Man, this is a lending board, not a place to look for investors.
By the way, how did you conclude that a good idea to find interested fishing enthusiasts from the UK on the Bitcoin forum?
Just like Aladdin Cave so many gems, coins, neckless, chains so much pure then theirs the lamp right at the top and now I am climbing for it.
I also has have this
https://onestopcarp.co.uk and this
https://getpaidto.click that's apart of the overall project TheFishingForums.co.uk is basically fully secured right now and a stable foundation with hardly any bugs or errors just noise.
and both onestopcarp.co.uk and Getpaidto.click is still under the hammer and continuously being developed this is ad network and pays out in crypto currency.
But right now my focus is around the main attractions and that's
https://thefishingforums.co.ukhttps://thefishingforums.co.uk/thread/the-night-we-fought-the-cdn-and-wonJust a little update showing you I am not lieing what I am doing!
Now onto a full project bug sweep (TheFishingForums.co.uk)
The updates I done from midnight last night may have some of these areas where SQL injection, XSS, insecure file handling, or auth bypass bugs could live. so going to do a deep bug and error fix and sweep.
Edited Updated:
Sweep done. Here's what was covered and what was found:
## Full project bug sweep — results
---**Everything else was clean:**
- No SQL injection (parameterised queries everywhere, LIKE ESCAPE `!` pattern consistent)
- No XSS (all views use `Security::e()` / `Security::formatPost()` / `nl2br(Security::e(...))`)
- No CSRF gaps (all state-changing POSTs have `Security::requireCsrf()`)
- No auth bypasses (`Auth::requireAdmin()` / `requireLogin()` / `Auth::user()` is_banned checks consistent)
- No unsafe redirects (`Security::sanitizeRedirect()` used on all redirect inputs)
- Stripe webhook validated by signature before any DB work
- Cron endpoint validated by `hash_equals()` on secret token
- Session cookies: HttpOnly, SameSite=Lax, Secure when HTTPS
The codebase is in excellent shape.
