There is going to be an Ajax Seminar in New York in March 2006. Registration is now available at AjaxSeminar.com.

Prices are as follows:

• Super Early Bird Holiday Special (Before December 31, 2005) - $695
• Early Bird (Before January 31, 2006) - $995
• Discounted Price (Before February 28, 2006) - $1,195
• Seminar Price (After February 28, 2006 and if any seat available) - $1,295

Secure your seats now. Don’t miss out on this opportunity.

Popularity: 2%

Share This

If you're new here, you may want to subscribe to my Full RSS feed. Thanks for visiting!

AJAX Translator called AjaxTrans was developed by Joel Parish. Right now, it seems to be in a very beta stage, but it is functional. Just start typing and text the is automatically translated for you. No need to hit enter to submit anything. The following languages are available: Spanish, German, French, Italian, and Portuguese.

Popularity: 2%

Share This

We have a new exploit for phpBB. Just when you thought you were safe:

Description:
Maksymilian Arciemowicz has discovered a security issue in phpBB, which can be exploited by malicious people to conduct script insertion attacks.

Input passed in the message body when posting isn’t properly sanitised before being used. This can be exploited to inject arbitrary JavaScript code, which will be executed in a user’s browser session in context of an affected site when the malicious post is viewed.

Example:
H E L O

Successful exploitation requires that “Allow HTML” is enabled (not default setting).

It is also possible to disclose the full path to “admin/admin_disallow.php” by accessing it directly with the “setmodules” parameter set to “1″ (requires that “register_globals” is enabled).

The security issue has been confirmed in version 2.0.18. Other versions may also be affected.

Solution:
Set “Allow HTML” to “No”.

source

Popularity: 15%

Share This

Now I’ve seen everything, holiday Ajax jingles:

All I want for Christmas is Ajax
I don’t want a tall skinny tree
or lots of presents under it.
All I ask for are some Web 2.0 goodies
that are zipped and not wrapped.
I want PHP and not PAJAMAS.
Give me widgets and not gadgets.
Give me a torrent of flashy de.licio.us gifts that flickr brightly under MySQL clouds.
….

Popularity: 2%

Share This

The “Real-World AJAX One-Day Seminar” is scheduled for Monday, March 13th 2006 in New York City. There are some huge names that are going to be speaking at this seminar:

This one-day AJAX seminar will feature 15 speakers in 11 sessions, including the world’s most renowned AJAX experts: Jesse James Garrett, the Father of AJAX; David Heinemeier Hansson, the creator of Ruby on Rails (with his very first talk on “AJAX in Rails”); Satish Dharmaraj, the creator of server-side Java; Bill Scott, AJAX evangelist of Yahoo!; Scott Dietzen, the creator of WebLogic; Rob Gonda, the bestselling AJAX author and evangelist; and Ross Dargahi, well-known AJAX evangelist and architect.

There are also going to be speakers from companies that have real world use of Ajax. Keep an eye out at www.ajaxseminar.com for registration information. If it wasn’t for school and the fact that I’m almost a thousand miles away, I would definitely be there.

Right now, in my opinion, Ajax is being used all over the place haphazardly. I honestly do hope that this seminar answers a lot of questions for all and possibly the development of some sort of Ajax standard could be started.

Source

Share This

Yahoo recently introduced a new service to their Yahoo! Web Hosting. It’s the popular blogging package, Movable Type. One of the features listed for Movable Types is:

Speed — Use of FastCGI makes the Movable Type experience on Yahoo! Web hosting services the fastest on the web

With the speed of development of PHP, ASP, and other server side technology, it was interesting to see a company, the likes of Yahoo!, using FastCGI. Maybe this will spark other companies and developers to use FastCGI.

Popularity: 3%

Share This

I came across an page talking about AHAH (Asynchronous HTML and HTTP). I’ve already done an article on this, but this one caught my eye because of his mention about security.

He makes an interesting observation about people with criminal intent. With Ajax a hacker only needs to fake a domain name once. He can then fake browser activity by using Ajax to “refresh” the entire HTML body. Can we say phishing? Before, the above average user could simply note a URL change from “wellsfargo.com” to “206.34.??.??” for instance. This would be a sufficient alert for most. With no browser redirects the world of attackers using Phishing seems to now be endless.

Just something more to keep in mind with new and developing technology. I’m sure as it increases in popularity developers with start to address these issues.

Popularity: 2%

Share This

We all know that phpBB is prone to a number of security risks. People used to use Google (among other search engines) and search for “phpbb” to find a list of phpBB sites and try their exploits on them. The phpBB development team addressed this problem a couple versions before. They stopped displaying the version number in the footer of the forum.

Right now, Google has out right blocked the entire search. Take a look:

We’re sorry…

… but we can’t process your request right now. A computer virus or spyware application is sending us automated requests, and it appears that your computer or network has been infected.

We’ll restore your access as quickly as possible, so try again soon. In the meantime, you might want to run a virus checker or spyware remover to make sure that your computer is free of viruses and other spurious software.

We apologize for the inconvenience, and hope we’ll see you again on Google.

Popularity: 13%

Share This