Maciej fixed the infamous cookie bug last night, so PHP-Nuke sites
will now work properly. Quoting Maciej:
I have a fix for the infamous PHP-Nuke login bug. It should be
in the next release. Here's the short version: the Netscape cookie
spec says when a cookie comes from a URL like
"http://www.foo.com/user.php" and no path is explicitly specified,
then the path should default to "/user.php". However, it actually
needs to default to "/", because that's what all real browsers do.
Don't you love the web?
I have integrated the CSS parser from the KHTML trunk into Safari.
It uses the CSS2.1 grammar. Mark will no doubt be
disappointed that it closes most of the sheet-content-related hacks.
In particular, Safari is no longer vulnerable to the Safari Spacer
hack, the Simplified Box Model Hack, the Star HTML bug, or the Inline
High Pass filter. It is, however, still vulnerable (interestingly) to
Fabrice's Inversion.
Note that some of these hacks really couldn't easily be left in,
since using a correct grammar will just naturally close these hacks
off. There's no way to easily pollute the grammar to support
constructs like the Safari Spacer hack (nor should we).
Safari's cookie bug fixed
Safari's cookie bug fixed03/19/2003 10:25 PM Dave Hyatt reports: Maciej fixed the infamous cookie bug last night,
so PHP-Nuke sites will now work properly. Quoting Maciej...
I have a fix for the infamous PHP-Nuke login bug. It should be in the
next release. Here's the short version: the Netscape cookie spec says
when a cookie comes from a URL like "http://www.foo.com/user.php" and
no path is explicitly specified, then the path should default to
"/user.php". However, it actually needs to default to "/", because
that's what all real browsers do. Don't you love the web?
(from Surfin' Safari)
Cookie Jar12/11/2002 08:09 AM This class should be used to handle cookies (storing cookies from HTTP
response messages, and sending out cookies in HTTP request messages).
This class is mainly based on Cookies.pm
from the libwww-perl collection
.
Unlike Cookies.pm, this class only supports the Netscape cookie spec
, not RFC 2965.
A Fortune For This Cookie
A Fortune For This Cookie04/30/2004 04:23 PM P.F. Chang's has one delectable menu, but is its stock price as
palatable?
Why is there a part of a cookie here?
Why is there a part of a cookie here?01/16/2004 01:00 PM Made one mitten, mitten too small...damn it. Back to the drawing board
for that one. Wendy's scarf has been...completed! (said...
I Don't Want a Cookie, Mom, Can I Just See the Box? (Reuters)
Netcraft
reports that a hosting provider in San Diego got busted for
sniffing for the Google spider and feeding it phony links to their own
web site whenever it indexed any of the sites they hosted.
Aplus.Net admitted Friday that it had manipulated customer web
sites to try and improve its ranking in the Google search engine,
inserting "hidden links" that made it appear that more than 17,000
sites were linking to Aplus.net's home page. The technique may have
helped Aplus.net achieve a first-place Google ranking for the term
"dedicated servers."
While it's a low-down dirty trick, you have to marvel at the
ingenuity.
Word of mouth and how the cookie crumbles09/09/2004 11:10 AM From The Center for Media Research.... BuzzMetrics, a company
specializing in word of mouth research and planning, released a new
report revealing how word of mouth and online discussion forums shaped
a food-industry crises. When a leading consumer advocacy group filed a
lawsuit against food giant Kraft over its use of
partially-hydrogenated oils in Oreo cookies, a frenzy erupted across
thousands of consumer online discussion platforms. According to
BuzzMetrics' analysis of over 2.6 million comments from over 120,000
consumers, the Ban Trans Fats legal assault on Oreo caused the total
volume of online discussions on trans fats to increase more...
Cookie fans chip away at spyware bill
Cookie fans chip away at spyware bill02/05/2005 09:08 PM Lawmakers consider bowing to Web marketers' pressure not to designate
cookies as unlawful technology under an anti-spyware bill.
Cookie Delivery Sparks $900 Medical Bill (AP)
Cookie Delivery Sparks $900 Medical Bill (AP)02/05/2005 09:23 PM AP - Two teenage girls who surprised their neighbors with homemade
cookies late one night were ordered to pay nearly $900 in medical
bills for a woman who says she was so startled that she had to go to
the hospital.
Avoid a cookie bug in Safari's reset feature
Avoid a cookie bug in Safari's reset feature05/20/2004 11:45 AM Here's a bug in Safari -- it doesn't actually reset your cookies
unless you open the Preferences -> Show Cookies window. Here's a proof
... open Safari and navigate to a few sites that you know stores a
cookie (Google, Mac OS...
"Teens' cookie deliveries crumble into $900 lawsuit"
Meet the new, dietetically correct Cookie Monster04/08/2005 12:54 AM Xeni Jardin:
Geez, talk about sucking all the fun out of life. Cookie Monster will be
cutting back on sweets as part of a new healthy eating program on
Sesame Street. The googly-eyed, blue fuzzball will learn that "A
Cookie Is a Sometimes Food." What next, a song called "C is for
Celery?" Link (Thanks, jodyh)
Sexy Cookie Tin Snapped Up at Auction (Reuters)
Sexy Cookie Tin Snapped Up at Auction (Reuters)04/26/2004 09:02 AM Reuters - An otherwise ordinary cookie tin
featuring hidden drawings of two dogs mating and a pair of
naked lovers fetched 423 pounds ($752) at an English auction
Friday -- proving that sex sells.
