Jump to content

Archived

This topic is now archived and is closed to further replies.

Recommended Posts

http://gamebu.co.uk/phpfreaks.txt

 

Hi,

 

I have recently created http://www.gamebu.co.uk and would like some testing done before I add more features.

 

Gamebu is a site where you can play online games for free. Game types include Flash, Unity3D and HTML5.

 

I have a collection of over 1000 games so far from sites such as MochiGames, FreeOnlineGames and FlashGamesDistribution.

 

I would like to know if there are any security vulnerabilities and if everything works as expected (ie no dead links).

 

Thanks

Carl

Share this post


Link to post
Share on other sites

Slight design flaw:

 

On the home page, at the bottom row of games you hover over them and a description for each game appears, however if you hover over the last one in the row you may notice (depending on screen size) that it gets partially cut off. my current screen size is 1366px in width and 768px in height.

Share this post


Link to post
Share on other sites

Just an update for you guys.

 

I have a few new features that have been implemented on the staging subdomain http://staging.gamebu.co.uk

 

The features include:

 

  • User profiles
  • Adding friends (from profiles)
  • Activity timeline (of your friends)
  • Internal comment system
  • Session tracking (number of active users and guests)
  • Newest users indicator (under "logo")
  • Profile completion percentage (visit your profile for info)

 

If you could test these out and make sure everything is working I can begin deploying them to the live site.

 

Thanks

Share this post


Link to post
Share on other sites

Full Path Disclosure and Possible Database Field Leaks:

http://staging.gamebu.co.uk/user/test/

in /var/www/staging.gamebu.co.uk/releases/20130710194420/vendor/twig/twig/lib/Twig/Template.php line 365

at Twig_Template->getAttribute(array('gender' => 'Unspecified'), 'username') in /var/www/staging.gamebu.co.uk/releases/20130710194420/vendor/twig/twig/lib/Twig/Environment.php(320) : eval()'d code line 71

array(), 'users' => '0', 'guests' => '1', 'bots' => '0', 'newest_users' => array('data' => array(array('id' => '6', 'username' => 'Scott', 'location' => null, 'dob' => null, 'gender' => null), array(*DEEP NESTED ARRAY*)), 'pagination' => array('numbers' => array(*DEEP NESTED ARRAY*), 'total' => '1', 'pages' => '1')), 'app' => object(Application), 'currentPath' => '/user/test/'), array('javascript' => array(object(__TwigTemplate_7aa7a13f2a9aafd00efaae7720e1b51f), 'block_javascript'))) in /var/www/staging.gamebu.co.uk/releases/20130710194420/vendor/twig/twig/lib/Twig/Template.php line 133

I clicked the link given in the activation email and received this error:

Sorry, we could not find an account associated with that activation code.

I tested this with two different email accounts and received the same message.

Share this post


Link to post
Share on other sites

I should mention that the staging subdomain will reveal the errors as it is set as a development subdomain. This is just so people can be more descriptive if things do break. But the user error just refers to a missing variable assignment since the user doesn't exist.

 

As for the activation, those with a keen eye will notice the email points to the main website even if you registered on staging :P

I never planned to stage this project so never considered that.

 

Thanks

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.