After playing around with WorkSimple 1.3.5 (and apparently not doing much testing), login.php doesn't redirect on login and cp.php strips HTML. Download the attachments below and replace cp.php and login.php with the new versions. Save the new versions as cp.php and login.php respectively and upload them to your WorkSimple install directory.
I've been making lots of new changes to WorkSimple, paving the way for WorkSimple 2.0. I'll be going over old code and re-implementing some things. I used Twig for templating instead of a custom made method since it seemed easier and more convenient. Templates now are much more customizable and flexible. Check out the screenshot for what it may look like (the colours suck, I know).
After 6 months, WorkSimple 1.3.5 has been released. Nothing too major, though I suppose this may be the last version of WorkSimple to be released. There's not too much else to be done with it as it is; moving to to SQL would be much easier to maintain.
A couple years back when I released WorkSimple, my PHP knowledge was very limited. I went through a couple versions of WorkSimple adding features and such but without thinking of security. Then, about a year and a half ago, I came upon a zero-day exploit site [1][2] site. On the site, it chronicled the current exploits in WorkSimple. Now, of course I acted quickly and fixed the problems. At first, I was offended by this. Then, I realized the helping hand it had lent me. Not only did these sites show how one could use the exploit, but also how to fix it. The user login system used MD5 hashed passowords in a specified [plain text] file in a specified place. After, the hashes were salted and in a .php file as not to display the contents.
WorkSimple 1.3.4 has been released! Numerous fixes are included with this release, along with the removal of the uploader module as it had security risks. Download here.
That's right! After almost a year, WorkSimple 1.3.3 is out! You can now edit and delete posts. Other little bugs are fixed too. Download here. See the upgrade tutorial for upgrade instructions.
With school finished with the exception of an exam or two and my domain back, I think I'll now have the motivation to get shit done.
With Ymas coming up, it makes me realize all the blogging I've done in the last year. I'm glad I got as much traffic as I did, surprised even. Anyway, here are some highlights of the last year or so.
WorkSimple blogging system version 1.3.1 has been released, click here to download. The code in do.php is cleaned up, also added salted hashes to login.
WorkSimple 1.3.0 has just been released, download here:http://geekness.eu/sites/default/files/worksimple_1.3.0.zip
