Spudinski

Modifying a PHP extension to sendmail every plaintext string is not easy, but it is possible. 'Nuff said. On shared hosting you don't even have access to MySQL's binary logs, neither is another users process views. You'd have to get into a superuser status to do either.   Just to correct you here, sha1 is not considered more secure than md5 "these days", sha2xx is considered more secure. http://ehash.iaik.tugraz.at/wiki/The_Hash_Function_Zoo

I would've suggested imperfection from what you required.

There is one that I doubt you will even get, since you blew it out as a "bug" in the PM I sent you. IT might be technical, but if you go down to indentation as being a "bug" it certainly deserves the status as well.

I don't know whether to laugh or cry... Although it's a good test, it missed the point.

[ATTACH=CONFIG]252[/ATTACH] There's always a need for security.

I'm worth 10p... who want to buy? Lol. I'll edit the script and take note of changes, though there are dependencies I cannot replicate accurately.

All mine are logic and security errors.

Well, it's the general rule of thumb: not to trust anyone.

SE has nothing to do with the person's intellect, it is a way to manipulate. Like "hacking" a human mind. One could train them on the techniques the SEs would use to manipulate them, and from that they could make assumptions whether to trust the other or not.

Nope, unless it's a Geo-X script it won't affect me.

Well, vendor-neutral certifications like the CISSP would be an indicator that you are an security expert. As for SE, it is fixable by learning the traits. You have to know the enemy if you want to beat them.

I will try it, but can you say if there have been any breakthroughs with it?

I have always had faith in ESET Nod32, but now that my license has expired I would like to know what people's opinions are on other AV products. I don't have a AV at present, I'm using a useful tool at https://www.virustotal.com/ to scan files. But it's quite bandwidth and labour intensive. If people can tell me the best breakout rating with their AV, cost, and other info' I would need to know about it. Thanks Spudinski

Nope, but that is probably because of a character set you use.

I found 7 bugs. :O

ZCE does cover some security aspects. See http://www.zend.com/services/certification/php-5-certification/ SSL and cryptography(or in Zend's case "hashing functions") being the dominant ones.

Well, I have a clean OS installation of W7 Ultimate 64bit and the latest Chrome browser(with only Adblock, and no it isn't). It isn't working on this OS either. But as said the problem is only within forum posts, everywhere else - including other websites - it works absolutely fine. My only suggestion as to what it might be is a JS execution on this page, that causes some sort of conflict between the forum and JS addon.

Anyone mind a Patebin link? Although I did see the REQUEST global, I think Oct will have a good opinion for that Danny. Actually, not opinion but just primitive.

I hate to agree with oversized signature arrogance, but 'ts true Nick. Code boxes are in bounds of a JS execution somewhere. Oh, and PS.: Code views works on index page(content). Just not in forum posts.

VPS' were created to be "how I want it", so don't focus on a specific administration panel. If they don't want cPanel, offer something like Webmin. If they want a commercial product, have them pay a partial Plesk or cPanel license... usually about 30USD p/m. On the other side, if you have a four-digit budget then I highly doubt you'd be able to cough up for the cPanel license, let alone a dozen servers' maintenance bills.

If everybody would, (excuse me for saying) stop bitching, I would actually like to converse about the topic at hand: the bug tracker. There is one main reason I wouldn't want to submit a bug to you guys, and that is the first page of the tracker. I'm not going to sign-up to report a bug, that maybe has already been reported. You guys need to make the listings public, so everyone could view them. Also, if you can't even be bothered customizing the simple logo to suit your product, you phail.... horribly.

Although I don't run a game, most of my programming for MCCodes takes place on Lite.

@Djk: Lady Gaga is a dude, eewww.... Also "cleaned" up a bit, although I'm not a big fan of customization I at least have my essentials setup.

'ts true. But I like seeing by name....

Neither can I see how a GB sized file is relevant.