HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Cookies causing logout problems...

2»

Comments

  • hardwiredhardwired New
    edited August 2019


    Thanks for the amicable response.

    The original problem was already solved whilst creating this discussion... see the chronology of events....

    No need for all the drama IMO...

    ~shrug~

  • charrondevcharrondev Developer Lead (PHP, JS) Montreal Vanilla Staff

    100s of security fixes since that vanilla version. It could be compromised in an instant by anyone that cared to. That's still a bit of a problem.

    Some of those are high enough to compromise the whole site and become administrator. Some were even remote code execution exploits. A malicious hacker could take over your whole server. They could steal all of the data in this DB or others on the same sever, or delete it all.

    I would heavily encourage you to update to a more recent secure version.

  • hardwiredhardwired New
    edited August 2019

    Thanks for the Info on all the security problems w/ Vanilla in php5.2. The majors BB forum still support that version of PHP w/ their latest most recent releases. As stated previously, This was specifically an experiment with Vanilla Forum SSO integration(as alternative solution) with long standing(14+ years) socialmedia network base that has very specific requirements therefore very specific prerequisites. My experience tinkering with Vanilla's code was actually enjoyable & there are many aspects/feature that quite like. It is actually very close for my main framework in many ways with regards for feel plus themed surprising well for matching. Alas, for a multitude of reasons, BB must be made serving my purposes. Fortunately, Copious amounts of experience with BB along with what insights gleamed experimenting with Vanilla will make the network/project end product much better. For those that were helpful/amicable your feedback/insights/time/energy is much appreciated. Here is some info that may help Vanilla if so inclined partaking in such mod project:

    https://github.com/Frug/AJAX-Chat/wiki/Integration-versions

    Auf Wiedersehen...

    WW HW

  • hardwiredhardwired New
    edited August 2019

    someone may be inclined doing mod for Vanilla with this robust Ajax user chat system^


  • I already did and with other chat systems too. I will release it later.

This discussion has been closed.