Forgive me for my input. Thought people would appreciate.

I am dealing with multiple things atm thought u-232 people should know that but whatever right.

Sorry!

The wrapper name is completely irrelevant as its only a php wrapper, I could name it $CUNT - $FUCKER - $$I_CONTAIN_UNSANITIZED _CODE - Makes not a jot of difference however the code I deploy within my wrapper does, firefly already mentioned, If i don't sanitize output from db to screen or if i don't protect sql querys then I'm in trouble. This shit is child's play, been advising people of its importance and how to do it for years on TBdev =]

Below is great, I could inject for fun and pawn any db using it


Sqlesc applied on the query stops any injection period

No htmlspecialchars on output means I can deploy an XSS attack with ease and you won't have a clue its been deployed and I'll have you redirected to some other server

So sanitize any output before printing to screen

At a minimum

I'm not naive, security is taken seriously on U-232 and I ain't no mug that does not understand its usage nor its importance, sure I'll have missed a odd one out of thousands but in general U-232 is tight. And thats not fool proof, experienced operators will gain access if they try hard enough, there's plenty out there trying on a daily basis =]

Hint bro variables should never be used for echo print unless defined but that still is risky. If i am wrong i'll bow down and look back through my libary of life and tell you i was wrong. 98.7% I am correct though. I know you take security serious i just was passing over some info i learnt when i 15years old security and an idea.

I used this when i was 13yrs old but only wanted it to host so i could give out free html / css scripts. http://phorum.org learnt something unique about it once i found again on my birthday it is hackproof and bulletproof been round since 98 i believe the year after md5 was hacked.

If anyone truely cared about security would sha5() with double_check() not sha1, sha2, sha3, sha4 lol

error misconfiguration
 

Hello i have an error to project u232 v4

I have install https://github.com/Bigjoos/U-232-V4 on debian 7 wheezy
and therefore I can not have the installer

the error is
internal server error
The server encountered an internal error or misconfiguration and was unable to complete your request.

excuse me for my English but I'm French.

Why ?

your server is not properly configured.
make sure you have module expires and module rewrite activated in apache2/nginx

Or I can know if these files are enabled or not ?

virtualhost ?

dont install trackers on shared hosting. best chances are wont work and you dont have administrator access to install what is required. :coffee:

im an administrator and login to root and i have install command etc....
and i have install first version of U232 no soucis but i'm search how to install V4 ?

then use phpinfo in a file to see the information on your modules
or user a2enmod rewrite and a2enmod expires
then restart apache and voila

thank you very much Dnd it's ok for rewrite and expire and i have access to installer thanks