my site, and tell me how you did it, and perhaps even suggestions on how to defend myself from the endless barrage of people who have nothing better to do with their lives other than ruin websites.

UploadPoints.com Yes, it's really that simple. : ) Completely free. Upload any file up to 200MB. Hotlinking allowed for all files. File Listings for uploaded zip folders. Registration is optional for extra features. Force-Download any file, or view it web-based. Direct links to all files, including non-image files. No unneccessary processing. Upload large files quickly. Optimized design loads up to 800% faster than other hosts. Feel free to use my host for hosting any of your files. You can direct link to any files, or lead them to a viewing page where you and others can download it through force-download or view it web-based if it's an image. I also added a feature in which you can download seperate files inside uploaded .zip files, allowing for even more flexibility. Please rate the website speed, how long you would stay, if you would bookmark the website, if the design is pleasing enough, and what hosts you think you would rather use over this. EDIT) I'll admit it. I have somewhat of a competitor. Which site do you think is better? UploadPoints.com, or my competitors site, willhostforfood.com?

My site is a general file host for any file type that isn't banned. It already has forced-download abilities -- however, you can easily just direct-link to it. Luckily for me, the hacker who did it was stupid enough to try and upload a .php7 file, which isn't banned (and didn't work.). After the very first incident, I added IP logging for all uploads. He won't be able to even view the front page of any of my sites for as long as his IP is the same.

A whiltelist may be too difficult. Or -- would setting the file permissions to 0000, or perhaps just read (no writing or executing), work?

Today, I had no current-date backups of two of my websites. Today, I had a short and incomplete list of banned file types for my upload scripts. Today, I had to resort to out-dated or incomplete BETA's of two of my sites. Today, two of my sites were hacked. Today, I hurt. And the child services division couldn't help. Even if they could, it would take them exactly 21 minutes to get here. My uploader was vulnerable. I banned .php files, but forgot to ban .php3, .php4, .php5, and .php6 files. What file types should I ban to maximize security? www.uploadpoints.com

It made the page refresh infinitely, before it even loaded.

Hi there, When a user logs into my website http://www.uploadpoints.com, the navigation is set to show a different list of urls. However, when they log in, (at least for me), they need to press the refresh button in order to see the changes. I tried deleting the Cache using some snippets from other places, but it didn't work. Header("Cache-control: private, no-cache"); Header("Expires: Mon, 26 Jun 1997 05:00:00 GMT"); Header("Pragma: no-cache"); How can I delete the cache or use some other method to make the navigation change on-time?

Thanks for trying, however it still didn't work. Even after tweaking and different methods and variations, it didn't work. Something tells me embedding a source is simply required to have valid HTML or such? However, you still added security. With the code in the file you let me have, I can now encrypt the game descriptions dynamically. Anyone who wants to make an advanced leecher bot wont be able to get the a description -- at least not without having quite a bit of trouble. Thank you so much!

Thats because Googles system is different, and even I myself believe that Google has a horrible advertising system. This system is more unique, interesting, and brings a model of fairness to advertising.

I like it, I tested it out and it works nicely. However, I can't seem to edit it in a way that I can implement it with my php. Location of Flash File: $flash_file Flash Width: $size[0] Flash Height: $size[1] And I use this code: <embed src='$flash_file' width='$size[0]' height='$size[1]' /> Are you able to hand-edit the translation for me, and make it compatible with my variables? Thanks for trying at least, your obfuscator works really well.