fyrestoof Posted January 17, 2008 Share Posted January 17, 2008 http://omfg.ws/count2.0/ so far i havent found any errors but there might be 1 or 2 more left so i posted it Link to comment Share on other sites More sharing options...
priti Posted January 17, 2008 Share Posted January 17, 2008 Hi, I went to this page and click submit without entering any data nad it showed me below output User Created! Image URL: Forum BBC Code: You Should Recive An Email Shortly. No recipient addresses found in header If 'No recipient addresses found in header' is true then your first line can confuse user.I think put up a proper error handling.I have no idea what it does and i tried simply. hope it help you in making you sys more robust have a gr8 day ahead Link to comment Share on other sites More sharing options...
fyrestoof Posted January 17, 2008 Author Share Posted January 17, 2008 Hi, I went to this page and click submit without entering any data nad it showed me below output User Created! Image URL: Forum BBC Code: You Should Recive An Email Shortly. No recipient addresses found in header If 'No recipient addresses found in header' is true then your first line can confuse user.I think put up a proper error handling.I have no idea what it does and i tried simply. hope it help you in making you sys more robust have a gr8 day ahead thanks i got to go to bed right now i got finals at school tommorow so ill do that after school Link to comment Share on other sites More sharing options...
agentsteal Posted January 17, 2008 Share Posted January 17, 2008 Array: http://www.omfg.ws/count2.0/counter.php?u=main&style[] Cross Site Scripting: There is Cross Site Scripting if the email address contains ">code. Cross Site Scripting: http://www.omfg.ws/count2.0/counter.php?u=<marquee><h1>vulnerable</marquee> Directory Transversal: http://www.omfg.ws/count2.0/counter.php?a&u=../counter&style=2&w=11&h=15&meh.jpg Full Path Disclosure: There is Full Path Disclosure if the name is null. /var/chroot/home/content/r/y/a/ryanfanshaw/dead.letter... Saved message in /var/chroot/home/content/r/y/a/ryanfanshaw/dead.letter Full Path Disclosure: http://www.omfg.ws/count2.0/counter.php <br /> <b>Warning</b>: imagecreate(): Invalid image dimensions in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>99</b><br /> <br /> <b>Warning</b>: imagejpeg(): supplied argument is not a valid Image resource in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>117</b><br /> Full Path Disclosure: http://www.omfg.ws/count2.0/counter.php?w[] <br /> <b>Fatal error</b>: Unsupported operand types in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>99</b><br /> Full Path Disclosure: http://www.omfg.ws/count2.0/counter.php?u=main&style=a <br /> <b>Warning</b>: imagecreate(): Invalid image dimensions in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>99</b><br /> <br /> <b>Warning</b>: imagecreatefromjpeg(a/9.jpg): failed to open stream: No such file or directory in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>107</b><br /> <br /> <b>Warning</b>: imagecopymerge(): supplied argument is not a valid Image resource in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>113</b><br /> <br /> <b>Warning</b>: imagecreatefromjpeg(a/0.jpg): failed to open stream: No such file or directory in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>107</b><br /> <br /> <b>Warning</b>: imagecopymerge(): supplied argument is not a valid Image resource in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>113</b><br /> <br /> <b>Warning</b>: imagejpeg(): supplied argument is not a valid Image resource in <b>/home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php</b> on line <b>117</b><br /> Full Path Disclosure: http://www.omfg.ws/count2.0/counter.php?u=a Warning: fopen(./usr/a.txt): failed to open stream: No such file or directory in /home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php on line 53 Warning: filesize(): Stat failed for ./usr/a.txt (errno=2 - No such file or directory) in /home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php on line 56 Warning: fgets(): supplied argument is not a valid stream resource in /home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php on line 56 Warning: fclose(): supplied argument is not a valid stream resource in /home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php on line 62 Warning: Cannot modify header information - headers already sent by (output started at /home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php:53) in /home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php on line 96 Warning: imagecreate(): Invalid image dimensions in /home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php on line 99 Warning: imagejpeg(): supplied argument is not a valid Image resource in /home/content/r/y/a/ryanfanshaw/html/omfg/count2.0/counter.php on line 117 Log File: http://www.omfg.ws/log.html Link to comment Share on other sites More sharing options...
fyrestoof Posted January 18, 2008 Author Share Posted January 18, 2008 well i haven't fixed the null values but im now using mysql for it http://omfg.ws/count3.0/counter.php?u=testing&style=2&w=11&h=15 right now im still making the creating page to create one Link to comment Share on other sites More sharing options...
Recommended Posts