hacked!

If you've visited IPhOD in the last 2 weeks or so, then you probably noticed that it looks pretty strange and bad. The company that hosts my webpage informed me by email that someone used a SQL hack to break into the webpage and trash it. The beautiful calculator functions that I wrote allowed the hacker to feed some code into the SQL server and then take over my site. This was terrible news since I had put so much time into the webpage and I am currently preparing a writeup. On the other hand ... this seemed like a good time to debut IPhOD version 2.0.

Since the new database is completely prepared and I must rebuild the webpage anyway, it makes sense to go ahead and distribute the newest version. The principle difference between version 1.4 and 2.0 is that I am using the SUBTLEX database word frequencies instead of Kucera-Francis word frequencies (the latter is widely seen as an inferior frequency measure). Another important change is the inclusion of homographs and homophones, and data columns that will reveal whether an entry has more than one pronunciation or spelling. I will be blogging a separate post on the changes when I release the newest version, so stay tuned!

IPhOD will continue to be available as a download with PERL scripts that I wrote to search its contents and calculate new values. I will try to get the calculators operating again -- but I have to patch up the vulnerability that the host identified. Since I am a programmer but not a computer scientist, this may take a while.

Your Opinion?

Here is where I ask for your opinions and tips: Is there anything that you think I should organize differently? From users: any new features that you think would be more valuable for searching the database? If you are a hacker or web programmer, is there a simple way to prevent SQL attacks from user-submitted forms? Any general comments are appreciated too!

I await your comments!