From dirk at haun-online.de Thu Jun 3 16:37:20 2004 From: dirk at haun-online.de (Dirk Haun) Date: Thu, 3 Jun 2004 22:37:20 +0200 Subject: [geeklog-devel] Comment Links In-Reply-To: <40ACFF4F.8030902@abtech.org> References: <40ACFF4F.8030902@abtech.org> Message-ID: <20040603213720.19059@smtp.haun-online.de> Vinny wrote: >1. How should the comment default mode be determined. Right now I have > it that you can add an optional parameter to the url >format= (where commentmode one of: threaded, nested, flat) >and a default to threaded. > >Should a user's preferences be used? Should the site default be used? >I'm not sure all the purposes this linking will be used for so I'm not >sure what a good default (or way of determining default) would be. Actually, wouldn't it make sense if this displayed _only_ that one comment? All the other functionality is already there with mode=display. But I guess it really depends on what it's going to be used for. Brainstorming, please ... - to link to specific comments from the search results page - for the new "report abusive comment" feature (in the email the Admin receives) What else? >The comment bar really sucks for the display of comments like this. Any >changes made to options using the comment bar pushes you back to >article.php. So... > >2. Should we overhaul the comment bar, remove it when displaying a >direct link to a comment, or remove it for all uses in comment.php (i.e. >linking to pid's using mode=display as well)? The comment bar is certainly not something I would miss, as long as I can get most of the functionality in some other way, specifically a link back to the story. The Reply button could easily be replaced with a link under the actual story and I only use the mode dropdown on sites where I'm not a registered user or when I'm not logged in. Does anyone even use the Oldest First / Newest First dropdown? So, I'm open for suggestions ... >One obvious variable is adding a {permalink} to the comment.thtml. Yep. We have {article_url} for the story link, so this should be named something like {comment_url}. >Another is adding a link to the >comment for Dirk's reporting of comment abuse. I've hard-coded those, similar to the Admin's "Delete" option. bye, Dirk P.S. I'll be offline Friday-Sunday, in case anyone's missing me. -- http://www.haun-online.de/ http://www.tinyweb.de/ From vmf at abtech.org Thu Jun 3 17:55:07 2004 From: vmf at abtech.org (Vincent Furia) Date: Thu, 03 Jun 2004 17:55:07 -0400 Subject: [geeklog-devel] Comment Links In-Reply-To: <20040603213720.19059@smtp.haun-online.de> References: <40ACFF4F.8030902@abtech.org> <20040603213720.19059@smtp.haun-online.de> Message-ID: <40BF9E3B.9040405@abtech.org> Dirk Haun wrote: > Actually, wouldn't it make sense if this displayed _only_ that one > comment? All the other functionality is already there with mode=display. > > But I guess it really depends on what it's going to be used for. > Brainstorming, please ... > > - to link to specific comments from the search results page > - for the new "report abusive comment" feature (in the email the Admin > receives) > > What else? > > For bloggers, the view comment could be linked to if a person wanted to link to a single comment or a thread of comments. For that sort of thing mode=view works much better than mode=display, but in which case seeing children in threaded or nested mode makes sense. Of course, we could have a default mode of "flat" which would display only the linked comment but have the {comment_url} link to format=threaded (or nested, or the user's default?). > The comment bar is certainly not something I would miss, as long as I can > get most of the functionality in some other way, specifically a link back > to the story. The Reply button could easily be replaced with a link under > the actual story and I only use the mode dropdown on sites where I'm not > a registered user or when I'm not logged in. Does anyone even use the > Oldest First / Newest First dropdown? > > So, I'm open for suggestions ... > Anything is better than how the comment bar works now in comment.php (it does OK for comments in article.php). > > Yep. We have {article_url} for the story link, so this should be named > something like {comment_url}. > Cool > > P.S. I'll be offline Friday-Sunday, in case anyone's missing me. > Have Fun? Since it seems that some of these questions don't have particularly obvious/strong answers, maybe its something that should be posted to geeklog.net and see what everyone there thinks? -Vinny From tony at tonybibbs.com Thu Jun 3 18:01:26 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Thu, 03 Jun 2004 17:01:26 -0500 Subject: [geeklog-devel] PDF feature.... Message-ID: <40BF9FB6.1080802@tonybibbs.com> This weekend I'm going to be polishing a PDF generator that a buddy from work built. Long story short is I have a working hack that allows you to view any Geeklog article as a PDF. The way it works is it send the printmode HTML to a PDF generator which saves the resulting PDF into a directory. Most of my work is going to be code clean up and then adding a few simple $_CONF vars. I figured having it will let you all decide on how else we might use the thing. I've attached a sample PDF generated using the tool from our Geeklog intranet site. --Tony -------------- next part -------------- A non-text attachment was scrubbed... Name: pdfsample.pdf Type: application/pdf Size: 16654 bytes Desc: not available URL: From geeklog at langfamily.ca Fri Jun 4 09:24:13 2004 From: geeklog at langfamily.ca (Blaine Lang) Date: Fri, 4 Jun 2004 09:24:13 -0400 Subject: [geeklog-devel] PDF feature.... References: <40BF9FB6.1080802@tonybibbs.com> Message-ID: <04ea01c44a37$3a4edc80$650a10ac@XPBL2> Hi Tony, I think this would be usefull and nice if there was a new optional function that plugins could call to create a pdf from data they are managing as well. I've looked at the PHP PDF funcitions and it appeared to not be too involved. I just have not had the client request yet so I left it on the side for now. Blaine ----- Original Message ----- From: "Tony Bibbs" To: Sent: Thursday, June 03, 2004 6:01 PM Subject: [geeklog-devel] PDF feature.... This weekend I'm going to be polishing a PDF generator that a buddy from work built. Long story short is I have a working hack that allows you to view any Geeklog article as a PDF. The way it works is it send the printmode HTML to a PDF generator which saves the resulting PDF into a directory. Most of my work is going to be code clean up and then adding a few simple $_CONF vars. I figured having it will let you all decide on how else we might use the thing. I've attached a sample PDF generated using the tool from our Geeklog intranet site. --Tony From geeklog at langfamily.ca Fri Jun 4 09:31:42 2004 From: geeklog at langfamily.ca (Blaine Lang) Date: Fri, 4 Jun 2004 09:31:42 -0400 Subject: [geeklog-devel] Restricted User Admin Feature References: <40BF9FB6.1080802@tonybibbs.com> Message-ID: <04f001c44a38$45ba5580$650a10ac@XPBL2> I have a client requesting a MOD to support a "Restricted User Admin" and I know this is a GL feature that has been requested before. Is there interest in rolling this feature once completed and tested into GL ? The easist way is to create a new feature "RestrictedUserAdmin" and then have a $_CONF parm that contained the user groups that anyone with this feature had admin rights over. The second and more flexible would require a new table and a new admin screen that would allow the Root to create any number of Restricted Admins and assign user group ownership to. Optionally, the $_CONF parm could be an array that supported multiple number of admins. I don't see it being a commonly used admin feature but one larger site and corporate users are going to want. Please let me know if there is general interest or any preferred implementation direction. Blaine From tony at tonybibbs.com Fri Jun 4 09:35:28 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Fri, 04 Jun 2004 08:35:28 -0500 Subject: [geeklog-devel] PDF feature.... In-Reply-To: <04ea01c44a37$3a4edc80$650a10ac@XPBL2> References: <40BF9FB6.1080802@tonybibbs.com> <04ea01c44a37$3a4edc80$650a10ac@XPBL2> Message-ID: <40C07AA0.3090709@tonybibbs.com> Yeah, the generator take a simple URL as an argument. It then downloads the HTML for the URL and converts it to PDF. That should make integration into GL's plugins a breeze. Oh, and has Diego gotten back to you? He should lurk in the IRC channel when he gets a chance. --Tony Blaine Lang wrote: >Hi Tony, > >I think this would be usefull and nice if there was a new optional function >that plugins could call to create a pdf from data they are managing as well. > >I've looked at the PHP PDF funcitions and it appeared to not be too >involved. I just have not had the client request yet so I left it on the >side for now. > >Blaine >----- Original Message ----- >From: "Tony Bibbs" >To: >Sent: Thursday, June 03, 2004 6:01 PM >Subject: [geeklog-devel] PDF feature.... > > >This weekend I'm going to be polishing a PDF generator that a buddy from >work built. Long story short is I have a working hack that allows you >to view any Geeklog article as a PDF. The way it works is it send the >printmode HTML to a PDF generator which saves the resulting PDF into a >directory. Most of my work is going to be code clean up and then adding >a few simple $_CONF vars. I figured having it will let you all decide >on how else we might use the thing. > >I've attached a sample PDF generated using the tool from our Geeklog >intranet site. > >--Tony > > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From tony at tonybibbs.com Fri Jun 4 09:39:19 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Fri, 04 Jun 2004 08:39:19 -0500 Subject: [geeklog-devel] Restricted User Admin Feature In-Reply-To: <04f001c44a38$45ba5580$650a10ac@XPBL2> References: <40BF9FB6.1080802@tonybibbs.com> <04f001c44a38$45ba5580$650a10ac@XPBL2> Message-ID: <40C07B87.50009@tonybibbs.com> How, exactly are they restricted? I'm not totally understanding the concept. --Tony Blaine Lang wrote: >I have a client requesting a MOD to support a "Restricted User Admin" and I >know this is a GL feature that has been requested before. Is there interest >in rolling this feature once completed and tested into GL ? > >The easist way is to create a new feature "RestrictedUserAdmin" and then >have a $_CONF parm that contained the user groups that anyone with this >feature had admin rights over. > >The second and more flexible would require a new table and a new admin >screen that would allow the Root to create any number of Restricted Admins >and assign user group ownership to. > >Optionally, the $_CONF parm could be an array that supported multiple number >of admins. I don't see it being a commonly used admin feature but one larger >site and corporate users are going to want. > >Please let me know if there is general interest or any preferred >implementation direction. > >Blaine > > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From geeklog at langfamily.ca Fri Jun 4 09:38:13 2004 From: geeklog at langfamily.ca (Blaine Lang) Date: Fri, 4 Jun 2004 09:38:13 -0400 Subject: [geeklog-devel] PDF feature.... References: <40BF9FB6.1080802@tonybibbs.com> <04ea01c44a37$3a4edc80$650a10ac@XPBL2> <40C07AA0.3090709@tonybibbs.com> Message-ID: <04f601c44a39$2ebc4c20$650a10ac@XPBL2> Tony, Diego did get back to me - did you get my last 2 emails. One had the attached mssql.class file. blaine ----- Original Message ----- From: "Tony Bibbs" To: Sent: Friday, June 04, 2004 9:35 AM Subject: Re: [geeklog-devel] PDF feature.... Yeah, the generator take a simple URL as an argument. It then downloads the HTML for the URL and converts it to PDF. That should make integration into GL's plugins a breeze. Oh, and has Diego gotten back to you? He should lurk in the IRC channel when he gets a chance. --Tony Blaine Lang wrote: >Hi Tony, > >I think this would be usefull and nice if there was a new optional function >that plugins could call to create a pdf from data they are managing as well. > >I've looked at the PHP PDF funcitions and it appeared to not be too >involved. I just have not had the client request yet so I left it on the >side for now. > >Blaine >----- Original Message ----- >From: "Tony Bibbs" >To: >Sent: Thursday, June 03, 2004 6:01 PM >Subject: [geeklog-devel] PDF feature.... > > >This weekend I'm going to be polishing a PDF generator that a buddy from >work built. Long story short is I have a working hack that allows you >to view any Geeklog article as a PDF. The way it works is it send the >printmode HTML to a PDF generator which saves the resulting PDF into a >directory. Most of my work is going to be code clean up and then adding >a few simple $_CONF vars. I figured having it will let you all decide >on how else we might use the thing. > >I've attached a sample PDF generated using the tool from our Geeklog >intranet site. > >--Tony > > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://lists.geeklog.net/listinfo/geeklog-devel From tony at tonybibbs.com Fri Jun 4 09:56:26 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Fri, 04 Jun 2004 08:56:26 -0500 Subject: [geeklog-devel] PDF feature.... In-Reply-To: <04f601c44a39$2ebc4c20$650a10ac@XPBL2> References: <40BF9FB6.1080802@tonybibbs.com> <04ea01c44a37$3a4edc80$650a10ac@XPBL2> <40C07AA0.3090709@tonybibbs.com> <04f601c44a39$2ebc4c20$650a10ac@XPBL2> Message-ID: <40C07F8A.9050903@tonybibbs.com> Right, sorry, I had replied to that hoping to get a tarball of his working geeklog installation so as I can simply run diff's and merge. I sent that to him and geeklog-devel. --Tony Blaine Lang wrote: >Tony, > >Diego did get back to me - did you get my last 2 emails. >One had the attached mssql.class file. > >blaine >----- Original Message ----- >From: "Tony Bibbs" >To: >Sent: Friday, June 04, 2004 9:35 AM >Subject: Re: [geeklog-devel] PDF feature.... > > >Yeah, the generator take a simple URL as an argument. It then downloads >the HTML for the URL and converts it to PDF. That should make >integration into GL's plugins a breeze. > >Oh, and has Diego gotten back to you? He should lurk in the IRC channel >when he gets a chance. > >--Tony > >Blaine Lang wrote: > > > >>Hi Tony, >> >>I think this would be usefull and nice if there was a new optional function >>that plugins could call to create a pdf from data they are managing as >> >> >well. > > >>I've looked at the PHP PDF funcitions and it appeared to not be too >>involved. I just have not had the client request yet so I left it on the >>side for now. >> >>Blaine >>----- Original Message ----- >>From: "Tony Bibbs" >>To: >>Sent: Thursday, June 03, 2004 6:01 PM >>Subject: [geeklog-devel] PDF feature.... >> >> >>This weekend I'm going to be polishing a PDF generator that a buddy from >>work built. Long story short is I have a working hack that allows you >>to view any Geeklog article as a PDF. The way it works is it send the >>printmode HTML to a PDF generator which saves the resulting PDF into a >>directory. Most of my work is going to be code clean up and then adding >>a few simple $_CONF vars. I figured having it will let you all decide >>on how else we might use the thing. >> >>I've attached a sample PDF generated using the tool from our Geeklog >>intranet site. >> >>--Tony >> >> >>_______________________________________________ >>geeklog-devel mailing list >>geeklog-devel at lists.geeklog.net >>http://lists.geeklog.net/listinfo/geeklog-devel >> >> >> >> >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From geeklog at langfamily.ca Fri Jun 4 10:10:32 2004 From: geeklog at langfamily.ca (Blaine Lang) Date: Fri, 4 Jun 2004 10:10:32 -0400 Subject: [geeklog-devel] Restricted User Admin Feature References: <40BF9FB6.1080802@tonybibbs.com> <04f001c44a38$45ba5580$650a10ac@XPBL2> <40C07B87.50009@tonybibbs.com> Message-ID: <057601c44a3d$b2f44570$650a10ac@XPBL2> The "Restricted" admin would be able to admin any users that are in its group of controlled users. So team-admin has the "restricted_user_admin" feature and it's been assigned groups A and B. Any users in Groups A or B can not be administrated by the "team-admin" Thats the concept -- I've not looked at the user admin code to see what issues I may have. I was thinking I would only need to made changes to this script such that the list of users would be filtered and adittional logic to check for this restricted admin rights. This is easier if there is only one level of restricted admin but more involved if this supports multiple teamAdmin1 has admin over users in groups 1 2 and 3 teamAdmin2 has admin over users in groups 5 6 and 7 Blaine ----- Original Message ----- From: "Tony Bibbs" To: Sent: Friday, June 04, 2004 9:39 AM Subject: Re: [geeklog-devel] Restricted User Admin Feature How, exactly are they restricted? I'm not totally understanding the concept. --Tony Blaine Lang wrote: >I have a client requesting a MOD to support a "Restricted User Admin" and I >know this is a GL feature that has been requested before. Is there interest >in rolling this feature once completed and tested into GL ? > >The easist way is to create a new feature "RestrictedUserAdmin" and then >have a $_CONF parm that contained the user groups that anyone with this >feature had admin rights over. > >The second and more flexible would require a new table and a new admin >screen that would allow the Root to create any number of Restricted Admins >and assign user group ownership to. > >Optionally, the $_CONF parm could be an array that supported multiple number >of admins. I don't see it being a commonly used admin feature but one larger >site and corporate users are going to want. > >Please let me know if there is general interest or any preferred >implementation direction. > >Blaine > > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://lists.geeklog.net/listinfo/geeklog-devel From geeklog at langfamily.ca Fri Jun 4 10:56:56 2004 From: geeklog at langfamily.ca (Blaine Lang) Date: Fri, 4 Jun 2004 10:56:56 -0400 Subject: [geeklog-devel] Restricted User Admin Feature References: <40BF9FB6.1080802@tonybibbs.com> <04f001c44a38$45ba5580$650a10ac@XPBL2> <40C07B87.50009@tonybibbs.com> <057601c44a3d$b2f44570$650a10ac@XPBL2> Message-ID: <059601c44a44$2e699740$650a10ac@XPBL2> Thinking about this a bit more -- I see it will be a bit more involved Restricted admin needs to be able to: - Add, edit, delete users - Need to be able to add/edit group membership - Need to control groups that are listed or availble to this restricted admin. - Can't have them assign Root to a new user (doh!) The client has 8000+ users and 800 groups so I will be making some other admin and UI enhancements. I've yet to look at the code so I know there are likely more considerations that I've missed. Blaine ----- Original Message ----- From: "Blaine Lang" To: Sent: Friday, June 04, 2004 10:10 AM Subject: Re: [geeklog-devel] Restricted User Admin Feature The "Restricted" admin would be able to admin any users that are in its group of controlled users. So team-admin has the "restricted_user_admin" feature and it's been assigned groups A and B. Any users in Groups A or B can not be administrated by the "team-admin" Thats the concept -- I've not looked at the user admin code to see what issues I may have. I was thinking I would only need to made changes to this script such that the list of users would be filtered and adittional logic to check for this restricted admin rights. This is easier if there is only one level of restricted admin but more involved if this supports multiple teamAdmin1 has admin over users in groups 1 2 and 3 teamAdmin2 has admin over users in groups 5 6 and 7 Blaine ----- Original Message ----- From: "Tony Bibbs" To: Sent: Friday, June 04, 2004 9:39 AM Subject: Re: [geeklog-devel] Restricted User Admin Feature How, exactly are they restricted? I'm not totally understanding the concept. --Tony Blaine Lang wrote: >I have a client requesting a MOD to support a "Restricted User Admin" and I >know this is a GL feature that has been requested before. Is there interest >in rolling this feature once completed and tested into GL ? > >The easist way is to create a new feature "RestrictedUserAdmin" and then >have a $_CONF parm that contained the user groups that anyone with this >feature had admin rights over. > >The second and more flexible would require a new table and a new admin >screen that would allow the Root to create any number of Restricted Admins >and assign user group ownership to. > >Optionally, the $_CONF parm could be an array that supported multiple number >of admins. I don't see it being a commonly used admin feature but one larger >site and corporate users are going to want. > >Please let me know if there is general interest or any preferred >implementation direction. > >Blaine > > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://lists.geeklog.net/listinfo/geeklog-devel _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://lists.geeklog.net/listinfo/geeklog-devel From tony at tonybibbs.com Fri Jun 4 11:40:37 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Fri, 04 Jun 2004 10:40:37 -0500 Subject: [geeklog-devel] Restricted User Admin Feature In-Reply-To: <059601c44a44$2e699740$650a10ac@XPBL2> References: <40BF9FB6.1080802@tonybibbs.com> <04f001c44a38$45ba5580$650a10ac@XPBL2> <40C07B87.50009@tonybibbs.com> <057601c44a3d$b2f44570$650a10ac@XPBL2> <059601c44a44$2e699740$650a10ac@XPBL2> Message-ID: <40C097F5.8070200@tonybibbs.com> With that many users, don't they have some sort of local directory to use (e.g. LDAP, AD, Domino)? If so, this might be a good time to look into splitting out authentication and authorization into a more modular state to allow for custom security systems. --Tony Blaine Lang wrote: >Thinking about this a bit more -- I see it will be a bit more involved > >Restricted admin needs to be able to: > - Add, edit, delete users > - Need to be able to add/edit group membership > - Need to control groups that are listed or availble to this restricted >admin. > - Can't have them assign Root to a new user (doh!) > >The client has 8000+ users and 800 groups so I will be making some other >admin and UI enhancements. > >I've yet to look at the code so I know there are likely more considerations >that I've missed. > >Blaine > >----- Original Message ----- >From: "Blaine Lang" >To: >Sent: Friday, June 04, 2004 10:10 AM >Subject: Re: [geeklog-devel] Restricted User Admin Feature > > >The "Restricted" admin would be able to admin any users that are in its >group of controlled users. > >So team-admin has the "restricted_user_admin" feature and it's been assigned >groups A and B. >Any users in Groups A or B can not be administrated by the "team-admin" > >Thats the concept -- I've not looked at the user admin code to see what >issues I may have. I was thinking I would only need to made changes to this >script such that the list of users would be filtered and adittional logic to >check for this restricted admin rights. > >This is easier if there is only one level of restricted admin but more >involved if this supports multiple >teamAdmin1 has admin over users in groups 1 2 and 3 >teamAdmin2 has admin over users in groups 5 6 and 7 > >Blaine > >----- Original Message ----- >From: "Tony Bibbs" >To: >Sent: Friday, June 04, 2004 9:39 AM >Subject: Re: [geeklog-devel] Restricted User Admin Feature > > >How, exactly are they restricted? I'm not totally understanding the >concept. > >--Tony > >Blaine Lang wrote: > > > >>I have a client requesting a MOD to support a "Restricted User Admin" and I >>know this is a GL feature that has been requested before. Is there >> >> >interest > > >>in rolling this feature once completed and tested into GL ? >> >>The easist way is to create a new feature "RestrictedUserAdmin" and then >>have a $_CONF parm that contained the user groups that anyone with this >>feature had admin rights over. >> >>The second and more flexible would require a new table and a new admin >>screen that would allow the Root to create any number of Restricted Admins >>and assign user group ownership to. >> >>Optionally, the $_CONF parm could be an array that supported multiple >> >> >number > > >>of admins. I don't see it being a commonly used admin feature but one >> >> >larger > > >>site and corporate users are going to want. >> >>Please let me know if there is general interest or any preferred >>implementation direction. >> >>Blaine >> >> >>_______________________________________________ >>geeklog-devel mailing list >>geeklog-devel at lists.geeklog.net >>http://lists.geeklog.net/listinfo/geeklog-devel >> >> >> >> >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From geeklog at langfamily.ca Fri Jun 4 17:33:12 2004 From: geeklog at langfamily.ca (Blaine Lang) Date: Fri, 4 Jun 2004 17:33:12 -0400 Subject: [geeklog-devel] Ability to set user defined template variables Message-ID: <065e01c44a7b$8a119f20$650a10ac@XPBL2> There are times that you want to extend a template and have access to a {variable} in the .thtml file. I was thinking that it may be nice to have a PLG function that if existed would be called and it would be up to that function to set the template variable. I can use PHP in header.thtml but still I'd rather just use a {variable}. I can also replace the complete COM_siteHeader but thats a bit of overkill to just add a variable. What if I just wanted to add a logout link or add a something to the topicsblock. If the block functions checked for plg_setvar_blockname() then I could add a function like this: plg_setvar_siteheader (&$template) { global $_USER; if ($_USER['uid'] > 1 ) { $template ->set_var( logout_link', 'logout'); } ); I expect this may add some overhead and maybe we don't add to COM_showBlock but maybe add it to a few of the main block functions. Feedback ?? Blaine -------------- next part -------------- An HTML attachment was scrubbed... URL: From tony at tonybibbs.com Fri Jun 4 17:59:01 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Fri, 04 Jun 2004 16:59:01 -0500 Subject: [geeklog-devel] PDF stuff in CVS Message-ID: <40C0F0A5.50607@tonybibbs.com> I've just checked in beta code of the PDF stuff into CVS. This feature is disabled by default and hasn't been integrated into the article/story system yet (I'm working on that this weekend). However, what is in CVS does work and if you want you can test it by installing from CVS, installing HTMLDoc (See config.php comments) and then by doing to a URL like this: http://www.myglsite.com/pdfgenerator.php?pageType=2&pageData= Note that will need to be URL encoded to work. The code is in better shape now, I still need to hook it up with a template, add some language stuff, etc which I will get done this weekend. If anybody gets a chance to give it a whirl that would be great, I'm out of town this weekend and won't be back on until Monday. --Tony From tomw at pigstye.net Sat Jun 5 12:43:52 2004 From: tomw at pigstye.net (Tom Willett) Date: Sat, 5 Jun 2004 16:43:52 +0000 Subject: [geeklog-devel] Replacing/Extending Core Functions. Message-ID: <20040605162532.M43192@pigstye.net> While working on the Comment Spam plugin, I encountered an issue that I have encountered several times. I was wondering if there is an easier way, I do not have a good suggestion. The Comment Spam plugin intercepts the SaveComment function call to examine the comment and take appropriate action. I did this by renaming the core savecomment function to savecomment1 and creating a new savecomment function in the functions.inc of the plugin. This allows me to process the comment and pass it on to the savecomment function if needed. Inelegant because it requires patching comment.php. I have encountered this issue several times and have resorted to disabling the core function and writing my own or extending the core function. GL2 being OO should allow for easy extension or replacement of core functions -- its easy to write a class that extends another. But in GL2 how could this modified class be installed as the core class and what about multiple dueling extensions to a class? Like I said I do not have an easy suggestion, but better to think of it now than latter. Thinking about it I do have a partial suggestion, but I am not sure how it would effect performance -- have each class in its own seperate file. Then all you have to do is replace the file -- this just magnifies the multiple dueling extensions problem though. If anyone is interested, I built the spam plugin with extensibility in mind so that to add another filter or action or admin section all you have to do is place the class file with the extension in the plugin directory. The plugin automatically uses it. If you want I will post it here. -- Tom Willett tomw at pigstye.net From dirk at haun-online.de Mon Jun 7 16:29:14 2004 From: dirk at haun-online.de (Dirk Haun) Date: Mon, 7 Jun 2004 22:29:14 +0200 Subject: [geeklog-devel] Replacing/Extending Core Functions. In-Reply-To: <20040605162532.M43192@pigstye.net> References: <20040605162532.M43192@pigstye.net> Message-ID: <20040607212914.32612@smtp.haun-online.de> Tom, >The Comment Spam plugin intercepts the SaveComment function call to examine >the comment and take appropriate action. I did this by renaming the core >savecomment function to savecomment1 and creating a new savecomment function >in the functions.inc of the plugin. This allows me to process the comment >and pass it on to the savecomment function if needed. Inelegant because it >requires patching comment.php. Can you suggest how a new plugin API function should work that mimics this without having to patch Geeklog? With comment spam becoming a problem, I'd envision that your plugin will become very popular and I'd like to make its installation as easy as possible. bye, Dirk -- http://www.haun-online.de/ http://www.haun.info/ From tony at tonybibbs.com Mon Jun 7 17:09:17 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Mon, 07 Jun 2004 16:09:17 -0500 Subject: [geeklog-devel] PDF feature.... In-Reply-To: References: <40BF9FB6.1080802@tonybibbs.com> <04ea01c44a37$3a4edc80$650a10ac@XPBL2> <40C07AA0.3090709@tonybibbs.com> Message-ID: <40C4D97D.9010100@tonybibbs.com> Ok, I've updated CVS for, hopefully, the last time. Here is a quick feature rundown of the PDF functionality: 1) PDF feature completely driven by config.php and is disabled by default since it requires installation of third party software. 