this script is good but..i have found a dangerous point..:
{ if (rtrim($salsan[$i])==$salasana && rtrim($salnim[$i])==$nimi){$a="1";}}
if the site for exemple were : mychat.myhost.com/mobilechat/index.php
anybody putting on his phone this link http:// mychat.myhost.com/mobilechat/prividis.php?nimi=writeanick=1
CAN ENTER WITH no LOGIN and READ PRIVATES..
same thing writing chat.php
anybody enters to read in chatroom
dangerous : ="1" ..using it, anybody enters!
the solution is to say to masters using this script TO CHANGE ="1" with a fantasy words ,for exemple :="worldx"
this change must be done in every pages that contains
{ if (rtrim($salsan[$i])==$salasana && rtrim($salnim[$i])==$nimi){$a="1";}}
;)[/b]
{ if (rtrim($salsan[$i])==$salasana && rtrim($salnim[$i])==$nimi){$a="1";}}
if the site for exemple were : mychat.myhost.com/mobilechat/index.php
anybody putting on his phone this link http:// mychat.myhost.com/mobilechat/prividis.php?nimi=writeanick=1
CAN ENTER WITH no LOGIN and READ PRIVATES..
same thing writing chat.php
anybody enters to read in chatroom
dangerous : ="1" ..using it, anybody enters!
the solution is to say to masters using this script TO CHANGE ="1" with a fantasy words ,for exemple :="worldx"
this change must be done in every pages that contains
{ if (rtrim($salsan[$i])==$salasana && rtrim($salnim[$i])==$nimi){$a="1";}}
;)[/b]
Comment