nitestryker

here is a program for testing, for anyone who uses IE its called TamperIE it lets you edit GET AND POST before the data is sent. download it here: http://www.bayden.com/dl/TamperIESetup.exe

BTW good site to help test your stuff against XSS http://ha.ckers.org/xss.html

The code I used was similar to the one above. hoeever I don't want to post my variables here so i will just give you an example. above I connect to my DB below that /* clean function */ function make_clean_general($var) { return mysql_real_escape_string(trim($var)); } $variable = make_clean_general($_POST['variable']); [/code] and then I insert those variables into my database. when I did a test last night I tried to do a meta redirect in one of the form input fields and it didn't allow it. although some things still worked so I am probably gonna have to write something else. the problem is time, right now I just don't have alot of time to continue this project. but what I would like to do is re-write the whole thing using this as a base and make a better more secure one.

Hello Everyone, ok so I had alittle time to add some code to try and sanitize the form input when adding a contact. go ahead and test but please don't blow it up thankx

Well I have both web developer tool bar and firebugs installed and running and it does and i have over 2 gigs of ram in this laptop.

yeah know I remember why I uninstalled those addon's they slow your firefox down....

oh ok. I am fimilar with firebug thanks, I will install that plugin and take a look

Can you be a little more specific. What browser are you using? and what are you clicking to get that error? because I am using firefox and I have not seen that error?

Thanks for the feedback, I am already aware of the ability to use XSS when adding contacts I plan to fix that as soon as I have time. what about the overal design I suck at doing the graphics and design part, I would like to hear your feed back on the design.

there is a few things I have turned off on purpose.

Hey, Thanks for the feedback everyone. I have made a few minor changes check them out here http://www.nitestryker.com/address I would love to hear your feedback Thanks, Nitestryker

I am not sure if I am posting this in the proper place but, feel free to move it I would like to share my source code with the PHPFreaks Community. I don't know how important people will find this script but Here it is anyways Description: This Scripts send you an Email alert when a bot is indexing a directory on your site. for me that is important because I might not want certain directories open to the public, I like to know when Google Is indexing my page so that I don't have any security vulnerabilities. then if i need to I can always password protect that directory or do whatever else is necessary. so here it is enjoy feel free to take my script and edit/modify to your liking. <? /* Bots Email Alert */ /*edit the email address for alerts */ /* Created by Jeremy Stevens 2009 */ $email = "yourname@example.com"; if( eregi("googlebot", $_SERVER['HTTP_USER_AGENT']) ) { $serv = $_SERVER['HTTP_USER_AGENT']; $req = $_SERVER['REQUEST_URI']; mail($email, "Googlebot Alert", "Google just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Lycos_Spider_(T-Rex)", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Lycos Spider Alert", "Lycos Spider has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Ask Jeeves/Teoma", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "LAsk Jeeves/Teoma Spider Alert", "Ask Jeeves/Teoma Spider has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Architext spider", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Excite Spider Alert", "Excite has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("FAST-WebCrawler", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "FAST-WebCrawler Alert", "FAST-WebCrawler has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Yahoo Slurp", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Yahoo Slurp Alert", "Yahoo Slurp has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("InfoSeek sidewinder", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "InfoSeek Bot Alert", "InfoSeek Bot has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("MSNbot", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "MSN Bot Alert", "MSN bot has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Scooter", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "AltaVista Spider Alert", "AltaVista Spider has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Scrubby", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Scrubby Spider Alert", "scrubby Spider has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Slurp/3.0", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Slurp Spider Alert", "slurp Spider has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Teoma_agent1", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Teoma_agent1 Spider Alert", "slurp Spider has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Winona", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Winona Spider Alert", "Winona Spider has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("ZyBorg", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "ZyBorg Spider Alert", "ZyBorg Spider has just indexed your following page: " . $_SERVER['REQUEST_URI']); } else /* Non Search Engine Bots */ if( eregi("Almaden", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Almaden Spider Alert", "Almaden Spider is snooping around on the following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Cyveillance", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Cyveillance Spider Alert", "Cyveillance Spider is snooping around on the following page: " . $_SERVER['REQUEST_URI']); } else if( eregi("Indy Library", $_SERVER['HTTP_USER_AGENT']) ) { mail($email, "Indy Library(Email harvester)Alert", "Indy Library Spider is snooping around on the following page: " . $_SERVER['REQUEST_URI']); } else ?> Installation Instructions: 1. Change the Email Address 2. Upload the script on to your server 3. Include the script to your index file using the following Code: <? include('scriptfile.php');?>

<?php $ip = $_SERVER['REMOTE_ADDR']; echo $ip; ?>

Hey Thanks, The Add Contact Should be Working, I know the Edit Contact isn't working its like that on purpose so people won't delete my data but i will look into those errors you posted above thanks.

I started this project about 6 months ago haven't had much time to work on it or complete it but here it is please give me your feedback. Features * Add Contacts (stores in MySQL) Edit Contacts Export Contacts to CSV Email Contacts Via Outlook or Straight from the AddressBook Via Php Mail ----------------------------------------------------------------------- ( please use Firefox Looks Best In Firefox) http://nitestryker.com/address/contacts.php please give me your feedback