senky
/ lazy_javascript.js
Last active
December 11, 2015 06:29
Along with idea of responsive design, we have discovered, that there are many accompanying problems with it's usage. One of them lays in small hardware resources hidden under the hood of mobile or other portable devices. This small object uses simple hack to make JS load whenever wanted, and parsed whenewer wanted, too. This means, you can make …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var ljs = { | |
| /** | |
| * Loads defined script as plain text | |
| */ | |
| load: function (script_name) { | |
| // pretty well known, right? | |
| var s = document.createElement('script'); | |
| // wait! Watch this - the whole hack lays in this line. | |
| // In fact, you do not need to use evil eval() to load JS before, | |
| // and parse it on demand. You can load it as plain text, and |
senky
/ validator.php
Last active
July 12, 2017 19:41
Potential SQL injection in phpBB extensions validator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $code = file_get_contents('manager.php'); | |
| $code_exploded = explode("\n", $code); | |
| if (preg_match_all('/WHERE[^;\$]+[=<>]+[^;]+("|\') \. \$/mU', $code, $matches, PREG_OFFSET_CAPTURE)) | |
| { | |
| foreach ($matches[0] as $match) | |
| { | |
| $prelines = substr_count($code, "\n", 0, $match[1]); |