Comments

Well, EggBlog has done many bloopers, such this one:
- No check against empty User/Mail/Pass when register with correct Captcha-code.
And there is a lot more sequrity issues in EggBlog.
I support your own sequrity-codes. You are a good champ! =)

Carl C. Sweden - 3:41pm, Sunday 12 October 2008.

Yeah that's true... Once I find some spare time I'll implement some of these checks... I was planing to add a eMail-check anyway. (So you recieve a verification link via. This kind of stuff...) I was also planing to do some htacces-mod-rewrite hacks... But these are plans... And time's so rare... :(

cimnine - 7:12pm, Sunday 12 October 2008.

The register-check is very easy to implement in the code.
Here is my protectioncode for you, good (old) champ! =)

In the file _lib/user.php and in the function eb_register() {
Replace the row:
if(!empty($_POST['captcha'])) {
with this one:
if(!empty($_POST['captcha']) && !empty($_POST['name']) && !empty($_POST['email']) && !empty($_POST['password'])) {

There is a lot of more bloopers from the coder of EggBlog,
i have nearly rewritten most of his code to suite my needs,
such as integrated the editor Whizzywig from unverse.net.
Complete with picture-upload, the Whizzywig is about 28kb!

Now, I am going to buy a domain and set the code up'n running.
Next time, maybe I will register with you to start swap ideas, OK?

Regards: Carl C. Sweden

Carl C. Sweden - 11:32pm, Sunday 12 October 2008.

Yea... Definetly... Added btw your piece of code to my patch... Thank you... You can contact me under cimnine<theEmailSign>gmail.com ... Cheers, cimnine

cimnine - 6:50am, Monday 13 October 2008.

Submit Your Comment

You are not logged in.