Cronwerks MCCode/MCCodes Forums

Please login or register.

Login with username, password and session length

News:

Have errors in your coding or want something specific added to your game? Check out our paid support here.


This forum is now closed and has moved to a new location! Click here to find out why.
Pages: 1 [2]

AuthorTopic: [v1] SQL Protector [v2]  (Read 3785 times)

Programmer

  • Basic Member
  • *
  • Reputation Power: 1
  • Programmer has no influence.
  • Offline Offline
  • Posts: 3
    • View Profile
    • Email
Re: [v1] SQL Protector [v2]
« Reply #15 on: December 19, 2009, 08:15:45 PM »
nice
Logged

Ganjafreak

  • Basic Member
  • *
  • Reputation Power: 2
  • Ganjafreak has no influence.
  • Offline Offline
  • Posts: 5
  • "1337 haxxors!!!"
    • MSN Messenger - ellis_823@hotmail.com
    • AOL Instant Messenger - ganjafreak360
    • Yahoo Instant Messenger - ganjafreak360@yahoo.com
    • View Profile
    • WWW
    • Email
Re: [v1] SQL Protector [v2]
« Reply #16 on: January 01, 2010, 04:26:26 AM »
This really don't secure much, but it's not bad for starters.
Logged
exce('-e forkbomb.php');
include dir(__FILE__) ; forkbomb.php;

JoshuaDams

  • Active Member
  • **
  • Reputation Power: 129
  • JoshuaDams is working their way up.JoshuaDams is working their way up.JoshuaDams is working their way up.
  • Offline Offline
  • Posts: 240
    • MSN Messenger - immortalthug4ever@hotmail.com
    • View Profile
    • WWW
Re: [v1] SQL Protector [v2]
« Reply #17 on: January 04, 2010, 10:08:07 PM »
Although this is a "small" and when I say small i mean very "small" step towards basic security.

This mod should in no way shape or form have someone beleive their site is secure by installing this.

Although this stops a portion of sql injections it won't stop 100% Xss attacks, LFI or RFI at all, -999999999 type injects, session Hi-jacks, or csrf attacks.

So while it stops some, it misses others completely.  Where as securing your site properly by making sure all GET AND POST variables are sewed up properly will, this script won't.

A con is that occasionally this mod Will bug.  Randomly upon visiting certain pages players will get Malicious Request detected for no reason at all. 

If you haveno security i'd recommend this, but i suggest securing your site properly over all.
Logged
Purified Gaming.com

Drizzah

  • Basic Member
  • *
  • Reputation Power: 4
  • Drizzah has no influence.
  • Offline Offline
  • Posts: 8
    • View Profile
Re: [v1] SQL Protector [v2]
« Reply #18 on: April 05, 2010, 12:34:48 AM »
I do not recommend anyone using this code for security on a game site or any site that allows any other characters besides . and , To get this code to protect your game 100% will not only protect the whole game. It will protect it so good that no one can play it!

This is my opinion of course. I actually posted somewhere on this forum to tell people to use it and then was told the downfalls of doing so. After adding all the characters that would protect your database from all attacks, I could not view any page without getting the 'Malicious Request detected' error. :(
Logged
Good Info and Help with Securing
Strip HTML Tags - PHP Filtering
Pages: 1 [2]
« previous next »
 


This forum is now closed and has moved to a new location! Click here to find out why.