Interactive Stories Back Up

Announcements from The Changing Mirror's administrators.

Interactive Stories Back Up

Postby TheoW » Mon Sep 06, 2021 3:25 pm

Hey, look at that, I finally got the interactive stories fixed (at least I hope). I fixed a couple of format issues, and removed the exploit that was allowing the site to be nuked.
Pretends to be the boss around here.
User avatar
TheoW
Boss Lion
 
Posts: 581
Joined: Tue May 22, 2012 10:26 pm
Location: Third star to the left

Re: Interactive Stories Back Up

Postby EFHRJ » Tue Sep 07, 2021 2:54 am

Would it be too much to ask what the problem was?
EFHRJ
Member
 
Posts: 80
Joined: Mon Aug 01, 2016 1:24 am

Re: Interactive Stories Back Up

Postby TheoW » Tue Sep 07, 2021 7:03 am

Short version, the site is held together with more duct tape and bubble gum then usual for a website (and most sites are barely held together as it is) which allowed an SQL exploit.

Long version, while I was validating the input for the story data, I wasn't doing the same for the page ID passed in the URL. This resulted in allowing SQL injection issues. Someone was spamming the site with custom URLs that caused the request to simply never completed, and eventually it took up all the resources of the server.

Part of the fix was to replace all the Database code so that all the requests were going through API that separate the query and the data in the query so the data can never been processed as part of a SQL.

When it comes to security, passwords are stored with a one way hash and properly salted. Passwords are never stored in clear text on the site (whatever else I might be when it comes to web design, I know better then to do something like that)
Pretends to be the boss around here.
User avatar
TheoW
Boss Lion
 
Posts: 581
Joined: Tue May 22, 2012 10:26 pm
Location: Third star to the left

Re: Interactive Stories Back Up

Postby Kappa Evil Foot » Sun Sep 26, 2021 6:50 am

I posted a lot of stories on there. If deleting them would help, I sincerely don't mind.

Things come and go. And if that somehow helps the interactive page stay around, no worries. :D
Kappa Evil Foot
Transformation Master
 
Posts: 192
Joined: Sun Jan 31, 2016 6:15 pm


Return to Announcements

Who is online

Users browsing this forum: No registered users and 1 guest