Well not sure who, but someone logged in as guest and gave some pointers.

Just like to say thanks.

I placed restrictions on all forms now (login/register /posts), only allowing letters, numbers, and a few others( . , " ). Also you have to post at least 1 word or your message won't get posted, so blank posts aren't possible now.

Ummm, not sure how to prevent sql injection. I read a couple of guides on the net. I think what I got from it was I need to filter my inputs?

Also, I am really making this for fun, trying to learn more about php. I really want to see if I can do it.

edit-
Okay for sql injection issues, I blocked all sql commands. If a user posts in any input: DELETE FROM, ALTER TABLE, SELECT *, and all the other commands, it will die() before the database is reached.

Hmm, I tried to inject SQL command to your site, almost all failed. Then I just went to googled some stuff and could see all your works. Have a index.php page on every folder .

Yeah, I know my main index has nothing, I just left it like that for the time being so I didn't have to type the whole address in everytime. Its a test site for me.

Yeah, when it is posted, I have it search the string for a array of extensions, characters, and certain words, than if it comes up positive, you get a die(). I realized I am going to block this --, because that is common in injections.

What do you mean almost all failed?

be sure to use addslashes() for variables when you're inserting data into a database, and stripslashes() when outputting data from a database. This prevents SQL injection potential. magic_quotes_gp c() is now depricated and removed as of php 6.0 - relying on that is discourged as indicated from the php.net website.

Thanks bs0d. I didn't use those either, I will add them.

I'll be honest, I am not sure if I am even doing any of this correct, I never took classes on php.

@bs0d

How did you do your tags like [Link]. Did you use javascript?

It looking real good the structure ok. It better than what i could do.

Kudos to you

 David1 159 said...

  David1159 said...

cool, thanks guys for the help, much appreciated.

I just finished so topics will have pages 1,2,3 if there are more than 10 posts. wasn't that hard either.

I spent the last 2 hours recoding it, fixed a ton of problems. it is much much more solid now. trunicated my tables, started fresh.

Once again, thanks, especially bs0d.

k, I have all different tags [B][LINK][IMG][ URL] etc.

Everything works in Firefox not in IE , another reason why IE sucks

<BR><f ont size=1><u >Code:</u ></font&g t;<BR>< ;div name="div _box" class="di vCode"> ;<input type="but ton" value="UR L" OnClick=" document.posts. message.value = document.posts. message.value + '[URL=http://. .. ]description[/U RL]';" >

Very clean design. I jumped around a bit and everything worked the way I would expect if I was looking for breed information. I'm impressed.