Review site security

[espfutbol98]

I was wondering if someone can review my site for me. There are only a few things you should know before hand:

• Sorry, the navigation is in Croatian. Google site translator works pretty well.
• The site is not completely finished. A few links don't go anywhere.
• There is a guest pass that can allow you to view certain features.
• The html might look familiar (or maybe not). This is pure coincidence:biggrin:

Most of all, I'm just interested in security right now. I tried sql interjection and stuff but it didn't work (a good thing). The passwords are salted sha512 and I have few visitors so I can monitor ips. Any other security suggestions? I used to use the x10 shared ssl but I moved this site to my laptop. I think the only security vulnerabilities are spyware and such. There's nothing really worth protecting, just some music but I like learning security.

The site is at http://podaci.selfip.net:8080/hr (It is :8080 because my ISP blocks port 80 (http) so I had to get around that.)
http://podaci.selfip.org/hr go to the same palce, just nicer url.
The guest pass is at (url)/guest and there's a link on the homepage.

I make the user manually initiate the guest pass so they are not shocked when certain things are blocked.

Don't be afraid to try some sql injection and stuff, just don't ruin my site.
To view all the features, you can use username="demo" and password="demo"

 

[farscapeone]

Sorry, the navigation is in Croatian

Snaćićemo se nekako

As I said before you can only expect design and some minor bug reviews here. I doubt you'll get somebody to testing your security issues.

Design looks pretty simple yet nice and you all know how much I like simplicity I like the shade of blue you used. Typography is OK but I think you should increase font size a little bit.
I don't like that white line on the top with "Mapa Weba" and "English" links. I think it should be a part oh the header with blue background.
As for the header I would like to see some more graphics there. Plane blues is nice but it looks kind of boring and too cold.

Are you really making a web site for Croatian government or you're just practicing cos I saw you described it as:

This is my newest web project to share music and language materials I have created. There are still some parts under construction but the music section is almost finished so enjoy.

... but your logo says (translated) "Government of Republic of Croatia" :dunno:

If it's a government web site then it's cool but if it's a "music and language materials sharing" site ... it's too boring.

EDIT:
Oh, now I see. You just copied the design from http://vlada.hr/ :drool:

 

[espfutbol98]

Oh, your missing a space in snaći ćemo se nekako. That's why I didn't get it (and I suck at Croatian).
It should be somthing like: ćemo se snaći nekako, but that doesn't matter

"Oh, now I see. You just copied the design from http://vlada.hr/ :drool:"

That's what I referred to as "you might be familiar with this (or maby not)".
I'm planing on changing the graphic (I have photoshop but don't really know how to use it well) but it has a lot of features I cant yet replicate.

It might seem a litle boring but I like that dull, "cold", govt. stuff. This site is mostly to refine my security skills while listening to some good Korean r&b. For some reason, the Croatian govt. has the best websites I have ever seen!

I understand why you can't really see security too well if it's a server-side language. Thanks for viewing my site, I didnt really expect too many peope to cuz it's in Croatian.:biggrin: