• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Afs-cms

Status
Not open for further replies.
Znote[NOR] said:
Whats the options? It would be awesome if the "image uploading" would only accept links, etc a small image from photobucket. So the hoster wouldn't have to use exstra upstream for this.
Click to expand...

Word..
Znote what image hosting website do u recommend for my acc page?..
imageshack is slooww.. :/
 
cherife said:
You are so fucking hilarious! You ask for a fix and then you post again saying that you don't need the fix anymore, saying that you are the best cuz you somehow already had that fix!

Avarian, thanks for the release.
Click to expand...

I would asking for help ? I just asking how some function works, cuz of Avarian programming way is 'strange' and dirt... I'm not the best, but I know something about hacking ; >. So shut up a**hole, and read all posts.
 
Ronaldino we dont want people like you in forums ;)
why dont u leave and stfu
and if u know "hacking" why dont u hack somebody using afs-cms and bring here some prooves then we can ask nicely Avarian to fix them.. and "maybe" hell do it..
meanwhile u can Shut the F* Up..
 
daaniieel said:
Ronaldino we dont want people like you in forums ;)
why dont u leave and stfu
and if u know "hacking" why dont u hack somebody using afs-cms and bring here some prooves then we can ask nicely Avarian to fix them.. and "maybe" hell do it..
meanwhile u can Shut the F* Up..
Click to expand...

I ask you about your fucking word? No! Then you shut the f**k up. Why I dont hack somebody using Avarian? Because what it gonna give me? Nothing, btw. I dont saw many people use Avarian... anyway I remember when someone told Avarian that hes cms is not safe... and he was an good hacker (he help Gesior in fix injections), but Avarian says "Noo, my fuc*ing aac is safe". So, Avarian if you think your cms is safe then keep your word. ;)
 
@^
this is a forum where everyone is allowed to post if ur going with the ruless..
just shut the fuck up if u have no prooves its unsafe..
and if it is u dont have to tell the creator that his work is full of shit and doesnt work..
Id like you to post an aac and then well see what comments u get..
 
daaniieel said:
@^
this is a forum where everyone is allowed to post if ur going with the ruless..
just shut the fuck up if u have no prooves its unsafe..
and if it is u dont have to tell the creator that his work is full of shit and doesnt work..
Id like you to post an aac and then well see what comments u get..
Click to expand...

Lol. I just trying to help Avarian with hes injection you use hes aac ? Give me your IP, I'll show you what I can ;) Just stop talking that shi*ty words, when you dont know what you want to wrote.

Btw. use translate.com or something :thumbup:
 
Ronaldino said:
I ask you about your fucking word? No! Then you shut the f**k up. Why I dont hack somebody using Avarian? Because what it gonna give me? Nothing, btw. I dont saw many people use Avarian... anyway I remember when someone told Avarian that hes cms is not safe... and he was an good hacker (he help Gesior in fix injections), but Avarian says "Noo, my fuc*ing aac is safe". So, Avarian if you think your cms is safe then keep your word. ;)
Click to expand...

wrzasq (from OtF*ns) was the one who told Avarian about the Injection problems, then he helped him fixing it, and now it's safe. (from what I know)
I dont know if wrzasq is a good hacker or not, because hacking is not just using SQL injections, that's only one way of hacking.
And remember: Hacking is illegal ;)
 
4220niller said:
wrzasq (from OtF*ns) was the one who told Avarian about the Injection problems, then he helped him fixing it, and now it's safe. (from what I know)
I dont know if wrzasq is a good hacker or not, because hacking is not just using SQL injections, that's only one way of hacking.
And remember: Hacking is illegal ;)
Click to expand...

It not was Wrzasq, but someone other... I suggest to read all post or maybe Avarian remember that? :p
 
Gesior informed me that his database was hacked on multiple occasions, so he then asked if AF-AAC blocked SQL-Injections, at the time I didn't even know what an SQL-Injection was. Wrzasq then took a look at some of the scripts and determined they were open to SQL-Injection. Then with Wrzasq and DeathfireD's help I learned how to prevent SQL-Injections as well as XSS attacks.

Also Ronaldino I did not say my AAC was safe after the SQL-Injections were brought to my attention, in fact at the top of my threads I posted that the AAC was proven unsafe and that any new users should wait until the next version was released before downloading it.

I then took a month or two off to further my PHP knowledge and then secured my AAC, which brings us to the present. Now as i've said ALL user input is sanitized with mysql_real_escape_string and anyone with PHP/MySQL knowledge will tell you, thats how you prevent SQL-Injections.
 
Last edited:
Avarian said:
Gesior informed me that his database was hacked on multiple occasions, so he then asked if AF-AAC blocked SQL-Injections, at the time I didn't even know what an SQL-Injection was. Wrzasq then took a look at some of the scripts and determined they were open to SQL-Injection. Then with Wrzasq and DeathfireD's help I learned how to prevent SQL-Injections as well as XSS attacks.

Also Ronaldino I did not say my AAC was safe after the SQL-Injections were brought to my attention, in fact at the top of my threads I posted that the AAC was proven unsafe and that any new users should wait until the next version was released before downloading it.

I then took a month or two off to further my PHP knowledge and then secured my AAC, which brings us to the present. Now as i've said ALL user input is sanitized with mysql_real_escape_string and anyone with PHP/MySQL knowledge will tell you, thats how you prevent SQL-Injections.
Click to expand...

Its OK for me dude, I know how to protect myself, but some person may dot know. Do you scan your cms ?
 
Well I got better scanner... I'll send you link on PM if you want to.

Avarian, you can also include comment system.
 
Last edited by a moderator:
I can help you in that area if you want... At the moment I got script for showing comment from database... just need to add changing that from account home.
 
A little bug i found just now.
Anyone on any account can post news.
They just need to use the url
~~/news.php?action=post
 
How do I start it?

I have devolutions 8.1 xD lua files <.<
 
Status
Not open for further replies.

Similar threads

Jpstafe
  • Solved
Erro Rook_Sample created(MYACC)
Replies
2
Views
308
Jpstafe
Jpstafe
Narg
[USA] [Custom / 10.98] NextGen OTServ Season 2 with Attribute Allocation, Custom Map, RPG and Build Versatility, Everyone is welcome!!
2
Replies
32
Views
4K
Narg
Narg
maxumic
  • Locked
[$50] OTC Advanced Guild Module
Replies
13
Views
2K
Niebieski
Niebieski
Mehra
[SWEDEN][13.30] Mehra Tibia | Unique Hazard Feature | Lots of QoL features | 1 year anniversary
Replies
18
Views
2K
Mehra
Mehra
Back
Top