PHP forms and MySQL databases
Posted: Thu Jun 08, 2006 4:29 pm
Hello,
A while back, I had created various site-management scripts that at their simplest let an administrator post and edit news, and at their most complicated let users, all with individual usernames and passwords, edit their profiles and send messages. Well, soon enough, I noticed that in all the sites I had like this, PHPMyAdmin would fill up with random databases. None of them had any tables, but it was disturbing nonetheless. Eventually, one of the sites running a script was contacted by our host, who said that spammers were exploiting the scripts on the site. I assume that all this was due to security flaws exposed through my ignorance in coding, but I'd love to figure out exactly what I was doing wrong so that I can go on coding.
Thanks for your help!
A while back, I had created various site-management scripts that at their simplest let an administrator post and edit news, and at their most complicated let users, all with individual usernames and passwords, edit their profiles and send messages. Well, soon enough, I noticed that in all the sites I had like this, PHPMyAdmin would fill up with random databases. None of them had any tables, but it was disturbing nonetheless. Eventually, one of the sites running a script was contacted by our host, who said that spammers were exploiting the scripts on the site. I assume that all this was due to security flaws exposed through my ignorance in coding, but I'd love to figure out exactly what I was doing wrong so that I can go on coding.
Thanks for your help!