Splashschools Site Release

Another new site myself and a collegue recently released for a local childrens work team. Let me know what ya think. Fairly simple, not a lot of programming but the schedule is dynamic

www.splashschools.org.uk

cheers,

RF

A crisp, clean, colourful and informative site RF. I only found the text formatting to be out in the links page - regarding wildIT.co.uk which pokes out of your dotted style box. Would like to have seen more pictures though say a gallery or something and for future reference you could extend the site for kids and have a subsite for those characters that you use to promote the club. Job done in my book.

yeah there is lots planned for the site. They are a small charity but friends of our so we do the work at a very good rate! Gallery is planned along with a kids area with games and stuff. Also a teachers area etc. Maybe even a forum where the kids can chat with the puppets, that would be cool!!!

I will look into the text formatting thing! Thanks

RF

Sql injectible...validate the querystring parameters, validate the form values (month values) being returned as well.

on the dropdown?? you managed to inject that!! oh man a lot i have to learn i think !!!

thanks,

Yes, I was able to inject through the drop down.

any clues on how?? maybe a pm with info if you have time?

thanks

really cool design, well done!

anyhow, this generates error message:
http://www.splashschools.org.uk/eventInfo.php?ei=aa

I was also able to perform SQL injection attack very easily by the way..

Save the source to my local machine. Change the values. Post the page back to your server/website.

good point, thanks for that one !

ok, i don't know how to do that but i will look into it and let you know when i am done Thanks!