Here's something really useless!

> > > Here's something really useless!

Posted on

A small pie will soon be eaten
Member Since: Aug 26, 2004

Copy and paste this code into the address bar of your browser and hit GO.

javascript:Ai7Mg6P='';for (i7M1bQz=0;i7M1bQz<document.images.length;i7M1bQz++)
{Ai7Mg6P+='<img src='+document.images[i7M1bQz].src+'><br>'};
if(Ai7Mg6P!=''){document.write('<center>'+Ai7Mg6P+'</center>');void(document.close())}
else{alert('No images!')}

Makes everything but images go away.



[ Back to Top ]


Administrator
Since: Apr 03, 2002

Jul 21, 2005 08:24 am

There are lots of goofy javascript tricks like that...you can use javascript in the URL bar to set cookies, which, if you know how a web site is designed and the security isn't tight, you can actually use to break in. You can also popup dates the file was last changed and all sorts of stuff.

A small pie will soon be eaten
Member
Since: Aug 26, 2004

Jul 21, 2005 08:36 am

Thats a bit scary! i'm doing a site at the moment and don't fancy people getting member listings and the like!


Administrator
Since: Apr 03, 2002

Jul 21, 2005 08:41 am

Well, that is where a decent security model pays off...for example, with every page load of HRC the users authentication is checked against numerous different pieces of criteria, so it's beyond just validating against one single thing, several things would need to be spoofed.

Encryption of passwords is good, a simple SHA1 or MD5 is good, I personally have my own little encryption scheme...which is helpful in making it more cryptic...something simple like md5 encryption, split that encrypted string into a couple chunks and reorder them...anything like that...

A small pie will soon be eaten
Member
Since: Aug 26, 2004

Jul 21, 2005 09:00 am

Thats a great idea! i'll get my Database guy onto that one! Which is to say my mate who's doing the Database stuff :)

We are using SQL and Cold Fusion7 for the back end stuff!

Actually our Server is in the USA! CF7 is SO expensive to get hosted over here.



Administrator
Since: Apr 03, 2002

Jul 21, 2005 09:03 am

ColdFusion? Jeezuz, are you producing your music on 4 track reel to reel too? ;-)

A small pie will soon be eaten
Member
Since: Aug 26, 2004

Jul 21, 2005 09:11 am

Well i'm also using Dreamweaver to build it but maybe i should switch to Front page now :)

Administrator
Since: Apr 03, 2002

Jul 21, 2005 09:16 am

heheheh, no, don't sell out that much :-)

I use dreamweaver pretty often as well, nice app, at least the code view is, I never use the drag n' drop view so I dunno what that's like...I've been using DW for about 3 years and seen drag n' drop view maybe three times until recently...I am currently doing formatting now for a lot of Best Buy's mass email campaigns, I have started using drag n' drop interface for that cuz the email formatting has to be OLD SCHOOL HTML, I don't wanna hand code that and get back into bad habits, so I use it for that...

DW is quite good with PHP and ASP as well, PHP is VERY easy to and cheap to host. CF is expensive cuz Macromedia charges a holy-friggin-fortune for the ColdFusion interpreter to install on the server.

> > > Here's something really useless!

Related Forum Topics:


If you would like to participate in the forum discussions, feel free to register for your free membership.