chrissie18
-
Posts
17 -
Joined
-
Last visited
Never
Posts posted by chrissie18
-
-
wow
:D:D thanks a lot for all your help :D:D -
thnx i wasn`t that for with my script but i have added it
what else can i do preventing the injections i have know added addslashes, htmlspecialchars, strip_tags
-
i added it to the script
-
yeah i know the edit post is crazy i dint want to add code lol
-
rescanned that exploit was on editprofile.php i cant be specific as ot what variable
<? include('config.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"/> <meta name="description" content="Exxelent is a online dealer game host where you can start your own dealer game"/> <meta name="keywords" content="exxelent, dealer, game, gratis, free, win, paid"/> <meta name="author" content="chrissie"/> <link rel="stylesheet" type="text/css" href="default.css" media="screen"/> <title><? echo"$sitename"; ?></title> </head> <body> <div class="outer-container"> <div class="inner-container"> <div class="header"> <div class="title"> <span class="sitename"><a href="index.php"><? echo"$sitename"; ?></a></span> <div class="slogan">Your Own DealerGame</div> </div> </div> <div class="path"> <a href="index.php">Home</a> › <a href="register.php">Aanmelden</a> › <a href="login.php">Login</a> </div> <div class="main"> <div class="content"> <h1>Profiel wijzigen</h1> <div class="descr"></div> <p>Hier kun je je eigen profiel aanpassen en dat van je game<br /></p> <?php if (isset($logged['id'])) { if (isset($_POST['submit'])) { $email = isset($_POST['email'])?addslashes(htmlspecialchars($_POST['email'])):""; $location = isset($_POST['location'])?addslashes(htmlspecialchars($_POST['location'])):""; $dername = isset($_POST['dername'])?addslashes(htmlspecialchars($_POST['dername'])):""; $welcomet = isset($_POST['welcomet'])?addslashes(htmlspecialchars($_POST['welcomet'])):""; //updates there profile in the db $update = mysql_query("UPDATE `members` SET `email` = '$email', `welcomet` = '$welcomet', `dername` = '$dername', `location` = '$location' WHERE `username` = '$logged[username]'") or die(mysql_error()); echo "Profiel is geupdate!"; } $getuser = mysql_query("SELECT * FROM `members` WHERE `username` = '$logged[username]'") or die(mysql_error()); $user = mysql_fetch_array($getuser); echo "<form action='editprofile.php?update' method='post'> Email: <input type='text' name='email' size='30' maxlength='55' value='$user[email]'><br> Land: <input type='text' name='location' size='30' maxlength='40' value='$user[location]'><br> dealernaam: <input type='text' name='dername' size='30' maxlength='40' value='$user[welcomet]'><br> Welkoms tekst: <input type='text' name='welcomet' size='90' maxlength='240' value='$user[dername]'><br> <input type='submit' value='Update' name='submit'> </form>"; }else{ echo "Je bent niet ingelogd."; } ?> </div> <div class="navigation"> <h2>Menu</h2> <ul> <li><a href="index.php">index</a></li> <li><a href="register.php">aanmelden</a></li> <?php if(isset($logged['id'])) { //Logged in code }else { echo "<li><a href=\"login.php\">login</a></li>"; } ?> <li><a href="members.php">leden</a></li> </ul> </div> <div class="navigation"> <?php if(isset($logged['id'])) { echo"<h2>Ledenmenu</h2> <ul> <li><a href=\"editprofile.php\">Wijzig profiel</a></li> <li><a href=\"changepass.php\">Verander wachtwoord</a></li> <li><a href=\"logout.php\">Uitloggen</a></li> </ul>"; } ?> </div> <div class="clearer"> </div> </div> <div class="footer"> <span class="left"> © 2008 <a href="index.php">exxelent.nl</a> Valid <a href="http://jigsaw.w3.org/css-validator/check/referer">CSS</a> </span> <span class="right">Design by <a href="http://arcsin.se/">Arcsin</a> <a href="http://templates.arcsin.se/">Web Templates</a></span> <div class="clearer"></div> </div> </div> </div> </body> </html> -
oops changed it haha forgot to add ''
-
XSS unencode warning:
The unencoded attack string was found in the html of the document. Other browsers may be vulnerable to this XSS string.
