Good evening, all;
As some of you may have noticed, earlier today there were about a
dozen emails on seemingly-random pages, all of which stated simply "I
love PHP! I love the [function]() function!" by Anonymous.
That was me.
While looking through parts of the website, I also audited the
user note submission form and found a hole that allows wide-spread
SPAM. In fact, with a simple script, the user notes could be slammed
with thousands of SPAM messages per day. I don't want to get into the
specifics of it on the list or in a public bug report, of course,
because that's just inviting trouble. If you send me an email
privately, I'll send you the link to the source of the script I used
and an explanation of the vulnerability. In any case, we should
update the form ASAP before it becomes a real problem.
Is there a closed-to-the-public list for discussing site and
system issues among members of the group that we don't want
publicized? Speaking in riddles feels rather ridiculous. ;-P
--
</Daniel P. Brown>
Better prices on dedicated servers:
Intel 2.4GHz/60GB/512MB/2TB $49.99/mo.
Intel 3.06GHz/80GB/1GB/2TB $59.99/mo.
Dedicated servers, VPS, and hosting from $2.50/mo.
