rcorlew Posted March 26, 2007 Share Posted March 26, 2007 Here is the link, it is set to go live soon, please let me know of any errors. http://www.corlewland.com/church Thanks. Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/ Share on other sites More sharing options...
cmgmyr Posted March 26, 2007 Share Posted March 26, 2007 looks, good. your search works pretty well but you should try and do it with multiple words. How did you get all of the bibles in there? another sql dump? ...hope you didn't have to type all of that in Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-215152 Share on other sites More sharing options...
Lumio Posted March 26, 2007 Share Posted March 26, 2007 nice! another christian on the earth I don't really like the layout... but I really love the calendar and of course ... the verses Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-215186 Share on other sites More sharing options...
agentsteal Posted March 26, 2007 Share Posted March 26, 2007 Admin Access: http://www.corlewland.com/church/home/ contains your username and password. Cross Site Scripting: http://www.corlewland.com/church/biblesearch.php?book_name=<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.corlewland.com/church/calendar.php?day=<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.corlewland.com/church/prayer_request.php?pagein=<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.corlewland.com/church/printc.php?usage=<marquee><h1>vulnerable</marquee> Drop Down Menu: If you edit the drop down menu on http://www.corlewland.com/guestbook.php you can submit arbitrary values. PHP Source Code Disclosure: http://www.corlewland.com/church/home/ User Enumeration: http://www.corlewland.com/~root Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-215548 Share on other sites More sharing options...
rcorlew Posted March 26, 2007 Author Share Posted March 26, 2007 I used the sql dump from php bible.org, and of course linked back to it with saying that is where I got the sql db from. I coded it all myself though. The calendar was one of the biggest things to get done, also are the prayer requests, and the part you cannot see is a cpanel I coded from scratch to give full control of the site. I am glad to hear that it did not break, just to make it more interesting try fiddling around with the prayer request part, using cusswords and stuff, I think that I banned the big ones, but I cannot say for sure. I tried blocking xss, whatever that actually is(I stripped everything out and banned most characters) I hope that is good enough. Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-215729 Share on other sites More sharing options...
rcorlew Posted March 27, 2007 Author Share Posted March 27, 2007 I think that I fixed that, give it another try, I never thought of that, thanks for the heads up. Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-215812 Share on other sites More sharing options...
redbullmarky Posted March 27, 2007 Share Posted March 27, 2007 nope. all those provided links still provide scrolling content... Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-215991 Share on other sites More sharing options...
rcorlew Posted March 27, 2007 Author Share Posted March 27, 2007 I cannot get them to do that now, how is that possible???? Interesting, it only does it on my Firefox, not IE!! Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-216315 Share on other sites More sharing options...
rcorlew Posted March 27, 2007 Author Share Posted March 27, 2007 Ok try those links up there again, I don't understand why it stopped IE but not Firefox Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-216383 Share on other sites More sharing options...
rcorlew Posted March 28, 2007 Author Share Posted March 28, 2007 Woops, forgot that one, htanks, should be fixed now. Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-216500 Share on other sites More sharing options...
rcorlew Posted March 28, 2007 Author Share Posted March 28, 2007 Thanks for all the help!! I will set my 404 page, I've just been a lil' lazy. I am working on the final page template now, so it should be up this weekend! Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-216554 Share on other sites More sharing options...
rcorlew Posted March 28, 2007 Author Share Posted March 28, 2007 Well I just can't win for loosing can I?? It is hard to test on php5 and then deploy on php 4, since there are many sanitizing functions built into 5 and do not exist on 4. Link to comment https://forums.phpfreaks.com/topic/44292-solved-could-you-all-test-out-my-latest-project-before-it-goes-live/#findComment-216580 Share on other sites More sharing options...
Recommended Posts