Register | Login | |||||
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
| |
Acmlm's Board - I2 Archive - - Posts by Tuvai |
Pages: 1 2 3 4 5 6 7 8 9 10 11 |
User | Post | ||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 1/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
That's called externally abbuse register.php with some stupid script; one of the many reasons I added a more secure register process on my board. Acmlm Board's register page is way too 'soft', not only because it's easy to launch scripts at it like that, but banned members can re-register oh so easily. And don't give me shit like "There's an IP ban feature", we all know that works like crap ever since these morons found out what proxies are. |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 2/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
What caused everything to get deleted in the first place? Oh well, new starts are nice, and may there be less morons this time 'round. |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 3/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
A few exploits I remember from when I had an Acmlm Board: Put if(!is_numeric($id)){$id=0;} in the top of function.php, otherwise the possibility of screwing around with the $id register global is there, which allows users to see random posts (including the ones in admin/mod forums). Put if(stristr($PHP_SELF,'config.php') or stristr($PHP_SELF,'function.php')){die('Nope, go away.');} in the top of function.php also. This prevents people from looking at config.php and function.php. Leaving this open allows people to 'overload' by using a constantly refreshing script. Basically being able to make a lot of connections at a time and cause the MySQL database to go haywire. (edited by Tuvai on 03-15-04 01:40 AM) |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 4/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Weasel, all you need to do is make a register page with some simple checks. There's a lot of ways to stop a multi-registry script like this. A simple sollution is to add a random number/text string in the bottom which the user needs to type exactly in a text box. Another sollution, which also proves effective against re-registering halfasses (and I can tell, since I've been using this method at my boards for a long time now, even had it on my Acmlm Board long ago), is to add other checks to the register page, such as: Checking if the IP addres is found in the DB. Forcing the user to enter an email address to which a confirmation email is sent (and do this when the user wants to change the email address later, too). Because I was most bothered by AOL lamers long ago, I added some checks that AOL users needed to enter their @AOL.com email address. And then of course, there's the little checks making sure email addresses are correct, as in containing an '@' and '.'. |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 5/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
The disadvantage with downloadable things is that it's NEVER perfect for you as it's not made specificly for you. Obviously I make everything myself, and I made my own forum system and all lest you forget. Concerning websites itself, I don't see why people need to download templates for a website. Once I got a layout printed in my head, it takes me what, 5 to 10 minutes to type out the XHTML (yes, I use XHTML too now instead of normal HTML) completely? Pff, why download other templates/scripts which are way bigger than necesary and can only be integrated in my site with a lot of workarounds and trouble? |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 6/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Let's put it this way, downloading stuff others made is both lack of motivation and skills; period. | |||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 7/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Well, I can understand downloading a forum system; a decent forum isn't made in just a few days, and not everyone can make one either. What annoys me is that there's just (too) many 'sites' that are simply put just a standard forum system or a downloaded portal system (PHPNuke), usually with the default template/layout they come with. All people care about nowadays is having a board, funny how they're suprised when it's a flop, though. OMFG I HEV A PHPBB EN I INSTALLED IT MYSELF IMA WEBMISTER NOW IMS O L37!11 LOLOLROFLMAO!1 |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 8/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Well, asside from all the websites I'm making, I'm trying out a lot of new stuff, I'm always interrested in learning more programming languages. Since I got a lot of spare time at my traineeship site, I'm doing some learning there to fill the time gaps up. I've been toying around with Perl/CGI, XML/XSL and mostly Visual Basic 6.0. I already learned that ASP is pretty much the same as Visual Basic, checking some other scripts online verified that, as I recognised a lot of functions I also used in VB6 (mostly date functions and the mid(), left() and right() functions). Now, I'm using VB6 a lot over there because I'm making a network program which is coming along fine (VB program which interacts with an Access DB, using DAO/MDAC), that's pretty much the only thing I'm using VB for, I got the Visal Studios package installed here at home as well, but barely use it, other to make the program to connect to my site's future battle system. ASP however, as it's webbased and I AM pretty much a webscripter, I like to toy around with at home as well; preferably at my own computer instead of having to use an external web host. I already understand I need to install IIS and I need the Windows CD for it, question is, how do I install it? |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 9/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Originally posted by TikalFan2K5 Finally! The board's back! I decided to register as TikalFan2K5 instead of TF2K4 here because this is the new board. I wonder how many versions you ARE going to have to make of yourself. Weren't you banned before, by the way? I can't make versions of myself, Tuvai doesn't have a number. (edited by Tuvai on 03-15-04 07:19 AM) |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 10/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
I didn't feel like registering yesterday. But I wanted number 69. 69 is a kinky number! |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 11/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Pconnect = Persistent connection Unlike mysql_connect(), mysql_pconnect() doesn't open a new connection every time, but first check if there already is an open connection with the host. |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 13/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Simple, the maximum ammount of connections is a server setting; if the ammount of open connections is or is higher than the number in that setting, you get the error. EDIT: What I am wondering is why mysql_close() is used in the Acmlm Board source code... mysql_close() is not supposed to be used with mysql_pconnect, but mysql_connect. (edited by Tuvai on 03-15-04 08:08 AM) (edited by Tuvai on 03-15-04 08:11 AM) |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 14/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Well, you're most probably not the only site hosted on the server you are on, so it's a little dependant on the other sites as well. | |||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 15/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Lucky bastards, all of you... I have to teach myself everything on traineeship; all I get at school is stupid HTML, and not even in a proper way. | |||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 16/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
I LOVE that second one, it looks kind of GBA-ish. | |||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 17/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
I was born Catholic; if I could've chosen I wouldn't have. I hate religion; religion majorly causes war. And don't say that's not true; how many wars has humanity been through because of religious conflicts? How many bombings and assaults have there been lately by religious (mostly Islamitic) extremists? As for God, that's even bigger bullshit if you ask me; to me it's nothing more than a stupid fairytale made up by some lame, bored drunkard. There is no God; and to all the people who are going to assault me in this thread now with either "He does!" or "Prove he doesn't!", say whatever you want, but until a real God's existance is proven, I won't ever change my mind about God, and religion for that matter. (edited by Tuvai on 03-15-04 09:23 AM) |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 18/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
I don't think Lihead doesn't deserve an AcmlmBoard anymore, mehehe. *g* | |||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 19/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Letting members use something like that isn't really a good idea; better is to make an admin-uploader where all you have to do is upload a pic using the good ol' 'Browse...' input. Either that, or making sure that the upload has limitations (maximum file size, only certain extensions, etcetera). But the thing is, if you let users upload their pics like thad, they'll upload crap, guarranteed. People... just do that. |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 21/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Originally posted by Kitten Yiffer And incase they do upload stuff which is "crap", then they should get an warning or ban. And do you really think that works? That's the same as posting behavior. People are not supposed to spam and they still do, the same will happen with a photo album upload script, trust me; been there, done that. Period. |
|||
Tuvai Permanently banned for account hacking. Level: 24 Posts: 22/211 EXP: 74894 For next: 3231 Since: 03-15-04 Since last post: 566 days Last activity: 339 days |
| ||
Originally posted by Weasel I didn't get ANY programming knowledge from High School. If that was a reply to my post: I'm already in college for 2 years. |
Pages: 1 2 3 4 5 6 7 8 9 10 11 |
Acmlm's Board - I2 Archive - - Posts by Tuvai |