Paul Evans Posted December 23, 2011 Posted December 23, 2011 I may be mistaken here, but it does seem that you are asking the community to provide support that you the developers cannot provide for yourself, yet at the earliest opportunity, you release a ""new"" product and then reap the benefits while expecting other people to provide support. ^interesting that yes you are wrong i would fix any issue put forward to me i stand by my code with my reputation which is why this affects me so much when people say they found issues but not even reported one single issue. Were I to help the developers, sorry, what do I gain? ^You gain nothing but the sound of mind that other peoples websites are more secure due to your small part in bug detecting. I'm not greedy i openly give my knowledge and offer support to people i don't even like i even offered it to daniel when his engine is finally released personal gain from a project like redux was just for educational purposes personally i could of just say back let MCC do their upgrades and patches and still sold my services freelance to producers of MCC games and made more money over and over for as long as i could possibly use my keyboard. i did it for the community not for personal gain i lost out by even doing the project in the long run. I find the attitude to "where is my profit" appalling and personally have nothing else to say on the matter if you find a bug message me if not then please cease the flaming without proof. Quote
Paul Evans Posted December 24, 2011 Posted December 24, 2011 Microsoft have a script which you report bugs same with most other systems i have give the option to report bugs to me and still not had a single mail what does that say about the people complaining? If the bug is something to cripple a server as you say i wouldn't want rogue people reading this thread (as guests can) we wouldn't want people to note down the section of code and experiment so if you could send me this in mail i would appreciate it alot more and im sure MCC customers would also but you can post publicly when a patch to the script is sent out to all customers if that seems fair. Now this is criticism of which i do enjoy taking as you are basically not saying it's bugged and giving no solution or even giving a clue to the area you are providing help on the situation. I do appreciate any help in this sense and so does the MCC team im sure. I was working with php quite a few years ago but im the first to admit im not the best there is always more to learn and since i basically taught myself what i know im sure i skipped a few sections of the manual because of never really using a tutorial. Im more hands on i dislike reading tutorials and being taught something i could easily do myself, this was probably a bad approach but it's just me. For almost a year i've not even seen the php manual due to issues so im sure im a little rusty also. Quote
BeastTheKidd Posted December 24, 2011 Author Posted December 24, 2011 Microsoft is all and well, but I can pick up a legal copy of Linux for $0.00 and there is a community which provides fixes for free... It's hard to compare an OS to a script, but at the same time I believe the developers should pay US 50 dollars to use it :p Wouldn't that be something. Quote
Spudinski Posted December 24, 2011 Posted December 24, 2011 @Octarine: Crippling the server is a strong word. I've not seen a bug in MCCodes Lite -> 2.0 that is that severe on a factory setup server. Exploiting mysql queries to gain entrance into the database or extract data, sure, but it's not exactly crippling a server. Microsoft is all and well, but I can pick up a legal copy of Linux for $0.00 and there is a community which provides fixes for free... It's hard to compare an OS to a script, but at the same time I believe the developers should pay US 50 dollars to use it :p Wouldn't that be something. And if you knew anything about the history of Linux you would know why. Quote
Dominion Posted December 24, 2011 Posted December 24, 2011 A patch for one particularly nasty problem has been submitted to Paul. Since he won't publish the existing code, I can't in all good faith publish my patch, however if the patch does not appear quickly on the MCCodes site or here, I'll make it available. I doubt they would have any problems with you posting a fix. It's been done before, and many free mods are there as a way to offer a secure alternative to the original feature. Quote
Paul Evans Posted December 24, 2011 Posted December 24, 2011 if you have free rain on a injection and then put forth any query you want it's easily possible to do anything. Thanks for your time with this issue octarine appreciate it. Quote
Spudinski Posted December 24, 2011 Posted December 24, 2011 Well if an attacker can prevent the application from using the database server and in some cases prevent any application from accessing it, then I think we are safe to say crippling the server. Or is that too strong? Ok, ok, calm down. I'm just interested in how it's accomplished, but I will wait. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.