Zelaron Gaming Forum - View Single Post - Beta testers needed for Zelaron's own image host!

Chruser · 02:13 PM

It let me upload a text file renamed as a jpg - http://www.picaroni.com/text_renamed_as_jpg.jpg

..Although, it DID change the text into this:

Quote:

Warning: imagecreatefromstring(): Data is not in a recognized format. in /home/zelaron/domains/picaroni.com/public_html/showfull.php on line 47 
 
Warning: imagesx(): supplied argument is not a valid Image resource in /home/zelaron/domains/picaroni.com/public_html/showfull.php on line 48 
 
Warning: imagesy(): supplied argument is not a valid Image resource in /home/zelaron/domains/picaroni.com/public_html/showfull.php on line 49 
 
Warning: imagecreatetruecolor(): Invalid image dimensions in /home/zelaron/domains/picaroni.com/public_html/showfull.php on line 50 
 
Warning: imagecopyresampled(): supplied argument is not a valid Image resource in /home/zelaron/domains/picaroni.com/public_html/showfull.php on line 51 
 
Warning: imagejpeg(): supplied argument is not a valid Image resource in /home/zelaron/domains/picaroni.com/public_html/showfull.php on line 93 
 
Warning: imagedestroy(): supplied argument is not a valid Image resource in /home/zelaron/domains/picaroni.com/public_html/showfull.php on line 105

Also, the standard SQL injection trick didn't work ("or 1=1", you know the drill) so that's good, and all bad file types seem to get the error-in-the-file treatment, though it still uploads it without errors..

-----

Although, I just noticed that there seems to be no way to log out short of deleting your own cookies.

-----

I'll mention also that it allows you to sign up with a just a space for the email field, which I assume you want to be valid. (Unless you figure it's not a problem if they can't retrieve their password if they give a space for the email)

Also, I love the PORKY PORK messages