index.php?page=item&id=9'A=0

Look here if you're having trouble with BitShop
Post Reply
thoughtless
Posts: 19
Joined: Fri Apr 01, 2016 11:22 am

index.php?page=item&id=9'A=0

Post by thoughtless »

I belive that some people try to SQL inject something in my website,

Code: Select all

index.php?page=item&id=9'A=0
The bad news is that they can see Full Path Disclosure:
Notice: Undefined variable: file in /var/www/domain.com/public_html/inc/pages/item.inc.php on line 2
Invalid item ID. Please check the URL.
User avatar
bitfreak
Site Admin
Posts: 98
Joined: Thu Dec 10, 2015 6:57 pm
Location: Australia
Contact:

Re: index.php?page=item&id=9'A=0

Post by bitfreak »

You should have error reporting completely disabled when the shop is live so those error messages don't show up.
thoughtless
Posts: 19
Joined: Fri Apr 01, 2016 11:22 am

Re: index.php?page=item&id=9'A=0

Post by thoughtless »

Yeah, I forgot about that. Thank you.
Post Reply