Someone is bypassing permissions on the bug tracker!

[TechSY730]

Just as a warning in case you didn't notice, some dude named Buttons840 has been messing around with the supposedly disable priority field. (One example of an effected post is http://www.arcengames.com/mantisbt/view.php?id=824, though there are many others)

I've already created a new mantis issue about this type of attack itself (http://www.arcengames.com/mantisbt/view.php?id=7031)

[zespri]

Everyone is at PAX anyway right now. Or has it finished?

[eRe4s3r]

Is Mantis coded in PHP?

That answers your question right there. 

PHP is not a web development language! (In fact, PHP is terrible, do not ever use it)

[x4000]

We keep mantis up to date with security patches. In this case I guess he set a field that was hidden, but which he had access to anyhow. Buttons840 is a good guy from my recollection, so I am not overly concerned on this specific case. It may simply be some sort of browser difference for all I know.

[eRe4s3r]

But do you update PHP regularly as well? Well, at least expose_php = off is truly off ;p

[x4000]

But do you update PHP regularly as well? Well, at least expose_php = off is truly off ;p

We're on rackspace cloud sites, so that's really up to them.  But yes, I'm pretty sure they do.

[keith.lamothe]

I would probably pay a couple of bucks for a book entitled "eRe4s3r's Opinion On Each Commonly Used (Alleged) Programming Language".  It would be hilarious.

[eRe4s3r]

Hehe

I don't really claim to be all knowing, but I do know a bit C, Perl and (less than a bit) PHP
That explains everything I think ;P

I mean.. == and === alone are one for the parody books.
PHP is also the only language that I intentionally dislike after trying it out.

[x4000]

I dislike PHP as well, for the record, but it serves its purpose and it's not at the bottom of languages I dislike.

[eRe4s3r]

queue the inevitable question..

What language you dislike the most.. the bottom 3 and why? ;p

[Hearteater]

I hate Lisp))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

[x4000]

Well, there are a lot of languages that are really bad that I just stay away from because they are so incredibly bad I don't even want to work in them.  But out of the ones that are not complete trash, I really dislike Ruby.  And Torquescript.  And ColdFusion, though not with the fury that Keith does.

[TechSY730]

A candidate for one of the worst, non-joke language of all time, MUMPS!

[Hearteater]

ColdFusion isn't bad, especially if you are using the latest version.  It is my primary language at work.  Not really my preference, but decent.  I have seen a TON of terrible code written in it through.  Replacing horrible CF code is a daily activity for me.  A lot of that comes from code written for earlier versions of CF though.  Scoping issues are a pain when people abuse cfinclude, they really need to improve query-of-query, and query typing and null handling needs to be fixed.  But otherwise it is a reasonable language.  I consider it mostly interchangeable with PHP.

[keith.lamothe]

I worked a ColdFusion/MSSQL job for 5 years.  MSSQL I'm still on speaking terms with.  CF... care to hazard a guess at what "Branch Offset Too Long For Short" means?

But I'm pretty heavily biased, I dislike any language that doesn't have compile-time strong typing.  If it doesn't understand the source code before it runs it, I think there's something wrong