851 Topic by Rickard

(71 replies, posted in News)

Here's a short message announcing 1.2.11. This release has been made primarily to address an issue with the registration script that allowed a malicious user to perform a denial-of-service attack. PunBB 1.2.11 adds code to the registration script that prevents these flood registrations (an hour has to pass between registrations from the same IP). On top of this, an XSS vulnerability has been addressed.

For those of you not afraid to edit the scripts manually, here are the two changes:

http://dev.punbb.org/changeset/336
http://dev.punbb.org/changeset/335

Thanks to the people who alerted me via e-mail about the circulation of an "exploit" for the DoS attack.

Go to forum: News

852 Reply by Rickard

(9 replies, posted in Archive)

Kennel.

Go to forum: Archive

853 Reply by Rickard

(9 replies, posted in Archive)

Jodå, jag är old-timer. Moderator är jag t.o.m. Inte för att jag modererat något på ett år, men men smile

Go to forum: Archive

854 Reply by Rickard

(121 replies, posted in PunBB 1.2 discussion)

I'm aware that the state of subversion hasn't been all that great these last few months. It will be remedied when we commit the new markup and stylesheets.

Go to forum: PunBB 1.2 discussion

855 Reply by Rickard

(4 replies, posted in PunBB 1.2 bug reports)

Topic cleaned up and closed. I understand your frustration wenzlerpaul, but things were getting a bit out of hand.

I will look into a quick fix for this problem.

Go to forum: PunBB 1.2 bug reports

856 Reply by Rickard

(1 replies, posted in General discussion)

Cool. Hopefully, this will wean some sf projects off CVS.

Go to forum: General discussion

857 Reply by Rickard

(4 replies, posted in PunBB 1.2 bug reports)

It will be dealt with in 1.3. Until then, don't worry about it.

Go to forum: PunBB 1.2 bug reports

858 Reply by Rickard

(15 replies, posted in Feature requests)

Salts are a good idea. It's on the todo list.

We don't use short tags because some servers might have it disabled. The number of servers is irrelevant. The fact that there are servers out there with it disabled forces us to not rely on it. Personally, I think short tags are a bad idea. For example, what happens if you create a PHP script that starts with:

<?xml version="1.0" encoding="ISO-8859-1"?>

Well, you get a parse error.

Go to forum: Feature requests

859 Reply by Rickard

(5 replies, posted in PunBB 1.2 bug reports)

You'd have to search the bug reports forum.

Go to forum: PunBB 1.2 bug reports

860 Reply by Rickard

(9 replies, posted in General discussion)

Ruckus: http://digg.com/technology/File_transfe … ogle_Talk_

Go to forum: General discussion

861 Reply by Rickard

(5 replies, posted in PunBB 1.2 bug reports)

Yup. It will be dealt with in 1.3.

Go to forum: PunBB 1.2 bug reports

862 Reply by Rickard

(3 replies, posted in PunBB 1.2 troubleshooting)

Aha. I'll make a not of this for 1.3.

Go to forum: PunBB 1.2 troubleshooting

863 Reply by Rickard

(5 replies, posted in PunBB 1.2 show off)

I'm guessing this isn't work safe then? smile

Go to forum: PunBB 1.2 show off

864 Reply by Rickard

(10 replies, posted in General discussion)

MySQL AB release MySQL under two licenses. One open-source (GPL) and one commercial license. I doubt they will change this licensing model.

Go to forum: General discussion

865 Reply by Rickard

(15 replies, posted in PunBB 1.2 troubleshooting)

CodeDuck wrote:

I'll let you know when I get to the warehouse and pick it up.

Ok, cool.

Paul wrote:

I personally think releasing a build called "beta 2 preview" is confusing

The real WTF is that you can't easily install it side-by-side with IE6.

Go to forum: PunBB 1.2 troubleshooting

866 Reply by Rickard

(15 replies, posted in PunBB 1.2 troubleshooting)

CodeDuck: You have a present for me, yes?

Go to forum: PunBB 1.2 troubleshooting

867 Reply by Rickard

(13 replies, posted in PunBB 1.2 troubleshooting)

I've run into something similar once. Not fun smile

Go to forum: PunBB 1.2 troubleshooting

868 Reply by Rickard

(10 replies, posted in General discussion)

MySQL AB in itself is not an open source project, it's a business.

Go to forum: General discussion

869 Reply by Rickard

(5 replies, posted in General discussion)

Yes, quite a few. I recommend an upgrade to 1.2.10 as soon as possible.

Go to forum: General discussion

870 Reply by Rickard

(121 replies, posted in PunBB 1.2 discussion)

Well, why not add-ins? smile

Go to forum: PunBB 1.2 discussion

871 Reply by Rickard

(109 replies, posted in General discussion)

Paul wrote:

The really really good news is IE5 Mac is officially dead dead dead so at least I don't have to worry about that monstrosity.

Oh, the joy!

Go to forum: General discussion

872 Reply by Rickard

(5 replies, posted in PunBB 1.2 bug reports)

I'm curious, how is this a bug?

And yes, usernames are censored if you have censoring enabled.

Go to forum: PunBB 1.2 bug reports

873 Reply by Rickard

(4 replies, posted in PunBB 1.2 troubleshooting)

Have you applied any mods? Tried it with a fresh copy of the scripts?

Go to forum: PunBB 1.2 troubleshooting

874 Reply by Rickard

(121 replies, posted in PunBB 1.2 discussion)

DeathfireD: I'm glad you like it. The extension system in PunBB is quite different from that in SMF though. SMF modified scripts and templates for you. The extension system in PunBB will not modify any files at all.

Go to forum: PunBB 1.2 discussion

875 Reply by Rickard

(38 replies, posted in PunBB 1.2 modifications, plugins and integrations)

Great. I think this was needed smile

Go to forum: PunBB 1.2 modifications, plugins and integrations