What I have just gone through is nothing short of fucking stupid.

At some point yesterday, some brightstar at Cyberpixels decided to fuck around with the PHP config, or something. The results of their little game were the total and utter disablement of my blog. After a few hours of waiting, the problem fixed itself, to an extent. (I still had to go and fix a few coding errors in this blog that were causing problems with the new config.)

I will once again say what I have said before: LEAVE THE GODDAMN CONFIG FILES THE HELL ALONE. It’s fine. Really, it is. You don’t need to go and break my shit again. You’ve already secured us to the point of the poor customers not being able to twitch. So LEAVE IT BE.

Now, me not being able to login made me a bit twitchy. I had assumed that someone had taken advantage of some obscure AJ-Fork secuirty hole, so I changed the password for the one admin in the user file, because the hash in the file was different then the password hash I had just generated of the exact same password.

Funny, that was. You see, today I decided to fix this shit, because I wanted to make a post. So I broke out the code and started hacking away. After about an hour, I discovered why I could not log in to the admin panel.

The fuckhead who wrote AJ-Fork stores the password hash’s hash.

What the fuck? What strange, twisted mind came up with something as stupid as that? A once-hashed password is more than enough protection. Anyone with common sense would assume the password was run through the md5() function once, then stored.

But no. I have to go code-trawling to figure this out. Asshole, I hope you get leukemia or something.

Happy new year, cyberpixels! May you have horrible luck and go out of business in ‘05! Then maybe I’ll have an excuse to get a decent host.

And to everyone else: Happy holidays. Luck in 2005 and shit.
New Years Party Picures.