Jump to content
MakeWebGames

lotto

Brad

By Brad
in Free Modifications

 Share

Recommended Posts

Brad Newbie

Brad

Posted
Posted

This is my lotto.

Say if there is some bugs.

No bad comments

This lotto has a very unlikely chance you will win 1-400 chance lol you can change it.

 

Call this file lotto.php

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

Analog Newbie

Analog

Posted
Posted

Line 31

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

Your event_add function call is not closed...

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

Joshua Newbie

Joshua

Posted
Posted

I tend to secure all $_POST and $_GET at the beinning of a script it makes it a bit safer and less likely you set it as safe in the wrong section and it fails.

At bare minimum $_POST['number'] = abs((int) $_POST['number']) always

Nicholas Newbie

Nicholas

Posted
Posted
I tend to secure all $_POST and $_GET at the beinning of a script it makes it a bit safer and less likely you set it as safe in the wrong section and it fails.

At bare minimum $_POST['number'] = abs((int) $_POST['number']) always

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

that wont secure the $_POST valiable by just putting some lines on top under include "globals.php";

that doesnt really mean its fully secure.

as if you just have 1 line to secure the whole script, someone will get in some way and will beable to edit the users table quite easierly with SQL INJECTION.

its best to secure all valiables. thats what ive been told.

even if its not true, you never know what the future might bring out where you will definatly need to secure everything and not just use 1 small line or a so called function in globals.php or header.php

(the funtions in globals, global_func and header dont work, dont even try to use them)

Joshua Newbie

Joshua

Posted
Posted

Actually Nicholas, you could secure that particular post variable in the header and it would cover the whole script as it's a super global.

So yes, you can secure it one time in the proper location and it globally secures.

Is it the best practice? na, but whether you secure the $_POST variable each time it is used in each query or directly under include('globals.php') at the top of the page it will achieve the same effect and secure exactly the same

Again, this doesnt secure every variable and injection point in the script, but it will secure that particular variable

 

In the entire script after $_POST['variable'] = abs((int) $_POST['variable']);

$_POST['variable'] will always be an integer and only an integer.

Again, this will just secure that variable and not all, but that's what was being discussed so :P

 

:P

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...