General > Developers Corner

Questions! Questions! Questions!

<< < (5/12) > >>

Bytewave:
Just a quick little thing:
With your current setup, anyone who gets a hold of the URL for your PHP script can issue bad, malicious SQL on your database, potentially dropping your entire records, modifying others' information, etc.
Especially with the (deprecated) mysql_ functions in PHP, you're leaving a 20-foot-wide hole for anyone with a bit of desire and know-how to do something malicious to your database, whatever that might be.

If you're concerned at all, I can help you clean that up.

Neku:

--- Quote from: Bytewave on March 01, 2015, 09:46:32 AM ---Just a quick little thing:
With your current setup, anyone who gets a hold of the URL for your PHP script can issue bad, malicious SQL on your database, potentially dropping your entire records, modifying others' information, etc.
Especially with the (deprecated) mysql_ functions in PHP, you're leaving a 20-foot-wide hole for anyone with a bit of desire and know-how to do something malicious to your database, whatever that might be.

If you're concerned at all, I can help you clean that up.

--- End quote ---

Well I mean, it's obviously just scoreboard/index.php. :p

MrPresident:

--- Quote from: Neku on March 01, 2015, 11:21:11 AM ---Well I mean, it's obviously just scoreboard/index.php. :p

--- End quote ---

That's the URL for the scoreboard, not the PHP script that interacts with GMOD to update the information.

Bite That Apple:

--- Quote from: Bytewave on March 01, 2015, 09:46:32 AM ---If you're concerned at all, I can help you clean that up.

--- End quote ---

Well I entrust this community (99.6%), though I had added a security protocol lastnight anyways. The entire system will not work unless a certain security phrase is said to ensure it. Trust me when I say, I'm very secure when it comes to a database (well I think I am :S), seeing as I have this cancer here: http://www.f4egaming.com/archive uses ulx logs to finds stuff, sometimes its important and used, sometimes it's not, some bugs with searching (refuses to display steamids, not sure why), other than that I believe it's very secure.

Though you can never have too much security, I'd like to know what you have in mind?

An Error Has Occurred!

array_keys(): Argument #1 ($array) must be of type array, null given

[0] Board index