Geeklog

An SQL injection vulnerability in the EasyFile plugin has been found and published by a user who calls himself Hellboy (the vulnerability is reported as being in Geeklog, but it really only affects the EasyFile plugin).

Given that the EasyFile plugin hasn't been updated in years, we assume that it is no longer maintained. If you use this plugin on your site, we recommend that you uninstall the plugin and remove all the files that belong to it as soon as possible.

We have removed the EasyFile plugin from our download area. If there are any other sites out there mirroring the plugin, please remove it from those sites as well. Thank you. ...

Google has announced the mentoring organizations for the Summer of Code 2012. Geeklog applied but, unfortunately, wasn't selected as a participating organization for this year.

From the feedback we got, our application wasn't too bad, but Google had to draw a line somewhere to accommodate 41(!) new organizations that were accepted for the first time this year. So, congrats to all the 180 organizations (out of 406 that applied) that made it into GSoC 2012. We've had a great time in our four years in GSoC and we hope you do, too. We will surely be applying again in 2013 (should Google decide to run the program again)!

If you are a student interested in getting into open source development, you should head over to the official GSoC site and apply for a project from one of the accepted organizations. It's a great opportunity that you shouldn't miss. ...

To whoever created those step-by-step instructions on how to add your website link on each of the 50 High Page Rank Authority sites:

1. Thanks for listing us as a "High Rank Authority site" (whatever that's supposed to mean).
2. Forget about spamming us.

All profiles are under review and anything that looks remotely spammy will be banned. Stop wasting your money (for paying people in East Asia to spam us) and our time.

Sincerely,
The Geeklog Team ...

It's that time of the year again: Google is running the Google Summer of Code again this year. As you may remember, we didn't make it last year, but we did apply again for 2012, so keep your fingers crossed.

Applications for organizations close in a few hours from now and the list of selected organizations will be published on March 16.

Our list of project ideas can be found on the wiki, if you want to have a look.

Also, stay tuned for some news about the upcoming Geeklog 1.9.0 release soon ... ...

Here are the updated 5 plugins that let you enjoy the new features and security patches.

• jQuery plugin 1.3.1: Allows you to display images in a lightbox and more
• Maps plugin 1.2.3: Display google maps on your website, as well as markers and overlays
• Paypal plugin 1.4.3: open your shop to sell files, subscriptions, articles.
• Classifieds plugin 1.2: Classifieds Publish in minutes.
• Vthemes plugin 1.5.3: View the different themes available for your site.

As some code exploits were discovered in TimThumb script which is in all those plugins, it is ask to update as soon as possible. See Dowloads section.

If you do not want or can't upgrade any of those plugins due to your Geeklog version, please replace at least all your timthumb scripts:

• public_html/classifieds/timthumb.php
• public_html/jquery/timthumb.php
• public_html/maps/timthumb.php
• public_html/paypal/timthumb.php
• public_html/vthemes/timthumb.php

Here are a few enhancements in TimThumb 2.0:

• Includes the ability to take website screenshots if you have Xvfb and CutyCapt installed. (Instructions included how to do this)
• All filters and resizing can be applied to website screenshots.
• The cache directory is now secure and is still public for flexibility across platforms.
• TimThumb creates index files in your cache to prevent directory listings.
• Filenames are more randomized using data that a hacker doesn?t have access to, making it very hard to guess filenames in cache and access them.
• Cache files have a .txt extension which means the web server won?t execute them.
• All cached files have a fixed length record at the beginning which, if a web server tries to execute them, will be interpreted as PHP code and will cause an immediate exit.
• It includes file locking when files are created in cache to avoid conflicts.
• The entire code base has been rewritten and refactored for better code scaleabilit ...

Video Embed FCKeditor Plugin will allow you to easily insert embedded videos into your stories and static pages. Once installed, simply press the Video button on your editor toolbar to open Video Embed. Paste your embedded video string, select the alignment and then press INSERT and the video will be placed in the editor window.

How to install this plugin

• Firstly extract the archive to the public_html/fckeditor/editor/plugins directory
• Add the plugin to your FCKeditor by opening you 'public_html/fckeditor/myconfig.js' file. Add the following statement: FCKConfig.Plugins.Add('ImageManager');
• Add embed to Additional HTML for Adv. Editor in the Geeklog's config >> Miscellaneous >> HTML Filtering
• Done. (Should the toolbar icon not appear, try to clear your browser's cache)

Download Video Embed FCKeditor plugin ...

Open Graph Protocol (OGP) plugin supports Open Graph Protocol(OGP) and allows you to run your Geeklog site in cooperation with web sites supporting OGP such as Facebook by producing <meta property="og:***" content="***"> tags.

Besides, the plugin allows you to display Facebook Like buttons and/or Facebook comments in your articles, static pages, calendar events, link categories, poll items and download files. You can set the kinds of contents in which to show Facebook Like button and/or Facebook comments in Configuration.

Download the plugin from Geeklog.net or my site and have fun! ...

The new version of Maps plugin is available for download.

The development of three new features was sponsored by the University of Kyoto (Japan)

• import and export markers
• overlays support
• image marker support

We can now export or import markers from one map to another or from one site to another via an  csv file. Overlays allow to superimpose an image on the map which allows you to add content to the tool provided by google maps. The markers can be customized with a picture.

Finally, so far all the markers were grouped in a cluster to increase display performance. Now we can choose (in the config) to display all markers regardless of the zoom of the map.

Download Maps plugin 1.2 ...

Touch2 , Geeklog hacks for smartphones ver. 0.8 is out now!

You can see it works on the Geeklog japanese or my site by accessing on iPhone or Android phones (or any other browsers, emulating UA to iPhone or Android).

This hacks display pages optimized for smartphones, using jQuery Mobile ver. 1.0.

• Announcement is here.
• Download from here.
• (poor)English documentation is here.

Try and enjoy! ...

Paypal plugin 1.4.0 for Geeklog 1.8.0+ is now available for dowload.

This new release brings management of shipping and the following patches will help you to improve your online business

[new] SEO shop title and product title
[new] Rebuild purchases list
[new] Discounts and reference price
[new] handle shipping costs
[new] category editor
[new] categories breadcrumbs
[new] remove buy now button
[fix] Page navigation for category display
[fix] New link to edit page for pending order

Documentation | Dowload ...