The upload page has been restored to the upload gallery.
http://www.???????/discussion/
For those interested in the details, a major security hole was discovered in
the PHP scripting language that is used throughout the Pinhole Visions web
site. The bug was in the file upload functions of PHP. An update to this
serious bug was provided by the PHP development community within hours of the
discovery, and Pair Networks, the web service provider that I use installed the
update, also within hours. I've been with Pair for nearly 5 years and can't
say enough good things about them.
On the flip side, since the upgrade was a major jump from the previous version
that was running, there may be side effects of the change that could break
other things on the site. So, if anyone notices any problems on the PV site, I
would be grateful if you would send me an email at gregg.kemp@??????? (rather
than posting to the list).
Thanks,
Gregg
> -----Original Message-----
> From: Gregg Kemp [mailto:gregg.k...@sas.com]
> Sent: Thursday, February 28, 2002 10:19 AM
> To: 'pinhole-discussion@p at ???????'
> Subject: [pinhole-discussion] upload gallery
>
>
> Hi all,
>
> I have temporarily disabled the ability to upload a file to
> the list's "upload" gallery. You can still view everything
> ok, but you just want be able to upload any new images for a while.
>
> I learned today of a bug in the scripting language I use for
> the uploads that makes the Pinhole Visions web site
> vulnerable to hackers through file uploads. There is a fix
> for this bug, but the fix will require some time to
> implement. I hope to have this fixed this weekend, if possible.
>
> Thanks,
>
> Gregg
