olie122333 Posted July 27, 2008 Share Posted July 27, 2008 Hi, Please try this site: http://www.freewebsitepromotion.co.cc/ If you can hack it, please don't! Just tell me how to fix it please xD Thanks, Olie122333 Link to comment Share on other sites More sharing options...
Jeigh Posted July 27, 2008 Share Posted July 27, 2008 You'll need to add validation for data entry in the form, I didn't try 'hacking' it but I can just enter whatever I want in there as many times as I want. For example, you say to include http:// in the URL but you can just delete that out of the input box and it will still submit. If I wanted to advertise my site example.com I can also just keep entering that in the box 100s of times (or even bots could do it) so your site will just be flooded with the same site, I'd suggest adding CAPTCHA for that. Try searching for sanatizing input in PHP. Link to comment Share on other sites More sharing options...
olie122333 Posted July 27, 2008 Author Share Posted July 27, 2008 You'll need to add validation for data entry in the form, I didn't try 'hacking' it but I can just enter whatever I want in there as many times as I want. For example, you say to include http:// in the URL but you can just delete that out of the input box and it will still submit. If I wanted to advertise my site example.com I can also just keep entering that in the box 100s of times (or even bots could do it) so your site will just be flooded with the same site, I'd suggest adding CAPTCHA for that. Try searching for sanatizing input in PHP. Yeah, thanks... I forgot to make the URL checked and make it a unique field... I know about CAPTCHA - i only spent like 1 hour on this code this morning xD Link to comment Share on other sites More sharing options...
darkfreaks Posted July 28, 2008 Share Posted July 28, 2008 make your directories non writable right now i can use any programming language to write a file to any directory and it would let me Link to comment Share on other sites More sharing options...
waynewex Posted July 28, 2008 Share Posted July 28, 2008 HELLO... was me. Link to comment Share on other sites More sharing options...
olie122333 Posted July 28, 2008 Author Share Posted July 28, 2008 make your directories non writable right now i can use any programming language to write a file to any directory and it would let me What you mean ? Any site can write to my directories ? HELLO... was me. What was you ? Link to comment Share on other sites More sharing options...
waynewex Posted July 28, 2008 Share Posted July 28, 2008 The Javascript alert. Link to comment Share on other sites More sharing options...
waynewex Posted July 28, 2008 Share Posted July 28, 2008 You need to use the function strip_tags on all external data Link to comment Share on other sites More sharing options...
waynewex Posted July 29, 2008 Share Posted July 29, 2008 LOL WHO THE FUCK ADDED MEATSPIN? :D Link to comment Share on other sites More sharing options...
olie122333 Posted July 30, 2008 Author Share Posted July 30, 2008 LOL WHO THE FUCK ADDED MEATSPIN? :D PM me and i will tell you their IP - i log them Link to comment Share on other sites More sharing options...
unidox Posted July 31, 2008 Share Posted July 31, 2008 Getting: Could not execute query! when I try to add a site. Link to comment Share on other sites More sharing options...
Recommended Posts