I see that there is a topic here where you can show off or get feedback on your PHP projects. My natural concern, though, is that one would be more likely to get hacked just for fun by someone from this community who really knows their stuff...

Has anyone else had this thought, or am I just paranoid? :P

This is a programmers community. Many of us live by the golden rule, do unto others as you'd have them do unto you.

q) Have I seen code here I could hack into?
a) Yes of course I have.

q) Have I hacked into anyone's site because of this?
a) No I have not and I would not unless they expressly asked me to.

q) Why?
a) I don't want others doing that to me, it is a nasty prescedent to set.

q) What have I done?
a) Installed the software on my own server and hacked into it there to check my theory. In the process keeping detailed notes and then used those notes to alert the person who posted it as to how they may write more secure code.

First off...welcome back drawmack. Ain't seen ya in a while.

As far as pipe_girl's paranoia, like drawmack said, most people won't do that. But half of the people posting the "hey, check this out" kinda posts usually have the "let me know how to improve it" caveat attached. By improving it, they usually mean improving the security of it also. And before some little wanna be hacker finds the post and tries hacking the guys site, it's usually been pointed out to the poster that this or that could be a problem, and should be patched. Really, there's more good people here then bad ones.

I've gotten good vibes from those that I have met here. LordShryku and drawmack, your comments confirm the mentality that I feel pretty confident the majority of this community has.

My project is on the verge of going online, and because this community has been an absolute staple to me throughout the past six months or so (and saved me from insanity a few times), I'd be happy to share what I've built and get feedback. I think I've built a secure site, but since this is my first effort of this nature I can't be 100% sure.

Hacking is always a possibility, regardless, but I was hoping posting a link here of all places wouldn't be a blatant invitation to some bored teenager with nothing better to do...

Originally posted by LordShryku
First off...welcome back drawmack. Ain't seen ya in a while.


I went into Lurk mode for a while, I do it every year round christmas. I get a little testy that time of year, and you know me enough to know that posting when I'm a little testy isn't a good thing.

well, about the hacking thing a few things:
my friends on quakenet often ask me to look at their code/applications. I always ask them how far they want me to go.
Most of the time they ask me to go as far as I can and I concider this part of testing (you can trust me I am a software quality expert formerly from rational software).
Hacking a project (done under the right conditions by the right people) is a very important activity. Spending 30 minutes now and acepting the remarks can save your job in the futur.
Just be sure to ask at least one gifted developer (who knows his way around PHP security) to check for errors and too open paths

my .02 €