worksimple

WorkSimple 1.3.5 control panel and login fix

After playing around with WorkSimple 1.3.5 (and apparently not doing much  testing), login.php doesn't redirect on login and cp.php strips HTML.  Download the attachments below and replace cp.php and login.php with the new versions. Save the new versions as cp.php and login.php respectively and upload them to your WorkSimple install directory.

WorkSimple 2.0 roadmap

I've been making lots of new changes to WorkSimple, paving the way for WorkSimple 2.0. I'll be going over old code and re-implementing some things. I used Twig for templating instead of a custom made method since it seemed easier and more convenient. Templates now are much more customizable and flexible. Check out the screenshot for what it may look like (the colours suck, I know).

How publicly released exploits helped WorkSimple

[Photo by Honza Soukup]

A couple years back when I released WorkSimple, my PHP knowledge was very limited. I went through a couple versions of WorkSimple adding features and such but without thinking of security. Then, about a year and a half ago, I came upon a zero-day exploit site [1][2] site. On the site, it chronicled the current exploits in WorkSimple. Now, of course I acted quickly and fixed the problems. At first, I was offended by this. Then, I realized the helping hand it had lent me. Not only did these sites show how one could use the exploit, but also how to fix it. The user login system used MD5 hashed passowords in a specified [plain text] file in a specified place. After, the hashes were salted and in a .php file as not to display the contents. 

 

Runoilijanarsissi

 

Photo by gari.baldi

With Ymas coming up, it makes me realize all the blogging I've done in the last year. I'm glad I got as much traffic as I did, surprised even. Anyway, here are some highlights of the last year or so.

Most viewed article: How I got Debian Lenny working on my Eee.

Debian is my favourite distro of all-time, so after getting it working on my Eee (which some people had problems with) I thought I'd write a post on it. And well, I did. Runner up is the Eee wallpapers that I made.