Mog Spam

[DeathStar]

Hi there everyone.

 

I would like to have You people from phpfreaks look at my website, and comment it!

Its still early, and there is still some work to be done on it.

That where I would like people to come in, to say what I can do to better my website. (more efficient etc.)

 

 

The main purpose of this website is to have people from around the world join in to fight the spammers who ruin our games/websites.

They should Report someone if they have someone making trouble on their game/site, and then someday if someone else have a problem with someone they would just be able to search/look for the person on the site and then get their details to report him/her.

This will be very use full for people who just started a website/game and run into a problem with someone, they would of course not know about sql injections ect. and secured it.

 

I will eventually get a domain for it once it has lift off.

 

Site name: MOG Spam

Site address: http://deathsta.justfreespace.com

 

Thanks for reading.

 

 

[Orio]

1) Pic doesn't show up. It's supposed to be m0gspam.png and not m0gspam1.png.

 

2) Buttons and text color in the forms is too dark and hard to read.

 

3) Even if I enter a value in the user/pass boxes, it still tells me I didn't enter anything. Even if its a valid user/pass combo.

 

4) Make the errors show up with the form, so the user doesn't have to hit back if he makes a mistake. Same goes for the register page.

 

5) After I register: "Your password has is: "***""... has is? I think the "has" is unneeded.

 

 

You got a lot of work to do, and add some design to the site!

 

 

Orio.

[DeathStar]

did you enter an sql injection into the login form?

And how can I make the errors display one the page?

 

~Image Fixed now displays by random.

~Register Mistype Fixed

~Form text color corrected.

[steviewdr]

You mentioned sql injection. Im not sure if what you were on about is:

 

http://deathsta.justfreespace.com/index.php?ord=assc

 

You also dont stripslashes for doube quotes. Thats a magic_quotes issue.....Even though I see you are using html entities, so it might be ok, not going to test it more.

 

Also you allow 10.0.0.0 and presumably 192.0.0.0 ones aswell. You should put a note saying that these are special ip address ranges.

 

Its a good idea, the UI of your site is poor however. You dont have a constant Navigation once logged in. When submitting a spammer, you have to click the back button etc. etc.

 

I take it you heard of DNSBL's. Its a list of spammer ip's that is constantly updated and which can be blocked via forums etc.

 

> did you enter an sql injection into the login form?

No. Just put a load of quotes into the username and password fields on login.

 

> And how can I make the errors display one the page?

Look at settings in your php.ini (if I think thats what you are asking).

 

-steve

 

-steve

[DeathStar]

Ok..

How do i get that list of ip's from DNSBL, to input to my database?

~Inserted Some UI

~Errors on same page:

[Orio]

Every time I try to register I get this msg: "Naugthy, naughty! Moderator advised!"...??

Errors are still showing up without a form under them.

 

Orio.

[DeathStar]

:\

Ok..

The "Naugthy, naughty! Moderator advised!" is:

I log the ip's from signup and login.

I will clear that acount of yours Orio.

[DeathStar]

ok used a

If ($_POST){

to display the erros on the same page.

Should be right now!

[redbullmarky]

DeathStar, can you post a test account username/password. Will make things a million times easier for those not that fussed about registering...

[DeathStar]

Sure...

Login Detials:

Username: test

Password: test

[AXiSS]

-Lots of header errors on different pages

-I managed to insert scripts into it, and it looks like you fixed it and added a "no tags allowed" system, but now everything supposedly has tags (such as "someone")

-Reson is spelled "Reason", and you can only see the first five or so letters of it, so it isn't that helpful.

 

And will you please take my IP off the list.

[DeathStar]

So it was you, Nvm..

if you look closely you will see that you can view the profile of the spammer.

full details, don't want a single coloum to be 100 chars long :\

[SharkBait]

hehe i just signed up as username asdf with an email of asdf@asdf.com

 

no need to validate or anything.

 

In firefox the site is all over the place and I'm afraid I won't look at it any further.  I'd contain it into a box of sorts that is aligned in the middle of the screen. I'd make sure the forms that need to be filled out aren't all align="center" too

 

And when I logout I get this:

You have been logged out!

Warning: Cannot modify header information - headers already sent by (output started at /home/deathsta/public_html/logout.php:5) in /home/deathsta/public_html/logout.php on line 6

 

[DeathStar]

Ill put some spam prefention in.

But i do log the hostname and ip when you signup

Still that header error, I'll try meta refresh..

 

The site is good layedout in terms that it has not graphics yet.