#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2010
    Posts
    52
    Rep Power
    41

    Suggestions needed www.realestate-egy.com


    Hello All,
    thanks for clicking on the thread please review my New site www.realestate-egy.com and let me know what your suggestions,

    also if you can help me to know

    1- why i have no result on google?

    2- the developer who made my website told me i can not edit any page??? don't know why? some times price changes so i need to make edit, so what can i do to make edit for the page

    3- the developer told me it's fast and i see it's not so is there is any way to make it faster loading spacial for home page also each page

    thanks a lot
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    14
    Rep Power
    0
    site is nice though it looks bit dull because of the color scheme used. but all the content and specially the images are good and well organized.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2010
    Posts
    52
    Rep Power
    41
    Thanks a lot, do you have an idea why I have no ruselt. On Google?
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2012
    Posts
    194
    Rep Power
    77
    i just got access to your entire database and your etc/passwd all through your unsanitized property search

    I recommend getting this fixed as fast as possible

    the developer who made my website told me i can not edit any page??? don't know why? some times price changes so i need to make edit, so what can i do to make edit for the page
    you should be able to edit whatever you want, its YOUR website

    your developer is even using the ancient marquee tag which has been outdated for many many years now
  8. #5
  9. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Originally Posted by jack13580
    i just got access to your entire database and your etc/passwd all through your unsanitized property search
    You downloaded /etc/passwd from a Windows machine? I'm impressed.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2010
    Posts
    52
    Rep Power
    41
    Originally Posted by jack13580
    i just got access to your entire database and your etc/passwd all through your unsanitized property search

    I recommend getting this fixed as fast as possible



    you should be able to edit whatever you want, its YOUR website

    your developer is even using the ancient marquee tag which has been outdated for many many years now
    Dear Mr.Kack

    first of all thank you very much for your comments i appreciated your comment, thanks a lot for your advice, it seams like i used the wrong developer!!!!!

    please let me know if you have any advice?

    thanks once again
  12. #7
  13. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Originally Posted by yasminerr
    please let me know if you have any advice?
    Yes: Get an actual developer from an actual company that specializes in web development and has done actual projects. If you're not sure about their credibility, have their work checked by people who know this stuff (a friend, a forum, whatever).

    The world of web development is crammed with incompetent buffoons who can barely write their name and still run around playing freelancer and selling garbage for cheap money. Don't fall for them.

    In the year 2013, there's no excuse for being greeted with error messages like this:
    Code:
    Query returned zero rows.
    Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in [...]
    Whoever wrote this code has no clue about web development, was too lazy to ever learn it and obviously didn't care about what happens with the website.

    So now you're left with a bunch of security holes. I fear the code itself isn't any better, which means fixing it won't be cheap. However, having some script kiddie capture your Vista server won't be cheap either, I guess.

    As an "emergency measure", you should at least have the input parameters (property ID etc.) escaped.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".

IMN logo majestic logo threadwatch logo seochat tools logo