What is the name of your organization?: prueba What is the name of your web site? (if different from the name of your organization): prueba What is your web site address?: prueba.com Who built your site?: All of the above

What is the name of your organization?: multimedia What is the name of your web site? (if different from the name of your organization): creative mediapulse technologies pvt.ltd What is your web site address?: http://www.mediapulsetech.com Who built your site?: Some combination of the above If a vendor built your site or participated in the process, please list the vendor below: creative What constituency does your web site support or promote? (Please list each item on a seperate line & use Filtered HTML): A Media Production company specializing in All types of 2D & 3D Animations,3d simulation,3d walkthrough,3d modeling animation,Multimedia presentations, marketing presentation, webpromoting,Video presentation,Animations-website-design,webstreaming,development,hosting, Flash,Corporate presentations, interactive presentations,e-learning,cbts,wbts,and more...

On a default 0.8.3 CivicSpace install, the "Plain text" input format is enabled for all users and is not configured to filter HTML, thus allowing unfiltered HTML to be displayed in content posted using this format. I saw this on two installs I did. It was not in a Drupal 4.6 install I did, so it must be a CivicSpace installer/config/defaults issue. To workaround as a user, I configured the Plain text format, added the HTML filter (click and save), selected "Escape tags", erased all allowed html tags and unchecked "Display HTML help". Now Plain text escapes all html code and displays it as typed.

What is the name of your organization?: nameorganization What is the name of your web site? (if different from the name of your organization): namesite What is your web site address?: www.hvisscher.nl Who built your site?: An in-house employee What constituency does your web site support or promote? (Please list each item on a seperate line & use Filtered HTML): asdfasdfasdfasdf

一日，民工上班中，感慨：没水喝了。遂赌与同事：我们石头，剪子，布。谁输了谁去打水，同事曰：我不喝水。民工怒，曰：u are too lazy!! 哎，又被剥夺了勤劳的可能性。

When I did an automatic install of CivicSpace 0.8.3, I noticed that the installation of databases fails if the name of the database contains a "-". An example would be the database name "test-site". The error message is totally misleading because it says there are not enough priviliges to find out whether the table names are unique (or somehow similar).

What is the name of your organization?: Resources Unlimited Foundation What is the name of your web site? (if different from the name of your organization): ResourcesUnlimited.org What is your web site address?: resourcesunlimited.org Who built your site?: An in-house employee What constituency does your web site support or promote? (Please list each item on a seperate line & use Filtered HTML): educational social justice policy development organizational development leadership development

Hello, while installation I get after "Database setup" the following error 500 page: Server error! The server encountered an internal error and was unable to complete your request. Error message: Premature end of script headers: install.php If you think this is a server error, please contact the webmaster. Error 500 pixer.org Sun Apr 9 11:20:33 2006 Apache/2.0.54 (Debian GNU/Linux) I am sure that I have all premissions set right and also all database login data. There are also 58 Tables created in my database. I am on a hosting account with 4.1.11-Debian_4sarge2. Any ideas?

What is the name of your organization?: Doug Green Consulting Please list the Drupal or CivicSpace web sites you have built. (Please list each item on a seperate line & use Filtered HTML): Doug Green Consulting My County Party Nassau County Democratic Party Amelia Trace Assisted Living Amelia Island AA and Barr Street AA What types of services do you offer? (Please list each item on a seperate line & use Filtered HTML): Democratic County and Candidate websites Multi-user Customized websites for Small Businesses What industries do you focus on, if any? (Please list each item on a seperate line & use Filtered HTML): Democratic County Party Political Websites Software Development Who should customers contact for services? (Please list contact info on seperate lines & use Filtered HTML; see example): Doug Green 4704 Yachtsman Drive Fernandina Beach, FL 32034 904-583-3342 douggreen@douggreenconsulting.com What is your web site address?: www.douggreenconsulting.com Describe your organization in your own words: In addition to custom software development, I offer pre-built Democratic websites for County & State Parties and Candidates that are setup with multi-user access controls for private and public areas; all content types including events, blogs, images, products (donations), newsletters, and quotes; pre-set with all of the National links and National News syndication. Localization and training is also available. I have a degree in Computer Science from the Cornell University College of Engineering, 20 years of software development experience, and have been a Democratic political activist leading grass-roots and county party technology efforts since January, 2004.

