Contribute  :  Support  :  Downloads  :  Forum  :  Links  :  Polls  :  Calendar  :  Directory  :  Advanced Search  
Geeklog The Ultimate Weblog System

advanced search 

Resources

Getting started
Support
Development

Sections

Home
Geeklog (190)
Geeklog 2 (28)
Announcements (201)
Summer of Code (8)
Security (55)
Plugins (50)
Server (26)
Spam (10)

User Functions

:

:

Don't have an account yet? Sign up as a New User
Lost your password?

What's New

STORIES

No new stories

COMMENTS last 2 days

No new comments

TRACKBACKS last 2 days

No new trackback comments

NEW FILES last 14 days


LINKS last 2 weeks

No recent new links

Older Stories

Monday 17-Mar


Tuesday 08-Jan


Saturday 29-Dec


Tuesday 04-Dec


Sunday 04-Nov
Welcome to Geeklog
Thursday, May 15 2008 @ 11:11 PM EDT
   

Geeklog 1.3.11sr2

Sunday, October 09 2005 @ 04:55 AM EDT
Contributed by: Dirk
Views: 4,845
Security

Since the development of Geeklog 1.3.12 takes much longer than anticipated, we thought we'd make some of the security enhancements and improved spam protection we developed for 1.3.12 available to users of Geeklog 1.3.11. We also threw in a few bugfixes.

  • Added a login speed limit, kicking in after 3 failed login attempts (configurable in config.php).
  • Filter linefeeds from the To:, From:, and Subject: fields of any email sent through COM_mail.
  • Checks for spam are now done for comments, story, link, and event submissions, the message sent with the "email story to a friend" option, and for the contents of the user profile.
  • Spammers get a 403 HTTP response code now and have to wait for the submission speed limit to expire.
  • Spam-X plugin 1.0.2 included (with the default URL for MT-Blacklist changed to geeklog.net, due to MT-Blacklist being discontinued).

Bugfixes include a fix for a problem with PHP 5.0.5, better handling of special characters in email addresses, a fix for the staticpage: autotag throwing an SQL error, updated kses filter, and a few more.

See the list of changes for more information.

As usual, we provide an upgrade from 1.3.11sr1 and a complete 1.3.11sr2 tarball.

 

What's Related

Story Options

Geeklog 1.3.11sr2 | 22 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.
Geeklog 1.3.11sr2
Authored by: vadertech on Sunday, October 09 2005 @ 02:16 PM EDT
looks like the new kses.class.php and forum 2.5 don't like each other.

---
GeekLog Hosting, Installations and Upgrades - WWW.AWEHOST.COM - Hosting starts @ only $2.92/mo.
Geeklog 1.3.11sr2
Authored by: destr0yr on Sunday, October 09 2005 @ 05:07 PM EDT
i had to disable the bad behaviour plugin... got a sql error regarding WP_BB_LOG not existing... not sure if its related, didn't really look into it.

---
-- destr0yr
"Light travels faster than sound. That is why some people appear bright until you hear them speak."
Geeklog 1.3.11sr2 and Bad Behavior
Authored by: Dirk on Monday, October 10 2005 @ 01:49 AM EDT

You probably forgot to add the extra line for Bad Behavior to the updated lib-common.php

bye, Dirk

Geeklog 1.3.11sr2 and Bad Behavior
Authored by: destr0yr on Monday, October 10 2005 @ 03:05 AM EDT
Ohyah.

Thanks :)


---
-- destr0yr
"Light travels faster than sound. That is why some people appear bright until you hear them speak."
Geeklog 1.3.11sr2
Authored by: Flopka on Monday, October 10 2005 @ 10:21 PM EDT
Are you ever going to release a version that does not require you to enable register_globals?

I'm on a shared host and we can't do that.

Love the program, wish I could try it.
Geeklog 1.3.11sr2
Authored by: tictac on Tuesday, October 11 2005 @ 07:36 AM EDT
Hello,
I read the README included with the geeklog-1.3.11sr2 upgrade file from geeklog-1.3.11sr1, and I can see any installation istructions, there's any help with this?
thanks
Geeklog 1.3.11sr2
Authored by: jhwhite on Thursday, October 13 2005 @ 11:55 AM EDT
I upgraded, and now, when I go to edit a static page, I get the message:
URL Class: number of names passed to setArgNames must be equal or greater
than number of arguments found in URL

Thoughts?
Geeklog 1.3.11sr2
Authored by: Dirk on Thursday, October 13 2005 @ 01:26 PM EDT

See the ongoing discussion here.

bye, Dirk

Geeklog 1.3.11sr2
Authored by: chief123 on Monday, October 17 2005 @ 05:50 AM EDT
After the upgrade whenever I try to move stories from one topic to another I get an error "The ID you chose for this story is already in use. Please use another ID."

Any idea why? I can save, edit, delete, etc. Just not move from one topic to another.

Thanks.
Geeklog 1.3.11sr2
Authored by: chief123 on Monday, October 17 2005 @ 06:37 AM EDT
To follow my previous comment I just noticed that I can't change stories (edit grammar, etc.) without getting the ID error either.
Geeklog 1.3.11sr2
Authored by: Dirk on Monday, October 17 2005 @ 02:34 PM EDT

I don't think it has anything to do with the 1.3.11sr2 update: The ID you chose for this story is already in use.

bye, Dirk

Geeklog 1.3.11sr2
Authored by: barrywong on Friday, October 28 2005 @ 01:41 AM EDT
I did a new install of ver 1.2.11sr2, using CentOS 4.2 (which is equivalent to Redhat RHE4) and I noticed the following:

1. I set "Remember Me For" 1 Month. Yet, when I log out, sometimes it seem to requrie that I re-sign in.
2. When I log into another Geeklog site, my own site requires that I login in again.

I don't have problems with ver 1.3.11sr1 so I am wondering if it is due to this version or if it is due to CentOS 4.2. Or just a cookie issue on my PC...

Any comments, anyone?
Geeklog 1.3.11sr2
Authored by: vadertech on Friday, October 28 2005 @ 12:30 PM EDT
Try changing your cookie value in config.php

---
GeekLog Hosting, Installations and Upgrades - WWW.AWEHOST.COM - Hosting starts @ only $4.95/mo.
Geeklog 1.3.9 Update
Authored by: jbpaul17 on Saturday, October 29 2005 @ 02:58 PM EDT
Are there any related updates to Geeklog 1.3.9? I'm at 1.3.9sr4 and am curious if there are any security holes that I can plug with this update. Or is there an update from 1.3.9sr4 to 1.3.11?

---
My Wedding Website: http://www.jeffandcrystal.com
Geeklog 1.3.9 Update
Authored by: Dirk on Saturday, October 29 2005 @ 03:25 PM EDT

Well, of course there's an upgrade from 1.3.9 to 1.3.11: Download the 1.3.11sr2 tarball and follow the upgrade instructions.

I guess if there's enough demand, we could release an update for 1.3.9 that includes the first two improvements (login speed limit and filtering of linefeeds), but the changes for the spam filtering are almost impossible to back-port.

bye, Dirk

Geeklog 1.3.9 Update
Authored by: keystone430 on Monday, November 07 2005 @ 12:21 AM EST
I just upgraded from 1.3.8 to 1.3.11sr2 and it went very smoothly. Just remember to backup your database. I also disable the plugins except for static pages until after the upgrade is done then re-enable them one at a time.

www.keystonesoldiers.com
Geeklog 1.3.11sr2
Authored by: ilker on Friday, November 04 2005 @ 03:25 AM EST
i need help about instalition
Geeklog 1.3.11sr2
Authored by: Dirk on Friday, November 04 2005 @ 03:15 PM EST
Geeklog 1.3.11sr2
Authored by: Nightdude on Saturday, November 05 2005 @ 03:50 PM EST
Running 1.3.10 -- can I jump right up to 1.3.11 sr2 or do I have to do it incrementally?
Geeklog 1.3.11sr2
Authored by: Dirk on Saturday, November 05 2005 @ 04:38 PM EST

Download the complete 1.3.11sr2 tarball and follow the upgrading instructions in the documentation.

bye, Dirk

Geeklog 1.3.11sr2
Authored by: kcbnac on Sunday, November 13 2005 @ 07:15 PM EST
I upgraded my new install (Fantastico currently installs 1.3.11) using the full tarball, on www.caffeinatedgeek.net and it is still showing 1.3.11 under the GL Version Check...is there some other way to verify that I am running SR2, and how I can force it to update the version number?

Thanks!
Geeklog 1.3.11sr2
Authored by: samstone on Monday, November 14 2005 @ 12:10 AM EST
The version number is changeable in the geeklog/config.php file.

Hope this helps.

Sam
© 2002-2008 Geeklog
Created this page in 0.50 seconds		 Powered By Geeklog 1.4.1 
Hosted by pair.com