Adding pictures to the auction does not seem to work. When I select them, they upload but dont seem to get added to the auction ...
Lets see what happens
![]() ![]() ![]() |
|
Sharesies investment funds | Geekzone broadband switch | Backblaze backup (Geekzone aff) | Amazon (Geekzone aff) | MightyApe (Geekzone aff) | My technology disclosure
freitasm: Wow. Just wow. If there's a SQL injection vulnerability on Wheedle (and seriously, there must be one somewhere, with so bad development practices) that spells doom.
Kyanar:freitasm: Wow. Just wow. If there's a SQL injection vulnerability on Wheedle (and seriously, there must be one somewhere, with so bad development practices) that spells doom.
I'll give you a hint. If you add an apostrophe to any input, any input at all, it bounces you to the 404 not found page. But not the ASP.NET 404 page, it redirects you to /Views/Shared/404.aspx - this indicates to me they are bouncing you based on the presence of the apostrophe, rather than cleaning or parameterising input. You can't even search for something with an apostrophe in it!
(Edit: or a hyphen for that matter. You can't search for anything with a hyphen in it. Good lord this site fails on so many levels).
dpw: Well, in the search box near the top of the page it actually removes "special characters" onkeyup.
EDIT: and that function is part of a huge bunch of script on the page! In the middle of that bunch (those bunches?) there are chunks of commented out scripts. Obviously page speed is not a priority for these guys...
richms: Password length is 19 chars max, yet the field is 20 chars long.
Didnt like some characters in it.
Already looking like a failure at that point.
edit:
registered, took the confirmation number that I was emailed, and now everytime I log in I just get sent to
https://www.wheedle.co.nz/Views/Shared/404.aspx
and am not logged in.
Involuntary autocorrect in operation on mobile device. Apologies in advance.
Involuntary autocorrect in operation on mobile device. Apologies in advance.
Kyanar:
Is there an apostrophe in your password? If so, you're causing an SqlException when you log in. Otherwise, you're causing some other kind of Exception.
"I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road." - Stephen Hawking
|
![]() ![]() ![]() |