helraizer Posted November 26, 2007 Share Posted November 26, 2007 http://www.helraizer.co.uk/count/index.php The style/layout of this wasn't my focus, as of yet. Just the comment system. Could you please test it for security flaws? Thanks, Sam Link to comment Share on other sites More sharing options...
Coreye Posted November 26, 2007 Share Posted November 26, 2007 Cross Site Scripting: http://www.helraizer.co.uk/count/view_comments.php You can submit HTML code in the email field, comment field, and name field. You can send a blank comment, a blank email, and a blank name. Link to comment Share on other sites More sharing options...
todding01 Posted November 26, 2007 Share Posted November 26, 2007 I was able to send a quote and break the SQL query. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 's see if I can get posted', '21:56 26th November 2007')' at line 1 You may want to use htmlspecialchars Link to comment Share on other sites More sharing options...
helraizer Posted November 26, 2007 Author Share Posted November 26, 2007 Ok, thanks to my host, .php is php4 by default so I've had to change every link to .php5. So the pages are now www.helraizer.co.uk/count/index.php5 www.helraizer.co.uk/count/view_comments.php5 Link to comment Share on other sites More sharing options...
Coreye Posted November 26, 2007 Share Posted November 26, 2007 When adding a comment you now get; You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''70.246.145', 'a' ,'aa', 'a', '' at line 1 Link to comment Share on other sites More sharing options...
helraizer Posted November 26, 2007 Author Share Posted November 26, 2007 When adding a comment you now get; You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''70.246.145', 'a' ,'aa', 'a', '' at line 1 I know... I kinda brokeded it. Working on it though. Link to comment Share on other sites More sharing options...
Coreye Posted November 26, 2007 Share Posted November 26, 2007 Submitting ' still causes mySQL errors. Error sql1 :You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '23:52 26th November 2007')' at line 1 Link to comment Share on other sites More sharing options...
agentsteal Posted November 27, 2007 Share Posted November 27, 2007 Cross Site Scripting: There is Cross Site Scripting if a comment contains code. Full Path Disclosure: http://www.helraizer.co.uk/count/test.php Fatal error: Call to undefined function: view_source() in /home/sites/helraizer.co.uk/public_html/count/test.php on line 55 Full Path Disclosure: http://www.helraizer.co.uk/count/test1.php Notice: Undefined index: username in /home/sites/helraizer.co.uk/public_html/count/test1.php on line 78 Notice: Undefined index: email in /home/sites/helraizer.co.uk/public_html/count/test1.php on line 79 Notice: Undefined index: comment in /home/sites/helraizer.co.uk/public_html/count/test1.php on line 80 Notice: Undefined index: submit in /home/sites/helraizer.co.uk/public_html/count/test1.php on line 82 Notice: Undefined index: comment in /home/sites/helraizer.co.uk/public_html/count/test1.php on line 83 Link to comment Share on other sites More sharing options...
helraizer Posted November 27, 2007 Author Share Posted November 27, 2007 Full Path Disclosure: http://www.helraizer.co.uk/count/test.php Fatal error: Call to undefined function: view_source() in /home/sites/helraizer.co.uk/public_html/count/test.php on line 55 o.o How did you find test.php? Or just a guess? Maybe I should start calling everything obscure names to stop the guessing. I have a feeling that should be 'show_source()'.. Now, for whatever reason it posts every message blank.. I'll get working on fixing it. Link to comment Share on other sites More sharing options...
helraizer Posted November 27, 2007 Author Share Posted November 27, 2007 Ah. *deletes test1.php* - test1 was the old version, unedited from the results of this beta-testing. Sorry about that Link to comment Share on other sites More sharing options...
helraizer Posted November 27, 2007 Author Share Posted November 27, 2007 There is still XSS. The XSS issue should be resolved now. Link to comment Share on other sites More sharing options...
helraizer Posted November 27, 2007 Author Share Posted November 27, 2007 Can you also test delete_comment.php (when you post a comment and click to delete it). Link to comment Share on other sites More sharing options...
Recommended Posts