View Single Post
  #11  
Old 29th March 2016, 02:21
needforszpit needforszpit is offline
Member
 
Join Date: Nov 2009
Hungary
Posts: 1
Default
security bug:" $from = (int) $_POST["from"];
sql_query("UPDATE users SET seedbonus = seedbonus - '$amount' WHERE id = '$from' LIMIT 1");"
lack of controll: if($from!=$CURUSER["id"]) die("Bla bla bla...Transfer from another user like You, is denied!");

Another bug was: $ammount....
$ammountarray=array("10","25","50","100");
if(!in_array($ammount,$ammountaray))die("Bla bla bla...This ammount is not allowed");
Reply With Quote