Ryan
Ryan
@johnathanmartin I think it's quite naive for you to say it's not a security flaw, as this is exactly what it is. md5 is a significantly quicker (along with it's...
The whole thing needs rewriting, and you can’t seem to acknowledge any issues or criticism with the project, I will certainly avoid contributing. On Mon, 26 Mar 2018 at 03:53,...
I think "secure" should be removed from "piWallet is a popular secure opensource online altcoin wallet' in README.md
@johnathanmartin take a look at https://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string and you will see you have flaws everywhere. These aren't theoretical at all.
@DominoTree bad example, you can't change values in $_SESSION from client side.
Have you also noticed he's recommending to login as root everywhere? Server and MySQL database!