My Website

Hello everyone, I'm looking for comments and suggestions on my site.

it is: http://www.therenegade.info

now before you go flooding my shoutbox and forums with xss tests, rest assured, you will not be successful.

The site is completely custom coded by me and it is meant as an entertaining site, so if you do find some exploit/hack or whatever, email me at admin@therenegade.info, pm here or post in this thread. I ask you not to do anything that would compromise the site.

Another Note: I already know that the voting can be easily gotten around so dont tell me anything about that as I already am aware, and dont really care.

Any and All feedback is appreciated

thank you -atrcomb

overal good effort. fairly ok markup, minus a few minor things.

few tips:

• could do with some p tags
• add line height to your css classes so you dont need the double <br>'s
• could do with some SEO

other than that the php coding seems fairly ok.

good stuff. B)

Mr_Cheese wrote: overal good effort. fairly ok markup, minus a few minor things.

few tips:

• could do with some p tags
• add line height to your css classes so you dont need the double <br>'s
• could do with some SEO

other than that the php coding seems fairly ok.

good stuff. B)

thx for the positive comments

About the SEO, i was planning to add all the meta stuff once i had all my content up.

yeah also want to stick some H and B stags in there too. and a nice hidden box after the body tag with decent keywords woudlnt hurt either.

view hbh without styles and you'll see what i mean.

Cheese i guess you mean

<div style="display:none;">hellbound, hellbound hackers, games, hacking, security, computer, exploit, exploits, web, internet, hack, hackers, root, website, level, mission, challenge, tutorial, guide, protect, culture, ethics, society, net, hacking challenges, programming, tutorials, hacking forums, network, system, computer forums</div>

lol pretty clever. Thx for the continuing feedback.

whoever dw0rek is: as i said in my earlier post I dont care about the voting thing. I am perfectly aware of all the ways this can be compromised, after all i coded it.

"1 or '1=1' is a common exploit." mind explaining?^

and whoevers curling me, its pretty hilarious, but please stop.

…wasn't me. :D

I'm just curious…. Did you make the layout? If you did then you might want to add something like "Copyright 2007 The Renegade" at the bottom, if not then you might want to add whoever made that layout to the bottom to avoid any legal issues. :happy:

You should center your website. Not the text itself, but the divs. Not sure if you already have a div that encloses all of the other divs such as the header, navigation, body, etc. but if you don't then make one that goes around it all. Then set its margin-left / right to auto, and for IE you'll need to set your body to text-align:center… Then of course set the text-align:left to divs with text normally aligned to the left.

Sevens wrote: I'm just curious…. Did you make the layout? If you did then you might want to add something like "Copyright 2007 The Renegade" at the bottom, if not then you might want to add whoever made that layout to the bottom to avoid any legal issues. :happy:

My Answer:

atrcomb wrote:

The site is completely custom coded by me

@chislam, yes I know, basically everyone whos given me advice has said the same thing. Im working on it.

U should make width 100%,great site! nice job.

Nice site, css pwnz tables :)

R0me0 wrote: well yea just go there… shoutbox, I will be looking for more vuls ;)

The thing was, i did wordwrap(), but i did it wrong so all the cleaning functions didnt work (including htmlentities) so that was possible. Now if < and > are in your post it defaults to "I'm Gay"

:) its fixed now

lol that's cool.

LOLOLOLOL you say to PM you for the site's URL and then u give it away on your email!!!

hahaha that was funny

asides from that the site is very nice, congrats!!

lol Folk Theory didnt notice that

Romeo you are not being nice.

atrcomb your site is great nice cms.

Yes, I can see the problem with the poll. I will give you some ideas about it later.

Oh, and yes, you should definately add some hidden div tags.

I don't see my CP's. Where are they

alright RoMe0 i confess you have gotten me and i cant figure out whats wrong.

My Exact Code:

$body = trim(htmlentities(addslashes($_POST["body"])));
$wordwrap = wordwrap($body, 25, "\n", TRUE);
$shout = str_ireplace("script", "", $wordwrap);

on the way out:

$each = smileys(stripslashes($entry));

EDIT: it now strips out % signs in case that was your trick.

Why do you addslashes to the post? That makes no sense

mozzer wrote: Why do you addslashes to the post? That makes no sense

its still going into an sql db, so i need to be safe in that way.

Also: RoMeO's xss has now officially been patched :)