-
Posts
-
By Utchiha-Market · Posted
Discord : utchiha_market Telegram : https://t.me/utchiha_market Auto Buy Store : https://utchihamkt.mysellauth.com/ Join our server for more products : https://discord.gg/qtkJASMbKV https://campsite.bio/utchihaamkt -
By Utchiha-Market · Posted
Discord : utchiha_market Telegram : https://t.me/utchiha_market Auto Buy Store : https://utchihamkt.mysellauth.com/ Join our server for more products : https://discord.gg/qtkJASMbKV https://campsite.bio/utchihaamkt -
i saw somewhere that: $var = (int) $_POST['some_id'] ?? string::error_class('text'); it was when i gave up and deleted the sources let him, he does not even understand what cross site or mitm means still waiting for any client of yours so i can play with them DUDE IM GONNA CALL YOU BoberKurwa FROM NOW ON!! rename your account aswell! BoberKurwa! Note: what happend to your chatgpt answers boberkurwa did your subscription of $12.5/$20 ended? it is PSR12 standard -
if i was you i would check first argentinian developer team to learn and contribute then start my own project privatly and then practice in free coding for my self, then you would be ready to learn standards and code out of nothing, and if you fail means you are in good path, if you win you are in for higher level, whatever you do be persistent and focused, thats what i did when i had time.
-
.thumb.png.b8c670f34de56a5b725691b17807071d.png)
Dude, seriously , how are you okay with publishing something like this as a public repo? I spent just 30 minutes reviewing your source code and already managed to bypass your API wall on the admin routes. You really need to rethink your server to client logic. What's the point of saving data both to your API and to the user's database? You first fetch the servers from your API and then save them to the database. What’s stopping someone from simply fetching their server data directly from the database and bypassing all the API logic? The client you provide as a public repo should only act as a wrapper around your service API and that's it. The API should handle all the logic, including connecting to the corresponding servers based on authentication key requests and so on. I don't even want to get started on the fact that your codebase is a complete mess...... unused variables everywhere, empty classes, and zero input validation. Anyone can pass whatever payload they want without restrictions. You seriously need to fix these issues before some poor guy who has no idea ends up buying your service. And don’t even start with "I'm still waiting for my server to get hacked" because no one is going to waste time trying to hack something that's not even worth the effort. just by checking this im 90% confident someone can find something. Also, you claim that 250 domains are already using your service? I seriously doubt that. also LOL
-
-
-
-
Topics
-
Recommended Posts