DeathStar Posted March 23, 2007 Share Posted March 23, 2007 Hi there everyone. I would like to have You people from phpfreaks look at my website, and comment it! Its still early, and there is still some work to be done on it. That where I would like people to come in, to say what I can do to better my website. (more efficient etc.) The main purpose of this website is to have people from around the world join in to fight the spammers who ruin our games/websites. They should Report someone if they have someone making trouble on their game/site, and then someday if someone else have a problem with someone they would just be able to search/look for the person on the site and then get their details to report him/her. This will be very use full for people who just started a website/game and run into a problem with someone, they would of course not know about sql injections ect. and secured it. I will eventually get a domain for it once it has lift off. Site name: MOG Spam Site address: http://deathsta.justfreespace.com Thanks for reading. Quote Link to comment Share on other sites More sharing options...
Orio Posted March 23, 2007 Share Posted March 23, 2007 1) Pic doesn't show up. It's supposed to be m0gspam.png and not m0gspam1.png. 2) Buttons and text color in the forms is too dark and hard to read. 3) Even if I enter a value in the user/pass boxes, it still tells me I didn't enter anything. Even if its a valid user/pass combo. 4) Make the errors show up with the form, so the user doesn't have to hit back if he makes a mistake. Same goes for the register page. 5) After I register: "Your password has is: "***""... has is? I think the "has" is unneeded. You got a lot of work to do, and add some design to the site! Orio. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted March 23, 2007 Author Share Posted March 23, 2007 did you enter an sql injection into the login form? And how can I make the errors display one the page? ~Image Fixed now displays by random. ~Register Mistype Fixed ~Form text color corrected. Quote Link to comment Share on other sites More sharing options...
steviewdr Posted March 23, 2007 Share Posted March 23, 2007 You mentioned sql injection. Im not sure if what you were on about is: http://deathsta.justfreespace.com/index.php?ord=assc You also dont stripslashes for doube quotes. Thats a magic_quotes issue.....Even though I see you are using html entities, so it might be ok, not going to test it more. Also you allow 10.0.0.0 and presumably 192.0.0.0 ones aswell. You should put a note saying that these are special ip address ranges. Its a good idea, the UI of your site is poor however. You dont have a constant Navigation once logged in. When submitting a spammer, you have to click the back button etc. etc. I take it you heard of DNSBL's. Its a list of spammer ip's that is constantly updated and which can be blocked via forums etc. > did you enter an sql injection into the login form? No. Just put a load of quotes into the username and password fields on login. > And how can I make the errors display one the page? Look at settings in your php.ini (if I think thats what you are asking). -steve -steve Quote Link to comment Share on other sites More sharing options...
DeathStar Posted March 23, 2007 Author Share Posted March 23, 2007 Ok.. How do i get that list of ip's from DNSBL, to input to my database? ~Inserted Some UI ~Errors on same page: Quote Link to comment Share on other sites More sharing options...
Orio Posted March 23, 2007 Share Posted March 23, 2007 Every time I try to register I get this msg: "Naugthy, naughty! Moderator advised!"...?? Errors are still showing up without a form under them. Orio. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted March 23, 2007 Author Share Posted March 23, 2007 :\ Ok.. The "Naugthy, naughty! Moderator advised!" is: I log the ip's from signup and login. I will clear that acount of yours Orio. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted March 23, 2007 Author Share Posted March 23, 2007 ok used a If ($_POST){ to display the erros on the same page. Should be right now! Quote Link to comment Share on other sites More sharing options...
redbullmarky Posted March 23, 2007 Share Posted March 23, 2007 DeathStar, can you post a test account username/password. Will make things a million times easier for those not that fussed about registering... Quote Link to comment Share on other sites More sharing options...
DeathStar Posted March 23, 2007 Author Share Posted March 23, 2007 Sure... Login Detials: Username: test Password: test Quote Link to comment Share on other sites More sharing options...
AXiSS Posted March 24, 2007 Share Posted March 24, 2007 -Lots of header errors on different pages -I managed to insert scripts into it, and it looks like you fixed it and added a "no tags allowed" system, but now everything supposedly has tags (such as "someone") -Reson is spelled "Reason", and you can only see the first five or so letters of it, so it isn't that helpful. And will you please take my IP off the list. Quote Link to comment Share on other sites More sharing options...
DeathStar Posted March 24, 2007 Author Share Posted March 24, 2007 So it was you, Nvm.. if you look closely you will see that you can view the profile of the spammer. full details, don't want a single coloum to be 100 chars long :\ Quote Link to comment Share on other sites More sharing options...
SharkBait Posted March 25, 2007 Share Posted March 25, 2007 hehe i just signed up as username asdf with an email of asdf@asdf.com no need to validate or anything. In firefox the site is all over the place and I'm afraid I won't look at it any further. I'd contain it into a box of sorts that is aligned in the middle of the screen. I'd make sure the forms that need to be filled out aren't all align="center" too And when I logout I get this: You have been logged out! Warning: Cannot modify header information - headers already sent by (output started at /home/deathsta/public_html/logout.php:5) in /home/deathsta/public_html/logout.php on line 6 Quote Link to comment Share on other sites More sharing options...
DeathStar Posted March 25, 2007 Author Share Posted March 25, 2007 Ill put some spam prefention in. But i do log the hostname and ip when you signup Still that header error, I'll try meta refresh.. The site is good layedout in terms that it has not graphics yet. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.