1. Post #1
    >_> Ubercake's Avatar
    January 2010
    192 Posts
    First off: Please excuse my username. Don't ask.
    So I have this awesome domain, applejaaj.com, and I started to make a forum software. It uses PHP and works with MySQL to store all the data. It's safe from SQL injections too. But I'm not sure what it should be about!
    Anyone care to help?

    PS: Feel free to register :P

  2. Post #2
    jung3o's Avatar
    October 2011
    2,135 Posts
    your "[LOGIN][REGISTER]" is in the right side by it self



    is this scratch or did you use framework

  3. Post #3
    >_> Ubercake's Avatar
    January 2010
    192 Posts
    is this scratch or did you use framework
    Define "framework". I used CSS to put it there

  4. Post #4
    jung3o's Avatar
    October 2011
    2,135 Posts
    i mean by php framework sorry.

  5. Post #5
    >_> Ubercake's Avatar
    January 2010
    192 Posts
    i mean by php framework sorry.
    It's scratch then

  6. Post #6
    Gold Member
    StinkyJoe's Avatar
    June 2006
    2,196 Posts
    t's safe from SQL injections too.P
    Nope.

    Code:
    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/news_archive.php on line 39 Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/news_archive.php on line 42 Results Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/news_archive.php on line 45
    To reproduce: search for a single quote ( ' ).

    Nope 2: http://applejaaj.com/profile.php?name=DONGS

    Code:
    Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 12
    DONGS's Profile
    
    Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 24 Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 28 Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 32 Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 36
    Nope 3: http://applejaaj.com/login.php7

    Code:
    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/login.php on line 14
    To reproduce: Use a single quote character as your password

  7. Post #7
    secretly a furry
    Jelly's Avatar
    April 2011
    2,022 Posts
    X S S

  8. Post #8
    >_> Ubercake's Avatar
    January 2010
    192 Posts
        str_replace("<", "&lt;", $desc);
        str_replace(">", "&gt;", $desc);
    That should fix it. Right?
    Reply With Quote Edit / Delete Reply Windows 7 Germany Show Events Funny Funny x 1Programming King Programming King x 1 (list)

  9. Post #9
    Dragon Member
    Dragory's Avatar
    January 2006
    1,312 Posts
        str_replace("<", "<", $desc);
        str_replace(">", ">", $desc);
    That should fix it. Right?
    Use htmlentities($desc, ENT_QUOTES); when displaying the name. Also, look into PDO.

  10. Post #10
    >_> Ubercake's Avatar
    January 2010
    192 Posts
    Use htmlentities($desc, ENT_QUOTES);
    That's what i did in the first place

    EDIT: Nevermind, i used htmlentities without ENT_QUOTES

  11. Post #11
    Dragon Member
    Dragory's Avatar
    January 2006
    1,312 Posts
    That's what i did in the first place
    For some reason the GET "name" is still getting displayed as it is. You sure you're using htmlentities where you echo the name (or for the variable you echo)?

  12. Post #12
    >_> Ubercake's Avatar
    January 2010
    192 Posts
    For some reason the GET "name" is still getting displayed as it is. You sure you're using htmlentities where you echo the name (or for the variable you echo)?
    What do you mean? The only GET I'm using is in profile.p- ooh it echoes the GET variable and not the actual username. Fixed. Also, if the user was not found, it gives you a message instead of MySQL errors now.

    Edited:

    Nope.

    Code:
    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/news_archive.php on line 39 Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/news_archive.php on line 42 Results Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/news_archive.php on line 45
    To reproduce: search for a single quote ( ' ).

    Nope 2: http://applejaaj.com/profile.php?name=DONGS

    Code:
    Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 12
    DONGS's Profile
    
    Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 24 Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 28 Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 32 Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 4 in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 36
    Nope 3: http://applejaaj.com/login.php7

    Code:
    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/login.php on line 14
    To reproduce: Use a single quote character as your password
    Everything should be fixed. Thanks for the feedback

  13. Post #13
    Gold Member
    Crhem van der B's Avatar
    January 2010
    1,691 Posts
    http://applejaaj.com/profile.php?name=' leads to
    Code:
    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 7

  14. Post #14
    >_> Ubercake's Avatar
    January 2010
    192 Posts
    http://applejaaj.com/profile.php?name=' leads to
    Code:
    Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /mnt/webi/a2/06/53298706/htdocs/profile.php on line 7
    Fixed, thanks!
    Reply With Quote Edit / Delete Reply Windows 7 Germany Show Events Winner Winner x 1 (list)

  15. Post #15
    >_> Ubercake's Avatar
    January 2010
    192 Posts
    I just added email activation

  16. Post #16
    Gold Member
    StinkyJoe's Avatar
    June 2006
    2,196 Posts
    I can still inject SQL through the login form, how are you sanitizing your query parameters?

  17. Post #17
    RUBY OVERLORD
    swift and shift's Avatar
    November 2011
    2,115 Posts
    $pdo->prepare("SELECT * FROM users WHERE username = '$_GET[username]'");
    Reply With Quote Edit / Delete Reply Australia Show Events Funny Funny x 8 (list)

  18. Post #18
    jung3o's Avatar
    October 2011
    2,135 Posts
    where is stinky's PDO guide

  19. Post #19
    >_> Ubercake's Avatar
    January 2010
    192 Posts
    I can still inject SQL through the login form, how are you sanitizing your query parameters?
    mysql_query("SELECT * FROM $mysql_users WHERE $mysql_name='".mysql_real_escape_string(htmlentities($username, ENT_QUOTES))."' AND $mysql_pwd='".mysql_real_escape_string(htmlentities($password, ENT_QUOTES))."'");

  20. Post #20
    RUBY OVERLORD
    swift and shift's Avatar
    November 2011
    2,115 Posts
    never ever escape html except for right before output
    Reply With Quote Edit / Delete Reply Mac Australia Show Events Agree Agree x 4Informative Informative x 2 (list)