Karlos Posted March 22, 2009 Share Posted March 22, 2009 Re: [mccode v2] User Comments Sorry Wicked, but the basic code allows Javascript, and that allows users to put HTML / Redirects onto their profile. So you can set it up to redirect you to another website. Simple fix.. htmlspecialchars() No site is (ever) secured enough Well You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Is secure :roll: Quote Link to comment Share on other sites More sharing options...
Lycan Posted March 22, 2009 Share Posted March 22, 2009 Re: [mccode v2] User Comments Dylan used this hack code on the script, an alert box came up and gave this md5 password.... Quote Link to comment Share on other sites More sharing options...
Guest Anonymous Posted March 22, 2009 Share Posted March 22, 2009 Re: [mccode v2] User Comments Sorry Wicked, but the basic code allows Javascript, and that allows users to put HTML / Redirects onto their profile. So you can set it up to redirect you to another website. Simple fix.. htmlspecialchars() No site is (ever) secured enough Well You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Is secure :roll: Not really, the server may not be hardened, therefore they could overwrite the file? Quote Link to comment Share on other sites More sharing options...
Karlos Posted March 22, 2009 Share Posted March 22, 2009 Re: [mccode v2] User Comments Well i'm not really talking about insecure servers... Quote Link to comment Share on other sites More sharing options...
jamboy1 Posted March 22, 2009 Share Posted March 22, 2009 Re: [mccode v2] User Comments <html> <head><title>Hi</title></head> <body>Hello</body> </html> Tis good ya? Quote Link to comment Share on other sites More sharing options...
Dave Posted March 23, 2009 Author Share Posted March 23, 2009 Re: [mccode v2] User Comments Thats HTML. Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted March 23, 2009 Share Posted March 23, 2009 Re: [mccode v2] User Comments Well i'm not really talking about insecure servers... actually im sure echo could be tampered with somehow lol get Nyna and give her 2 years... She'll figure out something like the quote says Nothing is 100% secure Quote Link to comment Share on other sites More sharing options...
CJ - Twitch Posted February 13, 2010 Share Posted February 13, 2010 Has anyone still got a copy of this? That would be great thanks. :) Quote Link to comment Share on other sites More sharing options...
CrazyT Posted February 14, 2010 Share Posted February 14, 2010 It's on the first page? Quote Link to comment Share on other sites More sharing options...
CJ - Twitch Posted February 14, 2010 Share Posted February 14, 2010 No the link is broken. Quote Link to comment Share on other sites More sharing options...
Jordan Palmer Posted February 14, 2010 Share Posted February 14, 2010 Danny696 is selling a better version for $5 mate :) Quote Link to comment Share on other sites More sharing options...
Joshua Posted February 14, 2010 Share Posted February 14, 2010 Links broken but there is a code bit if you scroll down that is the actual script :P Quote Link to comment Share on other sites More sharing options...
CJ - Twitch Posted February 14, 2010 Share Posted February 14, 2010 Thanks but I don't know the SQL or the par of the script for the viewuser.php. Quote Link to comment Share on other sites More sharing options...
Joshua Posted February 14, 2010 Share Posted February 14, 2010 mysql_query("INSERT INTO ucomments VALUES ('',unix_timestamp(),$userid,$to,'$message',0)"); ucomments is the table he's calling Make the database yourself :D ID int 11 time int 11 userid int 11 to user id int11 message varchar 255 something else int 11 Quote Link to comment Share on other sites More sharing options...
Jordan Palmer Posted February 14, 2010 Share Posted February 14, 2010 [mysql]CREATE TABLE `ucomments` ( `id` int(11) NOT NULL auto_increment, `time` int(11) NOT NULL default '0', `userfrom` int(11) NOT NULL default '0', `userto` int(11) NOT NULL default '0', `message` text NOT NULL, `reported` int(11) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM ;[/mysql] Open viewuser.php and find (This is if you are using the standard Mccodes V2 viewuser.php) You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Then add comments.php =] Quote Link to comment Share on other sites More sharing options...
Joshua Posted February 14, 2010 Share Posted February 14, 2010 change You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. to You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Quote Link to comment Share on other sites More sharing options...
Jordan Palmer Posted February 14, 2010 Share Posted February 14, 2010 Change whatever to whatever, I've simply copied from a forum I know off where this is and secured the output :) I've got my own advanced and custom version off comments ;] Quote Link to comment Share on other sites More sharing options...
Joshua Posted February 14, 2010 Share Posted February 14, 2010 Yea I have a decent one as well, just wanted to remove * and use sprintf as it should since it wasnt defining anything :p Quote Link to comment Share on other sites More sharing options...
CJ - Twitch Posted February 14, 2010 Share Posted February 14, 2010 Thank you very much! Quote Link to comment Share on other sites More sharing options...
Jordan Palmer Posted February 14, 2010 Share Posted February 14, 2010 Yea I have a decent one as well, just wanted to remove * and use sprintf as it should since it wasnt defining anything :p Well you know I hate sprinf(); lol Quote Link to comment Share on other sites More sharing options...
Joshua Posted February 14, 2010 Share Posted February 14, 2010 shrugz, it's not so bad, it was being used, might as well use it :p Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted February 14, 2010 Share Posted February 14, 2010 I coded a comment system for CrimGame within 10 minutes so im it's not really worth 5 bucks if you can code. Quote Link to comment Share on other sites More sharing options...
Jordan Palmer Posted February 14, 2010 Share Posted February 14, 2010 I coded a comment system for CrimGame within 10 minutes so im it's not really worth 5 bucks if you can code. IF you can code ;) Not everyone can xD Quote Link to comment Share on other sites More sharing options...
Magictallguy Posted February 15, 2010 Share Posted February 15, 2010 I coded a comment system for CrimGame within 10 minutes so im it's not really worth 5 bucks if you can code. IF you can code ;) Not everyone can xD If they can't code, then that's their problem - they should learn! Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted February 15, 2010 Share Posted February 15, 2010 I coded a comment system for CrimGame within 10 minutes so im it's not really worth 5 bucks if you can code. IF you can code ;) Not everyone can xD If they can't code, then that's their problem - they should learn! ^so bloody true Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.