I am for whole day can`t make psy web understand russian :(
I am for whole day can`t make psy web understand russian :(
Denied
& Other Team Members
Totally love this Web & Project - Contact me if you are recruiting more members.
take a look to psyweb tables and change collation
Last edited by aecrimch; 28-05-09 at 10:44 PM. Reason: remove pictures
aecrimch: Why not do ur own base code and have ur own release :) We are now confused if this is psychoweb or HARDMU^^
i think you are right phit666, this project have nothing to do with psyweb, ill delete all pictures...
Temporarily we aren't recruiting any new members but the project will be continued in 2-3 weeks .
very goODdd !!!!!
My Muweb got hacked in 1day xD
PSYMuweb got hacked in 1day xD
Server sided is 100% protected... So website...
Last edited by Netzo; 04-06-09 at 06:34 PM.
Never connect to your MuOnline db with your db_owner user.
Create a new user with very limited permissions and use this user to connect to db through web.
Good job you guys. One thing though, doesn't really get the idea with encrypting the whole thing, since this is the non-commercial version. It keeps it very limited to modify the skins of it without having you to do it. Except that, well done.
PsychoJr already started developing the PsyMuWeb 2.0 , it wont be encrypted .
Okay, that's good.
To the makers/devs,
Are the passwords encrypted? Like in sha1?
I really like the site so I just might pay you if you can add/adjust things to my server(maybe banners, and diff settings since it's not a mu server)
Again, good job
Good news for everyone , we already started the PsyWeb 2.0 and i can assure you that it will be awesome .
We are looking for some people to sponsorize our project to get a hosting + a domain where we can offer support of website . If someone is interested in being our sponsors please contact me by private message , whoever will donate to this project will get premium benefits .
Also we are looking for people who know how PsyWeb 1.0 was hacked so we can fix this problems in 2.0 .
Some screenshots will be coming out soon .
pages/rankings.php isnt protect at all by security.php script (in fact function check_inject() dont check anything xD: ex: calling in browser:)
any mssql error message can be easily exploit (a little ex):
any hacker will exploit this (even if he dont know the queries in pages/rankings.php) (1=1 will make valid our queries)
a simple solution for this:
PHP Code:<?php
if ($_GET['c']==NULL){jump('index.php');}
$c = $_GET['c'];
$where=array('all', 'sm', 'bk', 'guild',...etc);
if (!in_array($_GET['c'], $where)) {jump('index.php');}
?>
Last edited by aecrimch; 07-06-09 at 08:09 PM. Reason: add
Reply With Quote