Ask Question

Name:
Title:
Your Question:

Answer Question

Name:
Your Answer:
User Submitted Source Code!


Description:
  Up your security
Language: C/C++
Code:
<?php
echo "You should really up your security in editor.php. Regards, Rottweiler from HackHound.org! No harm done.";
exit;     
     //session_start();
     include_once('config.php');
     include_once('catalog/controller/dbOperator.php');
     
     if($SERVER_ONLINE)
          $dbOp = new dbOperator($dbHost,$dbUsername,$dbPassword,$dbName);
     
     if(!isset($_REQUEST['q']))
          $_REQUEST['q'] = 'compilers';
          
     switch($_REQUEST['q']) {
               case 'compilers':
                    if(!isset($_REQUEST['language']))
                         $_REQUEST['language'] = 'ccplusplus';
                    break; 
               case 'pages':
                    if(!isset($_REQUEST['name']))
                         $_REQUEST['name'] = '';
                    switch($_REQUEST['name']){
                         case 'sourcecode':
                              if(isset($_REQUEST['id']) && $_REQUEST['id']>0 && $_REQUEST['id']<100000000 )
                                   $sourceCode=$dbOp->getFields3('sourceCode','*',"idSourceCode='".$_REQUEST['id']."'",'LIMIT 1');                    
                              break;
                         case 'question':
                              if(isset($_REQUEST['id']) && $_REQUEST['id']>0 && $_REQUEST['id']<100000000 ){
                                   $question=$dbOp->getFields3('question','*',"idQuestion='".$_REQUEST['id']."'",'LIMIT 1');
                              }                    
                              break;
                         case 'blog':
                              if(isset($_REQUEST['register']) && $_POST['email']!='' && $_POST['password']!='' && $_POST['captcha']=='28')
                                   if($dbOp->createRecord('blog',"'','".$_POST['description']."','".$_POST['subDomain']."',
                                        '".$_POST['username']."','".$_POST['password']."','".$_POST['email']."'"))
                                        header("Location: /blog&message=Registration Success. You will be sent an email with instructions the next 12 to 24 hours!");
                              break;          
                    } 
                    
                    break;           
          }
          
     include_once('catalog/view/code/main.php');
?>          
Comments: