subxero Sat Nov 10 2007 at 1:35 am It's the same way with my site --
The "Click here to edit this post" link is technically available to anyone, and it's easy to spoof to edit any post, by pushing stuff into the $_POST array but you have to know the exact time in seconds the post was made and the IP address from which it was made, and spoof them both. Not an easy task.
So there's essentially no security risk. Also, these sites, as awesome as they are, aren't particularly high-profile. There aren't exactly a lot of hackers out there really wanting to get into Phatcode.
ALSO, agamemnus, just use PHP. Please, for the good of all of us (except the ones who are dead), use PHP instead of compiled code (from fbc) on the server. PHP is more than fast and efficient enough to do what you want it to do.