wordpress升到了2.3.3,关于更新的内容Wordpress说:
WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.
这个XML-RPC的缺陷可以让任何用户修改BLOG文章的内容……也许这就可以解释前段时间出现的被注入的问题。
最近尝试用jQuery+k2 template来限制越来越多的SPAM,有点效果。还好现在的SPAM全是comment型的,trackback型的只遇到过一次,前者还可以用禁止评论里有链接的方法来阻止,而后者就只能对某篇日志完全禁止Ping了……
感谢你的回复,wp是不准备升级了,过段时间换到habari下.
66的视频你要感兴趣的话我可以传给你.最近在老家过年,一直没有上网,今天偶然看到,等初七上班后加你msn传给你吧.只转换了一套韩国的六十个基础动作,格式是rm的,我手机是linux系统的,用的realyone播放器,不知道你适不适用.
btw:我的msn,gtalk就是这会儿留言用的地址,平时很少上.