gbaz69: One would think steam could affrod better programmers/coders.
Even if someone edits their steam profile to include an exploit, steam should of never phrased/ran the exploit.
...it is not very hard to program/code this either!. Just make it not phrase/runscripts.
There was a php exploit in steam recently aswell. (didn't that euro truck simulator dev/pub bring it to light? <even got banned, and then unbanned cause he warned us all>)
This is what you get when you run everything users/pubs input into their profiles/accouncements.
i am not a coder, not technician, i do know that if you could keep a site simple and stupid no shitty tricks would be able to be made by exploiters other then stealing a password login info thats all.
The more you want your account or client be able to do the more code it involves the more prone the whole thing will be to exploits and other mishappens.
Keep it simple and stupid, this way they can only get your login info, but if they are good enough they get all the info from the server themselves.
i remember a old quote i forgot the link so i googled on it:
quote: A chain is no stronger than its weakest link, and life is after all a chain.
i googled to find where it came from cause i forgot it:
Read more at
brainyquote DOT com/quotes/keywords/weakest_link.html#MDwO3RgMgjiDZTVG.99