View Single Post
  #3   Spotlight this post!  
Unread 07-01-2006, 01:23
PaPPy PaPPy is offline
Registered User
AKA: Brian Papile
None #0069 (HYPER)
Team Role: Alumni
 
Join Date: Jun 2001
Rookie Year: 1998
Location: Quincy, Massachusetts
Posts: 34
PaPPy is on a distinguished road
Send a message via AIM to PaPPy
Re: PaPPy's Now Playing Sig

Quote:
Originally Posted by Mike
Good job, a few things:
- Uggghhh, the window extension slow thinger. Please, get rid of it.
- Why are you sending a GET command when you send the data to the webserver? Semantically, you should use POST.
- Why the web-browser component? I'd recommend inet, but WinSock is always fun to learn.
- Your online script is way succeptible to SQL injection. I tried a few things, and couldn't determine any table/field names (my SQL is a tad rusty) but was able to input commands of my own (just couldn't do anything without table/field names)

Otherwise, good job. Looks like a fun little script.
still new to programming and everything with sql, id appricate anything to make it more secure

i dont use any get or post that i know of. it just sends via the address

the reason i created it was because a friend on another bored found the exact same thing but the site was charging 5 bucks a month
__________________
~-PaPPy-~

__________________
Reply With Quote