1
General discussion / Re: Best way to store money online?
« on: August 21, 2015, 04:08:56 am »
Use a second account to transfer the money to that one of a good friend / family member / fake account maybe.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
3
Tutorials / Re: Stealing User Info with PHP Images
« on: May 14, 2015, 11:04:11 am »
Same for Gmail etc.
4
General discussion / Re: New alpha dev release
« on: April 27, 2015, 10:12:03 pm »
Alpha uses PDO, that should mitigate most SQLi. DDoS has nothing todo with the system itself, at least its unlikely.
5
General discussion / Re: New alpha dev release
« on: April 27, 2015, 09:59:02 pm »
Yeah, and since no one is checking alpha for any security holes it won't be noticed that quick till someone does. Same reasoning like saying Windows is more secure because the source is closed and the developers are doing it for ages. The reasoning is just broken.
First thing, I think I mentioned it before is that the CSRF tokens are not refreshed after submitting a form. Now...that shouldn't be like that.
First thing, I think I mentioned it before is that the CSRF tokens are not refreshed after submitting a form. Now...that shouldn't be like that.
6
General discussion / Re: New alpha dev release
« on: April 27, 2015, 09:43:19 pm »
Sure, because a board system written by a single person - no offense ande - will be more secure than a system written by multiple people, where random people already looked at the source code.
That is nothing but security through obscurity, since no one knows how the code is written and most likely it won't be more secure, but also if there are vulnerabilities no one will find them unless they are abused.
I expected a better judgement on the situation tbh.
That is nothing but security through obscurity, since no one knows how the code is written and most likely it won't be more secure, but also if there are vulnerabilities no one will find them unless they are abused.
I expected a better judgement on the situation tbh.
7
Web Oriented Coding / Re: $_POST trouble
« on: April 27, 2015, 07:02:42 pm »
1. Using mysqli is absolutly fine.
2. Yeah, and you pasted htmlentities, which is not safe. Use htmlspecialchars as you wrote, and for integers intval() or a typecast.
Also as comment, the code shown here is horrible. There are multiple guidelines, however, as start you might want to
watch into the http://www.php-fig.org/psr/ guidelines. They are fairly good adapted.
2. Yeah, and you pasted htmlentities, which is not safe. Use htmlspecialchars as you wrote, and for integers intval() or a typecast.
Also as comment, the code shown here is horrible. There are multiple guidelines, however, as start you might want to
watch into the http://www.php-fig.org/psr/ guidelines. They are fairly good adapted.
8
High Quality Tutorials / Re: Analyzing Malware by Example---Sample 4
« on: March 26, 2015, 01:28:05 pm »
Great post, will give it a try at the weekend!
9
Projects and Discussion / Re: Visual Binary Analysis - [PYTHON]
« on: March 08, 2015, 01:12:20 am »
I stopped working on the project quite some time ago, but the GUI looks good. 
10
Projects and Discussion / Re: Visual Binary Analysis - [PYTHON]
« on: March 07, 2015, 09:47:28 pm »
Yup Yup Yup....
And yeah Deque, the idea I had after reading a few blog posts from corte.si and after a talk from the DerbyCon about visualizing binaries. I also linked those to HTH.
And yeah Deque, the idea I had after reading a few blog posts from corte.si and after a talk from the DerbyCon about visualizing binaries. I also linked those to HTH.
11
General discussion / Re: How exactly do you get work as a developer?
« on: February 27, 2015, 07:17:50 pm »
Since you lack knowledge and skill, you wouldn't be a big help in OS projects yet, don't take that personal. So I woulld recommend you start with a project you are interested in. Something that would help your life and your friends, that can be an Mobile App with Web Tech (See later Link Collection), a Web System or anything else. Just try to build things which would help you and other people.
When you are done, take a look how you have done it, which problems did you face and did you solve them. In both cases, check out how other people have solved them or how to even avoid these issues completely. Take a look at the PSR Style Recommendation for PHP, LESS for CSS and especially read basic tutorials on MVC and jQuery.
You just lack knowledge in terms on how to solve things, so you ideally should start off with reading style guides on HTML, CSS and jQuery. If you want to, you can include things like LESS into the list of "What to learn?". Don't read only one guide, read multiple ones all over the net and try to combine them to something where you can say "Hey, that's useful" and apply it to your project.
Some things which you might find useful in your future:
http://blog.codinghorror.com/understanding-model-view-controller/
http://cssguidelin.es/
http://lesscss.org/
http://getbootstrap.com/
http://www.php-fig.org/psr/psr-1/
https://angularjs.org/
I used most of these resources and I guess you might find some of these useful too.
When you are done, take a look how you have done it, which problems did you face and did you solve them. In both cases, check out how other people have solved them or how to even avoid these issues completely. Take a look at the PSR Style Recommendation for PHP, LESS for CSS and especially read basic tutorials on MVC and jQuery.
You just lack knowledge in terms on how to solve things, so you ideally should start off with reading style guides on HTML, CSS and jQuery. If you want to, you can include things like LESS into the list of "What to learn?". Don't read only one guide, read multiple ones all over the net and try to combine them to something where you can say "Hey, that's useful" and apply it to your project.
Some things which you might find useful in your future:
http://blog.codinghorror.com/understanding-model-view-controller/
http://cssguidelin.es/
http://lesscss.org/
http://getbootstrap.com/
http://www.php-fig.org/psr/psr-1/
https://angularjs.org/
I used most of these resources and I guess you might find some of these useful too.
12
General discussion / Re: How exactly do you get work as a developer?
« on: February 27, 2015, 03:07:48 pm »
Pro Hint: Social Engineering Websites are not the best thing to show a potential employee.
You ever did some OpenSource projects or supported existent ones? That is usually a good thing to
show, since they can track what you have done and how you commuinicated with the maintainers etc.
Otherwise from just what I have seen in the board, your web development skills are not really yet that high
to live from it. That's no offense, but you were lacking quite some basic knowledge and followed a lot of
bad practice principles.
Otherwise, look for smaller jobs on the web and built up some customer relations. In my country that's not really
expensive and it gives you some great experience. But please, first try to learn a bit more about best practice principles
in Web Development.
You ever did some OpenSource projects or supported existent ones? That is usually a good thing to
show, since they can track what you have done and how you commuinicated with the maintainers etc.
Otherwise from just what I have seen in the board, your web development skills are not really yet that high
to live from it. That's no offense, but you were lacking quite some basic knowledge and followed a lot of
bad practice principles.
Otherwise, look for smaller jobs on the web and built up some customer relations. In my country that's not really
expensive and it gives you some great experience. But please, first try to learn a bit more about best practice principles
in Web Development.
13
General discussion / Re: Something similar to a study group, but not quite.
« on: February 25, 2015, 11:51:08 pm »
No, sounds like something a sane person would say.
14
General discussion / Re: Valentines day
« on: February 14, 2015, 06:10:17 pm »
Cooking together and relaxing. That's it.
15
Beginner's Corner / Re: [PHP] Insert data into database
« on: January 20, 2015, 01:43:56 pm »
And for X-thousand times: Your code is horrible structured. Why the heck do you need the actual database connection setup in your HTML main body? You can do that stuff in a separate file or in the head of the file.