New PHP Script.. Test it out will ya? - GoFuckYourself.com

Dynamix · 11-29-2004, 03:11 PM

Let me know if you run into any problems..

http://www.dxan.com/cobra/

jawanda · 11-29-2004, 03:13 PM

no problems, looks good man.

mynetporn · 11-29-2004, 03:14 PM

Seems to work ok. Nice job.

sean416 · 11-29-2004, 03:14 PM

looks good dude, good job.

ProjectNaked · 11-29-2004, 03:15 PM

Dynamix · 11-29-2004, 03:19 PM

Okay two questions then--

1) At the top of the index there's a thumbnail (the "Latest Photo").. should this link to the photo or to the celebrity gallery it belongs to?

2) The "This Month" What's New page.. should it show updates in the last 30 days or just in that month, even if it's the 1st of the month?

Any other suggestions?

mynetporn · 11-29-2004, 03:23 PM

Quote:

Originally posted by Dynamix
Okay two questions then--

1) At the top of the index there's a thumbnail (the "Latest Photo").. should this link to the photo or to the celebrity gallery it belongs to?

2) The "This Month" What's New page.. should it show updates in the last 30 days or just in that month, even if it's the 1st of the month?

Any other suggestions?

1. If you are going to have ads and such in the gallery then to the gallery. If not then I would say link to the pic.

2. I would think that "This Month" should only be the current month.

Side Note: I am really not impressed with all the blue on blue. Maybe add another color or something to make it stand out.

rickholio · 11-29-2004, 03:34 PM

I'm noticing that a couple of the thumbnails are turning out all black, like here ...

iBOUNCER · 11-29-2004, 03:43 PM

OK, a few security concerns.

1) Looks like your just pulling whatever file the user asks for. See: http://www.dxan.com/cobra/image.php?...ges/header.gif

This is bad.

2) You are not validating input, equally bad; see:

http://www.dxan.com/cobra/model.php?...g%20input&id=1

You are escaping meta characters, which is a good thing.

Let me know if you need any help closing these things up.

Otherwise, looks cool

Dynamix · 11-29-2004, 03:52 PM

Quote:

Originally posted by rickholio
I'm noticing that a couple of the thumbnails are turning out all black, like here ...

Aye, those are from trying to upload GIF's.. I had the ImageMagick functions only working with JPEG's before updating.

swedguy · 11-29-2004, 03:55 PM

Quote:

Originally posted by iBOUNCER
OK, a few security concerns.

1) Looks like your just pulling whatever file the user asks for. See: http://www.dxan.com/cobra/image.php?...ges/header.gif

This is bad.

2) You are not validating input, equally bad; see:

http://www.dxan.com/cobra/model.php?...g%20input&id=1

You are escaping meta characters, which is a good thing.

Let me know if you need any help closing these things up.

Otherwise, looks cool

You beat me to it

iBOUNCER · 11-29-2004, 03:58 PM

Quote:

Originally posted by swedguy
You beat me to it

Hey, that's why I make the BigBucks(TM) as a security consultant to the stars.

Dynamix · 11-29-2004, 03:59 PM

Quote:

Originally posted by iBOUNCER
OK, a few security concerns.

1) Looks like your just pulling whatever file the user asks for. See: http://www.dxan.com/cobra/image.php?...ges/header.gif

This is bad.

2) You are not validating input, equally bad; see:

http://www.dxan.com/cobra/model.php?...g%20input&id=1

You are escaping meta characters, which is a good thing.

Let me know if you need any help closing these things up.

Otherwise, looks cool

Thanks for the input, both flaws have been fixed

xclusive · 11-29-2004, 04:01 PM

It's looking good a lot of potential...

swedguy · 11-29-2004, 04:03 PM

Quote:

Originally posted by Dynamix
Thanks for the input, both flaws have been fixed

http://www.dxan.com/cobra/browse.php?type=fname&kw=%

Might wanna change so you can only use for example a-z in "kw" and every other var that can only have specific input.

crockett · 11-29-2004, 04:05 PM

looks pretty cool

11-29-2004, 03:11 PM	#1
Dynamix G F Y not Industry Role: Join Date: Jan 2004 Location: MN Posts: 2,910	New PHP Script.. Test it out will ya? Let me know if you run into any problems.. http://www.dxan.com/cobra/ __________________ TGPFactory Full TGP Design & Installation Services ICQ 250 142 484 · AIM TGPDynamix · Email: patrick (at) tgpfactory (dot) com See who I am at AdultWhosWho.com!

11-29-2004, 03:14 PM	#4
sean416 Confirmed User Join Date: Feb 2004 Location: Toronto Posts: 3,633	looks good dude, good job. __________________ ServerProvider.com

11-29-2004, 03:19 PM	#6
Dynamix G F Y not Industry Role: Join Date: Jan 2004 Location: MN Posts: 2,910	Okay two questions then-- 1) At the top of the index there's a thumbnail (the "Latest Photo").. should this link to the photo or to the celebrity gallery it belongs to? 2) The "This Month" What's New page.. should it show updates in the last 30 days or just in that month, even if it's the 1st of the month? Any other suggestions? __________________ TGPFactory Full TGP Design & Installation Services ICQ 250 142 484 · AIM TGPDynamix · Email: patrick (at) tgpfactory (dot) com See who I am at AdultWhosWho.com!

11-29-2004, 03:43 PM	#9
iBOUNCER Confirmed User Join Date: Nov 2004 Location: Monster Rain Posts: 214	OK, a few security concerns. 1) Looks like your just pulling whatever file the user asks for. See: http://www.dxan.com/cobra/image.php?...ges/header.gif This is bad. 2) You are not validating input, equally bad; see: http://www.dxan.com/cobra/model.php?...g%20input&id=1 You are escaping meta characters, which is a good thing. Let me know if you need any help closing these things up. Otherwise, looks cool __________________ Secure PHP Programming - Secure E-Commerce Design Site & Server Security Reviews - Code Reviews The new and improved iBOUNCER. Give us a try. ICQ: 201971159 or http://www.iBOUNCER.com

11-29-2004, 04:01 PM	#14
xclusive Too lazy to set a custom title Join Date: Apr 2004 Location: Buffalo, NY Posts: 35,218	It's looking good a lot of potential... __________________ I support MediumPimpin.com / Shemp's Outlawtgp.com /

11-29-2004, 03:13 PM	#2
jawanda Confirmed User Join Date: Feb 2003 Posts: 6,040	no problems, looks good man.

11-29-2004, 03:14 PM	#3
mynetporn Confirmed User Join Date: Jun 2004 Location: FL Posts: 1,154	Seems to work ok. Nice job.

11-29-2004, 03:15 PM	#5
ProjectNaked Confirmed User Join Date: Jul 2004 Location: Detroit Areola Posts: 4,309

11-29-2004, 03:34 PM	#8
rickholio Confirmed User Industry Role: Join Date: Jan 2004 Location: Nor'easterland Posts: 1,914	I'm noticing that a couple of the thumbnails are turning out all black, like here ...

11-29-2004, 04:05 PM	#16
crockett in a van by the river Industry Role: Join Date: May 2003 Posts: 76,806	looks pretty cool __________________ In November, you can vote for America's next president or its first dictator.