NomadicJosh Posted September 20, 2013 Share Posted September 20, 2013 (edited) Hello everyone. I've been busily working on a new student information system. It is currently in beta and there are still some missing pieces, but I think it is big enough to start letting people test it in case I've overlooked something. To test it out, visit the link below. The test login credentials are on the login screen. Thank you. URL: http://pt.7mediaws.org/ Verification link: http://pt.7mediaws.org/phpfreaks.txt Edited September 21, 2013 by ignace Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/ Share on other sites More sharing options...
ignace Posted September 20, 2013 Share Posted September 20, 2013 Looks really good. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450421 Share on other sites More sharing options...
NomadicJosh Posted September 20, 2013 Author Share Posted September 20, 2013 Thank you, @ignace. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450425 Share on other sites More sharing options...
Coreye Posted September 22, 2013 Share Posted September 22, 2013 Cross Site Scripting (XSS): http://pt.7mediaws.org/error/screen_error?code=%3Ch1%3EXSS Cross Site Scripting (XSS):You can submit code in your first and last name and it'll execute. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450724 Share on other sites More sharing options...
NomadicJosh Posted September 22, 2013 Author Share Posted September 22, 2013 @Coreye, thank you. I missed those two; I updated the classes accordingly. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450725 Share on other sites More sharing options...
Coreye Posted September 22, 2013 Share Posted September 22, 2013 (edited) Cross Site Scripting (XSS): You can submit code in your query and it'll execute. Edited September 22, 2013 by Coreye Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450727 Share on other sites More sharing options...
NomadicJosh Posted September 22, 2013 Author Share Posted September 22, 2013 @Coreye, thanks. Got it. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450728 Share on other sites More sharing options...
PaulRyan Posted September 23, 2013 Share Posted September 23, 2013 I am able to log in to your system by doing the following. Inspect Element in Firefox, I change the "uname" field to "uname[]" and the "password" field to "password[]". Then any information I enter will allow me to log in. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450859 Share on other sites More sharing options...
NomadicJosh Posted September 23, 2013 Author Share Posted September 23, 2013 @PaulRyan. Thanks for that. I made a stupid change yesterday that broke the verification. It is fixed now. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450867 Share on other sites More sharing options...
0xMatt Posted September 23, 2013 Share Posted September 23, 2013 I like it and I think it looks really good. I'm just not too fond of the framework you used as the foundation. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450871 Share on other sites More sharing options...
NomadicJosh Posted September 23, 2013 Author Share Posted September 23, 2013 Thanks for the input. It's my framework, and I decided to go with it because I know it inside out and have improved it along the way during this project. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450874 Share on other sites More sharing options...
PaulRyan Posted September 23, 2013 Share Posted September 23, 2013 @PaulRyan. Thanks for that. I made a stupid change yesterday that broke the verification. It is fixed now. It is still allowing me to log in using the method I posted earlier. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450902 Share on other sites More sharing options...
NomadicJosh Posted September 23, 2013 Author Share Posted September 23, 2013 @PaulRyan, thanks. I took another look at that method and saw that it always evaluated to true. The new change should fix the issue now. Link to comment https://forums.phpfreaks.com/topic/282312-edutrac-an-open-source-student-information-system/#findComment-1450912 Share on other sites More sharing options...
Recommended Posts