Comments on: Did you know… http://deadbeef.blogsome.com/2005/08/29/did-you-know/ Sating the digital medium with semi-intelligible filler. Thu, 03 Dec 2009 16:25:25 +0000 http://wordpress.org/?v=1.5.1-alpha by: Scott Hughes http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-39 Wed, 31 Aug 2005 16:02:19 +0100 http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-39 It just occured to me why blogsome is 'over-escaping' everything. The xmlrpc.php is, apparently, a favorite entry point for crackers (not crusty white folks, but script kids). So, to be on the safe side, they just over escape. Keeps you from doing: username = "\"; drop table *;\"" Where their sql query might be: SELECT * FROM tblUsers WHERE Username="$username" It just occured to me why blogsome is ‘over-escaping’ everything. The xmlrpc.php is, apparently, a favorite entry point for crackers (not crusty white folks, but script kids). So, to be on the safe side, they just over escape. Keeps you from doing:

username = “\”; drop table *;\”"

Where their sql query might be:

SELECT * FROM tblUsers WHERE Username=”$username”

]]> by: Scott Hughes http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-37 Mon, 29 Aug 2005 21:58:41 +0100 http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-37 Just noticed that "Wordpress" is an option now.. when I set mine up, There wasn't a choice for wordpress. So, either Wordpress needs to be configured to stop escaping, or Flickr does. Since you can just re-set it up on Flickr, I would do that. Just noticed that “Wordpress” is an option now.. when I set mine up, There wasn’t a choice for wordpress. So, either Wordpress needs to be configured to stop escaping, or Flickr does. Since you can just re-set it up on Flickr, I would do that.

]]> by: Scott Hughes http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-36 Mon, 29 Aug 2005 21:56:09 +0100 http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-36 Maybe you botched the setup. I posted plenty of pictures to my blogsome account from Flickr, with no problems. For reference, here's my setup (for blogsome): Blog Type/Service: MetaWeblogAPI Endpoint: http://shughes.blogsome.com/xmlrpc.php Maybe you botched the setup. I posted plenty of pictures to my blogsome account from Flickr, with no problems.

For reference, here’s my setup (for blogsome):

Blog Type/Service: MetaWeblogAPI
Endpoint: http://shughes.blogsome.com/xmlrpc.php

]]> by: Administrator http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-35 Mon, 29 Aug 2005 19:21:24 +0100 http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-35 So this "service" is really not all that useful is Worpdress is going to fark it up so bad that I have to hand edit it everytime I post. I might as well not post it then, or wait until I'm at a computer I can upload the image and then edit the entry from. So this “service” is really not all that useful is Worpdress is going to fark it up so bad that I have to hand edit it everytime I post. I might as well not post it then, or wait until I’m at a computer I can upload the image and then edit the entry from.

]]> by: Administrator http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-34 Mon, 29 Aug 2005 19:20:01 +0100 http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-34 The problem is that the Flickr posting service or the Wordpress API escaped every single quote mark and double quote mark (even the ones in the HTML) and added a break for every newline and new feed. The problem is that the Flickr posting service or the Wordpress API escaped every single quote mark and double quote mark (even the ones in the HTML) and added a break for every newline and new feed.

]]> by: Administrator http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-33 Mon, 29 Aug 2005 19:15:58 +0100 http://deadbeef.blogsome.com/2005/08/29/did-you-know/#comment-33 Wow, that was horrible! The formatting is all wrong and the picture didn't even come through! Ack! Wow, that was horrible! The formatting is all wrong and the picture didn’t even come through! Ack!

]]>