virtuexru Posted December 6, 2006 Share Posted December 6, 2006 OK. If anyone could give it a quick run-through as far as securities go, and point out if you find anything, preferably on the index and register pages. (SQL Injection Attacks and what-not). Thanks in advance.The website is:[url=http://www.itwallstreet.com]http://www.itwallstreet.com[/url] Link to comment https://forums.phpfreaks.com/topic/29704-is-my-phpmysql-site-secure/ Share on other sites More sharing options...
AbydosGater Posted December 6, 2006 Share Posted December 6, 2006 I had a go at using OR=1' as a username and password, the only injection i know of :P anyone know anyother injections that should be tryed, that one failed Link to comment https://forums.phpfreaks.com/topic/29704-is-my-phpmysql-site-secure/#findComment-136342 Share on other sites More sharing options...
virtuexru Posted December 6, 2006 Author Share Posted December 6, 2006 Yea I just saw I got a confirmation email. Everything seems ok with the database so far, thanks. Link to comment https://forums.phpfreaks.com/topic/29704-is-my-phpmysql-site-secure/#findComment-136343 Share on other sites More sharing options...
Orio Posted December 6, 2006 Share Posted December 6, 2006 Add more validation for usernames, fullnames etc' I was able registering with html and script tags- that's a risk (read about Cross-Site-Scripitng).Orio. Link to comment https://forums.phpfreaks.com/topic/29704-is-my-phpmysql-site-secure/#findComment-136352 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.