BP Blog

Until further notice, delete template_gallery.asp and template_gallery_detail.asp.  There's a security vulnerability on these two files b/c of a directory structure read part of the script that may leave you hacked from Turkey.

Here's a small program to ban all visitors from Turkey if you're having this problem.  I'll be posting details on how to install it but it's pretty self explanatory.  Just put global.asa in the root of your blog and change a couple of paths.

Try this code out. Example here.  It's built using Javascript.

Please delete you "FCKeditor" folder and replace it with this one.  Be sure and periodically backup your database.  If you want to be extra careful, you could delete "comments.asp".  That's basically the only file that accepts user input without a security check that they're logged in.

Here's some additional code for your rss.asp file that takes care of those pesky disallowed characters in the your rss feed.  This occurs usually in the title of your blog post.

Read here.