Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    Sep 2005
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    new an easy to use & integrate with existing site login & privilages verify module

    Hello,

    i have developed an easy to use login & privilage access module for an any-use web application that is very portable and easily integrateable into any website template.

    feel free to take a look and email me if you want to use it.

    you can find it here:
    http://www.programmers-unlimited.com/forum/?TOPICID=449

  • #2
    Mega-ultimate member
    Join Date
    Jun 2002
    Location
    Winona, MN - The land of 10,000 lakes
    Posts
    1,855
    Thanks
    1
    Thanked 45 Times in 42 Posts
    Hmm,

    Well I think you've got some pretty serious security problems with this. Remember to ALWAYS ALWAYS ALWAYS validate input from $_GET and $_POST.

    I can easily load your php code with the following:

    Code:
    http://64.158.178.196/cms/admin/litwol_access_mo.php?template=d:\web\hias.org\StagingServer\cms\admin\litwol_access_mo.php&regex=/{LiT_body}/
    The problem probably stems from this code:
    Code:
    if(isset($_GET['template']) && isset($_GET['regex']))
    {
    	$template = loadFileWeb($_GET['template']);
    	$regex = $_GET['regex'];
    }


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •