#48 Bug @ pocarisweat?


Bug @ PocariSweat?

Ketika berjalan – jalan di Devilc0de.org om n()wn shout di shoutbox…

http://www.pocarisweat.co.id/fixie/gallery/?page=1 bisa di inject gak ya?

lalu saya iseng – iseng ke link yang dituju…

lalu saya ubah URL tersebut menjadi seperti yang dibawah ini….

http://www.pocarisweat.co.id/fixie/gallery/?page

Dan ketika sudah dirubah,

Muncul-lah kalimat berikut

A Database Error Occurred

Error Number: 1064

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘-16, 16’ at line 6

SELECT `fixie_gears`.`id`, `fixie_gears`.`web_users_id`, `username`, `first_name`, `last_name`, `judul`, `opini`, `filename`, `count_vote`, `count_view`, `created_date` FROM (`fixie_gears`) JOIN `web_users` ON `fixie_gears`.`web_users_id` = `web_users`.`id` WHERE `filename` != ” ORDER BY `created_date` desc LIMIT -16, 16

Filename: /home/h5265/public_html/fixie/models/fixie.php

Line Number: 122

Apakah itu yang dinamakan BUG?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s