vb.org Archive
Page 8 of 8 « First 67 8
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)
-   -   security seems not a main priority in vb hacks (https://vborg.vbsupport.ru/showthread.php?t=73307)

sabret00the 03-25-2005 07:09 PM
here's a question

is it bad to do

PHP Code:
$variable addslahes($variable);
$DB_site->query("INSERT INTO table(column)
VALUES ($variable)"); 

Tekton 03-25-2005 07:42 PM
I'm getting into the habit of uni'ing and adding the slashes to anything that isn't intvaled when inserted into the DB with user added stuff.

Marco van Herwaarden 03-25-2005 07:57 PM
Quote:
Originally Posted by sabret00the
here's a question

is it bad to do

PHP Code:
$variable addslahes($variable);
$DB_site->query("INSERT INTO table(column)
VALUES ($variable)"); 
That is Ok

sabret00the 03-25-2005 08:16 PM
Quote:
Originally Posted by MarcoH64
That is Ok
thanks :)

MRGTB 10-22-2005 04:45 AM
On a lighter note, this thread made me laugh a little!

Because I see many people who have loads of hacks installed. Then when a new version of vBulletin is released they sometimes remove there whole board because of mass hacking which they cannot revert back to upgrade to a new version of vBulletin. Then after doing a clean install of the new vBulletin version to plug possible security issues, they then re-hack there board all over again which could possibly add security issues all over again which they just upgraded to avoid.

Hahaha, Guess there must be method in that madness somewhere! :squareeyed:

Onimua 10-22-2005 10:09 AM
Quote:
Originally Posted by Gary Bolton
On a lighter note, this thread made me laugh a little!

Because I see many people who have loads of hacks installed. Then when a new version of vBulletin is released they sometimes remove there whole board because of mass hacking which they cannot revert back to upgrade to a new version of vBulletin. Then after doing a clean install of the new vBulletin version to plug possible security issues, they then re-hack there board all over again which could possibly add security issues all over again which they just upgraded to avoid.

Hahaha, Guess there must be method in that madness somewhere! :squareeyed:
That is odd, heh.

I personally only modify files if it's something I feel is worth it (and if it's no more than at least 3 or so files). I also try to avoid plugins and hacks that modify the database as best as possible too.

Marco van Herwaarden 10-22-2005 10:58 AM
Modifying the database would not create a security problem in 99% of the cases. On the other hand 1 code edit (or even 1 plugin) could put your board wide open.

Onimua 10-22-2005 11:14 AM
Quote:
Originally Posted by MarcoH64
Modifying the database would not create a security problem in 99% of the cases. On the other hand 1 code edit (or even 1 plugin) could put your board wide open.
Avoidance of database changes are more of enabling me to easily upgrade more than anything else. I don't like wondering how anything database-wise would effect me later on. Just a thing of mine. :p

Zachariah 10-22-2005 12:30 PM
It's simple to me. RTFM
If it don't work uninstall it.

If you know how to fix it. PM / Email the creator how to fix.
Best of all, Backup so you can restore after you mess it up.

It's a NO BRAINER.

:D

Marco van Herwaarden 10-22-2005 01:52 PM
We where talking security i think?


All times are GMT. The time now is 05:54 AM.
Page 8 of 8 « First 67 8
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01063 seconds
  • Memory Usage 1,739KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php_printable
  • (4)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete