@[WUT] Adam i found dis lulz
(i posted dis in another discussion, but I thought it made sense to add it here too)
Anyway, could be exploited since dis crazy, I used de inspect console to find it.
For example, the attribute id of my user profile is like dis
id: "353"
Lil-starcast: id: "352"
And so on
Lil-Starcast
[WUT] AdamLvl 13SquirrelGuy-5 This is just a copy of user information stored on the server. Changing it on the frontend does not change what permissions a user has and does not allow you do to anything you couldn't normally do.
[WUT] Adam true, but this data could be edited in a way on the server side.
Knowing how the website works is very helpful.
There’s a lot u can learn about tings, and it also helps u navigate through the real data on a server.
@[WUT] Adam also, I changed the key-value
canEditBio to true and it allowed me to change it, until I pressed the enter button:
[WUT] AdamLvl 13SquirrelGuy-5 Which is exactly what I said. It doesn't actually let you do anything that you can't normally do.
[WUT] AdamLvl 13SquirrelGuy-5 Yes, you could enable permissions on the server side, but you would actually have to access the server first. This isn't code.org, it's not as possible as you think it is.
[WUT] Adam this brings me to a question.
Was the server handling done with Python, NodeJS or something else?
SquirrelGuy-5 ima give u 100 coins and upvote a bunch of ur posts if u say Python.
[WUT] AdamLvl 13SquirrelGuy-5 It uses Laravel, a PHP framework.
SquirrelGuy-5
