please test for security!

[ricmetal]

thats what i have, but i also have the email field

 

y isnt it included?

[darkfreaks]

because that isnt the problem area

[darkfreaks]

without seeing the actual code we can not tell you where your going wrong

[Mchl]

I run inject me on new deal form. Maybe that's it

[Mchl]

<?php

$pass1= trim(mysql_real_escape_string(strip_tags(htmlspecialchars($_POST['pass1']))));
$pass1.= md5($pass1);

 

Why are you doing all this sanitizing? What could possibly break md5 function?

I can't really understand what's happening here...

 

[darkfreaks]

because i dont understand what is breaking in his code and i would have no idea unless he pasted it

[ricmetal]

ive got a bunch of errors on my script, changes i made that worked and stopped working with the injection thing so i have to remake the whole thing from the original code

 

ill let u guys know when i remake the site from the original code and implement the new code

 

 

[ricmetal]

index and login are inject me secured

thanks for the scripts dark

[ricmetal]

can you help me with the deals page?

 

 

[darkfreaks]

i cant access it???

[ricmetal]

..?

i can access it

[darkfreaks]

when i go to includes page top / add new deal i get 404 error ???

[ricmetal]

i changed the includes

the deal is on the main folder

 

 

[darkfreaks]

"you must be logged in to view this page"  ???

[ricmetal]

text@gmail.com

pass: 12345

[darkfreaks]

XSS me or SQL inject didnt find anything

 

Update: ironically it injected anyway ???

[ricmetal]

XSS me or SQL inject didnt find anything

 

Update: ironically it injected anyway ???

 

yeah, i got the same thing

 

im thinking that perhaps i just need a captcha to avoid automated insertations now

 

[darkfreaks]

did you use the following functions?

 

mysql_real_escape_string,trim,strip_tags,htmlspecialchars  ???

 

if so could you paste code ???

[ricmetal]

$ref = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref']))));

then, a simple sql insert

[darkfreaks]

uhm no wonder you have injection?

<?php
$ref = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref']))));
$ref.=filter_var($ref, FILTER_SANITIZE_STRING);


if(!empty($ref)) { //submit 
}else { //error
}?>

 

 

[ricmetal]

thing is, which might be why the data still gets inserted in that the addeal page submits info to another script page, and THAT script page sends the code. so im applying the code to the second page, that actually send the data, not to the addeal page itself

 

addeal:

<form method="post" action="adddealscript.php">
<input type="text" name="ref" size="30" />
<input type="submit" value="Add Deal!" />

 

adddealscript:

$ref = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref']))));
if(!empty($ref)) { 
sql INSSERT
}else { //error
}?>

 

[ricmetal]

might it be that?

[darkfreaks]

if it is stil going through the empty check there is a problem

 

 

make sure you check for if it isset()

<?php
if(isset($var)||!empty($var)) { //submit
}else{ //error
}?>

 

[ricmetal]

try now inject me

you still think i should add the issets and empty fields?

either way, i did add issets and !empty fields

 

it looks secure now

 

[ricmetal]

$ref = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref']))));

$ref2 = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref2']))));

$ref3 = trim(strip_tags(mysql_real_escape_string(htmlspecialchars($_POST['ref3']))));

 

if(isset($ref)||!empty($ref)||isset($ref2)||!empty($ref2)||isset($ref3)||!empty($ref3)) {

//insert

}else{

//error

}