[geeklog-devtalk] geeklog-devel digest, Vol 1 #282 - 2 msgs

geeklog-devel-request at lists.geeklog.net geeklog-devel-request at lists.geeklog.net
Sat Feb 28 13:00:10 EST 2004

Previous message: [geeklog-devtalk] [2] on moderation and plugins
Next message: [geeklog-devtalk] Re: geeklog-devtalk digest, Vol 1 #258 - 3 msgs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Send geeklog-devel mailing list submissions to
geeklog-devel at lists.geeklog.net

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.geeklog.net/listinfo/geeklog-devel
or, via email, send a message with subject or body 'help' to
geeklog-devel-request at lists.geeklog.net

You can reach the person managing the list at
geeklog-devel-admin at lists.geeklog.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of geeklog-devel digest..."

Today's Topics:

1. Re: How to use COM_applyFilter (Tony Bibbs)
2. geeklog.net updated (Dirk Haun)

--__--__--

Message: 1
Date: Fri, 27 Feb 2004 15:58:45 -0600
From: Tony Bibbs <tony at tonybibbs.com>
To: geeklog-devel at lists.geeklog.net
Subject: Re: [geeklog-devel] How to use COM_applyFilter
Reply-To: geeklog-devel at lists.geeklog.net

FWIW, I think that we should not necessarily insist that plugin authors
require the minimum level of the PHP version that Geeklog does.
Specifically, I mean the use of $_REQUEST should be encouraged. Also, I
think that if we aren't encouraging the coding style required to
eliminate the requiring of register_globals = ON then we should be
slapped. Specifically plugins/developer.README and docs/plugin.html
should point to Geeklog coding standards as well as how to prevent
injection attempts. To that end, Dirk, I assume you will like both of
those documents to your proposed COM_applyFilter documentation (which si
great by the way).

My main point is that my hopes is that after a year of being complete
vaporware, my hopes are to have GL2 to a point where a semi-working
alpha release can be made in the first half of '04 to encourage that
plugin authors try their hand at making their work GL2 compatible (no
small feat) and to that end we should encourage the coding practices we
would want in this new world. Done rambling...

--Tony

Blaine Lang wrote:

> Dirk wrote:

>

>>array_walk sounds useful, but I'm not sure how you would derive a common

>>function from it. How would it know which parameters are supposed to be

>>numeric?

>

>

> I was thinking we would have to pass it an array of variables and type and

> options. Maybe pass the array of variables by reference. Not sure - just

> thinking out loud. Maybe this would be better as a class.

>

> Blaine

>

> ----- Original Message -----

> From: "Dirk Haun" <dirk at haun-online.de>

> To: <geeklog-devel at lists.geeklog.net>

> Sent: Thursday, February 26, 2004 5:16 PM

> Subject: Re: [geeklog-devel] How to use COM_applyFilter

>

>

>

>>Blaine,

>>

>>

>>>The other purpose I had was a stronger version that only allowed "letters

>>>and numbers"

>>> $p = preg_replace('/^[^(0-9a-zA-Z)]+/','', $parameter );

>>

>>That may make sense. We should review some of the "freedoms" that Geeklog

>>is giving users for 1.3.10 anyway. E.g. user names (we've discussed this

>>one before, I remember) or topic IDs.

>>

>>

>>

>>>if (isset($HTTP_POST_VARS['op']) ) {

>>> $op = clubApplyFilter($HTTP_POST_VARS['op']);

>>>} elseif (isset($HTTP_GET_VARS['op']) ) {

>>> $op = clubApplyFilter($HTTP_GET_VARS['op']);

>>>} else {

>>> $op = '';

>>>}

>>

>>I was actually discouraging the use of this in my writings. Although it

>>probably makes sense to do this for one parameter (the mode of operation,

>>as in your example) and then, depending on that mode parameter, get the

>>other parameters ONLY from the array they are supposed to be in. I.e.

>>something like

>>

>> if ($op == 'submit') {

>> // 'submit' will always indicate a POST request

>> $something = COM_applyFilter ($HTTP_POST_VARS['something']);

>> } else if ($op == 'new') {

>> $whatever = COM_applyFilter ($HTTP_GET_VARS['whatever']);

>> }

>>

>>

>>

>>>I have been thinking, it would be nice to be have a common function that

>>>would filter all the POST and GET vars. It is possible to walk the arrays

>>>and maybe send it a list of variables to clean - using array_walk().

>>

>>array_walk sounds useful, but I'm not sure how you would derive a common

>>function from it. How would it know which parameters are supposed to be

>>numeric?

>>

>>bye, Dirk

>>

>>

>>--

>>http://www.haun-online.de/

>>http://geeklog.info/

>>

>>_______________________________________________

>>geeklog-devel mailing list

>>geeklog-devel at lists.geeklog.net

>>http://lists.geeklog.net/listinfo/geeklog-devel

>

>

> _______________________________________________

> geeklog-devel mailing list

> geeklog-devel at lists.geeklog.net

> http://lists.geeklog.net/listinfo/geeklog-devel

--__--__--

Message: 2
From: "Dirk Haun" <dirk at haun-online.de>
To: <geeklog-devel at lists.geeklog.net>
Date: Sat, 28 Feb 2004 15:28:34 +0100
Organization: Terra Software Systems
Subject: [geeklog-devel] geeklog.net updated
Reply-To: geeklog-devel at lists.geeklog.net

geeklog.net is now running on the latest CVS version, including Vinny's
recent comment changes. Please report any problems you may come across.

I'm only waiting for Vinny's attempts at fixing a problem with the What's
Related block now and expect 1.3.9rc2 to be ready by tomorrow or Monday.

bye, Dirk

--
http://www.haun-online.de/
http://www.macosx-faq.de/

--__--__--

_______________________________________________
geeklog-devel mailing list
geeklog-devel at lists.geeklog.net
http://lists.geeklog.net/listinfo/geeklog-devel

End of geeklog-devel Digest

Previous message: [geeklog-devtalk] [2] on moderation and plugins
Next message: [geeklog-devtalk] Re: geeklog-devtalk digest, Vol 1 #258 - 3 msgs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the geeklog-devtalk mailing list