From their blog:

We have long talked about 'bringing blogging to the masses' and today we have released a new version of fav.or.it which we think moves a quite a few steps towards that goal. We hope that we have firstly simplified the interaction with blogosphere and in turn made it accessible to a whole new audience. And for the more tech aware users we hope we have a raft of features that will also appeal.

Some of the more important things the site can do include conversation tracking, identity management, simple and easy to use searching, integrated commenting and much more. Check out Nick's list for more great features or just make a login and check it out for yourself.

Now that we become familiar with the fundamentals of stored procedures it is time to start playing with the "Big Boy Toys". This article will go over stored procedures's built in error handling, the security features available, various "extras" available, what isn't allowed in a stored procedure, and some basic administration of the stored procedures. So lets stop talking and bust open the toy box and start playing!

Since they've already gotten the groundwork laid in the previous article, they jump right into the transactions in this part. In this example, they create a "mass insert", show hoe to create some error handling, add in a dash of security, and toss in a few extras. There's also a few small gotchas included to watch out for.

During the last days a lot of blog entries, forum posts and even articles in IT magazines were made about a potential phpBB mass hack in preparation. From what is reported it seems to me that FuntKlakow is only a spambot and that the whole situation is a little bit overhyped. In the end it seems enough to enable the visual confirmation in the registration form (captcha) to keep FuntKlakow out, although the captcha is so bad that it should not be hard to break it.

Despite the comment made above, he doesn't suggest dismissing the issue just yet. It's quite possible that the "deception" of FuntKlakow being a spam bot is just that, and it could turn into a massive tool for some developer out there to flip a switch and have a huge amount of server-level access across the world.

Stefan also briefly mentions a patch that he submitted to the phpBB team concerning an issue with the signature_bbcode_uid remote code execution exploit - which wasn't used. Instead, an internal patch was applied that still didn't quite cover the issue.]]> Mon, 27 Mar 2006 07:14:55 -0600 http://www.phpdeveloper.org/news/5020 http://www.phpdeveloper.org/news/5020 this posting included on the Issociate.de site's Newsreader, there's talk of a "massive phpBB hack" that might be taking place.

During the last few days a bot using a name FuntKlakow, has been registering to at least hundreds (maybe thousands) of phpBB forums.

Ok, what is a danger? Next time the phpBB announces a critical vulnerability, the bot would have everything ready (just a post click away) from attacking thousands of sites/forums.

It's an interesting situation and, as suggested in some of the comments on this digg post, will be interesting to see what happens. It is a little odd for that many items to come up on a search for the name that are only profiles for phpBB boards, especially given phpBB's track record...]]> Mon, 20 Mar 2006 07:51:03 -0600