[Gforge-devel] RE: Porn on GForge.org
Robert Nelson
robertn at the-nelsons.org
Sat Mar 10 02:41:11 EST 2007
Actually you probably want to add distinct to the query so it becomes:
select distinct "http://gforge.org/tracker/index.php?func=detail&aid=" ||
artifact.artifact_id || "&group_id=" || group_id || "&atid=" ||
agl.group_artifact_id from ((artifact_file inner join artifact on
artifact_file.artifact_id = artifact.artifact_id) inner join
artifact_group_list AS agl on agl.group_artifact_id =
artifact.group_artifact_id) where filetype = "text/html"
_____
From: gforge-devel-bounces at lists.gforge.org
[mailto:gforge-devel-bounces at lists.gforge.org] On Behalf Of Robert Nelson
Sent: Friday, March 09, 2007 10:47 PM
To: gforge-devel at lists.gforge.org
Subject: [Gforge-devel] RE: Porn on GForge.org
Importance: High
I was working with the user on the IRC who reported this issue. I supplied
a fixed download.php which only allows content type text/plain to be
returned directly, every other type is returned as application/octet-stream.
I've attached the fixed download.php. At least this way the porn spammers
don't get free page service and hopefully the spam receivers will be scared
off by the offer to download a file. This might discourage the spammers.
Also I created this query to quickly find all the suspect downloads and
generate urls to all the parent artifacts. Someone with admin access can
use it to clean up gforge.org
select "http://gforge.org/tracker/index.php?func=detail&aid=" ||
artifact.artifact_id || "&group_id=" || group_id || "&atid=" ||
agl.group_artifact_id from ((artifact_file inner join artifact on
artifact_file.artifact_id = artifact.artifact_id) inner join
artifact_group_list AS agl on agl.group_artifact_id =
artifact.group_artifact_id) where filetype = "text/html"
_____
From: Robert Nelson [mailto:robertn at the-nelsons.org]
Sent: Friday, March 09, 2007 9:59 PM
To: 'gforge-devel at lists.gforge.org'
Subject: Porn on GForge.org
Importance: High
Here has been a whole bunch of porn attached to this tracker item.
http://gforge.org/tracker/index.php?func=detail
<http://gforge.org/tracker/index.php?func=detail&aid=2752&group_id=128&atid=
203> &aid=2752&group_id=128&atid=203
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.gforge.org/pipermail/gforge-devel/attachments/20070309/8361d331/attachment-0001.html
More information about the Gforge-devel
mailing list