2) Stories now have a pdf icon (similar to print and email icons) that will take the HTML Geeklog generates during the print mode and generates the PDF from it 3) Optionally, admins can enable an ad-hoc PDF generation feature that would allow users to enter any URL and generate a PDF. This is disabled by default but is always excessible by Root users when the PDF feature is enabled. 4) Optional support of HTML tidy. Again, this requires yet another third party tool to be installed so this is disabled by default 5) Font point size is configurable 6) TTL on generated PDF's is supported (i.e. you can tell Geeklog to delete PDF's more than one day old) NOTE: untested 7) Supports get & post parameters so integration with other GL plugins is easy. This needs testing, particularly on windows. The original code I had was very unix-centric and I did my best to make it OS independent. I haven't confirmed the TTL feature is working yet (next on my to-do list) but the code is there and looks right ;-). Also, thinking of forward compatibility, this feature uses the $_REQUEST PHP super global which means that a fairly recent version of PHP is required. I plan to add some code soon to check the PHP version and manually build the $_REQUEST array if it isn't supported but I didn't get around to that yet. Finally, I did some refactoring of the code I got but a lot more is needed. I had grand visions of making this 100% OO but just didn't have the time. This code also deserves a look from the security perspective. I'm thinking some sort of speed limit would be a good start. Anything else? One last time, if you have a chance to test this a quick note on whether it worked or not and what your configuration is would sure be helpful. --Tony Rob Griffiths wrote: > On Jun 4, 2004, at 6:35 AM, Tony Bibbs wrote: > >> Yeah, the generator take a simple URL as an argument. It then >> downloads the HTML for the URL and converts it to PDF. That should >> make integration into GL's plugins a breeze. > > > What's wrong with File -> Print -> Save as PDF ... oops, sometimes I > forget we're not all using OS X. Couldn't resist :) :) > > Actually sounds quite cool, and I know some PC using friends who would > love such a feature for sites like Groklaw... > > cheers; > -rob. From tomw at pigstye.net Mon Jun 7 17:43:30 2004 From: tomw at pigstye.net (Tom Willett) Date: Mon, 7 Jun 2004 21:43:30 +0000 Subject: [geeklog-devel] Replacing/Extending Core Functions. In-Reply-To: <20040607212914.32612@smtp.haun-online.de> References: <20040605162532.M43192@pigstye.net> <20040607212914.32612@smtp.haun-online.de> Message-ID: <20040607213055.M37610@pigstye.net> Simply I would just add a call to check the plugins to see if they wanted to process the comment before saving and then check the plugins return to see if it should be saved or not. So in functions.inc you would have: Assume passing all variables in an array plugin_checkcomment_spamx($a) in lib-plugins.php PLG_checkcomment($a) and in comment.php at the beginning of savecomment() $a=array(); $a[]=$uid; $a[]$title; etc..... a call to PLG_checkcomment($a) the plugin should return the array with a save flag set in it, if true save comment if false don't. restore the variables from the array incase the plugin changed them. I would also suggest you do the same for stories. That would allow for postprocessing of stories and comments doing such things as checking for urls and making them clickable, etc. If you want me to code this for you just say so. This would -- Tom Willett tomw at pigstye.net ---------- Original Message ----------- From: "Dirk Haun" To: Sent: Mon, 7 Jun 2004 22:29:14 +0200 Subject: Re: [geeklog-devel] Replacing/Extending Core Functions. > Tom, > > >The Comment Spam plugin intercepts the SaveComment function call to examine > >the comment and take appropriate action. I did this by renaming the core > >savecomment function to savecomment1 and creating a new savecomment function > >in the functions.inc of the plugin. This allows me to process the comment > >and pass it on to the savecomment function if needed. Inelegant because it > >requires patching comment.php. > > Can you suggest how a new plugin API function should work that mimics > this without having to patch Geeklog? > > With comment spam becoming a problem, I'd envision that your plugin will > become very popular and I'd like to make its installation as easy as possible. > > bye, Dirk > > -- > http://www.haun-online.de/ > http://www.haun.info/ > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message ------- From dirk at haun-online.de Tue Jun 8 15:24:19 2004 From: dirk at haun-online.de (Dirk Haun) Date: Tue, 8 Jun 2004 21:24:19 +0200 Subject: [geeklog-devel] PDF feature.... In-Reply-To: <40C4D97D.9010100@tonybibbs.com> References: <40C4D97D.9010100@tonybibbs.com> Message-ID: <20040608202419.18192@smtp.haun-online.de> Tony, got the PDF code working, but haven't really played much with it yet. A couple of observations nonetheless: >4) Optional support of HTML tidy. Again, this requires yet another >third party tool to be installed so this is disabled by default This seems to be _en_abled by default in the config.php in CVS: $_CONF['use_html_tidy'] = 1; >5) Font point size is configurable 9pt is a bit small for the default - I'd suggest making that 10pt. >This needs testing, particularly on windows. Speaking of Windows: is_executable() is not available on Windows. We had the same problem with mysqldump in admin/database.php. Workaround: if (function_exists ('is_executable')) { $is_exec = is_executable ('htmldoc'); } else { $is_exec = file_exists ('htmldoc'); } Also, according to its documentation, htmldoc only understands HTML 3.2 (and most of 4.0) - so why the XHTML? The PDF option should also be listed in the Story Options block (article.php). The "pdfs" directory is not in CVS. If you create it, put some dummy file in it (a README or something), please, or it may not make it into the release tarballs. Can anyone confirm that we can freely use the PDF logo? I couldn't find anything on Adobe's site, but then again I didn't try too hard ... bye, Dirk -- http://www.haun-online.de/ http://www.tinyweb.de/ From tony at tonybibbs.com Tue Jun 8 16:23:48 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 08 Jun 2004 15:23:48 -0500 Subject: [geeklog-devel] PDF feature.... In-Reply-To: <20040608202419.18192@smtp.haun-online.de> References: <40C4D97D.9010100@tonybibbs.com> <20040608202419.18192@smtp.haun-online.de> Message-ID: <40C62054.6010109@tonybibbs.com> Dirk Haun wrote: >Tony, > >got the PDF code working, but haven't really played much with it yet. A >couple of observations nonetheless: > > > Good >This seems to be _en_abled by default in the config.php in CVS: > >$_CONF['use_html_tidy'] = 1; > > > K, I'll have to fix that. I'm sure my comments say otherwise >9pt is a bit small for the default - I'd suggest making that 10pt. > > > Consider it changed >Speaking of Windows: is_executable() is not available on Windows. We had >the same problem with mysqldump in admin/database.php. > >Workaround: > > if (function_exists ('is_executable')) { > $is_exec = is_executable ('htmldoc'); > } else { > $is_exec = file_exists ('htmldoc'); > } > > > Duly noted. I'll updated accordingly. Obviously I've been out-of-touch with CVS being I don't even recall is_executable being a problem >Also, according to its documentation, htmldoc only understands HTML 3.2 >(and most of 4.0) - so why the XHTML? > > Hrm, good point. I'll verify it again and change if that is right. >The PDF option should also be listed in the Story Options block (article.php). > > Good catch, forgot about it >The "pdfs" directory is not in CVS. If you create it, put some dummy file >in it (a README or something), please, or it may not make it into the >release tarballs. > > Yeah, I have the directory and a README already, just forgot to add it it CVS >Can anyone confirm that we can freely use the PDF logo? I couldn't find >anything on Adobe's site, but then again I didn't try too hard ... > > Dunno, I made that logo myself with GIMP. I see similar looking logos (albeit prettier) on that icon site you sent me some time ago (the one with GPL icons). I bet we are OK here but, of course, IANAL. From dirk at haun-online.de Wed Jun 9 12:29:17 2004 From: dirk at haun-online.de (Dirk Haun) Date: Wed, 9 Jun 2004 18:29:17 +0200 Subject: [geeklog-devel] PDF feature.... In-Reply-To: <40C4D97D.9010100@tonybibbs.com> References: <40C4D97D.9010100@tonybibbs.com> Message-ID: <20040609172917.31081@smtp.haun-online.de> Tony, >This code also deserves a look from the security perspective. function PDF_servePDF() should check the path before attempting the download. I've managed to download a PDF from some place outside of the webserver's webtree. For non-PDF files, it at least tells me if that file exists or not. There may be ways to trick it into downloading non-PDF files, too. And even if that is not possible, it at least enables me to snoop around on the webserver. bye, Dirk -- http://www.haun-online.de/ http://geeklog.info/ From tony at tonybibbs.com Wed Jun 9 12:49:34 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Wed, 09 Jun 2004 11:49:34 -0500 Subject: [geeklog-devel] PDF feature.... In-Reply-To: <20040609172917.31081@smtp.haun-online.de> References: <40C4D97D.9010100@tonybibbs.com> <20040609172917.31081@smtp.haun-online.de> Message-ID: <40C73F9E.5030601@tonybibbs.com> Yeah, I guess I was blindly trusting the downloader class to be secure enough. I will fix PDF_servePDF() but don't be surprised if I make a minor change to the downloader class to do handle this more elegantly. Guess I should check the getimage.php page too, huh? --Tony Dirk Haun wrote: >Tony, > > > >>This code also deserves a look from the security perspective. >> >> > >function PDF_servePDF() should check the path before attempting the download. > >I've managed to download a PDF from some place outside of the webserver's >webtree. For non-PDF files, it at least tells me if that file exists or >not. There may be ways to trick it into downloading non-PDF files, too. >And even if that is not possible, it at least enables me to snoop around >on the webserver. > >bye, Dirk > > > > From tony at tonybibbs.com Wed Jun 9 15:43:15 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Wed, 09 Jun 2004 14:43:15 -0500 Subject: [geeklog-devel] MS SQL Server (sigh) Message-ID: <40C76853.6020509@tonybibbs.com> Blaine, is there anyway to simply get Diego to send me a tarball of his installation? If I had that I could make all the changes myself. I'm not sure what he's trying to do that is taking so long but a simple tarball would take hardly any of his time and puts the burden on me. And, for the record, I would give due credit for him providing the fix. Sorry, I know you aren't the hold up. It just kills me when someone takes the time to do a good hack like this but won't share the fruits of his labor. --Tony From tony at tonybibbs.com Tue Jun 22 13:42:40 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 22 Jun 2004 12:42:40 -0500 Subject: [geeklog-devel] Re: A&A AEPasswordGenerator.class.php In-Reply-To: <8319e2d6040622083174ac3d6b@mail.gmail.com> References: <8319e2d6040622083174ac3d6b@mail.gmail.com> Message-ID: <40D86F90.5010100@tonybibbs.com> On Tue, 2004-06-22 at 10:31, Vincent Furia wrote: > Tony, > > I rewrote the password generator/validator using regex to give much > more flexibility when it comes to creating rules (see attached). > Since the generator is creating a random password (can really only be > broken brute force) from a decent sized set of characters I didn't > think enforcing any rules is really necessary. Especially since A&A > should probably force a password change after a password reset upon > first login... Enforcing password rules is more important when the user changes their own password. If you look at the changePassword() and changePasswordByAdmin() on the AEPearDBProvider you'll notice we verify the strength of the password against our configured rules. If you can at least agree to that much, I don't think it is a stretch to say we may as well enforce the rules on passwords generated by our system. Use of regex is fine, I personally don't like it because it is hard to read and this code probably won't get hammered too much but the performance gain is duly noted and I'm flexible. > > Also, I thought I'd suggest password reset support like Dirk has place > into the most recent version of Geeklog. i.e. you send a link that > includes a big random value (hash of some kind) and make the user > change their password when following the link. The is easy to > implement with a built in Auth system, not sure how you would do this > (or force a password change) with A&A... Catch me on IRC sometime and > we can talk more about it... The hard part is deciding how much Auth_Enterprise should do versus the application. You could very easily implement that at the application level. If you notice, right now I don't even have different registration methods because I think I'd like to see a good discussion by us all on whether or not we should add this. I think the answer is yes we should include this stuff but if we do so it will make the administration and support more complicated for end users. For now all I did was implement the createAccount() method and figured we'd wrap all the bells and whistles in after we make some final decisions. A big factor in making this decision is whether or not we require email capabilities on the Auth_Enterprise server especially in the chance the users is running the server remote from the application. > > Anyway, hope the like the changes I made. The rest of A&A looks > pretty good, if a bit of overkill for most people running Geeklog. :) > Just keep in mind that Geeklog 2, from my view point, is less to do with the hobbyists and more to do with the attractiveness for businesses and organizations. Granted, our current user base is important to us and I can't highlight that enough but the days of my writing software with no sort of compensation is coming to an end. Obviously this is only my personal take and it may come off a bit selfish but GL2 will basically end up deciding how involved I stay. Bottom line is when installing Geeklog 2, Auth_Enterprise should install itself seamlessly and with little to no hassle so, from that view, nothing should change. My plans to support this are we will include the Auth_Enterprise table structures into the Geeklog2 database and default it to the AEPearDBProvider for all account management. Those who want LDAP or some other configuration will simply have more work (albeit fairly trivial work). > I think it'd be cool if we implemented single sign on. I wasn't sure > if you had any ideas how to implement that, again I'd be happy to chat > (IRC or voice) with you about it sometime. Implementing SSO is actually pretty easy. All you would have to do is add some session tables to the database