Member Forum Spotlight:Cookie Monster's Den03/31/2005 12:25 PM geehumshriber's Member Forum, Cookie Monster's Den, is a place to
"have fun, enjoy your time, meet new friends, get free cookies."
Check it out!
Data center firms settle cookie suit
Data center firms settle cookie suit09/16/2004 08:36 PM F5 Networks and Radware have come to terms in a patent dispute over
"cookie persistence" technology.
Use Safari with Novell Groupwise WebAccess02/11/2004 11:04 AM There is a known issue with using Novell Groupwise WebAccess with
Safari. There is a toolbar that is supposed to appear on the left hand
side of the screen that fails to appear when using Safari. I've found
that if you click ...
Create Safari cookies that expire after each session
Create Safari cookies that expire after each session10/30/2003 12:37 AM In Mozilla and variants, and many other browsers, you can set Cookies
to expire at the end of the session. This means that Cookies will be
kept for your use, until you close your browser and they are then
wiped out. I like t...
ID Backup to Cookies Will Also Restore Erased Cookies
Safari cookies may fail with future dates03/08/2004 11:18 PM This is more of a solution, than a hint. A few days ago I encountered
a problem with Safari, specifically, many sites that requires stored
cookie to log in refuses to log in. I tried to reset Safari's
settings. No effect. No...
Security update offers Safari cookies fix12/05/2003 03:12 PM Apple on Friday released Security Update 2003-12-05. The new update is
available for download through the Software Update system preferences
pane.
Eolas Patent Invalid
Eolas Patent Invalid03/06/2004 02:01 AM A federal patent examiner's initial review has found the Web browser
patent at the center of a major verdict against Microsoft Corp. to be
invalid.
AdSense - Worrying About Invalid Clicks
AdSense - Worrying About Invalid Clicks07/18/2004 07:15 AM The hot topic for AdSense for the summer has be ClickBots, Invalid
Clicks, and competitors getting you booted out of the program. This is
but one of dozens of threads on the topic.
Use JavaScript to implement multiple session ID cookies
Rambus Patent Ruled Invalid In Europe02/13/2004 04:03 PM Rambus' legal action against memory maker Micron appears to have had
the rug pulled from under its feet this week when the European Patent
Office said it will revoke one of the company's patents.
"news of a little girl who had her first Communion declared invalid"
Judge rules Lindows-backed refund site invalid01/16/2004 01:00 PM A judge has now ruled that the administrator in the settlement deal
must ignore claims filed through MSfreePC.com. In a move of typical
legal efficiency, the rejections are really only half-rejections.
ISA Server 2000 Hotfix for FTP Client Invalid PORT Command
ISA Server 2000 Hotfix for FTP Client Invalid PORT Command12/12/2003 10:29 AM This hotfix verifies that the IP address and port specified in an FTP
client PORT command are appropriate to the current FTP session in both
inbound and outbound FTP sessions.
PHP Blog: feof() doesn't return TRUE when invalid file handle is passed to it
PHP Blog: feof() doesn't return TRUE when invalid file handle is passed to it05/17/2004 07:34 PM When a fopen() is done on a file that has permissions that are set to
not allow the current process user to read it or the file doesn\'t
exist
it returns false. This is expected. The problem is when feof() is fed
the invalid handle it doesn\'t return TRUE() thus creating an infinite
loop in the following code example.
feof() would return TRUE to cancel the loop and the script would end.
There would of course be warnings because of the invalid file handle,
but that is expected.
There should be better error handling on the developers part and catch
the invalid file handle, but I would expect the file functions to
handle
this situation accordingly.
Samba nmbd Invalid Length Denial of Service Vulnerability [iDEFENSE]
Cookies in PHP01/28/2004 12:05 AM For those new to web development and 'how things work', cookies can be
a very confusing matter. In this tutorial, Timothy gives you an
overview of cookies to help you understand how they work.
I've recently had a a few people ask whether FeedDemon supports the
use of cookies, and the answer is, "yes, it does."
The most obvious use of this is to require a login before returning
any information, and I've seen this done by several feeds already.
Unfortunately, some of them redirect to an HTML page when the login
cookie isn't found, which obviously won't work since FeedDemon is
trying to download RSS, not HTML. So, if you use cookie-based
authentication, don't redirect to an HTML page - instead, dynamically
create an RSS <item> which includes a link to the login
page.
Apparently most people are pretty sick of cookies and 58% of people
are deleting them almost as fast as websites try to force them on you.
Seems Marketers have responded and are using other ways to track what
people are doing through. Persistent Identification Element (PIE)that
uses a technology that is tied to Macromedia's Flash MX, which is able
to track your every move. Here is how to disable their dirty little
trick. [Macromedia]
The following phrases have been identified by the grok system as matching this entry: phpnuke cookie functions seem to be disabled. groupwise email invalid or missing cookies "favorite icon" safari "invalid or missing cookies" "safari 2.0" cookies bug "invalid or missing cookies)" groupwise webaccess invalid or missing cookie(s) maciej wwdc session "groupwise webaccess" and "invalid or missing cookies"
Geez, talk about sucking all the fun out of life. 
Recipe here: