[phpBB Debug] PHP Warning: in file [ROOT]/phpbb/auth/provider/godb.php on line 137: Undefined array key "PHPSESSID"
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4129: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3008)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4129: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3008)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4129: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3008)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4129: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3008)
goproblems.com • Internal site update

goproblems.com

Solve go problems: improve your game
https://www.goproblems.com/forum/

Internal site update

https://www.goproblems.com/forum/viewtopic.php?t=612

Page 1 of 1

Internal site update

Posted: Mon Apr 06, 2009 11:08 pm
by adum
hey guys, i've spent some time reworking the codebase of the site. (essentially transitioning from PHP4 to PHP5 and trying to clean up all the SQL injection points.)

anyway, hopefully everything is working and nothing has changed, but if you see any bugs, please post them to the forum right away.

and if you find any sql injection spots, please email me.

Re: Internal site update

Posted: Tue Apr 07, 2009 2:09 pm
by santa c
ah hopefully it'll work...
(i'm kinda curious, are you going to publish the flaws and how they were fixed? :)

also could u please take a look at the get problem on the main page (fails to work)
also if you're going to leave the commercials on the front it might be nice to call them so and not partner sites :)

edit: also see attempt paths doesnt work ^^*

Re: Internal site update

Posted: Tue Apr 07, 2009 5:05 pm
by adum
thanks santa -- i have fixed the get problem from main page, and also the attempt paths.

sorry about the ads on the front page, but my contract says i have to call them partner sites. hopefully nobody will get confused, or i'll remove them when the contract is up.

the site flaws weren't very interesting -- basically, i didn't pay any attention to sql injection when i designed the site, so any page that queried the db based on user input was vulnerable. there were also some places where i didn't screen user input well enough for things like embedded javascript.

thanks,
adum

Re: Internal site update

Posted: Sun Apr 12, 2009 12:45 pm
by lok
I don't know if this is related with the site update, but there is a (recent?) change with my user account right management.
It seems :
- I can see the "Desactivate comment" checkbox on any comment on any problem, but I can't desactivate comments (even mine).
- I can see the "Edit" button on all problems (before it was only with mine), but I cannot edit other's problem.

Re: Internal site update

Posted: Mon Apr 13, 2009 6:09 am
by sorinab
Maybe it's not from update but my solving history was erased somehow . I think I've solved 4-5 hundred problems (anyhow all problems between 30 and 15 k were solved).
Now it seems that I dosen't solved any problem. In this moment appears solved only the problems I did today.
Than you.

Re: Internal site update

Posted: Tue Apr 14, 2009 12:53 pm
by adum
lok -- thanks, i've fixed both of those problems now.

sorinab -- unless you have a pro account, your solving history will periodically get erased.

Re: Internal site update

Posted: Wed Apr 15, 2009 5:31 am
by sorinab
adum wrote:sorinab -- unless you have a pro account, your solving history will periodically get erased.
tx :cry:
All times are UTC-08:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited