[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

https://librebook.xyz love me please https://librebook.xyz

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /g/ - Technology
  3. https://librebook.xyz love me please https://librebook.xyz
Thread replies: 6
Thread images: 1

Anonymous
2016-10-06 18:12:13 Post No.
[Report] Image search: [Google]
File: spam.png (33KB, 512x512px) Image search: [Google]
spam.png
33KB, 512x512px
Anonymous 2016-10-06 18:12:13 Post No. [Report]
https://librebook.xyz

love me please

https://librebook.xyz
>>
Anonymous 2016-10-06 18:17:02 Post No.56953046
[Report]
Anonymous 2016-10-06 18:17:02 Post No.56953046 [Report]
index of 33 results...
are you even trying?
>>
Anonymous 2016-10-06 18:25:22 Post No.56953151
[Report]
Anonymous 2016-10-06 18:25:22 Post No.56953151 [Report]
>>56952984
some things I noticed

- Instead of filtering out ' and - in every SQL parameter, use proper escaping, or even better, prepared statements
- Make uploaded files accessible only via a subdomain. Prevents possibly malicious code that might cause CSRF or steal muh cookies (due to blocked Javascript requests because of CORS)
- You are silently cutting of >150 or >30 chars in the input fields, add a maxlength parameter to the inputs
- Use some 
include
on the language switch thing (redundant in every file)
>>
Anonymous 2016-10-06 18:28:18 Post No.56953188
[Report]
Anonymous 2016-10-06 18:28:18 Post No.56953188 [Report]
>>56953151
also, $class on the book submission is not validated nor escaped in the sql query in any way
>>
Anonymous 2016-10-06 18:28:36 Post No.56953193
[Report]
Anonymous 2016-10-06 18:28:36 Post No.56953193 [Report]
>>56953151
very precious input. thank you.
>>
Anonymous 2016-10-06 18:29:38 Post No.56953206
[Report]
Anonymous 2016-10-06 18:29:38 Post No.56953206 [Report]
>>56953188
THAT is the only vulnerability i could spot while checking my code. great job.
Thread posts: 6
Thread images: 1
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.