D
Deleted member 39861
Guest
Hi All,
A little back story, I am a freelance programmer and I have my own hosting company. That being said, I have picked up a client on Monday. I was told it was a simple move because the client didn't trust their previous developer since he came from Zimbabwe and was part of the hacker group that brought down the government [apparently] (yeah some crazy stuff).
After going through the content and back-end work, this developer created a mess, code barely works. No functioning admin login panel (NO SESSION HANDLERS). Admin access granted to any to user. The SQL files right in the root dir. That's not even the worst part.
Looking at the work and what had to be done:
Take the old site toss it in the trash and start over: I told the client for a complete do over because the site was lucky it was functioning since the developer was using php 5.6 on a php v7.1.x server.
Then I stumbled upon the application form (worst part).
This form asks the user to fill in the following:
This clients site has been leaking this information for I do not know how long, without the users knowing there privacy is being leaked.
I told the client for this job its going to be hands down R18k-R24k, due to the size of their website and the content plus the mess and a redesign of front end and scrapping all back end work. Let's leave out the fact that the previous guy rooted the server and has a RAT on it (using the server as a Command & Control unit).
When I informed the client about this information leak the client told me straight "only we know its fine" and that they aren't involved with credit card fraud and so forth.
They then gave me a counter offer of 3k paid off in 3 months. 3k to do basically a redesign, scrap all old not working code (90% of the code), move databases (100+ clients). WTF.
What should I do In this position because in our meeting the client said straight. if I can't do it for her price they will move on and get another Zimbabwe guy. Which guarantees that they don't care about there clients private information. I know I can open a case. I truly am stuck in a k*k sitch.
I have to either report this and if the client does not want to pay the proper fee, I think its best for me to take the entire site offline and alert all of there clients about the company not taking the clients privacy first ?. Because they are going to leave this as is and get a immigrant to continue with this malpractice.
Out of my clients mouth "I am dwas when it comes to this internet things". I am dead serious when I say they know nothing about there own website and they run a company from it.
Someone, anyone give me some sort of direction. If you have experienced something of the sorts.
Thanks
-TechN3rd
A little back story, I am a freelance programmer and I have my own hosting company. That being said, I have picked up a client on Monday. I was told it was a simple move because the client didn't trust their previous developer since he came from Zimbabwe and was part of the hacker group that brought down the government [apparently] (yeah some crazy stuff).
After going through the content and back-end work, this developer created a mess, code barely works. No functioning admin login panel (NO SESSION HANDLERS). Admin access granted to any to user. The SQL files right in the root dir. That's not even the worst part.
Looking at the work and what had to be done:
Take the old site toss it in the trash and start over: I told the client for a complete do over because the site was lucky it was functioning since the developer was using php 5.6 on a php v7.1.x server.
Then I stumbled upon the application form (worst part).
This form asks the user to fill in the following:
- Full name
- ID number
- basic income, current income, average income, expenses
- Home address
- Bank Acc number, bank name, branch name
- next of kin and there numbers
- Employment
- Paid type: monthly, self-employed etc
This clients site has been leaking this information for I do not know how long, without the users knowing there privacy is being leaked.
I told the client for this job its going to be hands down R18k-R24k, due to the size of their website and the content plus the mess and a redesign of front end and scrapping all back end work. Let's leave out the fact that the previous guy rooted the server and has a RAT on it (using the server as a Command & Control unit).
When I informed the client about this information leak the client told me straight "only we know its fine" and that they aren't involved with credit card fraud and so forth.
They then gave me a counter offer of 3k paid off in 3 months. 3k to do basically a redesign, scrap all old not working code (90% of the code), move databases (100+ clients). WTF.
What should I do In this position because in our meeting the client said straight. if I can't do it for her price they will move on and get another Zimbabwe guy. Which guarantees that they don't care about there clients private information. I know I can open a case. I truly am stuck in a k*k sitch.
I have to either report this and if the client does not want to pay the proper fee, I think its best for me to take the entire site offline and alert all of there clients about the company not taking the clients privacy first ?. Because they are going to leave this as is and get a immigrant to continue with this malpractice.
Out of my clients mouth "I am dwas when it comes to this internet things". I am dead serious when I say they know nothing about there own website and they run a company from it.
Someone, anyone give me some sort of direction. If you have experienced something of the sorts.
Thanks
-TechN3rd