ricmetal

http://www.pastie.org/private/jj7ekmnepfunaetdefiyw

yes

..still nothing :/ no captcha... with preg and without preg

no captcha..

i just get \n\n \n \n \n \n where the captcha should be now

Failures: 134 those same errors for every field

and the errors Server Status Code: 302 Moved Temporarily Tested value: 1' OR '1'='1 Server Status Code: 302 Moved Temporarily Tested value: 1' OR '1'='1 Server Status Code: 302 Moved Temporarily Tested value: %31%27%20%4F%52%20%27%31%27%3D%27%31 Server Status Code: 302 Moved Temporarily Tested value: 1 UNION ALL SELECT 1,2,3,4,5,6,name FROM sysObjects WHERE xtype = 'U' -- Server Status Code: 302 Moved Temporarily Tested value: 1 UNI/**/ON SELECT ALL FROM WHERE Server Status Code: 302 Moved Temporarily Tested value: 1 AND ASCII(LOWER(SUBSTRING((SELECT TOP 1 name FROM sysobjects WHERE xtype='U'), 1, 1))) > 116 Server Status Code: 302 Moved Temporarily Tested value: ' OR username IS NOT NULL OR username = ' Server Status Code: 302 Moved Temporarily Tested value: 1' AND non_existant_table = '1 Server Status Code: 302 Moved Temporarily Tested value: 1'1 Server Status Code: 302 Moved Temporarily Tested value: '; DESC users; -- Server Status Code: 302 Moved Temporarily Tested value: 1 AND USER_NAME() = 'dbo' Server Status Code: 302 Moved Temporarily Tested value: 1' AND 1=(SELECT COUNT(*) FROM tablenames); -- Server Status Code: 302 Moved Temporarily Tested value: 1 AND 1=1 Server Status Code: 302 Moved Temporarily Tested value: 1 EXEC XP_ Server Status Code: 302 Moved Temporarily Tested value: 1'1 Server Status Code: 302 Moved Temporarily Tested value: 1' OR '1'='1 Server Status Code: 302 Moved Temporarily Tested value: 1 OR 1=1

sure http://www.pastie.org/private/csd8h7sohvjrxagvfsdn2w

[email protected] 12345678

still has 302 errors but doesnt inject anything but blank spaces... check here http://www.dealsground.byethost7.com/adddeal.php ill postie the code for you maybe u can see whats wrong thanks

yeo thanks very much

i hope this is the right forum im putting together a code to email through google with Swift Mailer for php5 and im hoping someone will give me a hand here writing this script i cant understand the documentation and there aren't many examples that work online edit: okay...just got it..!

ok, i figured out how to use a code i had here. thanks dark! hinty plse check now thanks for all help so far, really, im plain lazy when it comes to learning but implementing, im there thanks

thanks for that im getting on checking xss out thanks

gracias *fixed now* thanks

well,m not anymore

hey, pm sent, with the code that doesnt get triggered by inject try out on the site, ull see 0 errors, but my db gets populated

still getting errors with the filter sanatize but im sure its not because of the gets its something else i added ill strip down the code to where it stoped giving me trouble then ill let you know

must add the other stuff to further protect the site

edit as far as injections, looks like it inject me still produces errors when i type in extra variables on my code that have nothing to do with the db but they are all 302 errors and the db isnt populated, so i guess thats ok

$ref = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref'])))); $ref2 = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref2'])))); $ref3 = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref3'])))); if(isset($ref)||!empty($ref)||isset($ref2)||!empty($ref2)||isset($ref3)||!empty($ref3)) { //insert }else{ //error }

try now inject me you still think i should add the issets and empty fields? either way, i did add issets and !empty fields it looks secure now

might it be that?

thing is, which might be why the data still gets inserted in that the addeal page submits info to another script page, and THAT script page sends the code. so im applying the code to the second page, that actually send the data, not to the addeal page itself addeal: <form method="post" action="adddealscript.php"> <input type="text" name="ref" size="30" /> <input type="submit" value="Add Deal!" /> adddealscript: $ref = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref'])))); if(!empty($ref)) { sql INSSERT }else { //error }?>

$ref = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref'])))); then, a simple sql insert