Jump to content
MakeWebGames

Bladewolf2010: Is he trusted

criminal wars

By criminal wars
in General

 Share

Recommended Posts

  • Replies 68
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Kieran-R Newbie

Kieran-R

Posted
Posted
The code posted by Kieran-R isn't my code.. I claimed it as mine at the time because I was a money hungry bastard.. I got the code from a different game that I was helping.

So, if you could secure good, then why would you show me an example that isnt even yours? If you also even had the slightest bit of knowledge with PHP you would have known that that code wasnt secured, and most of it was a pile fo shit.

Whether you were a "money hungy basterd" or not, that doesnt explain why you sent me a code that clearly was a pile of shit? Just kind of proovs that you cant secure shit...

bladewolf2010 Newbie

bladewolf2010

Posted
Posted

At the time, I thought it did.

 

<?php
include (DIRNAME(__FILE__) . '/globals.php');

 if (isset($_GET['delete']) AND !is_numeric($_GET['delete'])) {
  echo 'Please make sure it\'s a valid event ID!'; exit($h->endpage); }
else { echo '[b]Event ID has been deleted![/b]';
   $db->query('DELETE FROM `events` WHERE `evID` = '.$_GET['delete'].' AND `evUSER` = `'.$_SESSION['userid'].'`'); }

 if (isset($_GET['delall']) AND !ctype_digit($_GET['delall']) {
  echo 'You have no events.'; exit($h->endpage); } 
else { echo 'This will delete all your events. Are you sure?

                <a href = "events.php?delall2=1">Yes</a> - <a href = "index.php">No</a>';
 exit($h->endpage); }

 if (isset($_GET['delall2']) AND !ctype_digit($_GET['delall2']) {
  echo 'You have no events.'; exit($h->endpage); } 
else { echo '[b]All event\'s have been deleted![/b]';
   $db->query("DELETE FROM `events` WHERE `evUSER` = `".$_SESSION['userid']."`"); exit($h->endpage); }

   echo '[b]Latest 10 events[/b]';
  echo  "<a href = 'events.php?delall=1'>Delete All Events</a>";
 echo "<table width = '75%' cellpadding = '1' class = 'table'> 
                      <tr><th>Time</th><th>Event</th><th>Links</th></tr>";
   $QUERYGET = $db->query("SELECT `evUSER` , `evTIME` , `evID` , `evREAD`
                        FROM `events` WHERE `evUSER` = `".$_SESSION['userid']."` ORDER BY `evTIME` DESC LIMIT 10");
 while ($EV = mysql_fetch_row($QUERYGET))
{
    echo "<tr><td>".date('F j Y, g:i:s a',$EV->evTIME);
   if(!$EV->evREAD) {
  echo '
[b]New![/b]'; }
 echo "</td><td>".$EV->evTEXT."</td><td><a href = 'events.php?delete=".$EV['evID']."'>Delete</a></td></tr>"; }
echo '</table>';

 if ($ir->new_events => 1) {
   $db->query("UPDATE `events` SET `evREAD` = 1 WHERE `evUSER` = `".$_SESSION['userid']."`");
  $db->query("UPDATE `users` SET `new_events` = 0 WHERE `userid` = `".$_SESSION['userid']."`"); }
$h->endpage();
?>
Djkanna Apprentice

Djkanna

Posted
Posted 
while ($EV = mysql_fetch_row($QUERYGET))
{
    echo "<tr><td>".date('F j Y, g:i:s a',$EV->evTIME);
   if(!$EV->evREAD) {
  echo '
[b]New![/b]'; }
 echo "</td><td>".$EV->evTEXT."</td><td><a href = 'events.php?delete=".$EV['evID']."'>Delete</a></td></tr>"; }

Notice anything wrong?

I think someone needs to look up arrays and objects :O

Joshua Newbie

Joshua

Posted
Posted

Exploit it ;-)

A long time ago, ('we are talking 6 months to a year) when i made the mod I did not properly secure the $_POST variable

It was secured as an INT but due to firebug you could change the int to any number you wanted.

That's been long since secured :p

Joshua Newbie

Joshua

Posted
Posted

The only place any information is entered for the race option to be exploited is in register.php

$_POST['race'] = abs((int) $_POST['race']);

$allowed = array('1', '2', '3');

if (!in_array($_POST['race'], $allowed)) {

echo 'This is not allowed!';

exit;

}

Insure it's an int, yes i used abs((int) as i'm only using 3-5 digits max so int works fine.

The array checks to make sure it's only the ones allowed.

Prey tell how is it not secured :P

Paul Evans Newbie

Paul Evans

Posted
Posted

yeah the customer bought it off you like this month or last... anyways

    $_POST['race'] = ( isset($_POST['race'])&&in_array($_POST['race'], array(1,2,3)) )?$_POST['race']:'';
if ( empty($_POST['race']) ) {
  echo 'Error!';
  die($h->endpage()); // note $h->endpage() will not work on register
}
Joshua Newbie

Joshua

Posted
Posted

Eh either way should work just fine. may need to go over the isset bit though.

 

:edit:

I think i've sold 2-3 copies in the last week and that's about it other than months and months ago.

:edit: again:

Just realized, the array will check if it isset.

So the theory i use works fine. It may be an old old customer of mine who just recently used it, pm me there name and I can tell you. I know who all bought it within the past week

Also, The above code you pasted...that's not my work :\

lucky3809 Newbie

lucky3809

Posted
Posted

Here is a site that may help beginers understand some security with php, I would honestly learn security yourself you have a better chance at securing it then someone off the streets or someone off the internet whom you may not even know their work ethics...It pays to learn it yourself, then when a problem exist you can handle the matter without needing to wait to hire someone to do it for you, also there are many other great websites out there just use google and look for them!

http://www.ibm.com/developerworks/opensource/library/os-php-secure-apps/index.html

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...