Tuesday, April 28, 2009

Minor Update: Security and High Scores

I did a real quick update this evening - it's all backend stuff so I didn't increment the build number, it's still v45.

Thanks to Ben Fox for spotting HTML exploits in the PlayerName/WorldName fields. I had been focusing so hard on SQL exploit prevention I completely forgot. :)

There might be a hole in a place or two still on the site itself, but I'm fairly certain there's no more security holes in the application.

I finalized High Score display elements early this afternoon and as I write this Aubrey is doing me up some CSS to make it look pretty (should be uploaded shortly). One of the biggest features I added was Player Specific Stats. It's like a hockey card, except for a squid. :)

No comments:

Post a Comment