CakePHP security issue

Recently I have stumbled upon thechaw.com--written by CakePHP core dev and developed in CakePHP. I just wanted to check if they have fixed the old security issue in CakePHP and found that the issue is still open.

Proof of concept

CakePHP memory error

In another time, found a famous memory error even in bakery.cakephp.org

Bottom line

CakePHP is open source and so you can fix these issues by yourself

Comments

I'm Zend (PHP 5) Certified Engineer:-)

As of January 13, 2007, I'm ZCE/ Zend Certified Engineer (PHP 5)

Problems with CakePHP - follow-up

Some people have responded including the Datepicker fame Marc Grabanski . So, this follow-up... First of all, I was not ranting nor complaining; I've just blogged/documented my experience. The common problem most of the people pointed out are that it scales for addons.mozilla.com. Those who have accessed their source code can understand that they've done lot of things and also the site is not database-intensive. You should really create a real database-intensive website to understand what I mean. The other point that been pointed out is about open source and community. Lot of people may not be knowing that it's 2 people pushing it and don't want others to be credited . The generic model or dynamic model idea was originally been from grigri and Marcel . It's hard to be called as open source as only few and sycophants are driving it's direction (I'm not talking about svn access) So, here are my humble checklist before you start shouting at me Did you read a

Prediction: Expensify will crash through its insane question-based hiring process

I have huge respect for David Barrett for his technical background. But, his company, Expensify is following a modern psychometric test called a question-based hiring process . The company claims to look for candidates with 'Talent, Ambition, and Humility'. The psychometric test was a fad in India about 20-years ago and the companies that followed the hiring approaches are no more and some have changed the approaches to survive. I just thought of blogging my thoughts here to see how Expensify evolves.