and, using PHP sessions, we would serialize the AEServiceUser object there. Using SSO would require a single login page for all applications so that an SSO token can be added to the cookies and then a few new methods to the API for verifying SSO tokens. I'm open to suggestions. --Tony From tony at tonybibbs.com Tue Jun 22 13:51:25 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 22 Jun 2004 12:51:25 -0500 Subject: [geeklog-devel] Re: A&A AEPasswordGenerator.class.php In-Reply-To: <8319e2d6040622083174ac3d6b@mail.gmail.com> References: <8319e2d6040622083174ac3d6b@mail.gmail.com> Message-ID: <1087921937.3855.35.camel@linux.local> On Tue, 2004-06-22 at 10:31, Vincent Furia wrote: > Tony, > > I rewrote the password generator/validator using regex to give much > more flexibility when it comes to creating rules (see attached). > Since the generator is creating a random password (can really only be > broken brute force) from a decent sized set of characters I didn't > think enforcing any rules is really necessary. Especially since A&A > should probably force a password change after a password reset upon > first login... Enforcing password rules is more important when the user changes their own password. If you look at the changePassword() and changePasswordByAdmin() on the AEPearDBProvider you'll notice we verify the strength of the password against our configured rules. If you can at least agree to that much, I don't think it is a stretch to say we may as well enforce the rules on passwords generated by our system. Use of regex is fine, I personally don't like it because it is hard to read and this code probably won't get hammered too much but the performance gain is duly noted and I'm flexible. > > Also, I thought I'd suggest password reset support like Dirk has place > into the most recent version of Geeklog. i.e. you send a link that > includes a big random value (hash of some kind) and make the user > change their password when following the link. The is easy to > implement with a built in Auth system, not sure how you would do this > (or force a password change) with A&A... Catch me on IRC sometime and > we can talk more about it... The hard part is deciding how much Auth_Enterprise should do versus the application. You could very easily implement that at the application level. If you notice, right now I don't even have different registration methods because I think I'd like to see a good discussion by us all on whether or not we should add this. I think the answer is yes we should include this stuff but if we do so it will make the administration and support more complicated for end users. For now all I did was implement the createAccount() method and figured we'd wrap all the bells and whistles in after we make some final decisions. > > Anyway, hope the like the changes I made. The rest of A&A looks > pretty good, if a bit of overkill for most people running Geeklog. :) > Just keep in mind that Geeklog 2, from my view point, is less to do with the hobbyists and more to do with the attractiveness for businesses and organizations. Granted, our current user base is important to us and I can't highlight that enough but the days of my writing software with no sort of compensation is coming to an end. Obviously this is only my personal take and it may come off a bit selfish but GL2 will basically end up deciding how involved I stay. Bottom line is when installing Geeklog 2, Auth_Enterprise should install itself seamlessly and with little to no hassle so from that view, nothing should change. > I think it'd be cool if we implemented single sign on. I wasn't sure > if you had any ideas how to implement that, again I'd be happy to chat > (IRC or voice) with you about it sometime. Implementing SSO is actually pretty easy. All you would have to do is add some session tables to the database and, using PHP sessions, we would serialize the AEServiceUser object there. Using SSO would require a single login page for all applications so that an SSO token can be added to the cookies and then a few new methods to the API for verifying SSO tokens. I think for what we are doing, this would be more of a version 2 release of Auth_Enterprise. I'm open to suggestions. --Tony From tony at tonybibbs.com Tue Jun 22 13:51:27 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 22 Jun 2004 12:51:27 -0500 Subject: [geeklog-devel] Re: A&A AEPasswordGenerator.class.php In-Reply-To: <8319e2d6040622083174ac3d6b@mail.gmail.com> References: <8319e2d6040622083174ac3d6b@mail.gmail.com> Message-ID: <1087925776.3858.45.camel@linux.local> On Tue, 2004-06-22 at 10:31, Vincent Furia wrote: > Tony, > > I rewrote the password generator/validator using regex to give much > more flexibility when it comes to creating rules (see attached). > Since the generator is creating a random password (can really only be > broken brute force) from a decent sized set of characters I didn't > think enforcing any rules is really necessary. Especially since A&A > should probably force a password change after a password reset upon > first login... Enforcing password rules is more important when the user changes their own password. If you look at the changePassword() and changePasswordByAdmin() on the AEPearDBProvider you'll notice we verify the strength of the password against our configured rules. If you can at least agree to that much, I don't think it is a stretch to say we may as well enforce the rules on passwords generated by our system. Use of regex is fine, I personally don't like it because it is hard to read and this code probably won't get hammered too much but the performance gain is duly noted and I'm flexible. > > Also, I thought I'd suggest password reset support like Dirk has place > into the most recent version of Geeklog. i.e. you send a link that > includes a big random value (hash of some kind) and make the user > change their password when following the link. The is easy to > implement with a built in Auth system, not sure how you would do this > (or force a password change) with A&A... Catch me on IRC sometime and > we can talk more about it... The hard part is deciding how much Auth_Enterprise should do versus the application. You could very easily implement that at the application level. If you notice, right now I don't even have different registration methods because I think I'd like to see a good discussion by us all on whether or not we should add this. I think the answer is yes we should include this stuff but if we do so it will make the administration and support more complicated for end users. For now all I did was implement the createAccount() method and figured we'd wrap all the bells and whistles in after we make some final decisions. > > Anyway, hope the like the changes I made. The rest of A&A looks > pretty good, if a bit of overkill for most people running Geeklog. :) > Just keep in mind that Geeklog 2, from my view point, is less to do with the hobbyists and more to do with the attractiveness for businesses and organizations. Granted, our current user base is important to us and I can't highlight that enough but the days of my writing software with no sort of compensation is coming to an end. Obviously this is only my personal take and it may come off a bit selfish but GL2 will basically end up deciding how involved I stay. Bottom line is when installing Geeklog 2, Auth_Enterprise should install itself seamlessly and with little to no hassle so from that view, nothing should change. My plans to support his is we will include the Auth_Enterprise table structures into the Geeklog2 database and default it to the AEPearDBProvider for all account management. Those who want LDAP or some other configuration will simply have more work (albeit fairly trivial work). > I think it'd be cool if we implemented single sign on. I wasn't sure > if you had any ideas how to implement that, again I'd be happy to chat > (IRC or voice) with you about it sometime. Implementing SSO is actually pretty easy. All you would have to do is add some session tables to the database and, using PHP sessions, we would serialize the AEServiceUser object there. Using SSO would require a single login page for all applications so that an SSO token can be added to the cookies and then a few new methods to the API for verifying SSO tokens. I think for what we are doing, this would be more of a version 2 release of Auth_Enterprise. I'm open to suggestions. --Tony From tony at tonybibbs.com Tue Jun 22 13:51:27 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 22 Jun 2004 12:51:27 -0500 Subject: [geeklog-devel] Re: A&A AEPasswordGenerator.class.php In-Reply-To: <8319e2d6040622083174ac3d6b@mail.gmail.com> References: <8319e2d6040622083174ac3d6b@mail.gmail.com> Message-ID: <1087925849.7099.0.camel@linux.local> On Tue, 2004-06-22 at 10:31, Vincent Furia wrote: > Tony, > > I rewrote the password generator/validator using regex to give much > more flexibility when it comes to creating rules (see attached). > Since the generator is creating a random password (can really only be > broken brute force) from a decent sized set of characters I didn't > think enforcing any rules is really necessary. Especially since A&A > should probably force a password change after a password reset upon > first login... Enforcing password rules is more important when the user changes their own password. If you look at the changePassword() and changePasswordByAdmin() on the AEPearDBProvider you'll notice we verify the strength of the password against our configured rules. If you can at least agree to that much, I don't think it is a stretch to say we may as well enforce the rules on passwords generated by our system. Use of regex is fine, I personally don't like it because it is hard to read and this code probably won't get hammered too much but the performance gain is duly noted and I'm flexible. > > Also, I thought I'd suggest password reset support like Dirk has place > into the most recent version of Geeklog. i.e. you send a link that > includes a big random value (hash of some kind) and make the user > change their password when following the link. The is easy to > implement with a built in Auth system, not sure how you would do this > (or force a password change) with A&A... Catch me on IRC sometime and > we can talk more about it... The hard part is deciding how much Auth_Enterprise should do versus the application. You could very easily implement that at the application level. If you notice, right now I don't even have different registration methods because I think I'd like to see a good discussion by us all on whether or not we should add this. I think the answer is yes we should include this stuff but if we do so it will make the administration and support more complicated for end users. For now all I did was implement the createAccount() method and figured we'd wrap all the bells and whistles in after we make some final decisions. > > Anyway, hope the like the changes I made. The rest of A&A looks > pretty good, if a bit of overkill for most people running Geeklog. :) > Just keep in mind that Geeklog 2, from my view point, is less to do with the hobbyists and more to do with the attractiveness for businesses and organizations. Granted, our current user base is important to us and I can't highlight that enough but the days of my writing software with no sort of compensation is coming to an end. Obviously this is only my personal take and it may come off a bit selfish but GL2 will basically end up deciding how involved I stay. Bottom line is when installing Geeklog 2, Auth_Enterprise should install itself seamlessly and with little to no hassle so from that view, nothing should change. My plans to support his is we will include the Auth_Enterprise table structures into the Geeklog2 database and default it to the AEPearDBProvider for all account management. Those who want LDAP or some other configuration will simply have more work (albeit fairly trivial work). > I think it'd be cool if we implemented single sign on. I wasn't sure > if you had any ideas how to implement that, again I'd be happy to chat > (IRC or voice) with you about it sometime. Implementing SSO is actually pretty easy. All you would have to do is add some session tables to the database and, using PHP sessions, we would serialize the AEServiceUser object there. Using SSO would require a single login page for all applications so that an SSO token can be added to the cookies and then a few new methods to the API for verifying SSO tokens. I think for what we are doing, this would be more of a version 2 release of Auth_Enterprise. I'm open to suggestions. --Tony From tony at tonybibbs.com Tue Jun 22 13:59:15 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 22 Jun 2004 12:59:15 -0500 Subject: Ooops: Re: [geeklog-devel] Re: A&A AEPasswordGenerator.class.php In-Reply-To: <1087925849.7099.0.camel@linux.local> References: <8319e2d6040622083174ac3d6b@mail.gmail.com> <1087925849.7099.0.camel@linux.local> Message-ID: <40D87373.2030106@tonybibbs.com> Problem with Outbox with Ximian Evolution. Sorry for the repeated messages. --Tony Tony Bibbs wrote: >On Tue, 2004-06-22 at 10:31, Vincent Furia wrote: > > >>Tony, >> >>I rewrote the password generator/validator using regex to give much >>more flexibility when it comes to creating rules (see attached). >>Since the generator is creating a random password (can really only be >>broken brute force) from a decent sized set of characters I didn't >>think enforcing any rules is really necessary. Especially since A&A >>should probably force a password change after a password reset upon >>first login... >> >> > >Enforcing password rules is more important when the user changes their >own password. If you look at the changePassword() and >changePasswordByAdmin() on the AEPearDBProvider you'll notice we verify >the strength of the password against our configured rules. If you can >at least agree to that much, I don't think it is a stretch to say we may >as well enforce the rules on passwords generated by our system. > >Use of regex is fine, I personally don't like it because it is hard to >read and this code probably won't get hammered too much but the >performance gain is duly noted and I'm flexible. > > > >>Also, I thought I'd suggest password reset support like Dirk has place >>into the most recent version of Geeklog. i.e. you send a link that >>includes a big random value (hash of some kind) and make the user >>change their password when following the link. The is easy to >>implement with a built in Auth system, not sure how you would do this >>(or force a password change) with A&A... Catch me on IRC sometime and >>we can talk more about it... >> >> > >The hard part is deciding how much Auth_Enterprise should do versus the >application. You could very easily implement that at the application >level. If you notice, right now I don't even have different >registration methods because I think I'd like to see a good discussion >by us all on whether or not we should add this. I think the answer is >yes we should include this stuff but if we do so it will make the >administration and support more complicated for end users. For now all >I did was implement the createAccount() method and figured we'd wrap all >the bells and whistles in after we make some final decisions. > > > >>Anyway, hope the like the changes I made. The rest of A&A looks >>pretty good, if a bit of overkill for most people running Geeklog. :) >> >> >> > >Just keep in mind that Geeklog 2, from my view point, is less to do with >the hobbyists and more to do with the attractiveness for businesses and >organizations. Granted, our current user base is important to us and I >can't highlight that enough but the days of my writing software with no >sort of compensation is coming to an end. Obviously this is only my >personal take and it may come off a bit selfish but GL2 will basically >end up deciding how involved I stay. > >Bottom line is when installing Geeklog 2, Auth_Enterprise should install >itself seamlessly and with little to no hassle so from that view, >nothing should change. My plans to support his is we will include the >Auth_Enterprise table structures into the Geeklog2 database and default >it to the AEPearDBProvider for all account management. Those who want >LDAP or some other configuration will simply have more work (albeit >fairly trivial work). > > > >>I think it'd be cool if we implemented single sign on. I wasn't sure >>if you had any ideas how to implement that, again I'd be happy to chat >>(IRC or voice) with you about it sometime. >> >> > >Implementing SSO is actually pretty easy. All you would have to do is >add some session tables to the database and, using PHP sessions, we >would serialize the AEServiceUser object there. Using SSO would require >a single login page for all applications so that an SSO token can be >added to the cookies and then a few new methods to the API for verifying >SSO tokens. I think for what we are doing, this would be more of a >version 2 release of Auth_Enterprise. > >I'm open to suggestions. > >--Tony > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From tony at tonybibbs.com Tue Jun 22 14:16:47 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 22 Jun 2004 13:16:47 -0500 Subject: [geeklog-devel] Code feedback on Re: A&A AEPasswordGenerator.class.php Message-ID: <40D8778F.6090609@tonybibbs.com> I meant to include everybody else in on this as well. --Tony -------- Original Message -------- Subject: Re: A&A AEPasswordGenerator.class.php Date: Tue, 22 Jun 2004 13:15:21 -0500 From: To: References: <8319e2d6040622083174ac3d6b at mail.gmail.com> Vinny, a couple of notes. 1) This is more of a personal thing. I hate appreviate IF..THEN so stuff like this: $len = ($gConf['randompasswordlength'] >= 4) ? $gConf['randompasswordlength'] : 4; Should be replace with the traditional IF..THEN. This is more of a readability thing really. This sort of stuff will get ironed out more when we get formal coding standards agreed on. We should do that in the next week or so. 2) Most of your config variables have some sort of Auth_Enterprise equivalent in AEServerConfig.php. Not a huge deal but we should either replace what I have or modify your code to use mine. 3) Your code assumes pspell and crack are in the path. We should have config variables for them. In fact we may want to include a user executable path: $gConf['user_executables'] = '/usr/bin/'; $gConf['path_pspell'] = $gConf['user_executables'] . 'pspell'; $gConf['path_crack'] = $gConf['user_executables'] . 'crack'; We should also add an option for the pspell dictionary as we don't want to assume english. 4) Use of die() in Auth_Enterprise should not be allowed. Instead we should throw an exception and let the calling application figure out what to do more gracefully. You can either use one of the ones I have in AEExceptions.php or add a new one for that case to that file. Finally, in general I like the concept of my code in that they can configure if they require lowercase, require upper case, require special chars. To that end, we should have regular expressions for all those permutations. Also the minimum and maximum password length should probably be configurable. The regex's are nice. It's probably a better way to go. Good work. If you have questions let me know. When we get this all ironed out, do you want to take a stab at adding these updates? FWIW, this is a great example of how the OO-nature of Auth_Enterprise has. SHould someone not like our implementation fo AEPasswordGenerator, they can write their own, drop it in their filesystem and start using it. --Tony Vincent Furia wrote: >Tony, > >I rewrote the password generator/validator using regex to give much >more flexibility when it comes to creating rules (see attached). >Since the generator is creating a random password (can really only be >broken brute force) from a decent sized set of characters I didn't >think enforcing any rules is really necessary. Especially since A&A >should probably force a password change after a password reset upon >first login... > >Also, I thought I'd suggest password reset support like Dirk has place >into the most recent version of Geeklog. i.e. you send a link that >includes a big random value (hash of some kind) and make the user >change their password when following the link. The is easy to >implement with a built in Auth system, not sure how you would do this >(or force a password change) with A&A... Catch me on IRC sometime and >we can talk more about it... > >Anyway, hope the like the changes I made. The rest of A&A looks >pretty good, if a bit of overkill for most people running Geeklog. :) > >I think it'd be cool if we implemented single sign on. I wasn't sure >if you had any ideas how to implement that, again I'd be happy to chat >(IRC or voice) with you about it sometime. > >-Vinny > > From tony at tonybibbs.com Tue Jun 22 14:25:30 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 22 Jun 2004 13:25:30 -0500 Subject: [geeklog-devel] Code feedback on Re: A&A AEPasswordGenerator.class.php In-Reply-To: <40D8778F.6090609@tonybibbs.com> References: <40D8778F.6090609@tonybibbs.com> Message-ID: <40D8799A.2050201@tonybibbs.com> Vinny, duh, I just noticed that my last item about configuring the rules was wrong. You do do that. However, we need to figure out how to make the configuration easier. User's shouldn't see the actual regex's in the config file....they are scary ;-) Tony Bibbs wrote: > I meant to include everybody else in on this as well. > > --Tony > > -------- Original Message -------- > Subject: Re: A&A AEPasswordGenerator.class.php > Date: Tue, 22 Jun 2004 13:15:21 -0500 > From: > To: > References: <8319e2d6040622083174ac3d6b at mail.gmail.com> > > > > Vinny, a couple of notes. > > 1) This is more of a personal thing. I hate appreviate IF..THEN so > stuff like this: > > $len = ($gConf['randompasswordlength'] >= 4) ? > $gConf['randompasswordlength'] : 4; > > Should be replace with the traditional IF..THEN. This is more of a > readability thing really. This sort of stuff will get ironed out more > when we get formal coding standards agreed on. We should do that in > the next week or so. > > 2) Most of your config variables have some sort of Auth_Enterprise > equivalent in AEServerConfig.php. Not a huge deal but we should > either replace what I have or modify your code to use mine. > > 3) Your code assumes pspell and crack are in the path. We should have > config variables for them. In fact we may want to include a user > executable path: > $gConf['user_executables'] = '/usr/bin/'; > $gConf['path_pspell'] = $gConf['user_executables'] . 'pspell'; > $gConf['path_crack'] = $gConf['user_executables'] . 'crack'; > > We should also add an option for the pspell dictionary as we don't > want to assume english. > > 4) Use of die() in Auth_Enterprise should not be allowed. Instead we > should throw an exception and let the calling application figure out > what to do more gracefully. You can either use one of the ones I have > in AEExceptions.php or add a new one for that case to that file. > > Finally, in general I like the concept of my code in that they can > configure if they require lowercase, require upper case, require > special chars. To that end, we should have regular expressions for > all those permutations. Also the minimum and maximum password length > should probably be configurable. > > The regex's are nice. It's probably a better way to go. Good work. > If you have questions let me know. When we get this all ironed out, > do you want to take a stab at adding these updates? > > FWIW, this is a great example of how the OO-nature of Auth_Enterprise > has. SHould someone not like our implementation fo > AEPasswordGenerator, they can write their own, drop it in their > filesystem and start using it. > > --Tony > > > Vincent Furia wrote: > >> Tony, >> >> I rewrote the password generator/validator using regex to give much >> more flexibility when it comes to creating rules (see attached). >> Since the generator is creating a random password (can really only be >> broken brute force) from a decent sized set of characters I didn't >> think enforcing any rules is really necessary. Especially since A&A >> should probably force a password change after a password reset upon >> first login... >> >> Also, I thought I'd suggest password reset support like Dirk has place >> into the most recent version of Geeklog. i.e. you send a link that >> includes a big random value (hash of some kind) and make the user >> change their password when following the link. The is easy to >> implement with a built in Auth system, not sure how you would do this >> (or force a password change) with A&A... Catch me on IRC sometime and >> we can talk more about it... >> >> Anyway, hope the like the changes I made. The rest of A&A looks >> pretty good, if a bit of overkill for most people running Geeklog. :) >> >> I think it'd be cool if we implemented single sign on. I wasn't sure >> if you had any ideas how to implement that, again I'd be happy to chat >> (IRC or voice) with you about it sometime. >> >> -Vinny >> >> > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel From vfuria at gmail.com Tue Jun 22 15:32:39 2004 From: vfuria at gmail.com (Vincent Furia) Date: Tue, 22 Jun 2004 15:32:39 -0400 Subject: [geeklog-devel] Re: A&A AEPasswordGenerator.class.php In-Reply-To: <8319e2d60406221228553680b9@mail.gmail.com> References: <8319e2d6040622083174ac3d6b@mail.gmail.com> <40D87739.6040008@tonybibbs.com> <8319e2d60406221228553680b9@mail.gmail.com> Message-ID: <8319e2d604062212326dbfa54a@mail.gmail.com> On Tue, 22 Jun 2004 13:15:21 -0500, Tony Bibbs wrote: > 1) This is more of a personal thing. I hate appreviate IF..THEN so > stuff like this: > > $len = ($gConf['randompasswordlength'] >= 4) ? > $gConf['randompasswordlength'] : 4; > > Should be replace with the traditional IF..THEN. This is more of a > readability thing really. This sort of stuff will get ironed out more > when we get formal coding standards agreed on. We should do that in the > next week or so. > No problem. I'll add that in to the GL2 coding style guide (in progress). :) > 2) Most of your config variables have some sort of Auth_Enterprise > equivalent in AEServerConfig.php. Not a huge deal but we should either > replace what I have or modify your code to use mine. > I realize that some of my variables will replace AEServerConfig.php variables, I just wanted to hash out the code first before committing to changing other files. > 3) Your code assumes pspell and crack are in the path. We should have > config variables for them. In fact we may want to include a user > executable path: > $gConf['user_executables'] = '/usr/bin/'; > $gConf['path_pspell'] = $gConf['user_executables'] . 'pspell'; > $gConf['path_crack'] = $gConf['user_executables'] . 'crack'; > > We should also add an option for the pspell dictionary as we don't want > to assume english. > I agree we need a variable for language, don't know what I was thinking there. For pspell and crack I planned to use the built in PHP calls if they're available, and otherwise just skip those checks. Those portions of the code haven't been tested because I can't get PHP5 to work with either right now... *sigh* Since we would use the built in functions, PHP will take care of finding the relevant executables and libraries (or they would need to be specified in php.ini). > 4) Use of die() in Auth_Enterprise should not be allowed. Instead we > should throw an exception and let the calling application figure out > what to do more gracefully. You can either use one of the ones I have > in AEExceptions.php or add a new one for that case to that file. > No problem, I should probably put in some "throws" in other places as well. > Finally, in general I like the concept of my code in that they can > configure if they require lowercase, require upper case, require special > chars. To that end, we should have regular expressions for all those > permutations. Also the minimum and maximum password length should > probably be configurable. > Minimum and maximum password length is included in the first regex. The "{7,20}" indicates repetition between 7 and 20 times (in this case 7-20 instances of the set of characters described). > The regex's are nice. It's probably a better way to go. Good work. If > you have questions let me know. When we get this all ironed out, do you > want to take a stab at adding these updates? > Sure, I like stabbing things. > FWIW, this is a great example of how the OO-nature of Auth_Enterprise > has. SHould someone not like our implementation fo AEPasswordGenerator, > they can write their own, drop it in their filesystem and start using it. > Couldn't agree more. As for concerns about the regex being difficult to understand I think providing a set of generic rules as $gConf vars and explaining what they do with a note indicating to comment out the rule to not enforce it, etc should be enough. A decent (but not crazy) set of default rules enabled will allow most users to simply ignore that section. Maybe a link to a regex tutorial wouldn't be a bad idea either... The reason I like the regex better than the flags has less to do with performance (though better performance is always nice) and more to do with flexibility. Some companies (mine included) have extremely complex password policies that are difficult to describe (computationly) without regexes. Along the same vein we might want to consider keeping old password hashes so people can enforce a don't use previous X passwords rule... Anyway, I'll get to work on the changes you recommended above and have a improved version available soon. -Vinny From vmf at abtech.org Wed Jun 23 21:55:35 2004 From: vmf at abtech.org (Vincent Furia) Date: Wed, 23 Jun 2004 21:55:35 -0400 Subject: [geeklog-devel] Re: A&A AEPasswordGenerator.class.php In-Reply-To: <8319e2d604062212326dbfa54a@mail.gmail.com> References: <8319e2d6040622083174ac3d6b@mail.gmail.com> <40D87739.6040008@tonybibbs.com> <8319e2d60406221228553680b9@mail.gmail.com> <8319e2d604062212326dbfa54a@mail.gmail.com> Message-ID: <40DA3497.8000205@abtech.org> A new and improved version of the Password Generator for A&A taking into account all