I'm a bit late to this thread, but, let me make a few comments. FIrst off - I am not going to comment on Horn. Period.
As for BlogCFC, and this is for G, he made two main points - a) You can make comments and trackbacks from a remote location. b) There is a "phishing" issue. Let me address them: a) Yes, you can post a comment or a TB to my blogware from a remote location. Why? First off, as far as I know, that is part of the TB specs. To allow a remote service to add a TB. For comments - this "problem" is true in ANY web based form. Yes, I could check CGI.HTTP_REFERER, but some spam/AV programs block this. If I did that, folks would not be able to add comments. As it stands - I don't care if yo ugo through the trouble to save a form, run it form your desktop, and add a comment. Last week, someone from IP 67.180.242.3 posted some large blogs of HTML to my blog in an apparent attack. He, or she, signed it with curse words, and stuff like "Kiddie Porn". (To be clear, it was the _word_ Kiddie Porn, not real porn). Interestingly enough, I added some debugging to my comment blocker, and noticed that the next time Ray Horn tried to post, he had the same IP. I'm sure that was just a coincidence and nothing more. Since comments go through the same spam blocker as TBs, I just had to add the keywords in. Blocking by IP will be in a future release. So - I think that answers a). b) He made that point that when you add a comment, your email is sent to others in the thread. Yes. That is true. Let me explain the process. When you add a comment to my blog, you have the option to subscribe. If you do, when someone ELSE adds a comment, that comment will get mailed to you. That comment will include your email address. I plan on removing that since you don't really need it. However, this really just acts like a listserv I think. Anyway - I don't often follow cf-community very often. (Sorry :) G, or anyone else, if you have ANY questions about BlogCFC, I ask that you please email me. I know - I'm biased - but I want people to know that I do respond as quickly as possible when security problems are found. (Note how quickly I fixed the INI issue. I think it was about 4 hours.) If you do need me, please email [EMAIL PROTECTED] I use my gmail address just for lists. On 1/25/06, Larry C. Lyons <[EMAIL PROTECTED]> wrote: > from what I remember of the issue, he basically pirated the blog cfc > code, said it was his own and resold it as encrypted code. > > then when it was pointed out to him that this was wrong, he turned > around and had multiple temper tantrums. Then on top of it he tried to > sell a fix to his complaints for something like $100, more if you > wanted the unencrypted code. -- ======================================================================= Raymond Camden, Director of Development for Mindseye, Inc (www.mindseye.com) Member of Team Macromedia (http://www.macromedia.com/go/teammacromedia) Email : [EMAIL PROTECTED] Blog : ray.camdenfamily.com Yahoo IM : cfjedimaster "My ally is the Force, and a powerful ally it is." - Yoda ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:5:194367 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
