[Wiki Loves Monuments] Web application for the Swiss contest
Nuno Tavares
nuno.tavares at wikimedia.pt
Sat Apr 9 11:17:52 UTC 2011
Manoillon,
Great job.
Two suggestions:
1. it seems to allow sql injection
http://www.wikilovesmonuments.ch/detail.php?id=-1%20union%20select%201,concat%28@@version,%27-%27,database%28%29,%27-%27,current_user%28%29%29,1,1,1,1,1,1,1,1,1,1,1,1&canton=GR
2. it leaks server information (error_reporting)
Hope it helps
-NT
On 08-04-2011 14:25, Manoillon wrote:
> Hi all,
> This small message to present you the web application we are developing
> for the Wiki Loves Monuments Swiss contest.
> You can reach it at : http://www.wikilovesmonuments.ch
> <http://www.wikilovesmonuments.ch/> .
> Main features:
> - displays the full list of items per canton (Swiss division), with
> indication of the ones having already pictures or not
> - allow registered people to "reserve" an item, i.e. to indicate
> willingness to take a picture of the item
> - allow registered people to link a photo (uploaded on Commons of
> course) with the corresponding Item
> - displays already existing photos on Commons per item
> - ability for a user to download KML files of all reserved item, all
> items for a canton or all items without pictures for a canton
> Currently, the tool is only available in English and French. Italian and
> German version should follow very soon next week.
> Feedback, comments and ideas welcome !
> For the Swiss team,
> Nico
>
>
>
> _______________________________________________
> Wiki Loves Monuments mailing list
> WikiLovesMonuments at lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/wikilovesmonuments
> http://www.wikilovesmonuments.eu
More information about the WikiLovesMonuments
mailing list