2006-02-15, 10:21 PM
2006-02-16, 05:07 PM
WDZ Wrote:Quote:Versions will be released appending to the current MyBB 1.0 series. For example, MyBB 1.04, 1.05 and so on.So does this mean that MyBB 1.2 won't be released for at least "a few weeks"?
It also means you should keep a close eye on the MyBB forums for the next few weeks ...
It doesn't make much sense to me why you'd start focusing on the MyBB 1.0 code now, when so many bugs have already been fixed in the 1.2 code... wouldn't your time be better spent trying to get 1.2 out ASAP?
No, because then bugs and security exploits in 1.0 will be in 1.2 too.
2006-02-17, 12:19 AM
WDZ Wrote:It doesn't make much sense to me why you'd start focusing on the MyBB 1.0 code now, when so many bugs have already been fixed in the 1.2 code... wouldn't your time be better spent trying to get 1.2 out ASAP?
1.2 isn't a complete rewrite of the code, so there are going to still be code from 1.0 and before, and may still contain bugs
2006-02-17, 04:14 AM
2006-02-17, 03:48 PM
Chris Boulton Wrote:Leeā¢ Wrote:This is very unprofessionally, since something like this should be done daily (in terms of staff analysing code).We can't just analyse over 10,000 lines of code and expect to find "every little thing".
The recent exploits, especially the one which required PHP's register_globals to be turned on, are very difficult to spot - especially since they only occur under certain server conditions.
We do analyse code daily too, we analyse new code that is coming in to MyBB. We still have the old code which needs to be looked after too.
So why not include a ".htaccess" with MyBB in the Package that turns off register_globals?
2006-02-17, 06:55 PM
2006-02-23, 06:12 AM
2006-02-23, 06:43 AM
2006-05-31, 07:00 PM
2006-05-31, 07:49 PM