Annonymous messaging system for my website.

Lobsang · May 29, 2011, 11:06pm

I’ve implemented a basic system to allow visitors to post anonymous messages. I am not a web programming expert but I’ve attempted to cover the basics of security - Parametrized queries to avoid sql injection, html entities replaced with the equivalent codes (for example - ‘<’ replaced with ‘<’ using php’s htmlentities function)

I’ve implemented it on a ‘test’ page at first. Feel free to try it out. If you’re a web developer (I know there are a few on the dope) please suggest further ways to improve security.

Note: I am aware of the risk of people posting crude messages. I am prepared to take that risk on the basis that I’ll remove anything I deem inappropriate. Also due to the htmlentities thing nobody would be able to post clickable links.

There are ‘better’ places to put this kind of post but I feel I can trust the dope a bit better than, say, reddit or stackoverflow.com, both of which are likely to have a few mischievous accomplished website vandals. Basically if you can ‘break’ the website in a non-melicious way (for example if you were somehow able to gain access to the database you might add a record saying ‘I got in here and I shouldn’t have. you might want to fix this’. A malicious person might instead choose to delete entire databases)

forgot the link!

http://notails.com/index_test.html
Once I’m confident this is secure I’ll make it the front/landing page. (Also rearrange the visual structure a bit)

Lobsang · May 29, 2011, 11:35pm

Also, forgot to mention. I’ll probably delete silly/test messages when/if I make it the front page.

Lobsang · May 30, 2011, 1:50am

Altered it so it shows times in your local time zone (hover over messages to see that information)

If anyone is going to leave a message can you check the time it reports is accurate for your time zone?

BigT · May 31, 2011, 7:59am

I went to test it, but I don’t see a form of any kind in your link. And the links that are there go to competed websites.

Lobsang · May 31, 2011, 3:24pm

It’s a single edit box underneath the four link pictures. I need to come up with a solution to displaying the page on low resolution screens or un-maximized browser windows. I disabled the scroll bar because it caused an ugly visual jump when the page loaded. Still looking for a better way to deal with that.

Lobsang · May 31, 2011, 4:03pm

I’ve turned scroll bars back on for when the content is too big for the browser window.

I’ve put the main 4 links in a 2x2 arrangement to make the content shorter.

Edit: For those that have tested it today: Is it showing your local time correctly in the message info? (Hover over messages to see the info)

edit 2: If you don’t see the messages bit at all it might be because you have javascript disabled.

Lobsang · May 31, 2011, 4:20pm

Have now made it ‘live’ on http://notails.com

Topic		Replies	Views
I've made a whatsbetter.com style web page. Miscellaneous and Personal Stuff I Must Share	21	1880	September 14, 2009
I has some PHP code but I eated it. Miscellaneous and Personal Stuff I Must Share	13	1660	July 13, 2010
Don't forget the link. Here's how to post one, Part Next About This Message Board	99	4596	April 5, 2002
New Version Bug Reports About This Message Board	132	4745	March 4, 2004
Welcome About This Message Board	57	5979	October 19, 2000

Annonymous messaging system for my website.

Related topics