After all the security issues with phpBB 2.0.18, version 2.0.19 is finally out.
phpBB Group announces the release of phpBB 2.0.19, the “we wish you all a happy new year” release. This release addresses several bugfixes and some security issues only affecting Internet Explorer. Additionally we introduced a new feature to limit the number of logins. The admin is able to configure this feature on two ways, defining the number of maximum allowed logins and setting a time period after the user is allowed to login again. With this feature we hope to address the recent dictionary attacks happening on some forums to crack user passwords.
As with all new releases we urge you to update as soon as possible. You can of course find this download available on our downloads page. As per usual four packages are available to simplify your update.
-
Full Package
Contains entire phpBB2 source and English language package
-
Changed Files Only
Contains only those files changed from previous versions of phpBB. Please note this archive contains changed files for each previous release
-
Patch Files
Contains patch compatible patches from the previous versions of phpBB.
-
Code Changes
Contains step-by-step instructions in MOD format for updating heavily MODified installs
One of the major complaints that users have about Ajax interfaces is that they have no idea when things are happening in the background. If some important background activity is going to be happening, something that the user needs to wait for, a developer should make an effort to indicate this to the user.
Example:
An input box for user id fetches relevant information from the server. If the user does not exist then the rest of the form should be disabled and the user should be alerted.
It’s been a long time in the making, but I’ve finally decided to release a link about this. I have been hunting around a couple places and looking at different solutions around, this is the only thing that seems to work for me. Check out this article: Content with Style: Fixing the Back Button and Enabling Bookmarking for AJAX Apps
Everyone’s favourite [tag]AJAX[/tag] technology app is Google Maps. Google have done a stunning job… But when I came to try to bookmark a page and I had to hunt around for ‘link to this page’ over on the right hand side.
New AJAX Website Unveiled: AJAX.sys-con.com @ SYS-CON AUSTRALIA
If you want to learn AJAX you should probably buy a few books, buy an AJAX IDE, and go to a few training classes. But all three things will cost you money. So why not first mingle with people that already know it, by visiting - at no cost - the very latest and fastest-growing AJAX web site, http://ajax.sys-con.com - it’s where the prime movers of AJAX come to learn who’s doing what in AJAX, why, when, and with whom.
One of the most painful things that I’m going through right now is trying to debug my Ajax applications. Debugging any Javascript application, for that matter, is a pain in the neck. Some may claim that we have the Venkman JavaScript Debugger available. True, I suppose.
But take this into consideration:
Most large JavaScript applications and especially Ajax applications are going to be event driven and object driven. How does one track one specific instance of an Ajax call?
There is going to be an Ajax Seminar in New York in March 2006. Registration is now available at AjaxSeminar.com.
Prices are as follows:
Super Early Bird Holiday Special (Before December 31, 2005) - $695 Early Bird (Before January 31, 2006) - $995 Discounted Price (Before February 28, 2006) - $1,195 Seminar Price (After February 28, 2006 and if any seat available) - $1,295 Secure your seats now. Don’t miss out on this opportunity.
AJAX Translator called AjaxTrans was developed by Joel Parish. Right now, it seems to be in a very beta stage, but it is functional. Just start typing and text the is automatically translated for you. No need to hit enter to submit anything. The following languages are available: Spanish, German, French, Italian, and Portuguese.
We have a new exploit for phpBB. Just when you thought you were safe:
Description:
Maksymilian Arciemowicz has discovered a security issue in phpBB, which can be exploited by malicious people to conduct script insertion attacks.
Input passed in the message body when posting isn’t properly sanitised before being used. This can be exploited to inject arbitrary JavaScript code, which will be executed in a user’s browser session in context of an affected site when the malicious post is viewed.
Now I’ve seen everything, holiday Ajax jingles:
[All I want for Christmas is Ajax
I don’t want a tall skinny tree
or lots of presents under it.
All I ask for are some Web 2.0 goodies
that are zipped and not wrapped.
I want PHP and not PAJAMAS.
Give me widgets and not gadgets.
Give me a torrent of flashy de.
The “Real-World AJAX One-Day Seminar” is scheduled for Monday, March 13th 2006 in New York City. There are some huge names that are going to be speaking at this seminar:
This one-day AJAX seminar will feature 15 speakers in 11 sessions, including the world’s most renowned AJAX experts: Jesse James Garrett, the Father of AJAX; David Heinemeier Hansson, the creator of Ruby on Rails (with his very first talk on “AJAX in Rails”); Satish Dharmaraj, the creator of server-side Java; Bill Scott, AJAX evangelist of Yahoo!