Secure a Lava Script (Wapdesire)

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Secure a Lava Script (Wapdesire)

    In this Tutorial i will explain the basics of how to secure a lava script:
    1. Lets Remove the Sessions
    The easiest way of removing the session in lava is to use
    PHP Code:
    session_start(); 
    lets put that at the beginning of every page right after the <?php
    ok that still dont removes the sessions right? Thats what we do next
    Wapdesire right from the start checks if a session is already existing in a database we need to delete that and start a new session :
    PHP Code:
      if (isset($_SESSION['sid']))
      {
      
    mysql_query("DELETE FROM ibwf_ses WHERE id='$_SESSION[sid]'");
      unset(
    $_SESSION['sid']);
      
      }
      else
      {
      
    $_SESSION['sid'] = $sid;
      } 
    ok now we go to every page again you will note the
    PHP Code:
    $sid $_GET['sid']; 
    there we are going to change it to
    PHP Code:
    $sid $_SESSION['sid']; 
    after we have done that you can securly remove the &amp;sid=$sid from the links
    We have just removed the sessions from the url congrats
    2. Secure posted data like you might have noted there are a lot of $_GET or $_POST statements lets secure them here is a simple function that will do the job simply put it in core.php
    PHP Code:
    function getget($name$def '') {
      if (isset(
    $_REQUEST[$name]))
        return 
    $_REQUEST[$name];
      else 
        return 
    $def;

    and instead of $_GET or post we use
    PHP Code:
    $pass getget('pass'$pass);
    $user getget('user'$user); 
    for example

    3. Lets secure the gallery

    use phpthumb for gallery simply look in google for phpthumb then in user profiles or in gallery use it the way how to use it is discribed in the phpthumb file

    hope this helps you guys

    PHP Code:
    foreach ($_SERVER as $server => $value)
    {
    echo 
    "$server is $value<br />";


    #2
    thanks allot .. bro, pls also chk this topic. i can give u my files to correct this particular problem.. pls help.. http://coding-talk.com/f16/shouts-5077/

    Comment


      #3
      is it not for arwap script?

      Comment


        #4
        u can use this basicly for any script ive done that to lava methos also

        Comment


          #5
          yeah riderz its fun working with you

          PHP Code:
          foreach ($_SERVER as $server => $value)
          {
          echo 
          "$server is $value<br />";

          Comment


            #6
            lol yea m8 i hope our edit gona be good

            Comment


              #7
              The above doesnt secure a lava script it just makes it harder for noobs to hack

              Comment


                #8
                well, thank you! So, djmatrix and riderz are working together? Can't wait to see your work!
                mysterio.al - programming is a functional art

                Comment


                  #9
                  if it makes it harder for noobs to hack then it is more secure aint it? and mysterio3 yes we work together

                  PHP Code:
                  foreach ($_SERVER as $server => $value)
                  {
                  echo 
                  "$server is $value<br />";

                  Comment


                    #10
                    i agree with DjMatrix its more secure than to do nothing
                    Did I help you?
                    You can help me too
                    Your donations will help me finance my studies.

                    Comment


                      #11
                      actually, a gr8 tutorial.. to help amost everybody coz, many using lavalair here..// thnx allot sir

                      Comment


                        #12
                        Its better to make it hard than to do nothing
                        http://myfacepals.com
                        MYFACEPALS SOCIAL NETWORKsigpic

                        Comment


                          #13
                          Originally posted by DjMatrix View Post
                          if it makes it harder for noobs to hack then it is more secure aint it? and mysterio3 yes we work together
                          kk just saying isnt 100 percent secure

                          changing a session is as easy as changing a url to a lot of people including via phone
                          Last edited by something else; 08.11.09, 20:45.

                          Comment


                            #14
                            what you making, guys? In what you working?
                            mysterio.al - programming is a functional art

                            Comment


                              #15
                              we'll show when we done

                              Comment

                              Working...
                              X