Xsspráce

...possible to serve OSCommerce pages as quickly and securely as possible # Speed: * HTTP compression * MYSQL query cache * Dynamic Page Caching * Anything else that you know which will make the site run as quickly as possible #Security The project will also involve making the server as secure as possible This will include: * Setting up SSL admin side and customer account creation side * XSS protection * Hacking Protection * Whatever security measures you know that should/can be impleemented #Email * Maximum deliverabilty, including SPF or something * Spam filtering that filters obvious spam but will not false positive * anything else you recommend #Admin * System Backups * MySQL Backups * phpmyadmin * system restore of some sort * anything else you rec...

I need a knowledge base created for my website. Features Needed: -Login needed to access any part of knowledge base -Accurate Search Feature (by keyword / relevancy) -WYSIWYG editor and upload feature (screen shots should be viewable) -Organize by categories created by admin -Secure against XSS and Injections -Any other features you can think of that are needed in a knowledge base system Admin Features: -Edit/Delete/Create articles and categories -Create/Edit Read only users and Admin users -Ability to see who created/edited/deleted/viewed articles -Install script needed for ease of setup My budget is ~$50 but if you can do this for me, I can ASSURE YOU at least three future well paying projects very soon! Good luck! PS: Post demos/portfolio of work complete...

I need a small CMS to be built into my website. I already have a PHP dynamic backend so it needs to be compatible with it (I developed the preexisting backend). I need this compatible with what I have and the framework that is already in place so please, you must be an expert (and no SCRIPTS please, original work only!). The CMS MUST BE SECURE AGAINST INJECTIONS, XSS, ETC. I will test your program for vulnerabilities. There must be an wysiwyg html editor when posting content. There will not be a feature to add new sections, instead, the admin of the site will be able to add permissions, etc for users. What I already have done: Secure login A little bit of an administrative panel (I need this completed) Advanced IP ban script (this is built into the admin panel) Back...

...-Customers' products ratings -Real-time price list -Basic search by products title and description Shopping Cart and Ordering -Shopping cart content sidebar -All orders are stored in the database -Orders email notifications for administrator and customer -A single-step checkout -PayPal Website Payments Security -Password protected administrator panel -Protection from SQL injections and XSS attacks ~30 DAY MONEY-BACK GUARANTEE~ _________________________________________ Includes Administration Panel -allows you to edit all products, catagories and general information. -easy to use (no programming language knowledge required!) Custom Built Site -we fully build your site -we create any images you may need (excluding product images) 60 D...

We are looking for Social Network site script to be built from the ground up. ***WE ARE NOT LOOKING FOR CLONED/HACKED/ILLEGAL scripts or the current "myspace" clone floating around .*** The site must contain all of the standard features of MySpace with a concentration on security and an awarness on preventing XSS / Javascript attacks & exploits. The ideal site will incorporate the functionality of MySpace however employ a more intuitive and friendly interface. To reiterate, security is of paramount importance. All transactions (updates/adds/deletes) should be logged and archived based upon administrative schedule (hourly/daily/weekly/etc). We will ask for verifiable references prior to awarding this project, if any of the terms/requirements here are unknown/u...

...exact same fashion as this one does you may be required to join the site to see the site inside and out to join it doesnt cost anything so dont worry about that. The payments into the site need to be instant and seamless. The following payment processors must be functional e-gold, Alertpay, E-Bullion, Solidtrustpay. The site must be without backdoors and needs to be safe from hacking sql injection, xss hack, etc. We will run acunetix web vulnerability scanner over the installed script to ensure it is safe. Once we are able to be ensured that the script is fully functional and hackersafe we will remit payment to the winning bidder of this project. This project when completed successfully will ensure a lifelong programmer position for our company as we will have work for you on a r...

General Description We are looking for Social Network site script to be built from the ground up. ***WE ARE NOT LOOKING FOR CLONED/HACKED/ILLEGAL scripts or the current "myspace" clone floating around scriptlance.*** The site must contain all of the standard features of MySpace with a concentration on security and an awarness on preventing XSS / Javascript attacks & exploits. The ideal site will incorporate the functionality of MySpace however employ a more intuitive and friendly interface. To reiterate, security is of paramount importance. All transactions (updates/adds/deletes) should be logged and archived based upon administrative schedule (hourly/daily/weekly/etc). We will ask for verifiable references prior to awarding this project, if any of the terms...

