new picture gallery

uh…just now, my mom and i just whacked this damn rat that trapped in our bathroom. these rat deserved it. they have wreck havoc in our house. thankfully my mom didn’t crushed the rat’s head or cleaning it out would be a bitch. eww…with brains splattered around the corpse. no way. picking the rat and putting it into a plastic bag were not a problem though, although it feels a little soft. washed my hand with hot boiling water after that but not before soaking my hands with detol.

hey hey hey…i have just dumped my old picture gallery. when first editing, modifying and installing it, i thought it was great and funky because the picture gallery uses sql for data entry, imagemagick for auto-generate thumbnail and have a picture comment system. but after a while, i began to noticed that this picture gallery script is full of holes and vulnerability. it seems that people can gain access to my secure shell using that picture gallery php script. according to my master bruteforce, my script contains:

which is not good. my master bruteforce even warn me about some of my php.ini settings in my webserver that suppose to be off. so i edited the configuration and disable some of the functions in php that could create a vulnerability such as allow_url_fopen, disable_functions and register_globals.

but, with all the functions turned off, my option of picture gallery php script is limited. most of them require “register_globals” to be turned on. searching and searching, i discover this great script that bitchin’ great, uses gd (oklah, but imagemagick is better) and use this scripting that dosen’t require me to turn on the register_globals:

i have already configure and modify the picture gallery script and it is working in full swing but i have removed the picture vote and commenting system. i think it’s unnecessary. so you can visit my picture gallery here. enjoy!