New group betting application/social site opinions please I need your guidance!

[tyweed]

I have started to develop a betting website/social network site where groups of individuals can keep track of all their bets, talk trash, etc. a lot of the social networking features have not yet been implemented.  However, I have all of the betting statistic and table features implemented at this time.  I would like to get some opinions on features I should add, the overall layout, and any other opinion you might have from your initial look at the website.  I'm open for any ideas and all criticism!

 

I hope to hear from you,

 

http://www.voodoowebman.com/youbetyourass/ajax/Login.php

email: test@demo.com

pass: demo

[LemonInflux]

For a start, don't solely rely on the user having AJAX-supporting browsers. By default, my javascript is turned off (noScripts), and it's always quite annoying to visit a site that messes up because it relies on javascript.

 

----------------

Now playing: Enter Shikari - Today Won't Go Down In History

via FoxyTunes

[tyweed]

it should have unobtrusive javascript. What didnt work?

[shlumph]

Forgot password:

Warning: main(dbconnect.php): failed to open stream: No such file or directory in /www/voodoowebman.com/youbetyourass/ajax/LostPassword.php on line 67

Warning: main(dbconnect.php): failed to open stream: No such file or directory in /www/voodoowebman.com/youbetyourass/ajax/LostPassword.php on line 67

Warning: main(): Failed opening 'dbconnect.php' for inclusion (include_path='.:/usr/local/lib/php') in /www/voodoowebman.com/youbetyourass/ajax/LostPassword.php on line 67

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /www/voodoowebman.com/youbetyourass/ajax/LostPassword.php on line 77
Could not find that email in the database please try again? 

[ev5unleash]

On "Sign Up" page the warning.gif image is missing (http://www.voodoowebman.com/youbetyourass/ajax/Warning.jpg)

[tyweed]

Thanks, yeah I meant to say that the site is just in development stage. So a lot of it is still broken. I was more curious about what you thought of the idea, and interfaces, and overall look within the site.

[ev5unleash]

I think you should add more design to the website and change it up with the interface. Make it looke more attractive and easier to use.

[DMComics]

Upon using the email and password you specified within your original post to login, I get greeted with a YouTube video. - Is this correct?

Shouldn't I get greeted with a "My Account"?

 

Although I can't see anything except from the login page, the sight looks OK. But has still a lot of work to be done.

Do you have anything else working as yet, that can be viewed?

What is your plans for the site?

 

Dave

[ev5unleash]

Yeah, He might of put a redirect link in his site or someone linked it. Because this worked before.

[DMComics]

So it use to work, now it doesn't?

 

Dave

[tyweed]

someone must have done something to the site. It has to do with the javascript redirect i use when you get logged in i think? What is wierd is it goes to main for a second then jumps to that youtube video? Wow I must have a biug whole in my security?

 

  var result = oReq.responseText;

  if(result == "redirect")

  window.location.href="main.php";

  else

  $("error").innerHTML = result;

 

This is called on successfull login any ideas how someone could have linked the site without changing source in my files?

 

i'm very curious

[DMComics]

Not using JavaScript.

[ev5unleash]

What type of server are you using?

[tyweed]

Ok i think have pinned down what it was. I think a sql injection into the table has somehow got in so when the browser prints out table it's letting a javascript redirect happen. I'm trying to get access into mysql now so i can have a look at the tables. as of right now the only way i was editing the table info was through php and this won't work! I guess i should have programmed a bit better!

[tyweed]

I closed down those user and pass until i fix these embarrassing flaws. And to think i'm a experienced programmer this is bad bad!

[ev5unleash]

Yeah, This guy has been getting alot of people though SQL Injections. There are some SQL Client Programs out there, try them.