kronow Posted December 24, 2006 Posted December 24, 2006 ok im fed up with little kids using something to powerfully for there age, does anyone have anything to stop SQL Injection on MCCODE!? please help so many people are getting done over by stupid kids lets get this sorted... cheers Quote
sevendet Posted December 24, 2006 Posted December 24, 2006 Re: SQL Injection in most cases thats something you will have to talk over with the person who runs your server its all security and in most cases even if you block some sql injections more can and will be made so your never really safe your best bet is to just grab up a backup 2-3 times a day maybe more depending on how fast your game moves but if i was you i would have a talk with your server people and get that sorted out man i hope this lil bit of info helps any Quote
sevendet Posted December 24, 2006 Posted December 24, 2006 Re: SQL Injection also remember when people do that they are not using their own ip they are using a proxy so just keep up on your proxy lists and have em blocked it may take time but at least your helping yourself a bit heres a few of the proxy sites i know of http://www.publicproxyservers.com/ http://www.proxylists.net/ also heres a site that has tons of proxy servers www.theseproxies.com Quote
kronow Posted December 24, 2006 Author Posted December 24, 2006 Re: SQL Injection thanks for the help lool even tho it don't solve the problem :P and im worknig on a proxy blocker :P Quote
Decepti0n Posted December 26, 2006 Posted December 26, 2006 Re: SQL Injection the problem starts with the fact that hardly any query in the codes is checked, it inserts post data straight into queries Quote
mdshare Posted December 26, 2006 Posted December 26, 2006 Re: SQL Injection lol it's so simple to fix it .... but a hell of a lot of work Quote
kronow Posted December 27, 2006 Author Posted December 27, 2006 Re: SQL Injection tell us then n00b :P Quote
tyler Posted January 3, 2007 Posted January 3, 2007 Re: SQL Injection A simple but effective function: function make_safe($var,$type) { // Type 1 is for numbers, 2 is for general text. if($type == 1) { $return= abs((int) $var); } else { $return=mysql_real_escape_string($var); } return $return; } As I said simple but effective. Quote
kronow Posted January 3, 2007 Author Posted January 3, 2007 Re: SQL Injection i habe sorted my problem out after alot of time coding and paying money out :mrgreen: Quote
Jake Posted January 4, 2007 Posted January 4, 2007 Re: SQL Injection Hate to sound like a noob, but..what is this? it sounds important? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.