l337 h4X!!!1!

You have got to love MySpace. Their code has got to be so nasty, I mean, just the markup on a profile makes me sick to my stomach, I can't imagine the pasted together backend that would generate that mess.

When I got an event invitation I went to RSVP and had a thought. I wondered how well they error checked their inputs. I mean, I'm sure they strip and escape for SQL injection, but do they constrain anything?

I busted out Firebug, edited the source for the RSVP and now I'm bringing several tens of thousands of friends with me to the party. Awesome.

Click for biggies.


(Note: the 91213 didn't work, too big I bet)