Thread: Project U-232
View Single Post
  #353  
Old 9th August 2015, 08:01
BamBam0077 BamBam0077 is offline
Banned
 
Join Date: Jul 2013
P2P
Posts: 410
Default
I am not sure if anyone else has picked it up but all there variables allow a hacker into site so I would strongly suggest to change all single variables to longer variables and make them clear also your functions need to be more secure and clear.

$htmlout .= ""; not valid!

$INSTALLER09_HTMLOUT = ""; valid!

dbcon() not safe or wise!
core_connection () would be wiser and more secure!
Make it go through a few security loops before connection made to database.

Use php5.5!! hide php!! chmod 0655 of all folders and files inside /var/www or whatever directory you use to host your sites plus the /www/ folder needs to be chmod 0655.