of Tony's comments. I also now have the isValidPassword function throwing the AEInvalidPassword exception instead of returning false for an invalid password. I think this makes more sense as you can pass a failure message (cleanly). I think you'll also like what I did to modify the regex configuration to make them more user friendly (aka dumbed down). Let me know what you think. -Vinny -------------- next part -------------- An HTML attachment was scrubbed... URL: From tony at tonybibbs.com Thu Jun 24 13:08:15 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Thu, 24 Jun 2004 12:08:15 -0500 Subject: [geeklog-devel] Spam plugin Message-ID: <40DB0A7F.5010500@tonybibbs.com> I figured I'd start a discussion on whether or not the spam plugin that Tom Willet did should be included in Geeklog by default (ala Static Pages). I think it should be as that would be a proactive step on our part and by packaging it in Geeklog it would elimiate concern regarding its installation (not that there are that many). --Tony From tomw at pigstye.net Thu Jun 24 14:05:58 2004 From: tomw at pigstye.net (Tom Willett) Date: Thu, 24 Jun 2004 18:05:58 +0000 Subject: [geeklog-devel] Spam plugin In-Reply-To: <40DB0A7F.5010500@tonybibbs.com> References: <40DB0A7F.5010500@tonybibbs.com> Message-ID: <20040624180047.M34407@pigstye.net> I received a couple of comments along the lines of -- I am glad you did this since the developers didn't fix the security problems which allowed it. I tried to explain that wasn't the case. In other words, there is the perception by some that comment spam is failure on geeklog's part. Along the same lines, you might be interested to know (if you don't) that the new version of Movable Type does not support the current MT-Blacklist plugin and it caused a real stink. Whether you use my plugin or something else entirely, I think it is a good idea. -- Tom Willett tomw at pigstye.net ---------- Original Message ----------- From: Tony Bibbs To: geeklog-devel at lists.geeklog.net Sent: Thu, 24 Jun 2004 12:08:15 -0500 Subject: [geeklog-devel] Spam plugin > I figured I'd start a discussion on whether or not the spam plugin that > Tom Willet did should be included in Geeklog by default (ala Static > Pages). > > I think it should be as that would be a proactive step on our part and > by packaging it in Geeklog it would elimiate concern regarding its > installation (not that there are that many). > > --Tony > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message ------- From tony at tonybibbs.com Thu Jun 24 14:14:45 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Thu, 24 Jun 2004 13:14:45 -0500 Subject: [geeklog-devel] Spam plugin In-Reply-To: <20040624180047.M34407@pigstye.net> References: <40DB0A7F.5010500@tonybibbs.com> <20040624180047.M34407@pigstye.net> Message-ID: <40DB1A15.6020207@tonybibbs.com> Yeah, well, good thing none of us loose too much sleep over the perceptions other have regardless or not their claims have merit or not ;-) Of course, I'm quick to fly off the handle when they lump this sort of stuff as 'security problems'. If they don't regard spam in email as a 'security problem' then they shouldn't do so here. Regardless, thanks a lot for the work. I think if we do add this we should all spend a little time reviewing the code and giving it the due diliegence it deserves. --Tony Tom Willett wrote: >I received a couple of comments along the lines of -- I am glad you did this >since the developers didn't fix the security problems which allowed it. I >tried to explain that wasn't the case. > >In other words, there is the perception by some that comment spam is failure >on geeklog's part. > >Along the same lines, you might be interested to know (if you don't) that >the new version of Movable Type does not support the current MT-Blacklist >plugin and it caused a real stink. > >Whether you use my plugin or something else entirely, I think it is a good >idea. > >-- >Tom Willett >tomw at pigstye.net > >---------- Original Message ----------- >From: Tony Bibbs >To: geeklog-devel at lists.geeklog.net >Sent: Thu, 24 Jun 2004 12:08:15 -0500 >Subject: [geeklog-devel] Spam plugin > > > >>I figured I'd start a discussion on whether or not the spam plugin that >>Tom Willet did should be included in Geeklog by default (ala Static >>Pages). >> >>I think it should be as that would be a proactive step on our part and >>by packaging it in Geeklog it would elimiate concern regarding its >>installation (not that there are that many). >> >>--Tony >>_______________________________________________ >>geeklog-devel mailing list >>geeklog-devel at lists.geeklog.net >>http://lists.geeklog.net/listinfo/geeklog-devel >> >> >------- End of Original Message ------- > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From dirk at haun-online.de Fri Jun 25 16:54:26 2004 From: dirk at haun-online.de (Dirk Haun) Date: Fri, 25 Jun 2004 22:54:26 +0200 Subject: [geeklog-devel] Spam plugin In-Reply-To: <20040624180047.M34407@pigstye.net> References: <20040624180047.M34407@pigstye.net> Message-ID: <20040625215426.5815@smtp.haun-online.de> Tom Willet wrote: >Whether you use my plugin or something else entirely, I think it is a good >idea. I haven't actually installed the plugin yet (btw, it doesn't install when register_globals=off ;-) but I've read through the installation instructions. Is there any reason why you store the blacklist, etc. in files and not in a database? My point being that this would add another couple of files that people need to chmod, if we're going to bundle the plugin with Geeklog. An idea I had for the SQL: Instead of adding it to the mysql_tableanddata.php (as we did for the static pages plugin), it would probably be easier to introduce a new directory, say, sql/plugins, and then put .sql files in there for each plugin. The install script could then read this directory and install all plugins automatically. This would make it easier for other plugins to be bundled with Geeklog - something that has been requested a lot. I've never downloaded Aeonserv - how are they doing it? bye, Dirk -- http://www.haun-online.de/ http://www.tinyweb.de/ From tomw at pigstye.net Fri Jun 25 18:02:12 2004 From: tomw at pigstye.net (Tom Willett) Date: Fri, 25 Jun 2004 22:02:12 +0000 Subject: [geeklog-devel] Spam plugin In-Reply-To: <20040625215426.5815@smtp.haun-online.de> References: <20040624180047.M34407@pigstye.net> <20040625215426.5815@smtp.haun-online.de> Message-ID: <20040625214746.M59753@pigstye.net> Dirk Haun > > I haven't actually installed the plugin yet (btw, it doesn't install when > register_globals=off ;-) but I've read through the installation > instructions. Is there any reason why you store the blacklist, etc. in > files and not in a database? > I did not update the install script for that, since Geeklog won't run with register globals off yet or have I missed this. The plugin itself, however will run with register_globals = off. The reasons that I stored the blacklists in files are several. 1) For performance it is much quicker to read one file than it is to cycle throuch a large table and extract all the blacklist entries (the mt-blacklist has about 1500 entries currently). 2) The blacklists are fairly static. 3) You can edit them by hand if you want 4) Basically for this type of data I do not think the database is optimal 5) Its easy to add new modules and their blacklists and remove modules and their blacklists without touching the database. New blacklists are already in the works. > My point being that this would add another couple of files that people > need to chmod, if we're going to bundle the plugin with Geeklog. Yes I see this, you may want to move the blacklist into tables, the needs of plugins and Geeklog itself may always not be the same. > An idea I had for the SQL: Instead of adding it to the > mysql_tableanddata.php (as we did for the static pages plugin), it would > probably be easier to introduce a new directory, say, sql/plugins, and > then put .sql files in there for each plugin. The install script could > then read this directory and install all plugins automatically. Sounds like a good idea. > I've never downloaded Aeonserv - how are they doing it? > > bye, Dirk > > -- > http://www.haun-online.de/ > http://www.tinyweb.de/ > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message ------- From dirk at haun-online.de Sat Jun 26 15:01:14 2004 From: dirk at haun-online.de (Dirk Haun) Date: Sat, 26 Jun 2004 21:01:14 +0200 Subject: [geeklog-devel] Spam plugin In-Reply-To: <20040625214746.M59753@pigstye.net> References: <20040625214746.M59753@pigstye.net> Message-ID: <20040626200114.15681@smtp.haun-online.de> Tom, >I did not update the install script for that, since Geeklog won't run with >register globals off yet or have I missed this. Don't worry, you haven't. I just had it off locally because of a problem with a client and a picky sysadmin :-/ Don't ask ... >The plugin itself, however will run with register_globals = off. That's nice. My point being that should we manage to make the switch one day, it would be nice if the plugins would also still work. So I'd suggest that any new code that's being written (in plugins or for Geeklog itself) should be written as if register_globals were off. bye, Dirk -- http://www.haun-online.de/ http://mypod.de/ From tomw at pigstye.net Tue Jun 29 10:00:57 2004 From: tomw at pigstye.net (Tom Willett) Date: Tue, 29 Jun 2004 14:00:57 +0000 Subject: [geeklog-devel] Documentation Message-ID: <20040629135054.M68690@pigstye.net> Ok, its been discussed enough and nothing has been done, so I am going to kickstart the Geeklog Documentation Effort. I have up MediaWiki on my webserver and transfered most of the Plugin Developers Handbook to it. I never understood all the talk about wikis -- this one allows easy insertion of images stored on the server and adequate markup. I mean its not MSWord but its usable. Before I solicit other participation, hopefully a consolidation of all the documentation efforts, I was wondering if Tony wanted to host it one the Geeklog server. By the way, they do a neat trick on install. You are asked for mysql database name, user, password and optionally the root password. If you supply the root password it will make the database, tables and user with correct permissions for you. Install and transfering most of the Plugin Developers Handbook took about 1 hour. Unless I hear from Tony that he wants to host it or some objection, I will solicit submissions and announce it soon. -- Tom Willett tomw at pigstye.net From tomw at pigstye.net Tue Jun 29 10:01:53 2004 From: tomw at pigstye.net (Tom Willett) Date: Tue, 29 Jun 2004 14:01:53 +0000 Subject: [geeklog-devel] Documentation again Message-ID: <20040629140119.M96257@pigstye.net> By the way you can see my effort at http://www.pigstye.net/wiki/ -- Tom Willett tomw at pigstye.net From tony at tonybibbs.com Tue Jun 29 10:37:27 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 29 Jun 2004 09:37:27 -0500 Subject: [geeklog-devel] Documentation In-Reply-To: <20040629135054.M68690@pigstye.net> References: <20040629135054.M68690@pigstye.net> Message-ID: <40E17EA7.2060403@tonybibbs.com> I can host it if you want, that's no problem. Optionally, I could also simply point wiki.geeklog.net at your server. I'm flexible, let me know what is preferred... --Tony Tom Willett wrote: >Ok, its been discussed enough and nothing has been done, so I am going to >kickstart the Geeklog Documentation Effort. I have up MediaWiki on my >webserver and transfered most of the Plugin Developers Handbook to it. I >never understood all the talk about wikis -- this one allows easy insertion >of images stored on the server and adequate markup. I mean its not MSWord >but its usable. > >Before I solicit other participation, hopefully a consolidation of all the >documentation efforts, I was wondering if Tony wanted to host it one the >Geeklog server. > >By the way, they do a neat trick on install. You are asked for mysql >database name, user, password and optionally the root password. If you >supply the root password it will make the database, tables and user with >correct permissions for you. > >Install and transfering most of the Plugin Developers Handbook took about 1 >hour. > >Unless I hear from Tony that he wants to host it or some objection, I will >solicit submissions and announce it soon. > >-- >Tom Willett >tomw at pigstye.net > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From geeklog at langfamily.ca Tue Jun 29 11:25:53 2004 From: geeklog at langfamily.ca (Blaine Lang) Date: Tue, 29 Jun 2004 11:25:53 -0400 Subject: [geeklog-devel] Documentation References: <20040629135054.M68690@pigstye.net> Message-ID: <016601c45ded$5dc6abb0$650a10ac@XPBL2> Tom, I think this is a great start and I too was fustrated by all the talk and no action. I always felt it was more important to get the content in place and then it could be formatted or copied to another solution if needed. I believe I had posted a suggested TOC that I say used in another similar project - as a good outline to begin with. I was looking at the edit feature. Do you need to FTP up the images to the image library and then reference them? Maybe add a small example page :) I've been using SnagIT Studio to do screen snapshots and annotations for my customer documentation like http://www.portalparts.com/temp/EventRegistrationComponent.jpg - It saves trying to explain it in 1000 words or more. Doing some of these may be quite helpfull for this documentation. Blaine ----- Original Message ----- From: "Tom Willett" To: Sent: Tuesday, June 29, 2004 10:00 AM Subject: [geeklog-devel] Documentation Ok, its been discussed enough and nothing has been done, so I am going to kickstart the Geeklog Documentation Effort. I have up MediaWiki on my webserver and transfered most of the Plugin Developers Handbook to it. I never understood all the talk about wikis -- this one allows easy insertion of images stored on the server and adequate markup. I mean its not MSWord but its usable. Before I solicit other participation, hopefully a consolidation of all the documentation efforts, I was wondering if Tony wanted to host it one the Geeklog server. By the way, they do a neat trick on install. You are asked for mysql database name, user, password and optionally the root password. If you supply the root password it will make the database, tables and user with correct permissions for you. Install and transfering most of the Plugin Developers Handbook took about 1 hour. Unless I hear from Tony that he wants to host it or some objection, I will solicit submissions and announce it soon. -- Tom Willett tomw at pigstye.net _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://lists.geeklog.net/listinfo/geeklog-devel From tomw at pigstye.net Tue Jun 29 12:05:52 2004 From: tomw at pigstye.net (Tom Willett) Date: Tue, 29 Jun 2004 16:05:52 +0000 Subject: [geeklog-devel] Documentation In-Reply-To: <40E17EA7.2060403@tonybibbs.com> References: <20040629135054.M68690@pigstye.net> <40E17EA7.2060403@tonybibbs.com> Message-ID: <20040629154108.M70822@pigstye.net> I do not care either. I have not played with it enough to see if it will gracefully handle a redirect from wiki.geeklog.net, but if it would that would be the easiest. I am willing to host it for the time being. I think we should get it resolved one way or the other quickly though. Geeklog is your baby more than mine and I bow to your preferences. -- Tom Willett tomw at pigstye.net ---------- Original Message ----------- From: Tony Bibbs To: geeklog-devel at lists.geeklog.net Sent: Tue, 29 Jun 2004 09:37:27 -0500 Subject: Re: [geeklog-devel] Documentation > I can host it if you want, that's no problem. Optionally, I could also > simply point wiki.geeklog.net at your server. > > I'm flexible, let me know what is preferred... > > --Tony > > Tom Willett wrote: > > >Ok, its been discussed enough and nothing has been done, so I am going to > >kickstart the Geeklog Documentation Effort. I have up MediaWiki on my > >webserver and transfered most of the Plugin Developers Handbook to it. I > >never understood all the talk about wikis -- this one allows easy insertion > >of images stored on the server and adequate markup. I mean its not MSWord > >but its usable. > > > >Before I solicit other participation, hopefully a consolidation of all the > >documentation efforts, I was wondering if Tony wanted to host it one the > >Geeklog server. > > > >By the way, they do a neat trick on install. You are asked for mysql > >database name, user, password and optionally the root password. If you > >supply the root password it will make the database, tables and user with > >correct permissions for you. > > > >Install and transfering most of the Plugin Developers Handbook took about 1 > >hour. > > > >Unless I hear from Tony that he wants to host it or some objection, I will > >solicit submissions and announce it soon. > > > >-- > >Tom Willett > >tomw at pigstye.net > > > >_______________________________________________ > >geeklog-devel mailing list > >geeklog-devel at lists.geeklog.net > >http://lists.geeklog.net/listinfo/geeklog-devel > > > > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message ------- From tony at tonybibbs.com Tue Jun 29 12:07:32 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 29 Jun 2004 11:07:32 -0500 Subject: [geeklog-devel] Amazon Web Services Message-ID: <40E193C4.6080204@tonybibbs.com> I noticed the amazon web service stuff here: http://sourceforge.net/projects/gl-webservices My first thought was, "Gee, that sure hasn't been updated in a long time". Then my second thought was, "Hrm, it's still in beta". Does it still work? I'm asking because I want to use it on http://www.iowaoutdoors.org but don't want to monkey with it until I know the code is working with the latest Amazon API. If nobody answers I'll give it a try but I figured I'd try to save myself some time first. --Tony From tomw at pigstye.net Tue Jun 29 12:11:32 2004 From: tomw at pigstye.net (Tom Willett) Date: Tue, 29 Jun 2004 16:11:32 +0000 Subject: [geeklog-devel] Documentation In-Reply-To: <016601c45ded$5dc6abb0$650a10ac@XPBL2> References: <20040629135054.M68690@pigstye.net> <016601c45ded$5dc6abb0$650a10ac@XPBL2> Message-ID: <20040629160558.M85443@pigstye.net> Blaine, Uploads are easy. If you signup and log in a upload link appears -- the upload is pretty sophisticated and I locked down the upload directory permissions (only png, ogg, jpeg, jpg, gif and nothing will execute even if it gets in there). After you upload your picture, you just refer to it by name and its inserted. You insert a page by refering to it. Typical wiki stuff. I will try to find your outline -- it has to be better than my simple attempt. -- Tom Willett tomw at pigstye.net ---------- Original Message ----------- From: "Blaine Lang" To: Sent: Tue, 29 Jun 2004 11:25:53 -0400 Subject: Re: [geeklog-devel] Documentation > Tom, > > I think this is a great start and I too was fustrated by all the talk and no > action. I always felt it was more important to get the content in place and > then it could be formatted or copied to another solution if needed. > > I believe I had posted a suggested TOC that I say used in another similar > project - as a good outline to begin with. > > I was looking at the edit feature. Do you need to FTP up the images to the > image library and then reference them? > Maybe add a small example page :) > > I've been using SnagIT Studio to do screen snapshots and annotations for my > customer documentation like > http://www.portalparts.com/temp/EventRegistrationComponent.jpg - It saves > trying to explain it in 1000 words or more. > Doing some of these may be quite helpfull for this documentation. > > Blaine > ----- Original Message ----- > From: "Tom Willett" > To: > Sent: Tuesday, June 29, 2004 10:00 AM > Subject: [geeklog-devel] Documentation > > Ok, its been discussed enough and nothing has been done, so I am going to > kickstart the Geeklog Documentation Effort. I have up MediaWiki on my > webserver and transfered most of the Plugin Developers Handbook to it. I > never understood all the talk about wikis -- this one allows easy insertion > of images stored on the server and adequate markup. I mean its not MSWord > but its usable. > > Before I solicit other participation, hopefully a consolidation of all the > documentation efforts, I was wondering if Tony wanted to host it one the > Geeklog server. > > By the way, they do a neat trick on install. You are asked for mysql > database name, user, password and optionally the root password. If you > supply the root password it will make the database, tables and user with > correct permissions for you. > > Install and transfering most of the Plugin Developers Handbook took about 1 > hour. > > Unless I hear from Tony that he wants to host it or some objection, I will > solicit submissions and announce it soon. > > -- > Tom Willett > tomw at pigstye.net > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message ------- From tomw at pigstye.net Tue Jun 29 12:13:22 2004 From: tomw at pigstye.net (Tom Willett) Date: Tue, 29 Jun 2004 16:13:22 +0000 Subject: [geeklog-devel] Amazon Web Services In-Reply-To: <40E193C4.6080204@tonybibbs.com> References: <40E193C4.6080204@tonybibbs.com> Message-ID: <20040629161154.M25164@pigstye.net> Last person to mess with it was Squatty I believe. I ran it for about 6 months and got no hits so trashed it and found better ways to get some income. -- Tom Willett tomw at pigstye.net ---------- Original Message ----------- From: Tony Bibbs To: geeklog-devel at lists.geeklog.net Sent: Tue, 29 Jun 2004 11:07:32 -0500 Subject: [geeklog-devel] Amazon Web Services > I noticed the amazon web service stuff here: > > http://sourceforge.net/projects/gl-webservices > > My first thought was, "Gee, that sure hasn't been updated in a long > time". Then my second thought was, "Hrm, it's still in beta". > > Does it still work? I'm asking because I want to use it on > http://www.iowaoutdoors.org but don't want to monkey with it until I > know the code is working with the latest Amazon API. > > If nobody answers I'll give it a try but I figured I'd try to save > myself some time first. > > --Tony > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message ------- From tony at tonybibbs.com Tue Jun 29 12:13:15 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 29 Jun 2004 11:13:15 -0500 Subject: [geeklog-devel] Documentation In-Reply-To: <20040629154108.M70822@pigstye.net> References: <20040629135054.M68690@pigstye.net> <40E17EA7.2060403@tonybibbs.com> <20040629154108.M70822@pigstye.net> Message-ID: <40E1951B.4050203@tonybibbs.com> Actually, I wasn't going to redirect. I was going to actually add an entry in the DNS zone file. At this point I think I'd prefer to just point the DNS to you if you don't mind. If that is OK, send me your IP and I'll get it setup. --Tony Tom Willett wrote: >I do not care either. I have not played with it enough to see if it will >gracefully handle a redirect from wiki.geeklog.net, but if it would that >would be the easiest. I am willing to host it for the time being. I think >we should get it resolved one way or the other quickly though. > >Geeklog is your baby more than mine and I bow to your preferences. > >-- >Tom Willett >tomw at pigstye.net > >---------- Original Message ----------- >From: Tony Bibbs >To: geeklog-devel at lists.geeklog.net >Sent: Tue, 29 Jun 2004 09:37:27 -0500 >Subject: Re: [geeklog-devel] Documentation > > > >>I can host it if you want, that's no problem. Optionally, I could also >>simply point wiki.geeklog.net at your server. >> >>I'm flexible, let me know what is preferred... >> >>--Tony >> >>Tom Willett wrote: >> >> >> >>>Ok, its been discussed enough and nothing has been done, so I am going to >>>kickstart the Geeklog Documentation Effort. I have up MediaWiki on my >>>webserver and transfered most of the Plugin Developers Handbook to it. I >>>never understood all the talk about wikis -- this one allows easy >>> >>> >insertion > > >>>of images stored on the server and adequate markup. I mean its not >>> >>> >MSWord > > >>>but its usable. >>> >>>Before I solicit other participation, hopefully a consolidation of all >>> >>> >the > > >>>documentation efforts, I was wondering if Tony wanted to host it one the >>>Geeklog server. >>> >>>By the way, they do a neat trick on install. You are asked for mysql >>>database name, user, password and optionally the root password. If you >>>supply the root password it will make the database, tables and user with >>>correct permissions for you. >>> >>>Install and transfering most of the Plugin Developers Handbook took about >>> >>> >1 > > >>>hour. >>> >>>Unless I hear from Tony that he wants to host it or some objection, I >>> >>> >will > > >>>solicit submissions and announce it soon. >>> >>>-- >>>Tom Willett >>>tomw at pigstye.net >>> >>>_______________________________________________ >>>geeklog-devel mailing list >>>geeklog-devel at lists.geeklog.net >>>http://lists.geeklog.net/listinfo/geeklog-devel >>> >>> >>> >>> >>_______________________________________________ >>geeklog-devel mailing list >>geeklog-devel at lists.geeklog.net >>http://lists.geeklog.net/listinfo/geeklog-devel >> >> >------- End of Original Message ------- > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From tony at tonybibbs.com Tue Jun 29 12:17:25 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 29 Jun 2004 11:17:25 -0500 Subject: [geeklog-devel] Amazon Web Services In-Reply-To: <20040629161154.M25164@pigstye.net> References: <40E193C4.6080204@tonybibbs.com> <20040629161154.M25164@pigstye.net> Message-ID: <40E19615.1070709@tonybibbs.com> Hrm, what other "better ways" did you find. Just curious as I'm trying to eak out a few bucks from Iowa Outdoors. And please don't say Google Ads...I've managed to get banned from that already ;-) --Tony Tom Willett wrote: >Last person to mess with it was Squatty I believe. I ran it for about 6 >months and got no hits so trashed it and found better ways to get some >income. > >-- >Tom Willett >tomw at pigstye.net > >---------- Original Message ----------- >From: Tony Bibbs >To: geeklog-devel at lists.geeklog.net >Sent: Tue, 29 Jun 2004 11:07:32 -0500 >Subject: [geeklog-devel] Amazon Web Services > > > >>I noticed the amazon web service stuff here: >> >>http://sourceforge.net/projects/gl-webservices >> >>My first thought was, "Gee, that sure hasn't been updated in a long >>time". Then my second thought was, "Hrm, it's still in beta". >> >>Does it still work? I'm asking because I want to use it on >>http://www.iowaoutdoors.org but don't want to monkey with it until I >>know the code is working with the latest Amazon API. >> >>If nobody answers I'll give it a try but I figured I'd try to save >>myself some time first. >> >>--Tony >>_______________________________________________ >>geeklog-devel mailing list >>geeklog-devel at lists.geeklog.net >>http://lists.geeklog.net/listinfo/geeklog-devel >> >> >------- End of Original Message ------- > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From tomw at pigstye.net Tue Jun 29 12:20:34 2004 From: tomw at pigstye.net (Tom Willett) Date: Tue, 29 Jun 2004 16:20:34 +0000 Subject: [geeklog-devel] Documentation In-Reply-To: <40E1951B.4050203@tonybibbs.com> References: <20040629135054.M68690@pigstye.net> <40E17EA7.2060403@tonybibbs.com> <20040629154108.M70822@pigstye.net> <40E1951B.4050203@tonybibbs.com> Message-ID: <20040629161557.M41709@pigstye.net> Can you add an entry to a subweb like that from your end. I do not run my own DNS server and do not know. Thats fine with me if you can my IP is 216.153.238.206 -- Tom Willett tomw at pigstye.net ---------- Original Message ----------- From: Tony Bibbs To: geeklog-devel at lists.geeklog.net Sent: Tue, 29 Jun 2004 11:13:15 -0500 Subject: Re: [geeklog-devel] Documentation > Actually, I wasn't going to redirect. I was going to actually add an > entry in the DNS zone file. At this point I think I'd prefer to just > point the DNS to you if you don't mind. If that is OK, send me your IP > and I'll get it setup. > > --Tony > > Tom Willett wrote: > > >I do not care either. I have not played with it enough to see if it will > >gracefully handle a redirect from wiki.geeklog.net, but if it would that > >would be the easiest. I am willing to host it for the time being. I think > >we should get it resolved one way or the other quickly though. > > > >Geeklog is your baby more than mine and I bow to your preferences. > > > >-- > >Tom Willett > >tomw at pigstye.net > > > >---------- Original Message ----------- > >From: Tony Bibbs > >To: geeklog-devel at lists.geeklog.net > >Sent: Tue, 29 Jun 2004 09:37:27 -0500 > >Subject: Re: [geeklog-devel] Documentation > > > > > > > >>I can host it if you want, that's no problem. Optionally, I could also > >>simply point wiki.geeklog.net at your server. > >> > >>I'm flexible, let me know what is preferred... > >> > >>--Tony > >> > >>Tom Willett wrote: > >> > >> > >> > >>>Ok, its been discussed enough and nothing has been done, so I am going to > >>>kickstart the Geeklog Documentation Effort. I have up MediaWiki on my > >>>webserver and transfered most of the Plugin Developers Handbook to it. I > >>>never understood all the talk about wikis -- this one allows easy > >>> > >>> > >insertion > > > > > >>>of images stored on the server and adequate markup. I mean its not > >>> > >>> > >MSWord > > > > > >>>but its usable. > >>> > >>>Before I solicit other participation, hopefully a consolidation of all > >>> > >>> > >the > > > > > >>>documentation efforts, I was wondering if Tony wanted to host it one the > >>>Geeklog server. > >>> > >>>By the way, they do a neat trick on install. You are asked for mysql > >>>database name, user, password and optionally the root password. If you > >>>supply the root password it will make the database, tables and user with > >>>correct permissions for you. > >>> > >>>Install and transfering most of the Plugin Developers Handbook took about > >>> > >>> > >1 > > > > > >>>hour. > >>> > >>>Unless I hear from Tony that he wants to host it or some objection, I > >>> > >>> > >will > > > > > >>>solicit submissions and announce it soon. > >>> > >>>-- > >>>Tom Willett > >>>tomw at pigstye.net > >>> > >>>_______________________________________________ > >>>geeklog-devel mailing list > >>>geeklog-devel at lists.geeklog.net > >>>http://lists.geeklog.net/listinfo/geeklog-devel > >>> > >>> > >>> > >>> > >>_______________________________________________ > >>geeklog-devel mailing list > >>geeklog-devel at lists.geeklog.net > >>http://lists.geeklog.net/listinfo/geeklog-devel > >> > >> > >------- End of Original Message ------- > > > >_______________________________________________ > >geeklog-devel mailing list > >geeklog-devel at lists.geeklog.net > >http://lists.geeklog.net/listinfo/geeklog-devel > > > > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message ------- From tomw at pigstye.net Tue Jun 29 12:28:19 2004 From: tomw at pigstye.net (Tom Willett) Date: Tue, 29 Jun 2004 16:28:19 +0000 Subject: [geeklog-devel] Amazon Web Services In-Reply-To: <40E19615.1070709@tonybibbs.com> References: <40E193C4.6080204@tonybibbs.com> <20040629161154.M25164@pigstye.net> <40E19615.1070709@tonybibbs.com> Message-ID: <20040629162152.M62132@pigstye.net> I get a little from Google Ads, actually the best benefit I found from Google Ads is to insure that every page is indexed as soon as I enter it. If you watch your server logs, google visits every new page within usually a minute of the first page view. On my Iraq site I get the most revenue from donations. Many have made good money from Cafepress. -- Tom Willett tomw at pigstye.net ---------- Original Message ----------- From: Tony Bibbs To: geeklog-devel at lists.geeklog.net Sent: Tue, 29 Jun 2004 11:17:25 -0500 Subject: Re: [geeklog-devel] Amazon Web Services > Hrm, what other "better ways" did you find. Just curious as I'm trying > to eak out a few bucks from Iowa Outdoors. And please don't say Google > Ads...I've managed to get banned from that already ;-) > > --Tony > > Tom Willett wrote: > > >Last person to mess with it was Squatty I believe. I ran it for about 6 > >months and got no hits so trashed it and found better ways to get some > >income. > > > >-- > >Tom Willett > >tomw at pigstye.net > > > >---------- Original Message ----------- > >From: Tony Bibbs > >To: geeklog-devel at lists.geeklog.net > >Sent: Tue, 29 Jun 2004 11:07:32 -0500 > >Subject: [geeklog-devel] Amazon Web Services > > > > > > > >>I noticed the amazon web service stuff here: > >> > >>http://sourceforge.net/projects/gl-webservices > >> > >>My first thought was, "Gee, that sure hasn't been updated in a long > >>time". Then my second thought was, "Hrm, it's still in beta". > >> > >>Does it still work? I'm asking because I want to use it on > >>http://www.iowaoutdoors.org but don't want to monkey with it until I > >>know the code is working with the latest Amazon API. > >> > >>If nobody answers I'll give it a try but I figured I'd try to save > >>myself some time first. > >> > >>--Tony > >>_______________________________________________ > >>geeklog-devel mailing list > >>geeklog-devel at lists.geeklog.net > >>http://lists.geeklog.net/listinfo/geeklog-devel > >> > >> > >------- End of Original Message ------- > > > >_______________________________________________ > >geeklog-devel mailing list > >geeklog-devel at lists.geeklog.net > >http://lists.geeklog.net/listinfo/geeklog-devel > > > > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message ------- From tony at tonybibbs.com Tue Jun 29 12:43:21 2004 From: tony at tonybibbs.com (Tony Bibbs) Date: Tue, 29 Jun 2004 11:43:21 -0500 Subject: [geeklog-devel] Documentation In-Reply-To: <20040629161557.M41709@pigstye.net> References: <20040629135054.M68690@pigstye.net> <40E17EA7.2060403@tonybibbs.com> <20040629154108.M70822@pigstye.net> <40E1951B.4050203@tonybibbs.com> <20040629161557.M41709@pigstye.net> Message-ID: <40E19C29.4060006@tonybibbs.com> Right, I will have all traffic for wiki.geeklog.net point to the IP below and you will simply need to add a vhost. I've already made this change so, with any luck, by the end of the day you should be able to ping wiki.geeklog.net and see the resulting ICMP traffic on your box. --Tony Tom Willett wrote: >Can you add an entry to a subweb like that from your end. I do not run my >own DNS server and do not know. Thats fine with me if you can my IP is > >216.153.238.206 > >-- >Tom Willett >tomw at pigstye.net > >---------- Original Message ----------- >From: Tony Bibbs >To: geeklog-devel at lists.geeklog.net >Sent: Tue, 29 Jun 2004 11:13:15 -0500 >Subject: Re: [geeklog-devel] Documentation > > > >>Actually, I wasn't going to redirect. I was going to actually add an >>entry in the DNS zone file. At this point I think I'd prefer to just >>point the DNS to you if you don't mind. If that is OK, send me your IP >>and I'll get it setup. >> >>--Tony >> >>Tom Willett wrote: >> >> >> >>>I do not care either. I have not played with it enough to see if it will >>>gracefully handle a redirect from wiki.geeklog.net, but if it would that >>>would be the easiest. I am willing to host it for the time being. I >>> >>> >think > > >>>we should get it resolved one way or the other quickly though. >>> >>>Geeklog is your baby more than mine and I bow to your preferences. >>> >>>-- >>>Tom Willett >>>tomw at pigstye.net >>> >>>---------- Original Message ----------- >>>From: Tony Bibbs >>>To: geeklog-devel at lists.geeklog.net >>>Sent: Tue, 29 Jun 2004 09:37:27 -0500 >>>Subject: Re: [geeklog-devel] Documentation >>> >>> >>> >>> >>> >>>>I can host it if you want, that's no problem. Optionally, I could also >>>>simply point wiki.geeklog.net at your server. >>>> >>>>I'm flexible, let me know what is preferred... >>>> >>>>--Tony >>>> >>>>Tom Willett wrote: >>>> >>>> >>>> >>>> >>>> >>>>>Ok, its been discussed enough and nothing has been done, so I am going >>>>> >>>>> >to > > >>>>>kickstart the Geeklog Documentation Effort. I have up MediaWiki on my >>>>>webserver and transfered most of the Plugin Developers Handbook to it. >>>>> >>>>> >I > > >>>>>never understood all the talk about wikis -- this one allows easy >>>>> >>>>> >>>>> >>>>> >>>insertion >>> >>> >>> >>> >>>>>of images stored on the server and adequate markup. I mean its not >>>>> >>>>> >>>>> >>>>> >>>MSWord >>> >>> >>> >>> >>>>>but its usable. >>>>> >>>>>Before I solicit other participation, hopefully a consolidation of all >>>>> >>>>> >>>>> >>>>> >>>the >>> >>> >>> >>> >>>>>documentation efforts, I was wondering if Tony wanted to host it one >>>>> >>>>> >the > > >>>>>Geeklog server. >>>>> >>>>>By the way, they do a neat trick on install. You are asked for mysql >>>>>database name, user, password and optionally the root password. If you >>>>>supply the root password it will make the database, tables and user >>>>> >>>>> >with > > >>>>>correct permissions for you. >>>>> >>>>>Install and transfering most of the Plugin Developers Handbook took >>>>> >>>>> >about > > >>>>> >>>>> >>>>> >>>>> >>>1 >>> >>> >>> >>> >>>>>hour. >>>>> >>>>>Unless I hear from Tony that he wants to host it or some objection, I >>>>> >>>>> >>>>> >>>>> >>>will >>> >>> >>> >>> >>>>>solicit submissions and announce it soon. >>>>> >>>>>-- >>>>>Tom Willett >>>>>tomw at pigstye.net >>>>> >>>>>_______________________________________________ >>>>>geeklog-devel mailing list >>>>>geeklog-devel at lists.geeklog.net >>>>>http://lists.geeklog.net/listinfo/geeklog-devel >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>_______________________________________________ >>>>geeklog-devel mailing list >>>>geeklog-devel at lists.geeklog.net >>>>http://lists.geeklog.net/listinfo/geeklog-devel >>>> >>>> >>>> >>>> >>>------- End of Original Message ------- >>> >>>_______________________________________________ >>>geeklog-devel mailing list >>>geeklog-devel at lists.geeklog.net >>>http://lists.geeklog.net/listinfo/geeklog-devel >>> >>> >>> >>> >>_______________________________________________ >>geeklog-devel mailing list >>geeklog-devel at lists.geeklog.net >>http://lists.geeklog.net/listinfo/geeklog-devel >> >> >------- End of Original Message ------- > >_______________________________________________ >geeklog-devel mailing list >geeklog-devel at lists.geeklog.net >http://lists.geeklog.net/listinfo/geeklog-devel > > From dwight at trumbower.com Tue Jun 29 18:03:01 2004 From: dwight at trumbower.com (Dwight Trumbower) Date: Tue, 29 Jun 2004 17:03:01 -0500 Subject: [geeklog-devel] Amazon Web Services In-Reply-To: <40E193C4.6080204@tonybibbs.com> References: <40E193C4.6080204@tonybibbs.com> Message-ID: <40E1E715.3090701@trumbower.com> I use it at http://www.goldenbook.com/amazon/searchresult.php?mode=books&input=little+golden+book&Search+Amazon%21=Start+Search Like everything else I do, just tweaked it enough to work for me. Tony Bibbs wrote: > I noticed the amazon web service stuff here: > > http://sourceforge.net/projects/gl-webservices > > My first thought was, "Gee, that sure hasn't been updated in a long > time". Then my second thought was, "Hrm, it's still in beta". > > Does it still work? I'm asking because I want to use it on > http://www.iowaoutdoors.org but don't want to monkey with it until I > know the code is working with the latest Amazon API. > > If nobody answers I'll give it a try but I figured I'd try to save > myself some time first. > > --Tony > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel > > > > > --- > avast! Antivirus: Inbound message clean. > > > > From tomw at pigstye.net Tue Jun 29 18:16:23 2004 From: tomw at pigstye.net (Tom Willett) Date: Tue, 29 Jun 2004 22:16:23 +0000 Subject: [geeklog-devel] Documentation In-Reply-To: <40E19C29.4060006@tonybibbs.com> References: <20040629135054.M68690@pigstye.net> <40E17EA7.2060403@tonybibbs.com> <20040629154108.M70822@pigstye.net> <40E1951B.4050203@tonybibbs.com> <20040629161557.M41709@pigstye.net> <40E19C29.4060006@tonybibbs.com> Message-ID: <20040629221324.M75113@pigstye.net> I set up the vhost but wiki.geeklog.net still points to iowaoutdoors from here. My experience is that dns changes take 48 hours for me. I couldn't test it anyway because the pigstye host is local to me. -- Tom Willett tomw at pigstye.net ---------- Original Message ----------- From: Tony Bibbs To: geeklog-devel at lists.geeklog.net Sent: Tue, 29 Jun 2004 11:43:21 -0500 Subject: Re: [geeklog-devel] Documentation > Right, I will have all traffic for wiki.geeklog.net point to the IP > below and you will simply need to add a vhost. I've already made this > change so, with any luck, by the end of the day you should be able to > ping wiki.geeklog.net and see the resulting ICMP traffic on your box. > > --Tony > > Tom Willett wrote: > > >Can you add an entry to a subweb like that from your end. I do not run my > >own DNS server and do not know. Thats fine with me if you can my IP is > > > >216.153.238.206 > > > >-- > >Tom Willett > >tomw at pigstye.net > > > >---------- Original Message ----------- > >From: Tony Bibbs > >To: geeklog-devel at lists.geeklog.net > >Sent: Tue, 29 Jun 2004 11:13:15 -0500 > >Subject: Re: [geeklog-devel] Documentation > > > > > > > >>Actually, I wasn't going to redirect. I was going to actually add an > >>entry in the DNS zone file. At this point I think I'd prefer to just > >>point the DNS to you if you don't mind. If that is OK, send me your IP > >>and I'll get it setup. > >> > >>--Tony > >> > >>Tom Willett wrote: > >> > >> > >> > >>>I do not care either. I have not played with it enough to see if it will > >>>gracefully handle a redirect from wiki.geeklog.net, but if it would that > >>>would be the easiest. I am willing to host it for the time being. I > >>> > >>> > >think > > > > > >>>we should get it resolved one way or the other quickly though. > >>> > >>>Geeklog is your baby more than mine and I bow to your preferences. > >>> > >>>-- > >>>Tom Willett > >>>tomw at pigstye.net > >>> > >>>---------- Original Message ----------- > >>>From: Tony Bibbs > >>>To: geeklog-devel at lists.geeklog.net > >>>Sent: Tue, 29 Jun 2004 09:37:27 -0500 > >>>Subject: Re: [geeklog-devel] Documentation > >>> > >>> > >>> > >>> > >>> > >>>>I can host it if you want, that's no problem. Optionally, I could also > >>>>simply point wiki.geeklog.net at your server. > >>>> > >>>>I'm flexible, let me know what is preferred... > >>>> > >>>>--Tony > >>>> > >>>>Tom Willett wrote: > >>>> > >>>> > >>>> > >>>> > >>>> > >>>>>Ok, its been discussed enough and nothing has been done, so I am going > >>>>> > >>>>> > >to > > > > > >>>>>kickstart the Geeklog Documentation Effort. I have up MediaWiki on my > >>>>>webserver and transfered most of the Plugin Developers Handbook to it. > >>>>> > >>>>> > >I > > > > > >>>>>never understood all the talk about wikis -- this one allows easy > >>>>> > >>>>> > >>>>> > >>>>> > >>>insertion > >>> > >>> > >>> > >>> > >>>>>of images stored on the server and adequate markup. I mean its not > >>>>> > >>>>> > >>>>> > >>>>> > >>>MSWord > >>> > >>> > >>> > >>> > >>>>>but its usable. > >>>>> > >>>>>Before I solicit other participation, hopefully a consolidation of all > >>>>> > >>>>> > >>>>> > >>>>> > >>>the > >>> > >>> > >>> > >>> > >>>>>documentation efforts, I was wondering if Tony wanted to host it one > >>>>> > >>>>> > >the > > > > > >>>>>Geeklog server. > >>>>> > >>>>>By the way, they do a neat trick on install. You are asked for mysql > >>>>>database name, user, password and optionally the root password. If you > >>>>>supply the root password it will make the database, tables and user > >>>>> > >>>>> > >with > > > > > >>>>>correct permissions for you. > >>>>> > >>>>>Install and transfering most of the Plugin Developers Handbook took > >>>>> > >>>>> > >about > > > > > >>>>> > >>>>> > >>>>> > >>>>> > >>>1 > >>> > >>> > >>> > >>> > >>>>>hour. > >>>>> > >>>>>Unless I hear from Tony that he wants to host it or some objection, I > >>>>> > >>>>> > >>>>> > >>>>> > >>>will > >>> > >>> > >>> > >>> > >>>>>solicit submissions and announce it soon. > >>>>> > >>>>>-- > >>>>>Tom Willett > >>>>>tomw at pigstye.net > >>>>> > >>>>>_______________________________________________ > >>>>>geeklog-devel mailing list > >>>>>geeklog-devel at lists.geeklog.net > >>>>>http://lists.geeklog.net/listinfo/geeklog-devel > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>_______________________________________________ > >>>>geeklog-devel mailing list > >>>>geeklog-devel at lists.geeklog.net > >>>>http://lists.geeklog.net/listinfo/geeklog-devel > >>>> > >>>> > >>>> > >>>> > >>>------- End of Original Message ------- > >>> > >>>_______________________________________________ > >>>geeklog-devel mailing list > >>>geeklog-devel at lists.geeklog.net > >>>http://lists.geeklog.net/listinfo/geeklog-devel > >>> > >>> > >>> > >>> > >>_______________________________________________ > >>geeklog-devel mailing list > >>geeklog-devel at lists.geeklog.net > >>http://lists.geeklog.net/listinfo/geeklog-devel > >> > >> > >------- End of Original Message ------- > > > >_______________________________________________ > >geeklog-devel mailing list > >geeklog-devel at lists.geeklog.net > >http://lists.geeklog.net/listinfo/geeklog-devel > > > > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://lists.geeklog.net/listinfo/geeklog-devel ------- End of Original Message -------