Website in Newcastle & Central Coast Australia

Please review and let me know what you think. We are in the process of developing an expansion strategy to Australia-wide.

Any suggestions would be appreciated:
www.eatlocal.com.au

Like the look of it...

Just a couple of things. It's not obvious what on the front page is a link and what isn't. On the list of items on the left, when you run the mouse over them, it changes to text select cursor, not pointer, even though they are links

Also, the four items across the bottom look like links, but aren't. I'd set these up as links as well, especially the advertisers one, as I guess this is where your revenue is going to come from.

You have two step 1's on the screen. Step 1 on the left, Select your region and then Step 1 on the right, Select from available regions.

Just what I thought. Looks good though.

Good points. Thanks.

The reason why the links on the left do not show a pointer is to encourage users to select a region. The links are essential for search engine positioning - not really for user to link to the site. Sounds a bit silly but it's quite effective. I'll review it after your comments though.

Thanks for the feedback.

Very neat! Really like it...

its nice what you did to the image in the horoscope...
neat ... maybe you could check how it looks in different resolution .. if it fits at all ..
use browsercam.com for this

Thanks for the positive comments. I currently have 4 computers on my desk (including a MAC) so I test on various resolutions using different browsers. We decided to go along the same trend as large media sites where all content (including banner ads etc) fits neatly on 1024x768 but only essential content fits neatly on 800x600 - a quick horizontal scroll reveals the non-essential content. We've had very positive resonse from our viewers.

Your admin page is /admin/ - big no no! However, your login box is not SQL injectable, so it’s not so much of an issue. Its just good practice to choose a less obvious name.

Your website is also vulnerable to XSS attacks (cross site scripting). Check out the following link, and look down the right-hand side of your webpage. I have essentially added my own code (a header tag) to a page on your website:
eatLocal - XSS Example

In the example I just inserted a bit of text into your webpage with a header tag wrapped around it. However, by using a bit of JavaScript I could have easily made that webpage send your cookies for www.eatlocal.com.au back to one of my web servers. This would enable me to hijack your current SID and auto-login under your account.

Scarey stuff hey - You must sanitise your query stings too; not just your submission forms.

impressive works keep it up.