LCKB ** OLD LCKB DATABASE ** Guides & Help Section Tutorials & Guides Ep1 Guides v
Register Script

Linear Mode
Register Script
Warmonger
Unregistered
 
#8
11-06-2011, 01:37 AM

I suggest you, try to sql inject it if you succeed, post it. This method i posted will changes the characters that i usually used for sql injection into other characters.The Sql injection will be inserted into the database and not executed.

2

 

Try sql inject my old code above, if you succeed post it. My private site is un-hackable and use other measures. I use mysql_real_escape_string in my private site, but only for queries in which it is intended. Account info isnt case sensitive client -> server so it doesnt matter either way.

 

You can also just push the input off onto a function to be sanitized like so.

 

//Sanitizes AccountIDs & Passwords
//Non-Referenced aswell as Referenced passing of variables.
//Does also return (string) $input
function inputT1 (&$input)
{
$input = preg_replace (/[^a-z0-9_\.]/i, , $input);

return $input;
}

 

There are many ways to do the same purpose. If they want a complete un-hackable site they can purchase a package here => 2


Messages In This Thread
[No subject] - by Gothic - 10-06-2011, 12:10 AM
[No subject] - by megachombas - 10-06-2011, 10:50 AM
[No subject] - by MonarC - 11-05-2011, 11:33 PM
[No subject] - by Warmonger - 11-05-2011, 11:52 PM
[No subject] - by someone - 11-06-2011, 12:09 AM
[No subject] - by Warmonger - 11-06-2011, 12:29 AM
[No subject] - by someone - 11-06-2011, 01:27 AM
[No subject] - by Warmonger - 11-06-2011, 01:37 AM
[No subject] - by someone - 11-06-2011, 10:25 AM
[No subject] - by Warmonger - 11-06-2011, 02:04 PM
[No subject] - by Darquise - 11-06-2011, 07:21 PM
[No subject] - by blade5000 - 11-19-2011, 02:02 PM
[No subject] - by Darquise - 01-23-2012, 01:41 PM
[No subject] - by Koko - 01-23-2012, 05:25 PM
[No subject] - by pv2_002 - 05-31-2012, 11:31 AM

Forum Jump:


Users browsing this thread: 2 Guest(s)