Tested value: ¼script¾document.vulnerable=true;¼/script¾
Solution:mysql_real_escape_string(),trim(),strip_tags(),htmlspecialchars()
The XSS is that only on the change password or on the whole script?
-
Hey everyone i have made my membership on my site and i need someone to test my stuff the url to my site is:
login information:
username: test
password: test
Thnk you all
-
i know it was bit wrong but i noticed something with the VALUES
it was
( '', '', 'size', '' , 'noimage.png', 'noimage_big.png');";
think that`s not good space before the ( ?
think it need to be:
('', '', 'size', '' , 'noimage.png', 'noimage_big.png');"; -
maybe you can try this:
$sql = "INSERT INTO `products` (``, `category_id` , `title` , `size` , `description` , `image` , `imageenlarge`) VALUES ('', '', '', 'size', '' , 'noimage.png', 'noimage_big.png');"; -
omfg whahaha i found the problem i checked again the mysql database and i wrote the dername with a D not d know it is working
Thnx for all the help
-
yeah the page is already blank dername is blank and welcomet is blank the rest is filled up in (mysql) they are filled up with text but it seems he don`t want to get the text from it
-
you are not the only one i think haha
but hey still not working same errors tried everything stupid thing ???
-
ok i changed it but what`s the problem with the
Notice: Undefined index: dername in
can`t get them fixed tried different things
-
hello i have a code and it`s not correct getting:
Notice: Undefined index: dername
Notice: Undefined index: welcomet
in my php script can you help me out this is my code:
if(isset($logged['id'])) { if(isset($_GET['update'])) { $email = addslashes(htmlspecialchars($_POST[email])); $location = addslashes(htmlspecialchars($_POST[location])); $dername = addslashes(htmlspecialchars($_POST[dername])); $welcomet = addslashes(htmlspecialchars($_POST[welcomet])); //updates there profile in the db $update = mysql_query("UPDATE `members` SET `email` = '$email', `welcomet` = '$welcomet', `dername` = '$dername', `location` = '$location' WHERE `username` = '$logged[username]'"); echo "Profile updated!"; } $getuser = mysql_query("SELECT * FROM `members` WHERE `username` = '$logged[username]'"); $user = mysql_fetch_array($getuser); echo "<form action='editprofile.php?update' method='post'> Email: <input type='text' name='email' size='30' maxlength='55' value='$user[email]'><br> Location: <input type='text' name='location' size='30' maxlength='40' value='$user[location]'><br> dealer naam: <input type='text' name='dername' size='30' maxlength='40' value='$user[dername]'><br> Welkom text: <input type='text' name='welcomet' size='90' maxlength='240' value='$user[welcomet]'><br> <input type='submit' value='Update'> </form>";Thanx alot,
chris
-
Hello everybody i have a problem with my register script i have added a new option in my register.php but when i register myself i see nothing in mysql what i changed the rest is there
here are my codes and sorry for my bad English
<?php session_start(); //allows session include('config.php'); //checks if there trying to veriy there account if(isset($_GET['verify'])) { //gets the code and makes it safe $code = addslashes($_GET['code']); //gets the code from the database $getcode=mysql_query("SELECT * FROM `verification` WHERE `code` = '$code'"); //counts the number of rows $getcode = mysql_num_rows($getcode); //if the ammount of rows is 0 the code does not exist if($getcode == 0) { echo "Verkeerd activatie code!"; } //or if the code does exist we will activiate there account else{ //get the data from the database $getcode=mysql_query("SELECT * FROM `verification` WHERE `code` = '$code'"); //fetchs the data from the db $dat = mysql_fetch_array($getcode); //sets the users user level to 2 which means they can now use there account $update = mysql_query("UPDATE `members` SET `userlevel` = '2' WHERE `username` = '".$dat['username']."'") or die(mysql_error()); //deletes the code as there is no use of it now $delete = mysql_query("DELETE FROM `verification` WHERE code = '$code'"); //says thanks and your account is ready for use echo "Bedankt, Je account is geactiveerd je kunt nu inloggen."; echo "<meta http-equiv='Refresh' content='2; URL=login.php'/>"; } }else //if we have posted the register for we will register this user if(isset($_GET['register'])) { //check to see if any fields were left blank if((!