Bravo List
Register
Go Back   > Bravo List > Source Code > Archive > OpenTracker
Reply
  #11  
Old 24-06-12, 19:35
Optix's Avatar
Optix Optix is offline
ZenTracker Developer
 
Join Date: Sep 2011
France
Posts: 145
Default
Demo.
Reply With Quote
  #12  
Old 24-06-12, 19:35
LeeHowarth's Avatar
LeeHowarth LeeHowarth is offline
TT
 
Join Date: Nov 2008
Posts: 95
Default
Looks cool, i like the design nice and basic...

on the demo i came across a notice error, mysql error

Code:
Notice: Undefined index: group in /var/opentracker.nu/demo/library/Acl.php on line 76  Notice: Query fel in /var/opentracker.nu/demo/library/DB.php on line 79 MYSQL_ERROR - 
Database error: Invalid SQL: SELECT * FROM tracker_forum_categories  WHERE category_group <=   ORDER BY category_sort ASC
MYSQL Error: 1064 (You have an error in your SQL syntax; check  the manual that corresponds to your MySQL server version for the right  syntax to use near 'ORDER BY category_sort ASC' at line 4)
This page is unavailable at the moment. Please try again.
And sanitize user input for avatar url because i shouldnt be able to enter the logout url as the avatar pic, on a module like the forums if it shows users avatars then everyone could be logged out...
Reply With Quote
  #13  
Old 24-06-12, 19:40
unkn0wn's Avatar
unkn0wn unkn0wn is offline
Senior Member
 
Join Date: Jan 2012
Micronesia, Federated States of
Posts: 29
Default
looks very nice mate, id shag it ;)
Reply With Quote
  #14  
Old 24-06-12, 19:43
Wuild's Avatar
Wuild Wuild is offline
opentracker
 
Join Date: Jun 2012
P2P
Posts: 33
Default
Quote:
Originally Posted by djhowarth View Post
Looks cool, i like the design nice and basic...

on the demo i came across a notice error, mysql error

Code:
Notice: Undefined index: group in /var/opentracker.nu/demo/library/Acl.php on line 76  Notice: Query fel in /var/opentracker.nu/demo/library/DB.php on line 79 MYSQL_ERROR - 
Database error: Invalid SQL: SELECT * FROM tracker_forum_categories  WHERE category_group <=   ORDER BY category_sort ASC
MYSQL Error: 1064 (You have an error in your SQL syntax; check  the manual that corresponds to your MySQL server version for the right  syntax to use near 'ORDER BY category_sort ASC' at line 4)
This page is unavailable at the moment. Please try again.
And sanitize user input for avatar url because i shouldnt be able to enter the logout url as the avatar pic, on a module like the forums if it shows users avatars then everyone could be logged out...

Thanks for the input, i will have a look at it.
The system is in heavy development right now.
Not all the security features nor other shit is there yet.
Keep in mind that we are developing everything from scratch :)

Bump:
Quote:
Originally Posted by Optix View Post
Demo.
i dont see how Zend would make a different since you'r the one creating all the forms.
Reply With Quote
  #15  
Old 24-06-12, 19:54
kizze's Avatar
kizze kizze is offline
openTracker Dev
 
Join Date: Nov 2011
Sweden
Posts: 13
Default
Do not forget to make an account on our forum, where you can make suggestions or just talk to us!
__________________
KizzE
www.opentracker.nu
kizze@opentracker.nu
Reply With Quote
  #16  
Old 24-06-12, 20:05
djzoulox's Avatar
djzoulox djzoulox is offline
Senior Member
 
Join Date: May 2012
Denmark
Posts: 77
Default
kizze if you notice you site runs faster with out facebook stuff to :P or 3rd party
stuff looks like a nice source though clean theme etc
__________________
https://blog4.eu
Reply With Quote
  #17  
Old 24-06-12, 20:16
Wuild's Avatar
Wuild Wuild is offline
opentracker
 
Join Date: Jun 2012
P2P
Posts: 33
Default
Quote:
Originally Posted by djzoulox View Post
kizze if you notice you site runs faster with out facebook stuff to :P or 3rd party
stuff looks like a nice source though clean theme etc
Its a matter of opinion ;)
Reply With Quote
  #18  
Old 24-06-12, 20:24
Bigjoos's Avatar
Bigjoos Bigjoos is offline
U-232 Dev
 
Join Date: May 2008
United Kingdom
Posts: 244
Default
Quote:
Originally Posted by djhowarth View Post
Looks cool, i like the design nice and basic...

on the demo i came across a notice error, mysql error

Code:
Notice: Undefined index: group in /var/opentracker.nu/demo/library/Acl.php on line 76  Notice: Query fel in /var/opentracker.nu/demo/library/DB.php on line 79 MYSQL_ERROR - 
Database error: Invalid SQL: SELECT * FROM tracker_forum_categories  WHERE category_group <=   ORDER BY category_sort ASC
MYSQL Error: 1064 (You have an error in your SQL syntax; check  the manual that corresponds to your MySQL server version for the right  syntax to use near 'ORDER BY category_sort ASC' at line 4)
This page is unavailable at the moment. Please try again.
And sanitize user input for avatar url because i shouldnt be able to enter the logout url as the avatar pic, on a module like the forums if it shows users avatars then everyone could be logged out...
Aye like djhowarth says - You will never ever trust any user input on a site no matter if its users or staff, to do otherwise is suicide, you ensure all user supplied data is sanitized at $_POST or $_GET ect, you force numeric values to be numeric only, you also sanitize every single mysql query be it a SELECT or UPDATE or INSERT, follow those golden rules and you will have no problem, if you do not have such experience use a framework like suggested although i prefer to manually secure my work, that way i know whats coming in and what wont be.
Reply With Quote
  #19  
Old 24-06-12, 20:31
Wuild's Avatar
Wuild Wuild is offline
opentracker
 
Join Date: Jun 2012
P2P
Posts: 33
Default
Quote:
Originally Posted by Bigjoos View Post
Aye like djhowarth says - You will never ever trust any user input on a site no matter if its users or staff, to do otherwise is suicide, you ensure all user supplied data is sanitized at $_POST or $_GET ect, you force numeric values to be numeric only, you also sanitize every single mysql query be it a SELECT or UPDATE or INSERT, follow those golden rules and you will have no problem, if you do not have such experience use a framework like suggested although i prefer to manually secure my work, that way i know whats coming in and what wont be.
All mysql insertions and updates ect are sanitized automaticly thrue my mysql class.

in this case it did not check the url ect, but when updated in the user field it is sanitized. i could upload a copy of my mysql class and you'll see for your self.
Reply With Quote
  #20  
Old 24-06-12, 20:43
djzoulox's Avatar
djzoulox djzoulox is offline
Senior Member
 
Join Date: May 2012
Denmark
Posts: 77
Default
Quote:
Originally Posted by Wuild View Post
Its a matter of opinion ;)
well i don't think it looks that bad, all sources comes with major work and error's i think , that's why were all here to help thoes who can help ,
and also as you guys stated it is in developement , it's gonna be cool to see who will run a major site with this new script .

but wish you all good luck with your source
__________________
https://blog4.eu
Reply With Quote
Reply

Tags
opentracker , source , torrents tracker , tracker

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 18:54. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2018, vBulletin Solutions Inc.