ok thanks i got that read and understood what you did change, but still the questions left abot the action, can it be cancled, not only logged ?
ok thanks i got that read and understood what you did change, but still the questions left abot the action, can it be cancled, not only logged ?
and on website when i try to reg it always show, hacking attemp you are such a nooby.... and not registering - stops the action.:P need to fix this too, waiting got your reply.
Ok i fixed that hacking attemp... now all working fine, left ONLY 1 think, wich i want that you help me to fix... stop the action if its using the sql-injection. Please help. I am still online. thanks.
i think now is all ok, i just downloaded the new version of anti_sqlinjection php script... not that wich shared john_d.
Check the referer string to match your website.Originally Posted by graywolf
After the redirect, make sure you have a die(). I don't remember if you do.
after redirrect i have:
=== FALSE ) {
die ( 'Hacking attempt. Your are such a Nooby!.. ' );
**;
the newier version of the anti injection is in the mutoolz xmas version ... it has GET protection now.,. coz some people actually program with GET variables.
after i get sober ill will make a new thread with a new schema of protection for PHP websites.. yet another tutorial.. i have been using this,. so i guess it is very protected.
can i have a link to newest version ?
Where is the protection code to ASP pages ? ...
thanks
john_d you are a greate man!
bad, not good to be recording in data file.
if (stristr($_SERVER['HTTP_REFERER'], 'http://www.supamu.info') === FALSE ) {
die ( 'Hacking attempt. Your are such a Nooby!.. ' );
**
You can spoof your refferal headers to anything now a days :)
anyone can help me plss? here's my ym bradix_john_123@yahoo.com
I have a problem with the code you provided.
Warning: session_destroy() [function.session-destroy]: Trying to destroy uninitialized session in ...
If you rely upon stored data it may potentially be tainted, code should be using mysql_real_escape_string() (but not addslashes() which is insufficient). This provides limited protection to simple SQL injections, but is the absolute minimum required for all applications trying to use the native database interfaces.
this one will block MUsqltools 2.1 ? because its connect by using IP
Dont like lazy guideswhere to put exactly the code for SQL injections cuz from ur explanation -> "Put these on the top of the page just after <?" i didnt get much ,also do i have the atached file "sql_inject.dll" copy to folder where php.ini is?
Reply With Quote