...

View Full Version : new an easy to use & integrate with existing site login & privilages verify module



litwol
09-21-2005, 06:52 PM
Hello,

i have developed an easy to use login & privilage access module for an any-use web application that is very portable and easily integrateable into any website template.

feel free to take a look and email me if you want to use it.

you can find it here:
http://www.programmers-unlimited.com/forum/?TOPICID=449

bcarl314
09-21-2005, 07:58 PM
Hmm,

Well I think you've got some pretty serious security problems with this. Remember to ALWAYS ALWAYS ALWAYS validate input from $_GET and $_POST.

I can easily load your php code with the following:



http://64.158.178.196/cms/admin/litwol_access_mo.php?template=d:\web\hias.org\StagingServer\cms\admin\litwol_access_mo.php&regex=/{LiT_body}/


The problem probably stems from this code:


if(isset($_GET['template']) && isset($_GET['regex']))
{
$template = loadFileWeb($_GET['template']);
$regex = $_GET['regex'];
}



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum