Youmeo BETA Launch

**today** · 27-08-2008, 02:13 PM

Originally Posted by Excellent

Not when that hacker has hacked you before, he/she then becomes untrusted as it is not needed. If there was a security issue which there obviously was there is no need to exploit it but just send it to an member of staff who will actually deal with it.

Oh, and for anyone who says they don't deal with the problems you haven't seen the issues that were on the beta site, all dealt with within 10 minutes or less ;P

Do you work for them now or something, i get so confused!

~~Excellent~~ · 27-08-2008, 02:18 PM

Originally Posted by today

Do you work for them now or something, i get so confused!

Noo haha, I'm too inexperienced for their current team. I'm just a beta tester and might be a mod on their forums

**today** · 27-08-2008, 02:31 PM

Originally Posted by Excellent

Noo haha, I'm too inexperienced for their current team. I'm just a beta tester and might be a mod on their forums

Ah, right well dont bloody act like staff !! :]

~~Excellent~~ · 27-08-2008, 02:35 PM

Originally Posted by today

Ah, right well dont bloody act like staff !! :]

I don't

I just know the criticism they get on here and only a few have seen beta, so until everybody else has seen better they cannot criticize

Klydo · 27-08-2008, 04:25 PM

Lol, yeah the issue with the old site was it was so complicated to fix. It's coding was really confusing to follow, even Nick had trouble from time to time. This time around even I can go in and fix the code as it's been made really clean and simple. So any bugs that do occur any of the development team can go straight to the file and sort it out.

It will be nice to hear all your thoughts about the site once it launches.

Dentafrice · 28-08-2008, 07:50 PM

Originally Posted by Klydo

We all wonder why, why oh why oh why.

;P

Originally Posted by Excellent

He did originally I think.

No.. not necessarily.. yeah, there were tons of bugs, there were tons of exploits.

From what Nick told me, and from what I've heard, the coding was god-awful.. and that's fine.. because it has improved now.

The exploit on the old site was just so obvious, it appeared by just typing "it's" into a profile field, which broke the SQL query.

So in turn, when the system updated the database, it looked like this.

UPDATE `table` SET `field`='$field' WHERE `bla`='$id'

Now that isn't the correct names, or structure of the query, but here's how it would look normally:

UPDATE `table` SET `bio`='hey there I am Caleb' WHERE `id`='1'

Now when I typed it's, it looked like this.

UPDATE `table` SET `bio`='hey there I am Caleb. It's' WHERE `id`='1'

As you can see, when I typed the ', it broke the SQL statement, allowing me to insert arbitrary SQL. So all I had to do was this:

UPDATE `table` SET `bio`='heyder' WHERE id='1'--' WHERE `id`='1'

The -- is a comment, which cancels out the rest of the statement.

Thankfully this is fixed

**today** · 29-08-2008, 05:08 PM

I thought youmeo couldnt turn the website "offline" :S

Either way nice splash page

Dentafrice · 29-08-2008, 05:21 PM

Woah, that is nice! Good job Greg.

**today** · 29-08-2008, 05:23 PM

Yeah it is, got to give credit to who ever designed that!

If the site is like that then damnit its going to be loads better

~~TidgyPie~~ · 29-08-2008, 05:24 PM

Did Jme make that layout? (Logo/splash)
(or maybe he did sell you the layout aswell hmmm)

Me thinks he did

haha

Nice splash page btw.

Thread: Youmeo BETA Launch

Thread Tools

Posting Permissions