BitShop Forum

The official BitShop forum
http://bitfreak.info/forum/

index.php?page=item&id=9'A=0

http://bitfreak.info/forum/viewtopic.php?t=1102

Page 1 of 1

index.php?page=item&id=9'A=0

Posted: Tue May 24, 2016 3:24 pm
by thoughtless
I belive that some people try to SQL inject something in my website,

Code: Select all

index.php?page=item&id=9'A=0
The bad news is that they can see Full Path Disclosure:
Notice: Undefined variable: file in /var/www/domain.com/public_html/inc/pages/item.inc.php on line 2
Invalid item ID. Please check the URL.

Re: index.php?page=item&id=9'A=0

Posted: Thu May 26, 2016 10:05 am
by bitfreak
You should have error reporting completely disabled when the shop is live so those error messages don't show up.

Re: index.php?page=item&id=9'A=0

Posted: Fri May 27, 2016 4:48 pm
by thoughtless
Yeah, I forgot about that. Thank you.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited