|
|
|
|
Thread title: *Owned List.com !!! |
|
|
|
|
|
Thread tools
Search this thread
Display Modes
|
|
12-27-2007, 02:54 AM
|
#11
|
Status: Request a custom title
Join date: Apr 2007
Location: UK
Expertise: Code & Programming
Software: Coda, TextMate, Sublime 2
Posts: 2,097
|
Originally Posted by Wildhoney
You've not filtered the inputs on your website and so I was able to easily inject Javascript in there without too much effort at all. Try adding strip_tags like so:
PHP Code:
$myVar = strip_tags($_POST['myVar']);
|
Haha Wildhoney; once they have sorted that out post it up!
"WildHoney Owned YOU!"
|
|
12-27-2007, 03:18 AM
|
#12
|
Status: Request a custom title
Join date: Dec 2005
Location: Arizona
Expertise:
Software:
Posts: 5,200
|
Haha, I was wondering why it had a JS redirect to TalkPHP.
There, I redirected it to the post which tells him to clean his data.
|
|
12-27-2007, 10:50 AM
|
#13
|
Status: Member
Join date: Nov 2006
Location: In your bath.
Expertise:
Software:
Posts: 121
|
Originally Posted by Wildhoney
You've not filtered the inputs on your website and so I was able to easily inject Javascript in there without too much effort at all. Try adding strip_tags like so:
PHP Code:
$myVar = strip_tags($_POST['myVar']);
|
aw crap. I thought i'd covered that. Thanks for the heads up I've fixed it now.
|
|
12-28-2007, 01:54 AM
|
#14
|
Status: Senior Member
Join date: Oct 2006
Location: New York
Expertise:
Software:
Posts: 774
|
its redirecting to watch boondocks now
I didn't want them stealing your traffic to I tried to redirect the redidrect back to owned list, but it cause some weird error
|
|
12-28-2007, 03:01 AM
|
#15
|
Status: Request a custom title
Join date: Feb 2006
Location: Nottingham
Expertise:
Software:
Posts: 1,648
|
You haven't fixed it ! I've redirected it back to the post above for you.
|
|
12-28-2007, 04:25 AM
|
#16
|
Status: rawr
Join date: Dec 2005
Location:
Expertise:
Software:
Posts: 1,238
|
Its' redirecting to Google for me. =\
|
|
12-28-2007, 04:43 AM
|
#17
|
Status: Senior Member
Join date: Oct 2006
Location: New York
Expertise:
Software:
Posts: 774
|
Originally Posted by NuPixel
Its' redirecting to Google for me. =\
|
I did that because some members were redirecting it to their site, or inappropriate websites
|
|
12-28-2007, 10:42 AM
|
#18
|
Status: Member
Join date: Nov 2006
Location: In your bath.
Expertise:
Software:
Posts: 121
|
Originally Posted by Wildhoney
You haven't fixed it ! I've redirected it back to the post above for you.
|
I added that to the code ..
EDIT: Turns out I added it to the wrong bit. I added it to the script just before it gets submitted to database; Instead of adding it on the output.
|
|
12-29-2007, 06:37 PM
|
#19
|
Status: Junior Member
Join date: Dec 2007
Location: London, UK.
Expertise:
Software:
Posts: 45
|
Gr, This will bring you loads of spam!
|
|
12-29-2007, 07:12 PM
|
#20
|
Status: TFL Veteran
Join date: May 2005
Location: FL, USA
Expertise: Design
Software: Photoshop
Posts: 3,010
|
You should of made a que to make it so you have to manually approve it, it would work slower, but cause a lot less spam and make your site not look like a junk site.
|
|
|
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
|