@Silverdragontears:
Well the idea is quite simple, you may look at what I did with the breeding.php and poundpost.php files. The trick is to add checkpoints right before the mysql insert/update/delete line, and the checkpoints can be of anything you can think of.
For instance, a user may use firebug/inspectelement to modify the adoptable to any species. You can verify if the user has changed the adoptables to someone else's, or specified adoptables of the same gender to breed. If so, it becomes apparent that the user has inappropriately changed the content of php form. A punishment will be carried out to have him/her banned from your site.
Similarly, a user may change the content of poundpost.php so that he/she can adopt pets already belong to someone else's instead of orphan pets. A checkpoint can be added right before the mysql update query to see if the chosen adoptable has owner already. If so, the user has obviously used firebug/inspectelement to change the site content, and he/she will be banned for this action.
Hope this explains what I mean by form validation, it is not really that complicated though in future I plan to update the codes once more to prevent possible sql injection.
@ Kacekuma:
What old versions were you using prior to upgrading? You must have Mys v1.2.3 already before performing this action, and I believe the upgrader works just fine if you have Mys v1.2.3 unless you have modified the structure of your database table. Whenever you have customized your site to such an extent, do not use the simple upgrader.
__________________
Mysidia Adoptables, a free and ever-improving script for aspiring adoptables/pets site.
|