$_POST[username]) || (!$_POST[password]) || (!$_POST[cpassword]) || (!$_POST[email]) || (!$_POST[dname])) { echo "Je moet alles wel invullen."; echo "<meta http-equiv='Refresh' content='2; URL=register.php'/>"; }else{ //posts all the data from the register form $username = $_POST[username]; $dname = $_POST[dname]; $password = $_POST[password]; $cpassword = $_POST[cpassword]; $email = $_POST[email]; //check see if the 2 passwords are the same if($password == $cpassword) { //encrypts the password 8 times $password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($password)))))))); $dname = mysql_query("SELECT `dname` FROM `members` WHERE `dname` = '$dname'"); $dname= mysql_num_rows($dname); $cname = mysql_query("SELECT `username` FROM `members` WHERE `username` = '$username'"); $cname= mysql_num_rows($cname); //checks to see if the username or email allready exist if($cname>=1) { echo "Gebruikersnaam bestaat al"; echo "<meta http-equiv='Refresh' content='2; URL=register.php'/>"; } if($dname>=1) { echo "dname bestaat al"; echo "<meta http-equiv='Refresh' content='2; URL=register.php'/>"; }else{ //gets rid of bad stuff from there username, dealername, email $username = addslashes(htmlspecialchars($username)); $dname = addslashes(htmlspecialchars($dname)); $email = addslashes(htmlspecialchars($email)); if($semail == "1") { // $email set as 1 means email activation is active //adds them to the db $adduser = mysql_query("INSERT INTO `members` (`username`, `password`, `email`, `dname`) VALUES('$username','$password','$email','$dname')"); //posible letters for the verification code $alphanum = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; //shuffles the letters around to create a 16 long code $code = substr(str_shuffle($alphanum), 0, 16); //adds there code along with there user name to the db $addcode = mysql_query("INSERT INTO `verification` (`username`, `code`) VALUES('$username','$code')"); //don't edit this, this is the link for there activication $link = "http://$host$self?verify&code=$code"; //sends the email to the person mail("$email", "Lidmaatschap validatie", "Bedankt voor het registreren op $sitename. Je gebruikersnaam is: $username en je wachtwoord is: $password Enigste wat je nu nog hoeft te doen is je account activeren dat kan om naar deze link te gaan: $link", "From: admin@exxelent.nl"); //message sent now lets tell them to check there email echo "Je bent nu geregistreert,<br><br>Kijk in je email voor de activatie link."; }else{ //no need for email activation $adduser = mysql_query("INSERT INTO `members` (`username`, `password`, `email`, `userlevel`, `dname`) VALUES('$username','$password','$email','2','$dname')"); echo "Je bent nu geregistreert,<br><br>Je kunt nu inloggen op je account"; echo "<meta http-equiv='Refresh' content='2; URL=login.php'/>"; } } }else{ echo "De twee wachtwoorden kwam niet overeen probeer het opnieuw!"; echo "<meta http-equiv='Refresh' content='2; URL=register.php'/>"; } } }else{ //none of the above so lets show the register form echo "<form action='register.php?register' method='post'> <table width='350'> <tr> <td width='150'>Gebruikersnaam:</td> <td width='200'><input type='text' name='username' size='30' maxlength='25'></td> </tr> <tr> <td>Dname:</td> <td width='200'><input type='text' name='dname' size='30' maxlength='25'></td> </tr> <tr> <td>Wachtwoord:</td> <td><input type='password' name='password' size='30' maxlength='25'></td> </tr> <tr> <td>bevestig wachtwoord:</td> <td><input type='password' name='cpassword' size='30' maxlength='25'></td> </tr> <tr> <td>Email:</td> <td><input type='text' name='email' size='30' maxlength='55'></td> </tr> <tr> <td colspan='2'><center><input type='submit' value='Aanmelden'></center></td> </tr> </table> </form>"; } ?>And i changed the dname all is there in mysql except for (dname) please help me out.
thanks allot
Chris
[SOLVED] Test my whole script
in Beta Test Your Stuff!
Posted
know i am going to get rid of the nasty html and put it in smarty