Well in a rather short amount of time Justin has managed to hack the comments system. I’d like to give him lots of credit for the ingenuity but it was more on account of me being lazy and forgetting something. However, thanks to that minor act, I am now much more secure. Kudos to you Justin if you find another way.

If anyone knows about general hacks or different types please discuss in the comments and help us all learn how to protect ourselves.

As of right now I can contribute:

Mysql Injections: Using escape characters to change the syntax of a mysql query. Thus letting you do pretty much whatever you want.

Javascript Insertion: As Justin did. Allowing for redirects and other nasty things.

Taking advantage of superglobals and forms: Using foreign post documents to add uncontrolled data and declare variables.

There are others but I don’t know much about them and often are stopped using methods to prevent these 3. If you know others please share.

Until then shatter a cube, not my website!

General warning: I don’t suggest attempting hacks like this unless you like the idea of my boomstick of banning up your a**.

You can now sign up!

It’s amazing really. I put a lot of work into this and it doesn’t really show. But that is the joy of programming. The ability to choose different CSS styles is not exactly up yet. It’s fully supported, it’s jus thtat you can’t choose in your profile yet. That will come tomorrow for sure. I just wanted to get the ball rolling and invite the first users to sign up and become beta testers. If you encounter any problems or have suggestions leave a comment on this post or send me an email.

That’s it for now, I’ve spent way too much time on this today and I need to get to bed.

Goodnight and shatter a cube!