...exact same fashion as this one does you may be required to join the site to see the site inside and out to join it doesnt cost anything so dont worry about that. The payments into the site need to be instant and seamless. The following payment processors must be functional e-gold, Alertpay, E-Bullion, Solidtrustpay. The site must be without backdoors and needs to be safe from hacking sql injection, xss hack, etc. We will run acunetix web vulnerability scanner over the installed script to ensure it is safe. Once we are able to be ensured that the script is fully functional and hackersafe we will remit payment to the winning bidder of this project. Our feedback is perfect and we have been around for quite a while here at scriptlance we expect the same type of quality from our progr...

...other details you require. **UPDATE:** It seems that I left out how many forms and some other important details. Here is a better list of requirements and some of the work already completed: * The total number of forms is TWO (2) * Require light client and server side validation * Form must be handled and sent via mail. No DB please. * Require code cleaning on server side to ensure no XSS or mail forwarding/relaying * Already completed: All form fields are programmed in HTML with corresponding name/id pairs * Require form processing script that will check POST data and either issue error for missing/invalid required fields or process form and forward to thank-you page. * Form data must be sent using mail() function and all data sent via POST must be inlcuded in an...

...exact same fashion as this one does you may be required to join the site to see the site inside and out to join it doesnt cost anything so dont worry about that. The payments into the site need to be instant and seamless. The following payment processors must be functional e-gold, Alertpay, E-Bullion, Solidtrustpay. The site must be without backdoors and needs to be safe from hacking sql injection, xss hack, etc. We will run acunetix web vulnerability scanner over the installed script to ensure it is safe. Once we are able to be ensured that the script is fully functional and hackersafe we will remit payment to the winning bidder of this project. Our feedback is perfect and we have been around for quite a while here at scriptlance we expect the same type of quality from our progr...

...be very secure. Secure as use Encrypted cookies and/or sessions to authenticate users when logging in. - Must encrpyt passwords via md5+salt or any other secure methods you might recommend. - Need an admin page for highest level access, so that I can view login logs, create/delete/edit users, info, and permissions. - Must use up to date methods protecting against Sql injection and and XSS vulnerablilites. - Require to log any failed logins - Code must be clean and well commented. - Must filter/validate any incoming variables such as $_POST, $_GET , $_COOKIES - Make use of functions for validation and authentication, aswell as protecting certain pages for the different access levels. - Secure Login and Registration form If you feel you can meet all my...

...and served through the Joomla! Component. Security and limiting direct access to the video media is paramount. Joomla! Component: * Component Front-End for Registered Users Area which offers video selection, playlist and play options * Component Back-End for Administration of crawler program, media directory locations, and Tracking and Logging of Files Accessed. * Security features against XSS, SQL Injection, Remote File Inclusion, Direct Access, and must Check Access Privileges of Users * Front-End must display tiered video selections based on Category, Group and Title * Component should be able to determine browser used and serve .nsv files (vp3.1 and vp6.1 / mp3) in an embedded media player (activeX plugins for IE & Firefox are required) * Be able to create a pl...

...servers and served through the Joomla! Component. Security and limiting direct access to the video media is paramount. Joomla! Component: * Component Front-End for Registered Users Area which offers video selection, playlist and play options * Component Back-End for Administration of crawler program, media directory locations, and Tracking and Logging of Files Accessed. * Security features against XSS, SQL Injection, Remote File Inclusion, Direct Access, and must Check Access Privileges of Users * Front-End must display tiered video selections based on Category, Group and Title * Component should be able to determine browser used and serve .nsv files (vp3.1 and vp6.1 / mp3) in an embedded media player (activeX plugins for IE & Firefox are required) * Be able to create a playl...

...Screenshots available. - Ability to post RSS feeds and custom articles on frontpage. Must have easy to use content editing feature. - Look & Feel based on style sheets. Bonus if these are editable by non-webdesigner w/ built in tools. - Must be easy to backup and install on new server in case of provider move. - Must be secure. No plain-text passwords, default passwords, backdoor passwords, xss, unneccesary public directories, bad permissions, etc. - W3C compliant. Must work well in all major browsers. No Active-X, no frontpage extensions. Java & Flash is ok. - Basic SEO. - Updated business card/stationary with new contact information, add "Inc." to logo. - Vector art of current logos suitable for inclusion in, i.e. Word documents/letterheads. We have Il...

