News

After much anticipation (and waiting...), Contemporary v1 is now available for download!

This theme was developed with my original inspiration in mind, to showcase content tastefully, and cleanly. Contemporary v1 is designed to look highly stylized and casual.

See Contemporary v1 in action Here: www.axonz.com

Note: This theme uses advanced CSS and as usual is best experienced in Mozilla Firefox, and Apple Safari.

Geeklog 1.3.11 is both a bugfix and a security update over Geeklog 1.3.10. It fixes the following security issues:

1. It was possible to submit stories anonymously even if anonymous submissions were turned off in config.php (reported by Barry Wong).
   These stories still ended up in the submission queue, though, unless you disabled it in config.php.
2. Some of the parameters in link and event submissions weren't filtered, leaving them open to potential SQL injections.
3. The links for the What's Related block were created from the unfiltered story text, opening the possibility of XSS attacks (reported by Vincent Furia).

This update is strongly recommended for all users of Geeklog 1.3.10 since, in addition to the above security issues, it also fixes quite a few bugs in 1.3.10. Geeklog 1.3.11 is also meant as a replacement for 1.3.10, i.e. there will be no further development for 1.3.10.

Installation instructions follow ...

Geeklog 1.3.9sr3 fixes the following security issues in Geeklog 1.3.9sr2:

1. It was possible to submit stories anonymously even if anonymous submissions were turned off in config.php (reported by Barry Wong).
   These stories still ended up in the submission queue, though, unless you disabled it in config.php.
2. Some of the parameters in link and event submissions weren't filtered, leaving them open to potential SQL injections.

The upgrade archive contains only one file (submit.php), so this should be easy to install.

If you're on an older version of Geeklog, we recommend you upgrade to Geeklog 1.3.11 instead.