

Ask HN: What was your first ever hack? - basicallydan

By &#x27;hack&#x27; I mean some kind of software or hardware project you put together kinda hastily for fun and learning, I guess. &quot;Hello world&quot; does not count.
======
basicallydan
To start, here's mine...

When I was about 15, I spent a lot of time on web forums.

These were the types of forums where you’d ask your fellow forumites — the
ones with ‘m4d photoshop skillz’ — for a new avatar based on some character
from some video game, or with some crazy visual madness using the infamous
Render Clouds… tool in photoshop, or maybe a cool typographic avatar with your
username in it. (I was “Frag_of_lag” back then.)

Well, I was fickle, and I liked to change mine a lot, so I came up with a PHP
script which chose from three random images to cycle through whenever that
script was hit. So as an avatar, somebody could set that script, with their
username as a query string, as the URL, and every time that person was seen on
the forum they’d have a different avatar. There was a little control panel and
you could upload new pictures whenever you liked, after logging into your
account.

This was cool! I had an actual thing, that actual people could use, and they
actually did! I think I probably had about 50-100 users, which isn’t a huge
amount, but it felt good. I even had a feature which allowed people to add
more pictures if they sent me a little bit of money on PayPal. Premium
features! What an app! I think only one person ever did this, and it might’ve
been my mum.

On refection, this app was ripe for abuse. I didn’t protect against SQL
injection and I stored the images in the database. There was every chance that
simply by putting someone else’s username in the querystring, and encoding
something in the right way, a malicious user with a hilarious sense of humour
could replace their enemy’s avatar(s) with lots and lots of penises. Well,
nobody ever did this, luckily.

It wasn’t pretty, and it wasn’t clever, but it was cool to me, and I’d found a
problem that apparently some people had, and come up with a solution that they
were willing to use. I was proud.

