CakePHP security issue

Recently I have stumbled upon thechaw.com--written by CakePHP core dev and developed in CakePHP. I just wanted to check if they have fixed the old security issue in CakePHP and found that the issue is still open.

Proof of concept

CakePHP memory error

In another time, found a famous memory error even in bakery.cakephp.org

Bottom line

CakePHP is open source and so you can fix these issues by yourself

Comments

Interview question #1

Since I have been asked to interview experienced PHP programmers, I was preparing few interview questions. I came to know, most of the people ask questions found in the Internet; most of them are like "What is the function used to connect MySQL DB in PHP". Personally, I don't like these types of questions; I'd thought the person must apply ideas what he was taught in colleges--finally I came out with one question: A product vendor has Quantity Vs. Price data like 1 -> Rs. 50 2 -> Rs. 95 3 -> Rs. 140 .... like upto 1 million data. He wants a system, which gives the price when the quantity is provided. For example, if you provide the quantity value as 2, then it should provide Rs. 95. How this system can be designed? As expected, all the people said about using database tables and quering on quantity. I have asked them to find out a system which doesn't use databases--provided the accuracy of the system may not be 100%--it may give at least 90% ac...

Humble Awards

When I was studying 10th standard, I had a bet with my friend Nalin that A.R.Rahman will become very famous (He was telling me that no one can beat Ilaiyaraaja ) Since then I thought about appreciating the people that I think are the best and finally here is the effort. Some people are yet to become famous--but I strongly believe and wish that they'll become famous sooner! Gaana Rahman - Gaana singer Dr. A.N. Sreevatsan , ENT specialist OptiPerl , Windows based IDE RJ Joshua , Radio Jockey of AIR FM, Chennai RJ Yazh Sudhakar , Radio Jockey of Suryan FM, Chennai Discovery Channel's Tamil Interpreters , for the superb Tamil voices & modulations Savukku, WikiLeaks of India , for the brave news coverage on hidden politics of India, especially Tamil Nadu state

Bookmarklet: Mozilla/Firefox unicode rendering bug

Bug #270012 is long time opening in Firefox and got bunch of duplicates. Tamil and other Indian texts are getting broken on "text-align: justify;" Fix #270012 The above bookmarklet can be used on such broken pages to fix rendering and I've been using it for a long time. Though there is a Greasemonkey script available, I still prefer my bookmarklet as it is tidy.