I made a very very simple message board.

Here's the message board http://www.harmor.zeeblo.com/contact/custom.php
Download the installation files here http://www.harmor.zeeblo.com/contact/mbb.zip

You
are funny, too ...

Mediocre Bulletin Board :D
mbb.zip
http://www.harmor.zeeblo.com/contact/mbb.zip

I think it is interesting to see how you did it. Doesnt look to bad.
I am thinking of writing a simple 'mediocre BB' myself.
Will download and have a look.

/halojoy
:)

is your board working as it should, harmor?


I could access install.php ( install.php is only to be used ONCE and only by the Admin)
and custom.php I didnt understand

Many board disable install.php when board installation is done
these boards recommend you should delete or move your install folder,
for security - and this is what you want me to test

- how SECURE is
Mediocre Bulletin Board
???


I will give my final report on this version of mbb.zip
later, say within 7 days

/halojoy
will be back
he always will
comeback

without looking at mbb.zip, I have found this to be not very secure
ensure you intval your $_GET integer values

The code's in a bit of a mess. The implemented security is also based on negative defence: if you try to anticipate every possible attack and defend against each one in turn you're sure to miss some.

http://www.owasp.org/documentation/topten.html

I forgot about this
I can tell you that I have gotten better throughout the months.