Jump to content

Recommended Posts

Posted

I just finished writing most of my blog so I was wondering if anyone had any suggestions on what else to put into it. Any comments on the design like ideas about what the banner should look like, how the user navigates through the site, etc. I'd really appreciate any input negative or positive so here it is: http://jonnycake.webege.com/ .

Posted

One thing I dont get is why you are using javascript to call php? If peopel ahve javascript turned off by default(like me) you wont see it. PHP is cross platform in the sense that its server side, so all you need to do is make your home page a .php file, and do an include for the parts you want displayed.

ex:

<?php include '/var/www/show.php?act=posts'; ?>

or whatever it is you want shown. I don't mind the use of JavaScript when its needed, I use it for stuff all the time, but for simply displaying web pages, ajax is a bit overkill. Don't limit yourself to this. Plus you can probably get better load times than having to sit through the xml_http request to get the data while not limiting your initial pages exposure to people who have js turned off.

Posted

@digip Good point, didn't think about that, and coincidentally, the javascript being used to do that was extreme overkill because the .html file was being parsed as PHP anyways. I did that mainly just so I could use AJAX.

@VaKo Thanks for the links, I'll take a look at them.

Posted
@digip Good point, didn't think about that, and coincidentally, the javascript being used to do that was extreme overkill because the .html file was being parsed as PHP anyways. I did that mainly just so I could use AJAX.

@VaKo Thanks for the links, I'll take a look at them.

Also, implement a captcha for spam protection and/or maybe cookie/session data. I was playing with your comments(nothing malicious, just xss JavaScript alert checks) but noticed any form will do even when offsite. Seems like your filters are working, but I'm certainly no pentester, so not sure there still isn't some room for manipulation/obfuscation of code execution.

Posted

Ahh, yeah, thanks for reminding me about the captcha, knew I forgot to do something. And there might actually be a few vulns at this point, it's still really under construction, I'm going to add eventually categories, a search bar, etc. as well - just wanted to have the general skeleton of it so I could get input earlier than after I completely finish and have to remake the whole thing lol.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...