No, as someone else already responded to other posts, it is a phpBB problem. phpBB calls the urldecode() function on form variables, after PHP already does so. It allows ' to bypass the magic quotes that php so lovingly puts on all our form data.
The latest bug reports were reported after the release of the exploit for phpBB 2.0.10 and earlier. IIRC the report said that some scripts MAY be vulnerable, but didnt state for certain. As far as I know, no one has yet to release an exploit for the bugs, its just a possibility.
"Hmmm... I wonder how fast this car goes. Lets see if I can get the police to clear the freeway."
"Hello? Police? My car wont stop, it just keeps going faster! It wont shut off! Please clear the freeway!"
that Fox Television made or something? Some woman hit a skateboarder, so gave him a ride, then gave some hitchhiker and some other people a ride. They they started down the freeway, and the breaks didnt work, and the car wouldnt shut off. God, now that I think of it, it was a stupid movie too.
So how exactly does stopping WebDav access stop spammers from sending emails via hotmail? If they went through the trouble of writing programs/scripts to send via WebDAV, wont they just switch to writing ones that uses standard HTTP form posts?
"Sir, we are losing money on hotmail!"
"Well, lets charge the people more money."
"But sir, the people will complain if we just charge them money suddenly for something they have been getting for free."
"Tell them its to help fight spam, that always works."
Slashdot Mirror
No, as someone else already responded to other posts, it is a phpBB problem. phpBB calls the urldecode() function on form variables, after PHP already does so. It allows ' to bypass the magic quotes that php so lovingly puts on all our form data. The latest bug reports were reported after the release of the exploit for phpBB 2.0.10 and earlier. IIRC the report said that some scripts MAY be vulnerable, but didnt state for certain. As far as I know, no one has yet to release an exploit for the bugs, its just a possibility.
Yeah, it would be like if someone started using FTP and HTTP to distribute warez, mp3s, and movies... oh wait.
So much for the web, the *AA is gonna shut it all down! So long.
"Hmmm... I wonder how fast this car goes. Lets see if I can get the police to clear the freeway." "Hello? Police? My car wont stop, it just keeps going faster! It wont shut off! Please clear the freeway!"
that Fox Television made or something? Some woman hit a skateboarder, so gave him a ride, then gave some hitchhiker and some other people a ride. They they started down the freeway, and the breaks didnt work, and the car wouldnt shut off. God, now that I think of it, it was a stupid movie too.
Maybe, but if someone else wrote a book on the same subject without copying it, they wouldn't have a case.
Havent people with Outlook (not exppress) already paid quite a bit to use Outlook in the first place?
So how exactly does stopping WebDav access stop spammers from sending emails via hotmail? If they went through the trouble of writing programs/scripts to send via WebDAV, wont they just switch to writing ones that uses standard HTTP form posts? "Sir, we are losing money on hotmail!" "Well, lets charge the people more money." "But sir, the people will complain if we just charge them money suddenly for something they have been getting for free." "Tell them its to help fight spam, that always works."
And to think, if the INDUCE act goes into play, it will most likely all be gone.