ILYAS415 Posted August 12, 2007 Share Posted August 12, 2007 Hi guys i need beta testers for this game. Tok me quite a while to make and its still not finished. Thanks. http://www.ragingmortals.com http://www.ragingmortals.co.uk Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/ Share on other sites More sharing options...
LiamProductions Posted August 12, 2007 Share Posted August 12, 2007 I like the javascript to open the login panel but.. I can't seem to register. Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321546 Share on other sites More sharing options...
LiamProductions Posted August 12, 2007 Share Posted August 12, 2007 Don't you think this is a bit stupid "You fought Azeem!... demo attacked with nuclear bomb! Azeem defended with paper bag! Demo attacked Azeem again..." PAper bag to defend a nuclear bomb? Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321549 Share on other sites More sharing options...
ILYAS415 Posted August 12, 2007 Author Share Posted August 12, 2007 No actually it isnt really stupid because its that persons fault for not being prepared. The demo is user is actually currently using the best weapon in the game! lol O yh and btw i used php for the login thing on the front page Register link here:- If you havnt already, then please Register. Lost your password? Get it back! Click here Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321580 Share on other sites More sharing options...
agentsteal Posted August 12, 2007 Share Posted August 12, 2007 Array: http://www.ragingmortals.com/postoffice.php?fromper[] Array: http://www.ragingmortals.com/postoffice.php?ini[] Cross Site Scripting: http://www.ragingmortals.com/cgi-sys/scgiwrap/<marquee><h1>vulnerable</marquee> Cross Site Scripting: http://www.ragingmortals.com/postoffice.php?ini=</textarea><marquee><h1>vulnerable</marquee> Cross Site Scripting: There is Cross Site Scripting in the forum if you post a topic that contains code. Full Path Disclosure: http://www.ragingmortals.com/cgi-sys/scgiwrap/ Full Path Disclosure: http://www.ragingmortals.com/includes/functions_tst.php Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 9 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 52 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 153 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 188 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 201 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 210 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 219 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 237 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 244 Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/ragingmo/public_html/includes/functions_tst.php on line 251 Full Path Disclosure: There is Full Path Disclosure if the PHPSESSID cookie is set to an invalid value. Warning: session_start() [function.session-start]: The session id contains invalid characters, valid characters are only a-z, A-Z and 0-9 in /home/ragingmo/public_html/register.php on line 2 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/ragingmo/public_html/register.php:2) in /home/ragingmo/public_html/register.php on line 2 Warning: Unknown(): The session id contains invalid characters, valid characters are only a-z, A-Z and 0-9 in Unknown on line 0 Warning: Unknown(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 Includes Directory: http://www.ragingmortals.com/includes/ PHP Source Code Disclosure: There is PHP Source Code Disclosure on the 404 page. <?php if ($SESSION['username']){ echo "Or you cant return to the <a href=index2.php>game!"; } ?> User Enumeration: http://www.ragingmortals.com/~ragingmo User Enumeration: http://www.ragingmortals.com/~root Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321710 Share on other sites More sharing options...
LiamProductions Posted August 12, 2007 Share Posted August 12, 2007 When i was talking about not being able to register that was on IE i downloaded FireFox today and its perfect on that. Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321729 Share on other sites More sharing options...
LiamProductions Posted August 12, 2007 Share Posted August 12, 2007 Why have you put all the message in a file? I found this i just registered: Liam has been resetted! Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321742 Share on other sites More sharing options...
ILYAS415 Posted August 12, 2007 Author Share Posted August 12, 2007 The 404 page reveals some php code in the source: <?php if ($SESSION['username']){ echo "Or you cant return to the <a href=index2.php>game!"; } ?> There is Cross Site Scripting in the forum if you put code in a post. Also there is Full Path Disclosure if PHPSESSID in the cookie is invalid: Warning: session_start() [function.session-start]: The session id contains invalid characters, valid characters are only a-z, A-Z and 0-9 in /home/ragingmo/public_html/register.php on line 2 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/ragingmo/public_html/register.php:2) in /home/ragingmo/public_html/register.php on line 2 Warning: Unknown(): The session id contains invalid characters, valid characters are only a-z, A-Z and 0-9 in Unknown on line 0 Warning: Unknown(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0 how do i prevent cross-site scripting? also how do i prevent people or change error pages when ppl hav an invalid session id? Also should i use .htaccess to block the includes directory or pass protect it? Also Liam i dont fully understand wat ur saying Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321808 Share on other sites More sharing options...
josh48202 Posted August 12, 2007 Share Posted August 12, 2007 when you go to the market it doesnt show a tip. you have to highlight it to get it to show n then it doesnt say ne thing. Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321874 Share on other sites More sharing options...
ILYAS415 Posted August 12, 2007 Author Share Posted August 12, 2007 lol the random tip thing hasnt been done yet + the font color was set to white b4 the layout changed Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-321882 Share on other sites More sharing options...
ILYAS415 Posted September 24, 2007 Author Share Posted September 24, 2007 and how do i fix this Link to comment https://forums.phpfreaks.com/topic/64503-raging-mortals-beta/#findComment-354272 Share on other sites More sharing options...
Recommended Posts