Jump to content

Pay2Paid.com - Online trades made easy/ PSC - PP - Bank


Recommended Posts

Posted

Dude...

 

http://pay2paid.com/page.php?pid=6 "

 

qri0c5.jpg

 

http://pay2paid.com/page.php?pid=6'

 

width=904 height=768http://i40.tinypic.com/2z4ag5i.jpg[/img]

 

http://pay2paid.com/page.php?pid=6+order+by+5--

 

width=886 height=768http://i40.tinypic.com/swp7aw.jpg[/img]

 

You really have to prevent SQL Injections by sanitizing the data being sent from $_GET and $_POST Arrays.... its really bad practice to put data directly to your SQL from a GET or POST request.

Posted
  On 3/1/2012 at 5:27 PM, Extremer said:

fdLP. for me works fine

 

of course the site works perfectly fine if you dont know were to watch and what to do... for plain english if you are a normal user who just want to do his/her job.

 

What im pointing out is for Frank who should take care of this soon.

Posted
  On 3/1/2012 at 5:20 PM, fdLP. said:

Dude...

 

http://pay2paid.com/page.php?pid=6 "

 

qri0c5.jpg

 

http://pay2paid.com/page.php?pid=6'

 

width=904 height=768http://i40.tinypic.com/2z4ag5i.jpg[/img]

 

http://pay2paid.com/page.php?pid=6+order+by+5--

 

width=886 height=768http://i40.tinypic.com/swp7aw.jpg[/img]

 

You really have to prevent SQL Injections by sanitizing the data being sent from $_GET and $_POST Arrays.... its really bad practice to put data directly to your SQL from a GET or POST request.

 

seems strange, since I escaped properly the values. Maybe the hosted php version doesn't support a function I used.. anyway problem fixed, thanks for reporting...

Posted
  On 3/2/2012 at 4:20 PM, supermac said:

It's automatically ?

who knows, i added the psc code and they sent me the paypal :D gl bro

Guest
This topic is now closed to further replies.



×
×
  • Create New...