i've started checking out sasq a bit, and learning php as i read through the code.

I think I have found a bug in the part that updates the username on the phpBB. It says

" WHERE username='$uid' "
now, $uid is the new username the user specified, (it also does SET username='$uid') in the same query), so it shoulf be WHERE username='$uid'.

I changed that locally ony my comp, and i'd like to hear what you say as i'm not sure about it. (i don't really know sql and php).

the same thing also updates the name in the coder part in prjects. now, we don't have that anymore, so i remove it, too, on my copy. I have also cleaned it up a bit so that it looks ok in my vim console (80x25).

It looks like I'm starting to fork sasquatch a bit, as I have all that locally. I'll send you my modyfied source if you want so you can check it and tell me if it is right. I am pretty sure it's right, tho.

Perhaps i'll soon be able to take a somewhat closer look at all that.

btw, why aren't we using encrypted passwords if it's as easy as using md5()?

i think unencrypted apsses sent over internet are a big security risk, in more critical applications.
But still, even if sasq is still small, i think we should use secure practices anyway.

yes, that was a bug. i tested it.

i have uploaded it already, because i have found even more bugs, that do very strange thing.

in an attempt to learn about php, i'll try to fix them.

1: You can create tqwo users of the same name by changing your anme to the name of an already existent user. That messes up the db, and also changes the victim's userinfo.
2: When you change our name, you vanish form the hof.

hm how can i check if a user exists already in mysql?

i guess it's about querying the db for that username, and if it returns nothing, then it doesn't exist or something...

can you tell me?

yep, this is buggy as hell We need to rewrite the whole sys in July Well, anyway, you're testing all these things localy, right?
fabs

ok, i found that out, it was in the signup part, so i could copy it.

we could use md5.. why not [addsig]