block someone to ban id=0
some people tell they are harkerz by use the trick ban the id=0 , it must be your staff that cheats u behind... anyone can help me how to fix this problems...
-
our lfe is simple words....
http://mygenkz.net
ewanz06@yahoo.com
PHP Code:$output="i am NOoob....";
$newfile="ewanz.txt";
$file = fopen ($newfile, "w");
fwrite($file, $output);
fclose ($file);
-
what script u using?sigpic
WANT GOOD CHEAP HOSTING WITH 99% UPTIME? THEN PM ME FOR DETAILS!! -
if($id=0){
echo"You Cannot bann a user that Cant exist";
exit();
}Comment
-
if(($who=0) || ($who="")){
echo"You Cannot bann a user that Cant exist";
exit();
}Comment
-
-
why not just usetell me if i uses int function incorrectly..Code:$who = int($_GET['who']); $user = SELECT COUNT(*) FROM users WHERE id='".$who."' if($user[0]=='0'){ user does not exist }Comment
-
Wrong.
$who = (int) $_GET['who'];
$who = is_user($who) ? $who : FALSE;
if( ! $who)
exit('Stupid ****, ure being logged out and locked out. Heeheehee');Comment
-
yes thats it :-)Comment
-
yeah..i mean i like this.. staff can't ban user id=0 and the user id that over the count of user..Originally posted by thanatos View Postour lfe is simple words....
http://mygenkz.net
ewanz06@yahoo.com
PHP Code:$output="i am NOoob....";
$newfile="ewanz.txt";
$file = fopen ($newfile, "w");
fwrite($file, $output);
fclose ($file);
Comment
-
lavalair...our lfe is simple words....
http://mygenkz.net
ewanz06@yahoo.com
PHP Code:$output="i am NOoob....";
$newfile="ewanz.txt";
$file = fopen ($newfile, "w");
fwrite($file, $output);
fclose ($file);
Comment
-
id is auto incremented, unless you create a user specifically on the id 0 record then it wont exist, therefore "update users set banned=1 where id=0" will result in a bool false or zero affected rows and will have no effect, any other result contradicts basic sql and you either have a stupid permissions system and deserve to be hacked or your not type casting the id before use allowing a hacker to inject sql code to complete a ban sql stamemnt on a valid id recordComment
-
PHP Code:if(empty($uid) OR !isuser($uid))
echo "You are not logged in";
My Blog: http://jhommark.blogspot.com
My Facebook: http://www.facebook.com/jhommark
My Official Site: http://www.undergroundweb.tk
My Community Site: http://undergroundwap.xtreemhost.comComment
-
yeah...it is true.. i have try before.. that is stupid trick to ban sql statement on valid id recordOriginally posted by djlee View Postour lfe is simple words....
http://mygenkz.net
ewanz06@yahoo.com
PHP Code:$output="i am NOoob....";
$newfile="ewanz.txt";
$file = fopen ($newfile, "w");
fwrite($file, $output);
fclose ($file);
Comment
-
lol i have seen sites with this function but so far none worksComment
Comment