Welcome to Geeklog, Anonymous Monday, December 23 2024 @ 06:00 pm EST

Security Fix!

  • Thursday, January 03 2002 @ 01:06 pm EST
  • Contributed by:
  • Views: 6,029
Security There is a small but nasty security bug with fresh installations of Geeklog 1.3. This only pertains to fresh installations of Geeklog 1.3. Turns out with fresh installations, the data includes one orphaned group_assignments record with a user ID of 13. Geeklog\'s user table with on a fresh installation only has 12 users. So the first user that creates an account has access to the GroupAdmin Group and, subsequently, the UserAdmin Group.

If you have already installed a fresh version of Geeklog 1.3 then you need to edit the user with a uid of 13. To get that, do a \"SELECT username FROM users WHERE uid = 13\" in your favorite MySQL editor. Then in the admin/users.php page edit that user and uncheck both the GroupAdmin Group AND the UserAdmin Group and be sure to leave the Normal User and Logged-in User boxes checked.

Thanks to whoever posted that nasty on our SourceForge site.

PHP Block How-To

  • Monday, December 31 2001 @ 01:04 pm EST
  • Contributed by:
  • Views: 15,971
Announcements Ok, so 1.3 has been on the market now for a few weeks and many of you have started tweaking your site by modifying the templates and what not. But now what? Well, I thought I'd write a quick how-to with a real life example on using a Geeklog PHP block.

Page navigation