Thread: vB Tetris v2.5 | Leaderboard, Comments and High Score System v2.5 :)
View Single Post
  #335  
Old 08-16-2002, 03:11 PM
Stuwee Stuwee is offline
 
Join Date: Aug 2002
Posts: 5
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Riiiight... very nice game and all credit to you for that, but there are two glaring big holes in your script here which I feel somewhat obliged to point out.

First and foremost, even with your updated script, it's still 100% possible to cheat (by posting the values using a form instead of using the querystring). For example - this simple html form run on your own machine:

Code:
<form name="tetrischeat" method="post" action="http://yoursite/tetris.php?action=reg">
  enter your score! 
  <input type="text" name="punteggio"><br>
  and your userid (get from bbuserid field in cookie)<input type="text" name="userid"><br>
  <input type="submit" value="What's tetris again?">
</form>
It just requires digging out your userid from the vB cookie. For a working example, register on our boards, and then give it a shot here.

Secondly, the comment system here is very open to abuse. For example, as your comment, try:

Code:
<script>alert("i rock j00!")</script>
And you'll see what I mean. Luckily, the mysql comment column is restricted to 70 charaters, which limits the damage we can do with this (no XSS cookie harvesting kiddies, sorry)... but it can still be rather annoying.

Overall, a little more thought is needed here in order to secure the script properly. Let me know if you need any help with this, I'll be happy to help.
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01080 seconds
  • Memory Usage 1,766KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete