these ass you know what keep hacking my site well more like stealing sessions from mysite ive tried everything but nothing works they always come back and and hack it can someone please teach me how to hack for atleast how to prevent this 
-
-
dont allow use of external images or if you do use a php image
make an external links page that doesnt include session id
and prevent everywhere from malicious codes being entered
-
"realcoder" haha u av to do a few tins 2 do, basically explained by somethingelse, remove external imaging. Ther are a few hotspots, u find d rest bt d dominant is in avatar form in edit profile. Forget d form lol, i c sum idiot coders rmv d form dats STUPID. Anyway, i've hinted u alot, rmv avatar, and also rmv img bbcodes. Others exist, find em.Comment
-
so what about the sql injection the use in the password field outsideComment
-
use $pass = mysql_real_escape_string($pass)
img bb code can be safe to use if you know how to code it to prevent session stealingComment
-
yea bt dats unnecessary risk taking.. Therz a injection hole there? O.o didnt knw. Anyway escape ANY data dat entas ur sites database.. NOTE i said ANY, escape i.p even if u avto. Beta 2 err on d side of caution.Comment
-
Also dont use uploaders unless they are protected against vicious files being uploaded
Comment
-
-
thanks alot
thanks for all your help i will do as toldComment
Comment