+ Reply to Thread
Results 1 to 7 of 7

Thread: Price field hack :)

  1. #1

    Price field hack :)

    Hi,
    I had a similar phone field hack before and it was fixed, and now it's the price field. Some user managed to put a letter in the price field so his price it's: 16.00e
    Can someone from Flynax have a look at it?
    Listing number: 637589

    Thanks

  2. #2
    I have tried to reproduce the problem and I couldn't. Do you know how to do it?
    Viktor,
    Flynax technical department,
    Best wishes.

  3. #3
    Flynax developer Rudi's Avatar
    Join Date
    Dec 2014
    Location
    Planet Earth
    Posts
    3,138
    Hello,

    Actually, the price field doesn't accept any letters (as much as other numeric fields) if you try to type some

    it's possible only if you execute js function via developer console

    I've added some validator to php code and now any non-numeric chars shouldn't pass

  4. #4
    Hi, I couldn't reproduce it too and I don't have a clue how did the user managed to do it. That's why I named it "hack" Thank you Rudi for the help!

  5. #5
    Guru
    Join Date
    Jan 2013
    Location
    Australia
    Posts
    2,028
    Quote Originally Posted by Rudi View Post
    Hello,

    Actually, the price field doesn't accept any letters (as much as other numeric fields) if you try to type some
    it's possible only if you execute js function via developer console
    I've added some validator to php code and now any non-numeric chars shouldn't pass
    There is a known back door into flynax, and I am sure admins have closed that door by now but I wont post it here, and I doubt it was connected to this? I will pm the doorway just incase you do not know about it.
    Getting Started or Starting Over with Your Classified Site? then Get Ready Set Fly V 4.7.1 > quietSecrets.net

  6. #6
    Sure you can pm me it, as I don't know anything about it.

  7. #7
    Guru
    Join Date
    Jan 2013
    Location
    Australia
    Posts
    2,028
    Quote Originally Posted by Aleksandar Apostolovski View Post
    Sure you can pm me it, as I don't know anything about it.
    Aleksandar I have sent it to Rudi, and will let him advise or share if needed, but my guess is the door has already been shut and locked, and just more of a precaution at this stage / just in case, and I also do not see it being able to do what you described, either way all should be good.

    I found it tucked away in a dark corner, when doing some research on how to make some changes to my site by mistake recently.
    Getting Started or Starting Over with Your Classified Site? then Get Ready Set Fly V 4.7.1 > quietSecrets.net

+ Reply to Thread