I NEED SOMEONE to test my website which is a social networking community site like myspace and xanga, etc. We need all sorts of testing.. test cases, and bug reports, a little load testing, xss testing, sql injection testing

Somebody find out tables name, and wrote something into my db of my website. i was told it is a sql inj and xss problem. i need help to patch the code of my website, and i want to know how it is possible to write into my db from a sql inj attack. ## Deliverables the coder should provide me 5-6 table's names from my db, tell me the string used to find out them and the method, and to discoveres 3-4 holes from xss. coder must write something into my db, and read something from it. method and string used must provided. ## Platform websites

I need a very secure php login script making. Coding must be nice (functions, classes etc...). Login must be secured against xss, brute force etc... Please let me know in a PM what you can secure my login against. I also need a secured page that shows the user their username when they have logged in. If they are not logged in and try to view that page, they simply get redirected to the login page (they get a redirect message too). Would be great if it was programmed in OOP. Password must be encrypted (MD5 or something more secure if possible). This really needs to be secure against everything. You must provide a piece of example code so I can see how you program (example code can be from any type of script you have made, its just to see that you can program nicely).

Hello I'm looking for an experienced programmer to explain me a couple things and teach how it works and probably do some scripts. You need to be an expert in php, cookies, xss and even have some background in basic hacking. You need to have good english skills and be ready to talk via IM (msn, google etc. or any messanger) for a couple hours to explain advanced programming issues, not basic php. I'll pay around $15/hour and I'll pay separately for any scripts. To the right programmer many projects may come. You're welcome to bid for your HOUR RATE, which should preferably be around the above number, if you choose to bid more, be ready to proove your expertice. please post in pmb as much as possible about your experience in the mentioned areas and examples...

I need someone to test my socialnetworking website that is like myspace/bebo. You need to be able to test Cross-Site Scripting, SQL INjection, and all functionality. This is part-time and should last at least 1 month, maybe up to 3. Please send proposal on how testing and bug reporting/count/quota should be done. Should have test cases and document errors. Some load testing good also.

Potrzebuje osobe ktora podejmie sie napisania takowego skryptu (przyklad ) .. mozliwosc podpi...domeny pod swoj serwis.. lub przekierowanie :) Przyklad.. wchodzimy na strone rejestrujemy sie, potwierdzamy mailem.. wchodzimy logujemy sie.. ustawiamy odpowiednie dnsy lub przekierowanie dla naszej domeny ... mowiac krotko taki serwis jak :) System Rejestracji Darmowych Domen DNS :) Skrypt musi byc dobrze zabezpieczony (zadnych bledow sql,xss) Mozliwosc podpiecia (lub standartowo) serwisu Allpay.. zeby sie zarejestrowac trzeba wyslac smsa :) Czekam na Panstwa propozycje :) robieniu skryptu milo by bylo zrobic grafike abym mogl to ocenic.. oczywiscie grafikow mam oddzielnie oplaconych :) Dziekuje :)

...format: rank - site - (graphic 120x60) - rating - vote 2) position graphics (arrows ranking up,down,same) 3) main page shows overall toplist stats (categories ignored) 4) categories have top list within themself for just sites in that category. 5) feature monthly winner at top of list. 4) winner before rest summary: --------- please make sure your script is good and secure and doesnt have any possible xss exploits (as happened to the script i bought that this is going to replace). apon selecting a coder, finializtions will made and a few more or less features may be added or subtracted. who should bid: --------------- ask yourself this before you bid.. 1) do i have any negitive arbitrations in the last 6 months? 2) do i have any negitive feedback in the last 6 months? 3) do i hav...

I need my website thoroughly tested for functionality, cross-site scripting, sql injection, etc. It is a website like MySpace, but not as much functionality. You have to know how to hack sites for security issues and vulnerabilities. Right now the site is hosted at

...This is a PHP project, security is a must utilizing mcrypt library for CC encryption, must support CVV2 verification and AVS (Address verification), There is some example gateway mods such as Paypal and Authorize.net. This modification is at top priority, after successful implementation of your solution we will have more projects on this system for you such as: Code Security(SQL injection and XSS prevention), Instant Messenger improvement, Profile Commenting System and more to come. ## Deliverables 1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done. 2) Deliverables must be in ready-to-run condition, as follows (depending on the nature of the deliverables): a) For web sites or other server-side deliv...

