How safe is the script?

[localhost]

Hi all,

I've just bought the script, and before I start insralling it on my server I would like to know if (in the past) there were any scripting exploits?

In the description I can read that the script has been tested agains XXS and SQL injection attacks.

Also.. How quick is MFScripts with fixing things when an exploit has been found?

Thank you.

Noel.

 

[adam]

Hi Noel,

Thanks for your purchase.

There's not been any exploits with the script in the past. We know how important security is and re-test for XSS and SQL injection on each release.

We're pretty proactive on our release schedule. If there's a major security issue found, we'll fix it asap.

Regards,
Adam.

 

[localhost]

Hi Adam,

Thank you for the update.
Till now the script looks great! I've even added some extra code to generate a QRcode link to the download page for the file in question.

Some small things that I've discovered what could be improved.

1 - The admin area does not work correct in IE9 (64 bit version)
2 - On my setup users are only allowed to upload a certain file type.
When adding this file type to a not allowed file type, will still be a valid upload! (ie: file.exe can not be uploaded. Renaming it to file.exe.zip will cause it to be valid, and uploadable)

Once again thank you for the update and script.

PS. I'm not sure if users whould like to have the QRcode option. If so I could make a small howto on how to do this).

 

[adam]

Hi Noel,

Thanks for the feedback. I'll look at the 2 points you raised for the next release.

The QRcode functionality would be very useful if you have any guidance on how to do it. We're trying to get a knowledge base up and running on the site over the next few weeks, so it'll sit well within a 'mods' section on there.

Thanks,
Adam.