nezbo Posted January 29, 2008 Share Posted January 29, 2008 Hi all I have done a lot of work on getting my site working a bit better... what do you think ? i am not to bothered about the looks of it but as long as it works fine, and is relatively secure. here is the URL www.eastlancsmedicalservices.co.uk Link to comment https://forums.phpfreaks.com/topic/88370-rerelease-of-my-site/ Share on other sites More sharing options...
agentsteal Posted January 29, 2008 Share Posted January 29, 2008 Full Path Disclosure: There is Full Path Disclosure when you log in. Warning: Cannot modify header information - headers already sent by (output started at /home/9/d/a/1167/1167/public_html/ipAddresses.php:2) in /home/9/d/a/1167/1167/public_html/top.php Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/cal.php?mon[] Fatal error: Unsupported operand types in /home/9/d/a/1167/1167/public_html/cal.php on line 13 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/adminModual.php Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/adminModual.php on line 4 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/callLog.php Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/callLog.php on line 4 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/holidayRota.php Warning: mysql_query(): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/9/d/a/1167/1167/public_html/holidayRota.php on line 7 Warning: mysql_query(): A link to the server could not be established in /home/9/d/a/1167/1167/public_html/holidayRota.php on line 7 Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/nav.php Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/nav.php on line 11 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/left.php Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/nav.php on line 11 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/right.php Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/right.php on line 2 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/rota.php Warning: mysql_query(): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/9/d/a/1167/1167/public_html/rota.php on line 13 Warning: mysql_query(): A link to the server could not be established in /home/9/d/a/1167/1167/public_html/rota.php on line 13 Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/viewRequestedShifts.php Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/9/d/a/1167/1167/public_html/viewRequestedShifts.php on line 21 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/9/d/a/1167/1167/public_html/viewRequestedShifts.php on line 25 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/shiftReportModual.php Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/shiftReportModual.php on line 4 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/shifts.php Fatal error: Call to undefined function: validate() in /home/9/d/a/1167/1167/public_html/shifts.php on line 4 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/viewServices.php?s[] Fatal error: Unsupported operand types in /home/9/d/a/1167/1167/public_html/pages.php on line 39 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/viewServices.php?s=-1 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/9/d/a/1167/1167/public_html/viewServices.php on line 17 Full Path Disclosure: http://www.eastlancsmedicalservices.co.uk/pages.php Warning: mysql_query(): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /home/9/d/a/1167/1167/public_html/pages.php on line 14 Warning: mysql_query(): A link to the server could not be established in /home/9/d/a/1167/1167/public_html/pages.php on line 14 Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/9/d/a/1167/1167/public_html/pages.php on line 15 You can log in if you set the user cookie to a user id. SQL Error: http://www.eastlancsmedicalservices.co.uk/edit4weekRota.php You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ORDER BY _weeknumber.weekID ASC, _daysoftheweek.Priorty A Link to comment https://forums.phpfreaks.com/topic/88370-rerelease-of-my-site/#findComment-452352 Share on other sites More sharing options...
nezbo Posted January 29, 2008 Author Share Posted January 29, 2008 ok cheers.. What is the best way to stop any one from viewing the Full Path? Link to comment https://forums.phpfreaks.com/topic/88370-rerelease-of-my-site/#findComment-452366 Share on other sites More sharing options...
legohead6 Posted January 29, 2008 Share Posted January 29, 2008 put an @ symbol infront of the function cauzing the error so @mysql_query(blah) would stop that query error from showing Link to comment https://forums.phpfreaks.com/topic/88370-rerelease-of-my-site/#findComment-452441 Share on other sites More sharing options...
Lumio Posted January 30, 2008 Share Posted January 30, 2008 or better to controll all variables. Use isset to test if a variable is given Link to comment https://forums.phpfreaks.com/topic/88370-rerelease-of-my-site/#findComment-453222 Share on other sites More sharing options...
Recommended Posts