Una sorta di Club Virtuale Via Web, dove potete interagire con noi o on-line o off-line, il tutto gratuitamente! Addirittura www.yahoo.it vi mette a disposizione la registrazione al nostro gruppo, quindi se volete diventare delle Geishe, vi consigliamo di aderire al nostro Gruppo! Il tutto gratuitamente, però vi ricordo che il nostro è un portale libero, di conseguenza anche chi non si iscrive al gruppo potrà partecipare alla vita del nostro Club on line. Il gruppo è Moderato da Bill Clinton il presidente virile che per l'occasione si trasforma in uno psicologo on line, la sua e-mail clubgeishe@yahoo.com

I'm enclosing a patch for 0.8.3. The configuration wizard currently fails on PHP 5 systems. This will solve the problems reported in http://civicspacelabs.org/home/node/16627

In the default CivicSpace theme, in the file located here: [install_root]/civicspace/themes/page.tpl.php You will find this text as the start of the file content: /* $Id: page.tpl.php,v 1.7.2.3 2005/11/30 21:06:47 robinmonks Exp $ */ ?>     "http://http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">         ^^^^^^^^__Approximate region of error. There is an error on the last line shown here, where the DTD URL has an extra 'http://'. This prevents the page from validating, and throws a link validation error (for W3C validators.)

http://demo.civicspacelabs.org/home/ Is a dead end.

What is the name of your organization?: Snohomish County Democratic Party What is your web site address?: www.snohomishdemocrats.org Who built your site?: An independent web developer What constituency does your web site support or promote? (Please list each item on a seperate line & use Filtered HTML): Snohomish County Democratic Party, WA Democratic voters in Snohomish County, WA

I thought it might be helpful to blog my experience with CivicSpace - and share any tips or hints I discover on my journey. My expectation is to become extremely proficient with the system. Hopefully any stumbling blocks I encounter might be helpful to others as they take on the project for the first time. Before I get too far into this, please let me know if this is the appropriate venue for this type of information.

• Advisory ID: DRUPAL-SA-2006-004
• Project: Drupal core
• Date: 2006-03-13
• Security risk: moderately critical
• Impact: security bypass
• Where: from remote
• Vulnerability: mail header injection attack

read more

• Advisory ID: DRUPAL-SA-2006-003
• Project: Drupal core
• Date: 2006-03-13
• Security risk: less critical
• Impact: hijacking
• Where: from remote
• Vulnerability: session fixation attack

read more

• Advisory ID: DRUPAL-SA-2006-002
• Project: Drupal core
• Date: 2006-03-13
• Security risk: less critical
• Impact: cross-site scripting
• Where: from remote
• Vulnerability: cross-site scripting

read more

• Advisory ID: DRUPAL-SA-2006-001
• Project: Drupal core
• Date: 2006-03-13
• Security risk: less critical
• Impact: security bypass
• Where: from remote
• Vulnerability: bypass access control

read more

Someone under the pseudonym "Liz0ziM" sent a false security alarm to BugTraq without first contacting the security team: http://www.securityfocus.com/archive/1/420671/30/0/threaded This vulnerability is fixed in Drupal 4.5.6, 4.6.4 and onwards. Drupal's new XSS filter mechanism takes care of all vulnerabilities listed on http://ha.ckers.org/xss.html (and even more). If you have already updated to at least 4.5.6 / 4.6.4 then you are safe and you do not need to take any action. If you have not updated yet, then we advise you again to do so ASAP.