[mikelash]

hello, i built a social networking site that my freinds use. the problem im having is i have a select few people that dislike hte idea of someone achieving. so they are constantly vandalising and trying to mysql inject my site. its starting to get very frustrating where all my members see hte many attempts in the chat box's. is there anything i should do? should i contact the police for vandalism and hacking. its under the patriot act. i would like to mention that i went to the state and made it an official buissness by hte state of michigan. and that i have asked them to stop

[DimitriV]

If you can get their IP addresses then most sites have an IP deny manager so add their ips to the list
HTH

[mikelash]

the problem with that is they use a computer lab that 60% of my members use

[DimitriV]

Ok, since you have the ability to even be able to make a social network, it shouldn't be hard for you to also create a database of users and passwords and make your friends have to Log In each time.
Just a suggestion.
HTH

Oh, on the fact that you made a social network, I applaud you.

[mikelash]

oh thanks alot the sites called www.saintmonopoly.com

[DimitriV]

Epichowd you do it? Create the site I mean.

[EnvXOwner]

MICHIGAN FTW!!!! Aren't you protecting yourself from SQL injection? Tell them to quit being dildo heads and stop vandalizing your site. lol

[macosxnerd101]

Exactly what EnvXOwner said- protect yourself against SQL Injection. Take a look into prepared statements. If you are working with PHP, you can use either PDO or MySQLi. Also, don't store the passwords directly into the database- hash and salt them first so if your security is breached, nobody has the actual passwords.

[EnvXOwner]

Also, if something looks like a MySQL query, print a message saying, "I'm afraid we can't let you do that. ", and not enter that status into the database.