Website for game sales/affiliate sales, based loosely on: arcadetown .com download-free-games .com Copy basic functionality from above sites (PAD support not required...platform(s) specified in this bid request. 3) All deliverables will be considered "work made for hire" under U.S. Copyright law. Buyer will receive exclusive and complete copyrights to all work purchased. (No GPL, GNU, 3rd party components, etc. unless all copyright ramifications are explained AND AGREED TO by the buyer on the site per the coder's Seller Legal Agreement). ## Platform HTML/CSS/XSS - all output MUST be W3C compliant. CSS to be used for positioning of elements. No logos are required - but leave room similar to listed sites so logo can be displayed. All bevels/colours/layout images m...

Last night my host suspended my account because it got a lot of traffic and one of the scripts was not optimized. I would like the attached script to be optimized so it uses the least amount of the server's CPU as possible. First, I need it so the MySQL queries are optimized, and so the PHP runs super fast. Second, I need you to make it so it doesn't have any big vulnerabilities (ie XSS vulnerabilities) Third, if possible make it so that people cannot access the script by typing it into their browser. Rather, it should only work when Flash queries it. (Since it runs through a Flash application, so people can't cheat) The script is a high score script and it outputs stuff for Flash to read. It's really short, so this should be an easy project. Please let me ...

...would work for me) - When posting a torrent, users should be able to select from a list of category's/genres (which I will provide) - Admin section to manage registered users, send out notifications to all registered users, and post/edit/delete entries for a "news" section. I expect any and all forms to be error free and a certain amount of validation (jscript + server side) as well as XSS protection. I would *prefer* for you to develop it and demonstrate it from *your own server* If its easier for you to develop it on my live server, let me know and we can discuss this. I am not keen on the idea (for security/configuration reasons) but if you know what you're doing, then maybe this wont be an issue. I do *not* expect any graphic des...

...users access to data. The requirements : - No code redundancy - User management session based ==> Authentication mechanism must prevent any user account bypass or privilege hijacking ==> All data must stay on the server side, identification after authentication based on cookie session ID - Multibyte strings management - Implement mechanism to check all user inputs to prevent any XSS/CSS or data manipulations (SQL/code injection) - No internal private data provided on client side ==> If objects related to a specific user are identified by private keys on the server side these IDs must be translated to temp IDs which can't be reversed to obtain the original ID on client side (Easy implementation for the example list (456, 563,890), is to send the li...

We are looking for a single individual (non-company) in eastern europe. We have a web-frontend that consist of 14940 lines of PHP code in 190 php files. Job : 1) to convert a singlebyte string operations to multibyte operations 2) to remove all possible XSS from the site. You will be supplied with a runtime of our backend application including documentation and relevant help, and of cause the latest edition of the php-web site. The web-site runs on both IIS and apache. You must comply with our stabdard oursourcing requirements (attached)

Hi (Sorry for my English) I want a coder to test for security (XSS attacks, CSRF attacks, SQL injection attacks, Session Hijacking, Fixation, etc) a web application writen in PHP & Mysql. The applications is a online website creator (builder). The coder must make suggestions to fix/improve the web application security before we put it into production. The web interface is on Greek language, so i think the coder must speak Greek. The coder will not have acceess to the code. Please also tell your expirience to web application security. Thank you. ## Deliverables 1) Complete and fully-functional working program(s) in executable form as well as complete source code of all work done. 2) Deliverables must be in ready-to-run condition, as fol...

I need a news aggregator piece of software to run on ASP.net windows 2003. I need to take in information from ...news aggregator piece of software to run on ASP.net windows 2003. I need to take in information from a number of websites and aggregate the information. Say for example - obtaining news worthy inforamtion by spidering a site and listing the headers such that on my site the user can click through to the original site. There needs to be some control over time. Additonally some sites will provide an xss data feed or xml feed which would need to be integrated. I need a simple but robusy and easily configurable system. ## Deliverables Working set of code based on ASP.NET to run on 2003 windows server. ## Platform Working set of code based on ASP.NET to run on 2003 windo...