A new version of the Fast Search plugin for Movable Type is available.
The new version is a very important security update, and I recommend that all sites install the new version as soon as possible.
The primary issue that has been fixed was a security bug in which a malicious person could insert HTML or javascript into your search results pages by modifying the query string. Please note that this does not affect regular user searches or tag searches, but rather search results pages that spammers have linked to from external web sites.
Other fixes include a pagination issue that was affecting certain users (in which the page numbers were inaccurate), and a fix for the tag_dir argument when the blog was not at the root off the domain.
You can download the new version from the links below:
Download Now
Fast Search 2.22 for MT4+:
Downloads: 1124 (since 3/6/07)
Fast Search 2.092 for MT3.2 and 3.3:
Downloads: 1124 (since 3/6/07)
If you have previously purchased the Pro version, you should have by now received an email with a download link. If not, please contact me.
Comments (2)
hi,
i just installed fast search on a couple of my blogs. using the dfault template. it does not appear to be picking up the MTSearchString variable. however it is seeing other mt tags such as the blogname etc.
any ideas why.
Posted by arindam | June 17, 2008 1:55 PM
Posted on June 17, 2008 13:55
if it helps, i did come across this mt4 dynamic publishing bug post http://mt-hacks.com/20071214-dynamic-publishing-bug-in-mt4.html
rebuilding mtview.php didnt help either.
how do i check to ensure dynamic publishing is working? could this be an issue with the server not allowing rewrites?
Posted by arindam | June 17, 2008 2:39 PM
Posted on June 17, 2008 14:39