Menu
Forums
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Trending
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Upgrades
Log in
Register
What's new
Search
Search
Search titles only
By:
All threads
Latest threads
New posts
Trending threads
New posts
Search forums
Menu
Log in
Register
Navigation
Install the app
Install
More options
Contact us
Close Menu
Forums
Server Development
Habbo Retros
Habbo Releases
CMS Releases
RevCMS Working Homes!
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Justtest" data-source="post: 140200" data-attributes="member: 11318"><p>There is a exploit in de code..</p><p>better use this code:</p><p> </p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333"><?php</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">function clean($str) {</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$str = @trim($str);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">if(get_magic_quotes_gpc()) {</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$str = stripslashes($str);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">}</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">return mysql_real_escape_string($str);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">}</span></span></p><p></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$username = filter($_REQUEST["user"]);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$userid = filter($_REQUEST["id"]);</span></span></p><p></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">// User Info \\</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$userinfo = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'"));</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$_GET2 = mysql_fetch_assoc($userinfo);</span></span></p><p></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$user = filter($_GET2['username']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$id = filter($_GET2['id']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$looks = filter($_GET2['look']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$email = filter($_GET2['mail']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$rank = filter($_GET2['rank']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$motto = filter($_GET2['motto']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$credits = filter($_GET2['credits']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$pixels = filter($_GET2['activity_points']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$pvip = filter($_GET2['vip_points']);</span></span></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">$online = filter($_GET2['online']);</span></span></p><p></p><p><span style="font-family: 'Comic Sans MS'"><span style="color: #333333">?></span></span></p></blockquote><p></p>
[QUOTE="Justtest, post: 140200, member: 11318"] There is a exploit in de code.. better use this code: [FONT=Comic Sans MS][COLOR=#333333]<?php[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]function clean($str) {[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$str = @trim($str);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]if(get_magic_quotes_gpc()) {[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$str = stripslashes($str);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]}[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]return mysql_real_escape_string($str);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]}[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333][/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$username = filter($_REQUEST["user"]);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$userid = filter($_REQUEST["id"]);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333][/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]// User Info \\[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$userinfo = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'"));[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$_GET2 = mysql_fetch_assoc($userinfo);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333][/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$user = filter($_GET2['username']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$id = filter($_GET2['id']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$looks = filter($_GET2['look']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$email = filter($_GET2['mail']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$rank = filter($_GET2['rank']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$motto = filter($_GET2['motto']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$credits = filter($_GET2['credits']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$pixels = filter($_GET2['activity_points']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$pvip = filter($_GET2['vip_points']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]$online = filter($_GET2['online']);[/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333][/COLOR][/FONT] [FONT=Comic Sans MS][COLOR=#333333]?>[/COLOR][/FONT] [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Server Development
Habbo Retros
Habbo Releases
CMS Releases
RevCMS Working Homes!
Top