[eluser]Twisted1919[/eluser]
Hello, i have a serious problem .
I own a site , a community based website where everyone cand register and share photos , comments,votes etc etc .
Yesterday for first time , i discovered that all the members on the site had the same profile description and the same yahoo messenger id , so i tought that may be some database error , do , i replaced everything with my backup and no problems , till second day , when same problem appears ... somebody seems to modify the description of all profiles , all profiles have the same description and the same yahoo messenger id ...
i am using just the AR class for database , and the xajax implementation , but with xajax i am using the xss filter on all my forms so i don't think that somebody can do bad things , as the xss class is pretty strong .
The admin password is pretty salted , users too , so i don't think it could be broken at all.
Another thing is that , from now , i have more then 11.000 registered users , and in my database the primary key and the indexes are build on the profile_id , but , i am taking out the users from the database , based on their username not based on their id , could this be a problem at this number of registered users ?
Any ideas ?
If would help , i can give you the website url so you can see the problem as it really is .