[pinhole-discussion] upload gallery
Hi everyone, I took my polaroid pinhole kit camera down to Asbury Park NJ USA and here are some of the results: www.???/discussion/upload/gallery2002.php?pic=ginabell.asbury park1.jpg www.???/discussion/upload/gallery2002.php?pic=ginabell.asbury park2.jpg www.???/discussion/upload/gallery2002.php?pic=ginabell.asbury park3.jpg Has anyone else tried this kit? It was easy to put together and comes with 2 different size pinholes so you can select your preference. It uses pack film and also comes with a tripod mount. the shutter is merely a piece of tape, but I am going to rig some sort of sliding cardboard shutter instead, as the box is lightweight and the action of taking off the tape causes some camera movement. thanks for looking, Gina Bellando
[pinhole-discussion] upload gallery
Hi all, I have temporarily disabled the ability to upload a file to the list's "upload" gallery. You can still view everything ok, but you just want be able to upload any new images for a while. I learned today of a bug in the scripting language I use for the uploads that makes the Pinhole Visions web site vulnerable to hackers through file uploads. There is a fix for this bug, but the fix will require some time to implement. I hope to have this fixed this weekend, if possible. Thanks, Gregg
Re: [pinhole-discussion] upload gallery
Thanks, I went ahead and upgraded my server, even though it is a pain in the $%@! Thanks for pointing this out! On Friday 01 March 2002 07:13 pm, you wrote: > Jeff, there's a description of it here: > > http://security.e-matters.de/advisories/012002.html > > At 10:35 AM 2/28/02 -0500, you wrote: > >Gregg, > > > >What was the vulnerability? I allow people to upload and download via > >PHP scripts on my web site, and probably should tighten up my security... > > > >-Jeff > > > >On Thu, 28 Feb 2002, Gregg Kemp wrote: > > > Hi all, > > > > > > I have temporarily disabled the ability to upload a file to the list's > > > > "upload" gallery. You can still view everything ok, but you just want be > > able to upload any new images for a while. > > > > > I learned today of a bug in the scripting language I use for the > > > > uploads that makes the Pinhole Visions web site vulnerable to hackers > > through file uploads. There is a fix for this bug, but the fix will > > require some time to implement. I hope to have this fixed this weekend, > > if possible. > > > > > Thanks, > > > > > > Gregg > > > > > > ___ > > > Post to the list as PLAIN TEXT only - no HTML > > > Pinhole-Discussion mailing list > > > Pinhole-Discussion@p at ??? > > > unsubscribe or change your account at > > > http://www.???/discussion/ > > > >___ > >Post to the list as PLAIN TEXT only - no HTML > >Pinhole-Discussion mailing list > >Pinhole-Discussion@p at ??? > >unsubscribe or change your account at > >http://www.???/discussion/ > > _ > Pinhole Visions at http://www.??? > Worldwide Pinhole Photograhy Day at http://www.pinholeday.org > > > ___ > Post to the list as PLAIN TEXT only - no HTML > Pinhole-Discussion mailing list > Pinhole-Discussion@p at ??? > unsubscribe or change your account at > http://www.???/discussion/
Re: [pinhole-discussion] upload gallery
Jeff, there's a description of it here: http://security.e-matters.de/advisories/012002.html At 10:35 AM 2/28/02 -0500, you wrote: Gregg, What was the vulnerability? I allow people to upload and download via PHP scripts on my web site, and probably should tighten up my security... -Jeff On Thu, 28 Feb 2002, Gregg Kemp wrote: > Hi all, > > I have temporarily disabled the ability to upload a file to the list's "upload" gallery. You can still view everything ok, but you just want be able to upload any new images for a while. > > I learned today of a bug in the scripting language I use for the uploads that makes the Pinhole Visions web site vulnerable to hackers through file uploads. There is a fix for this bug, but the fix will require some time to implement. I hope to have this fixed this weekend, if possible. > > Thanks, > > Gregg > > ___ > Post to the list as PLAIN TEXT only - no HTML > Pinhole-Discussion mailing list > Pinhole-Discussion@p at ??? > unsubscribe or change your account at > http://www.???/discussion/ > ___ Post to the list as PLAIN TEXT only - no HTML Pinhole-Discussion mailing list Pinhole-Discussion@p at ??? unsubscribe or change your account at http://www.???/discussion/ _ Pinhole Visions at http://www.??? Worldwide Pinhole Photograhy Day at http://www.pinholeday.org
RE: [pinhole-discussion] upload gallery
The upload page has been restored to the upload gallery. http://www.???/discussion/ For those interested in the details, a major security hole was discovered in the PHP scripting language that is used throughout the Pinhole Visions web site. The bug was in the file upload functions of PHP. An update to this serious bug was provided by the PHP development community within hours of the discovery, and Pair Networks, the web service provider that I use installed the update, also within hours. I've been with Pair for nearly 5 years and can't say enough good things about them. On the flip side, since the upgrade was a major jump from the previous version that was running, there may be side effects of the change that could break other things on the site. So, if anyone notices any problems on the PV site, I would be grateful if you would send me an email at gregg.kemp@??? (rather than posting to the list). Thanks, Gregg > -Original Message- > From: Gregg Kemp [mailto:gregg.k...@sas.com] > Sent: Thursday, February 28, 2002 10:19 AM > To: 'pinhole-discussion@p at ???' > Subject: [pinhole-discussion] upload gallery > > > Hi all, > > I have temporarily disabled the ability to upload a file to > the list's "upload" gallery. You can still view everything > ok, but you just want be able to upload any new images for a while. > > I learned today of a bug in the scripting language I use for > the uploads that makes the Pinhole Visions web site > vulnerable to hackers through file uploads. There is a fix > for this bug, but the fix will require some time to > implement. I hope to have this fixed this weekend, if possible. > > Thanks, > > Gregg
Re: [pinhole-discussion] upload gallery
Gregg, What was the vulnerability? I allow people to upload and download via PHP scripts on my web site, and probably should tighten up my security... -Jeff On Thu, 28 Feb 2002, Gregg Kemp wrote: > Hi all, > > I have temporarily disabled the ability to upload a file to the list's > "upload" gallery. You can still view everything ok, but you just want be > able to upload any new images for a while. > > I learned today of a bug in the scripting language I use for the uploads that > makes the Pinhole Visions web site vulnerable to hackers through file > uploads. There is a fix for this bug, but the fix will require some time to > implement. I hope to have this fixed this weekend, if possible. > > Thanks, > > Gregg > > ___ > Post to the list as PLAIN TEXT only - no HTML > Pinhole-Discussion mailing list > Pinhole-Discussion@p at ??? > unsubscribe or change your account at > http://www.???/discussion/ >
[pinhole-discussion] "upload gallery" images
Hi Richard, I moved all the images in the upload gallery from last year into the "2000" subdirectory. Good idea - thanks. Gregg At 01:16 PM 2/23/01 -0500, you wrote: The number of pinhole images in the uploaded directory is getting kind of long. Perhaps all the ones from last year could be moved into a sub-directory? - Richard M. Koolish kool...@bbn.com BBN Technologieshttp://linux.bbn.com/~koolish 10 Moulton, St., Cambridge, MA 02138 42 23'N 71 08'W _ Pinhole Visions at http://www.p at ???