I had spent the weekend working on a PHP Nuke patch for OpenID implementation but I suffered a minor setback in it’s release. I finished working on the proof of concept on Saturday and started putting the patch together on Sunday morning. We went out with some friends Sunday night for dinner and when I got back, I found that the PHP Nuke test site had been defaced. Nothing major but they did point out some flaws in my PHP Nuke implementation. In my haste to get the site up and get working on the patch, I forgot to make sure that I turned off any modules that I didn’t plan to use. These CMS systems are hard enough to keep patched and locked down, I should have taken the time to secure it before working on the patch. Lesson learned.
Hopefully, I will set the site back up early next week (I’m going on vacation this weekend) and have my patch out later in the week.