Does sombady already know where to put this file intro MuWeb 0.8 ? I dont have alot expierence intro Websites or any coding so please can sombady tell me where to put this intro MuWeb 0.8 ?
Does sombady already know where to put this file intro MuWeb 0.8 ? I dont have alot expierence intro Websites or any coding so please can sombady tell me where to put this intro MuWeb 0.8 ?
Weedlord, try put it in includes/character.class.php, there are functions of add/manage accounts. But i think muweb 0.8 is already full secure from sql inject and u don't need use this script (i don't use muweb that is only my opinion).
Sry for my eng.
Savoy, do u release all script of xweb?
great man ...
thx
work 4 muweb ??
Thanks so much, good job:flag_schw
in muweb 0.8 u put this script into /includes/muweb.php
which makes the whole website become one blank page, which means that no, this script doesnt work with all websites -.-
nice job... creative idea, apply a double single quote rather than removing it... seems simple enough and effective.
for those ppl that dont know how to use this, just paste this at the top of your index.php you shouldnt have many problems... the script automatically filters all data...
I actually don't recommend using muweb 0.8 unless you redo all of the scripts, I have seen a lot of very effective scripts applied, including some of my own, get haxed on MW 0.8 :/Originally Posted by anhnga
myea, i used to like muweb cause its so editable and simple. but now its plain garbage. unless someone comes up with the full and real fix to all the holes.
btw, i dont think this would work if u put in index.php, index.php is not the file whcih connects to mssql, if you put this in a file which actually has the connection scripts in it, page goes puff - blank.
Well this looks like it will work only way to find out is to use it.
I am using it and ill let you know if any intrusions occur while using it .
Thanks themad good release 9/10 :winky:
if you put it b4 the include "config.php"; or etc it clears all client controlled data before any scripts use that data... so its like:
open index.php
run the script //which fixed the data
connect to server //by including your connection file
call fixed data //like $account = $_POST['account'];
execute query with fixed data //you shouldn't need more protection than that... unless you want to be precaution ;)
basically it has to be executed before your sql scripts are executed, in theory, it should work just by putting it at the top of the index.php because the index.php is where the site comes together, if you want to feel more secure you could put it be for the area where you connect to the server, but it should work the same if you put it at the top of the index
Last edited by RisingKing2010; 30-08-08 at 03:22 PM.
hmm, okai, i l see if this works on the ultrahackable muweb 0.8 ;D
lolz gj 10/10
;]
I will allow this bump cus its useful.
If you do it again Kirka you'll be infracted.
um.. why exactly? because i replied to a 1year old topic? whats wrong with that?
thanks for the release !!!
Reply With Quote