Thanks to Ben Fox for spotting HTML exploits in the PlayerName/WorldName fields. I had been focusing so hard on SQL exploit prevention I completely forgot. :)
There might be a hole in a place or two still on the site itself, but I'm fairly certain there's no more security holes in the application.
I finalized High Score display elements early this afternoon and as I write this Aubrey is doing me up some CSS to make it look pretty (should be uploaded shortly). One of the biggest features I added was Player Specific Stats. It's like a hockey card, except for a squid. :)
Posts
No comments:
Post a Comment