Wednesday, April 20, 2011

FlatPress revs to 0.1010.1 to fix login/authentication exploit


Strict Standards: Non-static method StringParser_Node::destroyNode() should not be called statically, assuming $this from incompatible context in /home1/passjoe/public_html/debian/fp-plugins/bbcode/inc/stringparser.class.php on line 358

fp-logo-smaller.png If you’re running a FlatPress blog, keeping an eye on the main site and the forums lets you know about any potential problems with the software as well as available solutions.

That’s especially the case right now as forum member pierovdfn has released a patch to one of the PHP files in FlatPress that eliminates a potential exploit in the authentication code.

FlatPress creator NowhereMan has already updated the FlatPress code and released it as 0.1010.1.

For existing FlatPress installations, applying the patch is as easy as swapping in 21 lines of PHP code. I did it this morning, and everything is working fine.


Strict Standards: Non-static method StringParser_Node::destroyNode() should not be called statically, assuming $this from incompatible context in /home1/passjoe/public_html/debian/fp-plugins/bbcode/inc/stringparser.class.php on line 358

Strict Standards: Non-static method StringParser_Node::destroyNode() should not be called statically, assuming $this from incompatible context in /home1/passjoe/public_html/debian/fp-plugins/bbcode/inc/stringparser.class.php on line 358

About

Steven Rosenberg writes about many things in many places, including Debian (and FlatPress) right here.

Categories


Strict Standards: Only variables should be passed by reference in /home1/passjoe/public_html/debian/fp-includes/smarty/plugins/function.list_categories.php on line 33

Strict Standards: Only variables should be passed by reference in /home1/passjoe/public_html/debian/fp-includes/smarty/plugins/function.list_categories.php on line 33

Strict Standards: Only variables should be passed by reference in /home1/passjoe/public_html/debian/fp-includes/smarty/plugins/function.list_categories.php on line 33

Strict Standards: Only variables should be passed by reference in /home1/passjoe/public_html/debian/fp-includes/core/core.fpdb.class.php on line 289

Admin area